Get a list of unused rules

Return a list of unused rules detected in the last successful report of a specific device, group or matrix.

Tip: The usage calculation period is determined by the value stated in the Log_Analysis_Days_Before parameter (defined in the last analysis).​

This method is found in the AFA/Policy_Optimization spec in the swagger.

For information about unused rules, see POLICY OPTIMIZATION page.

Note: This method can be used only for reports in A32.00 and above.

Resource Name: /api/v1/rules/unused/{entityTreeName}

Request Method: GET

Request Parameters:

Element

Type

Description

entityTreeName
Mandatory

string

Tree name of the entity. Entity can be a device or group.

(To get the entity name for a device, see Device names in the ASMS APIs. If the entity is a group, use the name from the UI).

pageNumber
optional
Integer The page number to include in the response. Default value : 0 (Value 0 means first page).
pageSize
optional
Integer The number of results to include on each page in the response. Default value : 50.

Response Parameters:

The significant response parameters for this method are:

Element

Type

Description

consolidateField

string

Rules can be consolidated by this field. Either Source / Destination / Service.

ruleId
string Internal AlgoSec Rule ID.
ruleNum
string Rule number
     

Response:

Code

Description

200

Operation completed successfully

400

Validation error

401

Unauthorized

Request examples

https://[machine IP]/ms-policy-optimizations/api/v1/rules/unused/s_pix_10_20_6_1_1?domain=0&pageNumber=0&pageSize=1

Response examples

Copy
{
  "totalPages": 57,
  "totalElements": 57,
  "pageNumber": 0,
  "pageSize": 1,
  "unusedRulesPerDevice": [
    {
      "deviceTreeName": "s_pix_10_20_6_1_1",
      "unusedRules": [
        {
          "ruleId": "0x1ae6b2e0",
          "ruleNumber": "inside_access_in(5)",
          "sources": [
            "10.20.6.15"
          ],
          "destinations": [
            "any"
          ],
          "services": [
            "icmp6",
            "aol"
          ],
          "applications": [],
          "action": "permit",
          "comment": "",
          "isEnabled": "enabled",
          "lastUseDate": "NA",
          "sectionHeader": "",
          "global": "",
          "log": "",
          "install": ""
        }
      ],
      "metadata": {
        "reportName": "afa-657",
        "deviceName": "s_pix_10_20_6_1_1",
        "unusedRulesCount": 57,
        "configuredLogAnalysisDays": "1000",
        "calculationTime": "2020-10-10 03:23"
      }
    }
  ]
}