Retrieving Data for a Device or Group

The following methods retrieve device or group information.

Retrieving Risk Information for a Device

The risks_summary method retrieves risk statistics for a device. It does not support retrieving group or matrix risk statistics.

Request Type: RisksSummaryRequest

Element

Type

Description
SessionIDMandatory

String

SessionID obtained from the connect method.
DeviceIDMandatory

String

Tree name of the device.

Response Type: RisksSummaryResponse

Element

Type

Description
Date

String

The date and time the web service was activated. The format is YYYY-MM-DD HH:MM:SS.
High

String

High risk.
Suspected_high

String

Suspected high risk.
Medium

String

Medium risk.
Low

String

Low risk.
Security_Rating

String

Security rating.

Request example: 

<RisksSummaryRequest>
    <SessionID>a78cc74a80b70efe253f44daad620fb7</SessionID>
    <DeviceID>p_10_132_30_1</DeviceID>
</RisksSummaryRequest>

Response example: 

<RisksSummaryResponse>
    <Date>2013-05-20 15:42:44</Date>
    <High>0</High>
    <Suspected_high>0</Suspected_high>
    <Medium>3</Medium>
    <Low>1</Low>
    <Security_Rating>97</Security_Rating>
</RisksSummaryResponse>

Retrieving Statistics for a Device

The get_device_statistics method retrieves statistics for a device.

For a list of possible statistics for a device, see StatsData Type (see StatsData type ).

Request Type: GetDeviceStatisticsRequest

Element

Type

Description
SessionIDMandatory

String

SessionID obtained from the connect method.
DeviceIDMandatory

String

Tree name of the device for which to retrieve statistics.

Response Type: GetDeviceStatisticsResponse

Element

Type

Description
Statistics

List of StatsData objects

List of statistical data. (see StatsData type ).

Request example: 

<GetDeviceStatisticsRequest>
    <SessionID>a78cc74a80b70efe253f44daad620fb7</SessionID>
    <DeviceID>p_10_132_30_1</DeviceID>
</GetDeviceStatisticsRequest>

Response example: 

<GetDeviceStatisticsResponse>
    <Statistics>
        <StatType>simple_count</StatType>
        <StatName>unused_rules</StatName>
        <StatValue/>
    </Statistics>
    <Statistics>
        <StatType>compliance_undef</StatType>
        <StatName>PCI</StatName>
        <StatValue>17</StatValue>
    </Statistics>
    <Statistics>
        <StatType>risk_level</StatType>
        <StatName>highest</StatName>
        <StatValue>1</StatValue>
    </Statistics>
</GetDeviceStatisticsResponse>

Retrieving NAT Values for a Device or Group

The get_nat_discovery method receives an IP address as an input and retrieves all the potential translations to and/or from it performed by the selected device or device group.

Request Type: GetNatDiscoveryRequest

Element

Type

Description
SessionIDMandatory

String

SessionID obtained from the connect method.
EntityNameOptional

String

Tree name of the device or group for which to retrieve NAT values. Default is all the devices (ALL_FIREWALLS).
IPAddressOptional

String

IP address of device/group. Default is all definitions.
PreNatOptional

Integer

To retrieve addresses this IP is translated to 1; otherwise, 0. Default is 1.
PostNatOptional

Integer

To retrieve addresses that are translated to this IP address, 1; otherwise, 0. Default is 1.
SourceOptional

Integer

To retrieve source address translations, 1; otherwise, 0. Default is 1.
DestinationOptional

Integer

To retrieve destination address translation, 1; otherwise, 0. Default is 1.

Response Type: GetNatDiscoveryResponse

Element

Type

Description
SourceNat/ DestinationNat

List of NatResult objects

List of source and/or destination NatResult information. See NatResult Type (see NatResult type ).

