Li, Qiao
901ea67b42
Reviewed-by: Hasko, Vladimir <vladimir.hasko@t-systems.com> Co-authored-by: Li, Qiao <qiaoli@huawei.com> Co-committed-by: Li, Qiao <qiaoli@huawei.com>
20 KiB
Querying the False Alarm Masking Rule List
Function
This API is used to query the list of false alarm masking rules.
URI
GET /v1/{project_id}/waf/policy/{policy_id}/ignore
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
project_id |
Yes |
String |
Project ID |
policy_id |
Yes |
String |
Policy ID |
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
page |
No |
Integer |
Page Default: 1 |
pagesize |
No |
Integer |
Number of records on each page. The maximum value is 100. Default: 10 |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
X-Auth-Token |
Yes |
String |
User token |
Content-Type |
No |
String |
Content type Default: application/json;charset=utf8 |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
|---|---|---|
total |
Integer |
Number of rules in the policy |
items |
Array of IgnoreRuleBody objects |
Array of false alarm masking rules |
Parameter |
Type |
Description |
|---|---|---|
id |
String |
Rule ID. |
policyid |
String |
Policy ID. |
timestamp |
Long |
Rule creation time. |
description |
String |
Provides supplementary information about the assignment. |
status |
Integer |
Rule status. The value can be:
|
url |
String |
URL protected by the web tamper protection rule. The value must be in the standard URL format, for example, /admin. |
rule |
String |
Masked rule. The value can be the ID of a rule that is matched, all rules (all), or enumeration value of the attack type. To mask a built-in rule included in Basic Web Protection, set this parameter to the ID of the rule. To obtain the rule ID, go to the WAF console. Then, choose Policies and click the policy name. On the displayed page, find the Basic Web Protection area and click Advanced Settings. On the displayed page, click Protection Rule and view the rule ID. To disable a certain type of rule, the value can be:
|
url_logic |
String |
URL match logic:
|
domains |
Array of strings |
Protected domain name |
advanced |
advanced object |
advanced |
Parameter |
Type |
Description |
|---|---|---|
index |
String |
To ignore attacks of a specified field, specify the field in the Advanced Settings area. After you complete the configuration, WAF will stop intercepting attack events of the specified field. The following fields are supported:
|
content |
String |
Specified field (available only for param, cookie, and header) |
Status code: 400
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
Status code: 401
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
Status code: 500
Parameter |
Type |
Description |
|---|---|---|
error_code |
String |
Error code |
error_msg |
String |
Error message |
Example Requests
GET https://{Endpoint}/v1/{project_id}/waf/policy/{policy_id}/ignore?
Example Responses
Status code: 200
Request succeeded.
{
"total" : 1,
"items" : [ {
"id" : "c20f67b3e1c040c0b0d8866e568ee8bf",
"policyid" : "a75e96d8284c4c4f98ada7d391e8342c",
"timestamp" : 1656507126528,
"description" : "",
"status" : 1,
"rule" : "webshell",
"url_logic" : "equal",
"url" : "/demo",
"domain" : [ "test3.th.com" ]
} ]
}
Status Codes
Status Code |
Description |
|---|---|
200 |
Request succeeded. |
400 |
Request failed. |
401 |
The token does not have required permissions. |
500 |
Internal server error. |
Error Codes
See Error Codes.