Traffic Simulation Query
Performs a batch Traffic Simulation Query on a single device or group of devices.
Required permissions
To perform this request, you must have access to all the firewalls that are relevant for your query results path. Queries will fail if the query goes through a non-permitted device.
Users with permissions to view an entire group can run queries on the group. If you do not have permission to view a group of devices, or the ALL_FIREWALLS group, we recommend that you perform single-device queries on the devices you have permissions to view.
Request Method: POST
Request URL Parameters:
|
Element |
Type |
Description |
|---|---|---|
| includeRulesZones Optional |
Boolean |
|
| includeDevicesPaths Optional |
Boolean |
|
| QueryInput Mandatory |
List of QueryRequestData objects |
Lists one or more queries to perform. See QueryRequestData Type table below. |
| QueryTarget Mandatory |
String |
Name of a device or group the query will run on. If empty, the query runs on the entire network and all permitted devices for the user. |
QueryRequestData Type:
| Element | Type | Description |
|---|---|---|
| Source
Mandatory |
List of strings | Source(s) for the query. Multiple values are separated by commas (,). |
| Destination
Mandatory |
List of strings | Destination(s) for the query. Multiple values are separated by commas (,). |
| Service
Mandatory |
List of strings | Service(s) for the query. Multiple values are separated by commas (,). |
|
businessApplicationsData Optional |
List of BusinessApplicationData objects |
See BusinessApplicationData Type table below. |
| User
Optional |
List of strings | User(s) who created the rule. Multiple values are separated by commas (,). If empty, the query runs on user: 'any' |
| Application
Optional |
List of strings | Application(s) for the rule. Multiple values are separated by commas (,). If empty, the query runs on application: 'any' |
BusinessApplicationData Type:
|
Element |
Type |
Description |
|---|---|---|
|
businessApplicationFlowId Mandatory |
Integer | AppViz application flow ID. If used, value of NULL or 0 not allowed. |
|
businessApplicationId Mandatory |
Integer | AppVizapplication ID. If used, value of NULL or 0 not allowed. |
|
businessApplicationName Mandatory |
string | AppViz application name. If used, value of NULL or 0 not allowed. |
Response parameters:
A queryResponse JSON that includes a list of QueryData objects:
| Element | Type | Description |
|---|---|---|
|
QueryDescription |
String | Description of query. |
| QueryHTMLPath | String | URL to the results in the UI. |
|
FIPResult |
String |
One of the following:
|
|
QueryResult |
String |
One of the following:
|
|
QueryItem |
QueryValueResults |
List of query value results. See QueryValueResults type below. |
| devicesInPath | array of found paths |
Each path in array of devices. For each device, shows tree and display names: [ { "name" : "<tree name>", "*displayName*" : "<display name>" } |
QueryValueResults:
| Element | Type | Description |
|---|---|---|
|
Device |
List of DeviceResult objects | List of device results. See DeviceResult type below. |
DeviceResult:
| Element | Type | Description |
|---|---|---|
|
IsAllowed |
String |
Status information and the number of rules that support it. For example: Allowed (x1), Blocked (x4), Partially allowed (x4). |
|
DeviceName |
String | Display name of the device. |
|
Rules |
List of QueryRules objects |
List of rules. See QueryRules type below. |
QueryRules:
| Element | Type | Description |
|---|---|---|
|
Rule |
String |
Internal AlgoSec Rule ID. To retrieve the rule ID, call one of the rule APIs, such as get_rules_by_device or search_rules. |
|
Service |
String | List of services. |
|
Source |
String | List of sources. |
|
Source_Nat |
String | List of NAT sources. |
|
Destination |
String | List of destinations. |
|
Destination_Nat |
String | List of NAT destinations. |
|
Install |
String | List of installs. |