Request example: 

<GetNatDiscoveryRequest>
    <SessionID>d5b1c34a1696a06321523e588b82cdd0</SessionID>
    <EntityName>rose</EntityName>
    <!--1 or more repetitions:-->
    <IpAddress>16.47.59.14</IpAddress>
    <PreNat>1</PreNat>
    <PostNat>1</PostNat>
    <Source>1</Source>
    <Destination>1</Destination>
</GetNatDiscoveryRequest>

Response example: 

<GetNatDiscoveryResponse>
    <SourceNat>
        <NatResult>
            <DeviceName>rose</DeviceName>
            <PreNat>10.1.20.3</PreNat>
            <PostNat>16.47.59.14</PostNat>
            <Type>Static</Type>
        </NatResult/>
    </SourceNat>
    <DestinationNat>
        <NatResult>
            <DeviceName>rose</DeviceName>
            <PreNat>16.47.59.14</PreNat>
            <PostNat>10.1.20.3</PostNat>
            <Type>Static</Type>
        </NatResult/>
    </DestinationNat>
</GetNatDiscoveryResponse>

 

Retrieving PDF of Report Page

The get_report_pdf method retrieves a PDF copy of a report page for a device or group.

Request Type: GetReportPdfRequest

Element

Type

Description
SessionIDMandatory

String

SessionID obtained from the connect method.
EntityIDMandatory

String

Tree name of the device/group.
EntityTypeMandatory

String

Entity type. One of the following:

  • device
  • group
  • matrix
ReportPageMandatory

String

Name of report page. See the list of report page names below.

Note: Not all devices contain all these pages. To confirm which pages a device's report contains, open a sample report in the AFA Web Interface

Note: Each report page must be requested individually.

Report Page Names

  • home
  • policy
  • policy.rules
  • policy.hostgroups‎
  • changes
  • risks
  • risky-rules
  • custom-report
  • vpn
  • baseline-compliance
  • regulatory-compliance
  • regulatory-compliance.pci
  • regulatory-compliance.nist_800-53
  • regulatory-compliance.glba
  • regulatory-compliance.iso27001
  • regulatory-compliance.nerc5
  • regulatory-compliance.basel
  • regulatory-compliance.sox
  • regulatory-compliance.nist_800-41
  • regulatory-compliance.dsd
  • regulatory-compliance.hipaa
  • regulatory-compliance.trm
  • optimize-policy
  • optimize-policy.unused-rules
  • optimize-policy.covered-rules
  • optimize-policy.special-case-rules
  • optimize-policy.consolidate-rules
  • optimize-policy.disabled-rules
  • optimize-policy.time-inactive-rules
  • optimize-policy.rules-without-logging
  • optimize-policy.rules-with-empty-comments
  • optimize-policy.rules-with-non-compliant-comments
  • optimize-policy.rules-with-a-time-clause
  • optimize-policy.unattached-objects
  • optimize-policy.unattached-user-groups
  • optimize-policy.unattached-users
  • optimize-policy.unused-global-objects
  • optimize-policy.unused-nat-rules
  • optimize-policy.empty-objects
  • optimize-policy.expired-users
  • optimize-policy.expiring-rules
  • optimize-policy.no-traffic-nat-rules
  • optimize-policy.duplicate-objects
  • optimize-policy.duplicate-services
  • optimize-policy.unused-objects-within-rules
  • optimize-policy.unattached-acls
  • optimize-policy.unattached-global-objects
  • optimize-policy.rule-ordering
  • optimize-policy.least-used-rules
  • optimize-policy.most-used-rules
  • optimize-policy.all-rules-usage
  • optimize-policy.all-rules-ips-usage
  • optimize-policy.unrouted-rules
  • optimize-policy.unrouted-objects-within-rules
  • optimize-policy.policy-refinement

Response Type: GetReportPdfResponse

Element

Type

Description
RetVal

Integer

If the report was retrieved successfully, 1; otherwise, 0.
RetMessage

String

Detailed return message / error message if errors occur during operation.
EncodedReportPdf

String

64-base encoded pdf file.

Request example: 

<afa:GetReportPdfRequest>
    <SessionID>a9108d658a2743cb890e9f6010ed2108</SessionID>
    <EntityID>10_20_104_1</EntityID>
    <EntityType>firewall</EntityType>
    <ReportPage>home</ReportPage>
</afa:GetReportPdfRequest>

Response example: 

<ns1:GetReportPdfResponse>
    <RetVal>1</RetVal>
    <RetMessage>Success</RetMessage>
    <EncodedReportPdf>The base 64 encoded PDF content</EncodedReportPdf>
</ns1:GetReportPdfResponse>