Get all or a subset of attack surface rules.
Required License: Cortex Xpanse Expander
authorization
String
required
{{api_key}}
x-xdr-auth-id
String
required
{{api_key_id}}
request_dataObject
(Required) A dictionary containing the API request fields.
An empty dictionary returns all results.
filtersArray
Provides an array of filtered fields. Each JSON object can contain the following keywords: - field - operators - value
fieldString (Enum)
Identifies the alert field the filter is matching. Filters are based on the following keywords: - enabled_status - category - priority - attack_surface_rule_id - asm_alert_categories
operatorString (Enum)
String that identifies the comparison operator you want to use for this filter. - in
valueObject
Value that this filter must match. The contents of this field will differ depending on the alert field that you specified for this filter
search_fromInteger
An integer representing the starting offset within the query result set from which you want attack surface rules returned
search_toInteger
An integer representing the end offset within the result set after which you do not want attack surface rules returned.
Attack surface rules in the alerts list that are indexed higher than this value are not returned in the final results set.
sortObject
Identifies the sort order for the result set. By default, the sort is defined as created, DESC.
fieldString (Enum)
keywordString (Enum)
Can either be ASC (ascending order) or DESC (descending order).
{
"request_data": {
"search_from": 0,
"filters": [
{
"field": "attack_surface_rule_id",
"value": "AttackSurfaceRulesFilter_value",
"operator": "in"
},
{
"field": "attack_surface_rule_id",
"value": "AttackSurfaceRulesFilter_value",
"operator": "in"
}
],
"sort": {
"field": "created",
"keyword": "desc"
},
"search_to": 0
}
}
curl -X 'POST'
-H
'Accept: application/json'
-H
'Content-Type: application/json'
-H
'authorization: {{api_key}}'
-H
'x-xdr-auth-id: {{api_key_id}}'
'https://api-}/public_api/v1/get_attack_surface_rules/'
-d
'{
"request_data" : {
"search_from" : 0,
"filters" : [ {
"field" : "attack_surface_rule_id",
"value" : "AttackSurfaceRulesFilter_value",
"operator" : "in"
}, {
"field" : "attack_surface_rule_id",
"value" : "AttackSurfaceRulesFilter_value",
"operator" : "in"
} ],
"sort" : {
"field" : "created",
"keyword" : "desc"
},
"search_to" : 0
}
}'
import http.client
conn = http.client.HTTPSConnection("api-")
payload = "{\"request_data\":{\"filters\":[{\"field\":\"attack_surface_rule_id\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"enabled_status\",\"keyword\":\"ASC\"}}}"
headers = {
'authorization': "{{api_key}}",
'x-xdr-auth-id': "{{api_key_id}}",
'content-type': "application/json"
}
conn.request("POST", "%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/", payload, headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))
require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Post.new(url)
request["authorization"] = '{{api_key}}'
request["x-xdr-auth-id"] = '{{api_key_id}}'
request["content-type"] = 'application/json'
request.body = "{\"request_data\":{\"filters\":[{\"field\":\"attack_surface_rule_id\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"enabled_status\",\"keyword\":\"ASC\"}}}"
response = http.request(request)
puts response.read_body
const data = JSON.stringify({
"request_data": {
"filters": [
{
"field": "attack_surface_rule_id",
"operator": "in",
"value": "string"
}
],
"search_from": 0,
"search_to": 500,
"sort": {
"field": "enabled_status",
"keyword": "ASC"
}
}
});
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("POST", "https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/");
xhr.setRequestHeader("authorization", "{{api_key}}");
xhr.setRequestHeader("x-xdr-auth-id", "{{api_key_id}}");
xhr.setRequestHeader("content-type", "application/json");
xhr.send(data);
HttpResponse<String> response = Unirest.post("https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/")
.header("authorization", "{{api_key}}")
.header("x-xdr-auth-id", "{{api_key_id}}")
.header("content-type", "application/json")
.body("{\"request_data\":{\"filters\":[{\"field\":\"attack_surface_rule_id\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"enabled_status\",\"keyword\":\"ASC\"}}}")
.asString();
import Foundation
let headers = [
"authorization": "{{api_key}}",
"x-xdr-auth-id": "{{api_key_id}}",
"content-type": "application/json"
]
let parameters = ["request_data": [
"filters": [
[
"field": "attack_surface_rule_id",
"operator": "in",
"value": "string"
]
],
"search_from": 0,
"search_to": 500,
"sort": [
"field": "enabled_status",
"keyword": "ASC"
]
]] as [String : Any]
let postData = JSONSerialization.data(withJSONObject: parameters, options: [])
let request = NSMutableURLRequest(url: NSURL(string: "https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "POST"
request.allHTTPHeaderFields = headers
request.httpBody = postData as Data
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()
<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "{\"request_data\":{\"filters\":[{\"field\":\"attack_surface_rule_id\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"enabled_status\",\"keyword\":\"ASC\"}}}",
CURLOPT_HTTPHEADER => [
"authorization: {{api_key}}",
"content-type: application/json",
"x-xdr-auth-id: {{api_key_id}}"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "POST");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "authorization: {{api_key}}");
headers = curl_slist_append(headers, "x-xdr-auth-id: {{api_key_id}}");
headers = curl_slist_append(headers, "content-type: application/json");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"request_data\":{\"filters\":[{\"field\":\"attack_surface_rule_id\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"enabled_status\",\"keyword\":\"ASC\"}}}");
CURLcode ret = curl_easy_perform(hnd);
var client = new RestClient("https://api-/%7B%7Bfqdn%7D%7D/public_api/v1/get_attack_surface_rules/");
var request = new RestRequest(Method.POST);
request.AddHeader("authorization", "{{api_key}}");
request.AddHeader("x-xdr-auth-id", "{{api_key_id}}");
request.AddHeader("content-type", "application/json");
request.AddParameter("application/json", "{\"request_data\":{\"filters\":[{\"field\":\"attack_surface_rule_id\",\"operator\":\"in\",\"value\":\"string\"}],\"search_from\":0,\"search_to\":500,\"sort\":{\"field\":\"enabled_status\",\"keyword\":\"ASC\"}}}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);