| API Description | API Path |
|---|---|
Get the list of the IPs affected for that signature for intrusion events detected on gatewayGet the list of IP addresses affected pertaining to a specific signature for intrusion events detected on gateway. |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/affected-ips
|
Get the list of the users affected for that signatureGet the list of the users affected pertaining to a specific signature. |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/affected-users
|
Get the list of the VMs affected for that signatureGet the list of the VMs affected pertaining to a specific signature. |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/affected-vms
|
Get the list of the IDS events that are detected, grouped by signature id.Get the list of the IDS events that are detected with the total number of intrusions detected, their severity and the time they occurred, grouped by signature id. |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/ids-events
|
Get the summary of the intrusions that were detected.Get the summary of all the intrusions that are detected grouped by signature with details including signature name, id, severity, attack type, protocol, first and recent occurence, and affected users and VMs. The following filter criteria are supported: attack target, attack type, gateway name, IP address, product affected, signature ID and VM name. |
POST /policy/api/v1/infra/settings/firewall/security/intrusion-services/ids-summary
|