|
Action |
String | Action. |
|
ACL |
String | ACL |
Request example
curl -H "Content-Type: application/json" -X POST -d '{"queryInput": [{"application": ["any"],"destination": ["192.168.0.0-192.168.255.255"],"service": ["any"],"source": ["10.20.0.0-10.20.255.255"],"user": ["any"]}],"queryTarget": "ALL_FIREWALLS","includeDevicesPaths" : "true", "includeRulesZones" : "true"}' -k --cookie "PHPSESSID=srsqrikqeqju3vuv1d7dm819e0" 'https://localhost/afa/api/v1/query'
Response example
{
"queryUIResult" : "https://172.17.0.2/algosec-ui/query-result?queryPath=/work/ALL_FIREWALLS_query-1625403197159/",
"queryResult" : [ {
"queryDescription" : "10.20.0.0-10.20.255.255=>192.168.0.0-192.168.255.255:any:any:any",
"fipResult" : "PartiallyRouted",
"finalResult" : "Partially allowed",
"queryHTMLPath" : "https://localhost/algosec-ui/query-result?queryPath=/work/ALL_FIREWALLS_query-1625403197159/",
"devicesInPath" : [ [ {
"name" : "10_20_138_1_Ott_Dam_HA_vDOM1_HA",
"displayName" : "vDOM1_HA"
}, {
"name" : "10_20_242_12",
"displayName" : "10.20.242.12"
} ], [ {
"name" : "10_20_26_1_David_Bowie_Starman_all_routes",
"displayName" : "VR-David_Bowie_Starman_all-routes"
}, {
"name" : "10_20_242_12",
"displayName" : "10.20.242.12"
} ], [ {
"name" : "10_20_85_1",
"displayName" : "10.20.85.1"
}, {
"name" : "10_20_242_12",
"displayName" : "10.20.242.12"
} ], [ {
"name" : "10_20_124_1_Jackson_vsys1_default_v",
"displayName" : "VR-Jackson_vsys1_default-v"
}, {
"name" : "10_20_242_12",
"displayName" : "10.20.242.12"
} ] ],
"queryItem" : [ {
"isAllowed" : "Partially allowed (x1)",
"deviceName" : "10_20_26_1_David_Bowie_Space_Oddity_Ashes_To_Ashes_VR",
"displayName" : "VR-David_Bowie_Space_Oddity_Ashes_To-Ashes_VR",
"rules" : [ {
"ruleName" : "TestCovered1",
"sourceZone" : [ "any" ],
"destinationZone" : [ "any" ],
"service" : [ "application-default" ],
"source" : [ "net-10.0.0.0-8" ],
"destination" : [ "any" ],
"install" : [ "any" ],
"action" : "allow",
"rule_id" : "TestCovered1"
} ]
}, {
"isAllowed" : "Partially allowed (x1)",
"deviceName" : "10_20_26_1_David_Bowie_Ashes_To_Ashes_Ashes_To_Ashes_VR",
"displayName" : "VR-David_Bowie_Ashes_To-Ashes_Ashes_To-Ashes_VR",
"rules" : [ {
"ruleName" : "TestCovered1",
"sourceZone" : [ "any" ],
"destinationZone" : [ "any" ],
"service" : [ "application-default" ],
"source" : [ "net-10.0.0.0-8" ],
"destination" : [ "any" ],
"install" : [ "any" ],
"action" : "allow",
"rule_id" : "TestCovered1"
} ]
}, {
"isAllowed" : "Partially allowed (x5)",
"deviceName" : "10_20_242_12",
"displayName" : "10.20.242.12",
"rules" : [ {
"ruleName" : "permit tcp dst eq 80 src eq 20",
"service" : [ "tcp src tcp eq 20 dst tcp eq 80" ],
"source" : [ "Developers" ],
"destination" : [ "Developers" ],
"action" : "permit",
"rule_id" : "f44bb960_485a_11e8_91a7_0050569b0b85__10__fd3a40f0_485a_11e8_91a7_0050569b0b85"
}, {
"ruleName" : "permit ip",
"service" : [ "ip" ],
"source" : [ "any" ],
"destination" : [ "any" ],
"action" : "permit",
"rule_id" : "92951ac0_8c01_11e6_996c_525400b48521__10__92c1a900_8c01_11e6_996c_525400b48521"
} ]
}, {
"isAllowed" : "Blocked by default device behavior",
"deviceName" : "10_20_26_1_David_Bowie_Starman_all_routes",
"displayName" : "VR-David_Bowie_Starman_all-routes"
}, {
"isAllowed" : "Partially allowed (x5)",
"deviceName" : "10_20_124_1_Britney_vsys1_default",
"displayName" : "VR-Britney_Spears_vsys1_default",
"rules" : [ {
"ruleName" : "guri KFH",
"sourceZone" : [ "any" ],
"destinationZone" : [ "any" ],
"service" : [ "any" ],
"source" : [ "any" ],
"destination" : [ "any" ],
"install" : [ "Britney" ],
"action" : "allow",
"rule_id" : "guri_KFH"
}, {
"ruleName" : "68-1",
"sourceZone" : [ "external1" ],
"destinationZone" : [ "internal" ],
"service" : [ "application-default" ],
"source" : [ "Eyal_address-10.20.5.7-9.5.17" ],
"destination" : [ "ip-192.168.99.252" ],
"install" : [ "any" ],
"action" : "allow",
"rule_id" : "68-1"
} ]
} ]
} ]
}
Clear your browser's cache