Get a list of consolidated rules for a specified device if it has no children. For a specified parent device, get the list of consolidated rules for each of its children. Two or more rules can be consolidated if they differ in only one of their main fields: Source / Destination / Service.
The rules that AFA recommends to consolidate will always be allowing rules.
This method is found in the AFA/Policy_Optimization definition in the swagger.
For information about consolidated rules, see POLICY OPTIMIZATION page.
Note: This method can be used only for reports in A32.10 and above.
Resource Name:
Request Method: GET
Request Parameters:|
Element |
Type |
Description |
|---|---|---|
|
deviceTreeName |
string |
Tree name of the device. (To get the entity name for a device or group, see Device names in the ASMS APIs). |
| pageNumber optional |
Integer | The page number to include in the response. Default value : 0 (Value 0 means first page). |
| pageSize optional |
Integer | The number of results to include on each page in the response. Default value : 50. |
| reportID
optional |
string | The name of the report. When field left blank, uses latest report. |
Response Parameters:
The structure of the response is as follows:
|
Parameters |
Type |
Description |
|---|---|---|
| deviceTreeName | string | Device name |
| reportID
|
string | Report ID |
| ConsolidatedRuleDtoList | array of objects | |
| rules |
list of rules | List of rules |
|
consolidatedBy
|
string |
Rules can be consolidated by this field. Either Source / Destination / Service |
Response:
|
Code |
Description |
|---|---|
| 200 |
Operation completed successfully |
|
400 |
Validation error |
|
401 |
Unauthorized |
Request examples
curl -X GET "https://[machine IP]/ms-policy-optimizations/api/v1/rules/consolidated/ForOneArm1?pageNumber=0&pageSize=50&reportId=afa-1333" -H "accept: */*"
Response examples
{
"content": [
{
"deviceTreeName": "10_20_7_194",
"reportId": "afa-39",
"consolidatedRuleDtoList": [
{
"rules": [
{
"deviceId": 1751,
"ruleId": "0xc08e4e88",
"ruleNum": "outside_access_in(5)",
"source": [
{
"canonizedName": "remote-vpn-gtwys",
"invalidNamedObject": true
}
],
"isNegateSource": false,
"users": [
{
"display": "any"
}
],
"destination": [
{
"canonizedName": "chvpkfv5-outside",
"invalidNamedObject": true
}
],
"isNegateDestination": false,
"service": [
{
"canonizedName": "echo_icmp",
"invalidNamedObject": true
}
],
"isNegateService": false,
"action": "permit",
"comment": [
""
],
"enable": "enabled",
"log": "",
"link": "line_2185",
"documentation": {
"documentation": ""
},
"additionalData": {
"line": [
{
"value": "access-list outside_access_in extended permit icmp object-group remote-vpn-gtwys host 144.5.140.12 echo"
}
],
"rule": [
{
"value": "acl(2185)"
}
],
"acl": [
{
"value": "outside_access_in"
}
],
"interface": [
{
"value": "outside"
}
],
"name": [
{
"value": "outside_access_in(5)"
}
],
"linenum": [
{
"value": "2185"
}
],
"time": [
{
"value": ""
}
],
"user": [
{
"value": "any"
}
]
},
"isValidUserSourceModel": true
},
{
"deviceId": 1751,
"ruleId": "0x5043228b",
"ruleNum": "outside_access_in(20)",
"source": [
{
"canonizedName": "remote-vpn-gtwys",
"invalidNamedObject": true
}
],
"isNegateSource": false,
"users": [
{
"display": "any"
}
],
"destination": [
{
