AFA REST web services
Note: To view vulnerability data in AFA device reports, you must either have vulnerability scanners configured in AppViz, or import your vulnerability data manually.
For more details, see Manage vulnerability assessment scanners and Import vulnerability data.
Base URL
There are two types of base URLs and corresponding authentication method:
-
The base URL for most requests is:
https:://<algosec_server>/afa/api/v1
where <algosec_server> is the AFA server URL. Most of these APIs are shown in swagger.
Authentication is through a cookie session. For example:
curl --cookie "PHPSESSID=g4mgnv4cno9ivt7rclmhmejj27" https://<IP:Port>/afa/api/v1/security_zones/get_profiles_list
For the value of the PHPSESSID parameter in the request cookie, use the sessionID value received in the login response. See Log in to ASMS .
-
The base URL for the remaining requests is:
https://<algosec_server>/fa/server
where <algosec_server> is the AFA server URL. These APIs are not shown in swagger.
Authentication is through a URL parameter (except for Log in to ASMS ). For example:
curl -H "Accept:application/json" -k " https://192.168.3.76/fa/server/rules/read?session=c69bcc3e6832149642b32e6f269c82c0&entity=admin
For the value of the session parameter in the request, use the sessionID value received in the login response. See Log in to ASMS .
Note: For each request, the documentation specifies the base URL and authentication method.
Swagger
The AlgoSec Firewall Analyzer RESTful API includes Swagger support, enabling you to execute simplified API request calls and access full lists of request parameters.
To access Swagger API documentation:
- In the toolbar, click your username and click API Documentation.
-
From the dropdown at the top-right, select one of the following specification options:
AlgoSec_Firewall_Analyzer Controls most central AFA API requests, such as object or device requests
--Vulnerabilities Controls AFA API requests related to vulnerabilites.
--Policy_Optimization Controls AFA APIs related to network rules. --Issues_Center Controls AFA APIs related to the ASMS Issues Center --Map Control AFA APIs related to the ASMS network map.
Syntax rules
Keep in mind the following syntax rules as you work with the APIs
-
Comma separated multiple items in lists: Lists can be identified by square brackets []. Each item in lists that are comma-separated need to be enclosed in quotes (" "). For example,
"service": [
"http","https"
]
Note: In the example above, "service": ["http,https"] is incorrect syntax.
AFA REST API reference
The following table lists the REST APIs supported for AFA. For more details, see EntitiesResponse type and AFA search rule fields.
Login and logout | |
Analysis and reports |
Retrieve a baseline compliance report |
Object and device data |
Get details for a specified device View device parameter templates Get a list of parents for specified list of child devices Bulk update keys of AWS cloud accounts Export list of device changes to XLS fileBulk update keys of AWS cloud accounts |
Risks | |
Rule data |
Add to or edit a rule's documentation |
Security zones | |
User data | |
Issues Center | Manage AFA issues |
Relocating devices |
Relocate devices between nodes |
Traffic Simulation |
|
Trusted Traffic |
Add a new trusted traffic request Export trusted traffic to a CSV or JSON file |