Get remediation path rules

Cortex Xpanse REST API

post /public_api/v1/xpanse_remediation_rules/rules/

Required License: Cortex Xpanse Expander + Active Response Module Add-On

Get the list of the remediation path rules associated with an attack surface rule.

CURL
curl -X POST \ -H "Accept: application/json" \ -H "Content-Type: application/json" -H "authorization: {{api_key}}" -H "x-xdr-auth-id: {{api_key_id}}" \ "https://api-}/public_api/v1/xpanse_remediation_rules/rules/" \ -d '{ "request_data" : { "search_from" : 0, "filters" : [ { "field" : "attack_surface_rule_id", "value" : "value", "operator" : "neq" }, { "field" : "attack_surface_rule_id", "value" : "value", "operator" : "neq" } ], "sort" : "", "search_to" : 0 } }'
Request headers
authorization
required
String
api-key
Example: {{api_key}}
x-xdr-auth-id
required
String
api-key-id
Example: {{api_key_id}}
Request
Body
required
request_data
required
Object
A dictionary containing the API request fields.
filters
optional
Array of objects

Array of filter fields. Each JSON object must contain the following:

  • field
  • operator
  • value
field
required
String (Enum)
String that identifies the attack surface rule field for filtering.
Allowed values:
attack_surface_rule_id
operator
required
String (Enum)

Identifies the comparison operator to use for this filter. Valid keywords are

  • eq
  • neq
Allowed values:
neq
eq
value
required
String

Value that the filter must match. Value must be the following:

  • {attack_surface_rule_id}: String of the attack surface rule to filter on
sort
optional
Object
Identifies the sort order for the result set. By default, the sort is defined as created_at, DESC.
field
optional
String (Enum)
Sorting based on the created_at field is supported.
Allowed values:
created_at
keyword
optional
String (Enum)

Sort order can be one of the following values:

  • ASC: ascending order
  • DESC: descending order
Allowed values:
ASC
asc
DESC
desc
search_from
optional
Integer
search_to
optional
Integer
Responses

OK

Body
reply
required
Object
result_count
required
Integer
remediation_rules
required
Array of objects
rule_id
required
String
description
required
String
attack_surface_rule_id
required
String
criteria
required
Array of objects
field
required
String
value
required
String
operator
required
String
criteria_conjunction
required
String
action
required
String
created_by
required
String
created_by_pretty
required
String
created_at
required
Integer
details
required
String

Bad Request. Got an invalid JSON.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. An issue occurred during authentication. This can indicate an incorrect key, id, or other invalid authentication parameters.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unauthorized access. User does not have the required license type to run this API.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Forbidden access. The provided API Key does not have the required RBAC permissions to run this API.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.

Unprocessable Entity

Body
code
optional
Integer
Error code
status
optional
String
Error name
message
optional
String
Error message
errors
optional
Object
Errors

Internal server error. A unified status for API communication type errors.

Body
reply
required
Object
The query results upon error.
err_code
optional
String
HTTP response code.
err_msg
optional
String
Error message.
err_extra
optional
String
Additional information describing the error.