Get a list of covered rules
Get a list of covered rules for a specified device. If the device has child devices, covered rules for them will also be included in the response. Covered rules information is available for the latest report.
This method is found in the AFA/Policy_Optimization spec in the swagger.
For information about covered rules, see Covered rules.
Note: This method can be used only for reports successfully analyzed in A32.50 and above.
Resource Name:
Request Method: GET
Request Parameters:
Element |
Type |
Description |
---|---|---|
entityTreeName |
string |
Tree name of the entity. (To get the entity name for a device or group, see Device names in the ASMS APIs. |
pageNumber optional |
Integer | The page number to include in the response. Default value : 0 (Value 0 means first page). |
pageSize optional |
Integer | The number of results to include on each page in the response. Default value : 50. |
Response Parameters:
Name |
Type |
Description |
---|---|---|
coveredRulesPerDevice |
Array of nested entities |
The covered rules – per device details |
deviceTreeName |
String |
Device tree name |
coveredRules | Array of nested entities | Covered and their covering rules data per device. |
metadata | array of nested entities |
Array of the covered rules calculation metadata per device (of devices containing the covered rules in response) . |
coveredRule | Rule Object | Covered rule data |
coveredBy | Array of Rule Objects | Covering rules information per covered rule |
ruleName | String | Name of covered and covering rule |
ruleId | String | Rule identifier |
ruleNumber | String |
Rule number |
sources |
Array of strings |
Source IP addresses or network object names |
destinations |
Array of strings |
Destination IP addresses or network object names |
services |
Array of strings |
Service names |
applications |
Array of strings |
Application names |
comment |
String |
Comment (if exist) |
action | String | Rule action |
isEnabled | String |
True if rule enabled , false otherwise |
sectionHeader | String |
Section Header - if support by brand |
global | String | Global - if support by brand |
log | String | Log - if support by brand |
install | String | Install - if support by brand |
ruleData | Json Object | Additional rule data (different data per device) |
reportName | String |
Report name from which data was taken |
deviceName | String | Device name |
calculationTime | String | Time calculation done |
pageSize |
Integer |
Pagination – page size |
pageNumber |
Integer |
Pagination – page number |
totalPages |
Integer |
Pagination – total pages |
totalElements |
Integer |
Pagination – total elements number |
totalNumberOfCoveredRules | Number | Total number of covered rules per device |
Response:
Code |
Description |
---|---|
200 |
Operation completed successfully |
400 |
Validation error |
401 |
Unauthorized |
Request examples
curl -X GET "https://192.168.11.23/ms-policy-optimizations/api/v1/rules/covered/poppy1?pageNumber=0&pageSize=50" -H "accept: */*"
Response examples
{ "totalPages": 1, "totalElements": 1, "pageNumber": 0, "pageSize": 50, "coveredRulesPerDevice": [ { "deviceTreeName": "10_20_131_5", "coveredRules": [ { "ruleId": "0x62ff7c70", "ruleNumber": "External_access_in(30)", "ruleName": "External_access_in(14)", "sources": [ "172.17.11.29" ], "destinations": [ "172.17.1.29" ], "services": [ "tcp/8081" ], "applications": [], "action": "permit", "comment": "FireFlow #265", "isEnabled": "enabled", "sectionHeader": "", "global": "", "log": "informational", "install": "", "coveredBy": [ { "ruleId": "0xfd329ad8", "ruleNumber": "External_access_in(28)", "ruleName": "External_access_in(13)", "sources": [ "any" ], "destinations": [ "any" ], "services": [ "ip" ], "applications": [], "action": "deny", "comment": "", "isEnabled": "enabled", "sectionHeader": "", "global": "", "log": "enable", "install": "" } ] } ], "metadata": { "reportName": "afa-8210", "deviceName": "10_20_131_5", "calculationTime": "2023-01-10 02:46", "totalNumberOfCoveredRules": 1 } } ] }