Get remediation path rules

post /public_api/v1/xpanse_remediation_rules/rules

Get the list of the remediation path rules associated with an attack surface rule. Required License: Cortex Xpanse Expander + Active Response Module Add-On

CURL

  curl -X POST \

-H "Accept: application/json" \
 -H "Content-Type: application/json" -H "authorization: authorization_example" -H "x-xdr-auth-id: xXdrAuthId_example" \
"https://api-yourfqdn/public_api/v1/xpanse_remediation_rules/rules" \
 -d '{
  "request_data" : {
    "filters" : [ {
      "field" : "field",
      "value" : "value",
      "operator" : "operator"
    }, {
      "field" : "field",
      "value" : "value",
      "operator" : "operator"
    } ],
    "sort" : {
      "field" : "created_at",
      "keyword" : "keyword"
    }
  }
}'
  

Request headers

authorization

required

String

{api_key}

Example: authorization_example

x-xdr-auth-id

required

String

{api_key_id_}

Example: xXdrAuthId_example

Request

Body

optional

Example:

{"request_data":{"filters":[{"field":"attack_surface_rule_id","operator":"EQ","value":"string"}],"sort":{"field":"created_at","keyword":"DESC"}}}

request_data

required

A dictionary containing the API request fields.

filters

optional

Array

Array of filter fields. Each JSON object must contain the following:

field
operator
value

field

optional

String

String that identifies the attack surface rule field for filtering. Filter is based on the following keyword:

attack_surface_rule_id

operator

optional

String

Identifies the comparison operator to use for this filter. Valid keywords are

eq
neq

value

optional

String

Value that the filter must match. Value must be the following:

{attack_surface_rule_id}: String of the attack surface rule to filter on

sort

optional

Identifies the sort order for the result set. By default, the sort is defined as created_at, DESC.

field

optional

String

Sorting based on the created_at field is supported.

keyword

optional

String

Sort order can be one of the following values:

ASC: ascending order
DESC: descending order

Responses

Body

optional

result_count

optional

Integer

remediation_rules

optional

Array

rule_id

optional

String

rule_name

optional

String

description

optional

String

attack_surface_rule_id

optional

String

criteria

optional

Array

field

optional

String

value

optional

String

operator

optional

String

criteria_conjunction

optional

String

action

optional

String

created_by

optional

String

created_by_pretty

optional

String

created_at

optional

Integer

details

optional

String