"canonizedName": "144.5.140.13",
"invalidNamedObject": true
}
],
"isNegateDestination": false,
"service": [
{
"canonizedName": "echo_icmp",
"invalidNamedObject": true
}
],
"isNegateService": false,
"action": "permit",
"comment": [
""
],
"enable": "enabled",
"log": "",
"link": "line_2200",
"documentation": {
"documentation": ""
},
"additionalData": {
"line": [
{
"value": "access-list outside_access_in extended permit icmp object-group remote-vpn-gtwys host 144.5.140.13 echo"
}
],
"rule": [
{
"value": "acl(2200)"
}
],
"acl": [
{
"value": "outside_access_in"
}
],
"interface": [
{
"value": "outside"
}
],
"name": [
{
"value": "outside_access_in(19)"
}
],
"linenum": [
{
"value": "2200"
}
],
"time": [
{
"value": ""
}
],
"user": [
{
"value": "any"
}
]
},
"isValidUserSourceModel": true
}
],
"consolidatedBy": "DESTINATION"
},
{
"rules": [
{
"deviceId": 1751,
"ruleId": "0xcc3ef0c5",
"ruleNum": "outside_access_in(31)",
"source": [
{
"canonizedName": "208.89.202.107",
"invalidNamedObject": true
}
],
"isNegateSource": false,
"users": [
{
"display": "any"
}
],
"destination": [
{
"canonizedName": "144.5.130.21",
"invalidNamedObject": true
}
],
"isNegateDestination": false,
"service": [
{
"canonizedName": "tcp/1364",
"invalidNamedObject": true
}
],
"isNegateService": false,
"action": "permit",
"comment": [
""
],
"enable": "enabled",
"log": "",
"link": "line_2211",
"documentation": {
"documentation": ""
},
"additionalData": {
"line": [
{
"value": "access-list outside_access_in extended permit tcp host 208.89.202.107 host 144.5.130.21 eq 1364"
}
],
"rule": [
{
"value": "acl(2211)"
}
],
"acl": [
{
"value": "outside_access_in"
}
],
"interface": [
{
"value": "outside"
}
],
"name": [
{
"value": "outside_access_in(30)"
}
],
"linenum": [
{
"value": "2211"
}
],
"time": [
{
"value": ""
}
],
"user": [
{
"value": "any"
}
]
},
"isValidUserSourceModel": true
},
{
"deviceId": 1751,
"ruleId": "0xbd920b1f",
"ruleNum": "outside_access_in(32)",
"source": [
{
"canonizedName": "208.89.202.107",
"invalidNamedObject": true
}
],
"isNegateSource": false,
"users": [
{
"display": "any"
}
],
"destination": [
{
"canonizedName": "144.5.130.20",
"invalidNamedObject": true
}
],
"isNegateDestination": false,
"service": [
{
"canonizedName": "tcp/1364",
"invalidNamedObject": true
}
],
"isNegateService": false,
"action": "permit",
"comment": [
""
],
"enable": "enabled",
"log": "",
"link": "line_2212",
"documentation": {
"documentation": ""
},
"additionalData": {
"line": [
{
"value": "access-list outside_access_in extended permit tcp host 208.89.202.107 host 144.5.130.20 eq 1364"
}
],
"rule": [
{
"value": "acl(2212)"
}
],
"acl": [
{
"value": "outside_access_in"
}
],
"interface": [
{
"value": "outside"
}
],
"name": [
{
"value": "outside_access_in(31)"
}
],
"linenum": [
{
"value": "2212"
}
],
"time": [
{
"value": ""
}
],
"user": [
{
"value": "any"
}
]
},
"isValidUserSourceModel": true
}
],
"consolidatedBy": "DESTINATION"
}
]
}
],
"pageable": {
"sort": {
"sorted": true,
"unsorted": false,
"empty": false
},
"pageSize": 50,
"pageNumber": 0,
"offset": 0,
"paged": true,
"unpaged": false
},
"totalPages": 1,
"totalElements": 1,
"last": true,
"number": 0,
"size": 50,
"numberOfElements": 1,
"sort": {
"sorted": true,
"unsorted": false,
"empty": false
},
"first": true,
"empty": false
}
Clear your browser's cache