Forcepoint Appliance REST API

Resource

Operation

Description

GET /api/app/v1/login

Authentication

Authentication

GET /api/app/v1/form_token

Get form token

GET /api/app/v1/upgrade/form_token

GET /api/app/v1/hotfix/form_token

PUT /api/app/v1/login

Get authentication token

Backup

GET /api/app/v1/backup

Show backups

POST /api/app/v1/backup/create

Create backup

POST /api/app/v1/backup/create/schedule

Create backup schedule

DELETE /api/app/v1/backup/delete

Delete local backup

DELETE /api/app/v1/backup/delete/schedule

Delete backup schedule

PUT /api/app/v1/backup/restore

Restore backup

PUT /api/app/v1/backup/save

Save backup

GET /api/app/v1/backup/schedule

Show backup schedule

Certificates

PUT /api/app/v1/sys/cert/(cert_type)/url_add

Add user certificate

PUT /api/app/v1/sys/cert/ca_add

Add ca certificate

GET /api/app/v1/sys/cert/ca_list

List ca certificates

DELETE /api/app/v1/sys/cert/ca_remove

Remove ca certificate

PUT /api/app/v1/sys/cert/user_add

Add user certificate

GET /api/app/v1/sys/cert/user_list

List certificates

DELETE /api/app/v1/sys/cert/user_remove

Remove user certificate

Config Summary

GET /api/app/v1/configsummary/download

Download config summary file

PUT /api/app/v1/configsummary/generate

Generate a config summary

PUT /api/app/v1/configsummary/save

Generate/save config summary

GET /api/app/v1/configsummary/status

Status of generation of config summary file

Filestore

POST /api/app/v1/filestore

Add filestore

DELETE /api/app/v1/filestore

Delete filestore

GET /api/app/v1/filestore

Get filestore information

GET /api/app/v1/filestore/download

Get file from filestore

GET /api/app/v1/filestore/list

Get filestore files

PUT /api/app/v1/filestore/upload

Upload file to filestore

Logging

GET /api/app/v1/log

Stream/view logs

GET /api/app/v1/log/archive

Get log file settings

PUT /api/app/v1/log/archive

Set logging settings

PUT /api/app/v1/log/save

Save log to filestore

DELETE /api/app/v1/log/siem

Set up SIEM server for log export

GET /api/app/v1/log/siem

Get SIEM server configuration for log export

PUT /api/app/v1/log/siem

Set up SIEM server for log export

Module

GET /api/app/v1/(module)/debugging

Debug control

PUT /api/app/v1/(module)/debugging

PUT /api/app/v1/disk/(mount_type)/(module)

Mount a filestore into module

Module-ESG

GET /api/app/v1/esg/dig

Run dig command

GET /api/app/v1/esg/email_shell

Email shell

PUT /api/app/v1/esg/email_subscription_reset

Reset email subscription

GET /api/app/v1/esg/maillog

Show/Download maillog

GET /api/app/v1/esg/pem

Download PEM backup to filestore

Module-WCG

GET /api/app/v1/wcg/content_line

Execute WCG content_line

PUT /api/app/v1/wcg/content_line

GET /api/app/v1/wcg/dpm_status

Get DPM status

GET /api/app/v1/wcg/policy_engine

Policy Engine control

PUT /api/app/v1/wcg/policy_engine

GET /api/app/v1/wcg/print_bypass

Get WCG bypass list

GET /api/app/v1/wcg/proxy_net_check

Proxy Net Check

PUT /api/app/v1/wcg/pwd_reset

Reset WCG password.

Module-WSE

GET /api/app/v1/wse/cache_user_names

Enable/disable caching of WISP users

PUT /api/app/v1/wse/cache_user_names

PUT /api/app/v1/wse/do/(service)

Enable/disable WSE services

GET /api/app/v1/wse/policy_broker_token

Retrieve Policy Broker token

GET /api/app/v1/wse/user_group_ip_precedence

Enable/disable user group ip precedence

PUT /api/app/v1/wse/user_group_ip_precedence

Network

GET /api/app/v1/net/(module)

Get network information

GET /api/app/v1/net

PUT /api/app/v1/net/(module)/(interface)/(state)

Set interface state

DELETE /api/app/v1/net/(module)/(interface)/ipv4

Delete IPv4 network configuration

PUT /api/app/v1/net/(module)/(interface)/ipv4

Set IPv4 network configuration

PUT /api/app/v1/net/(interface)/ipv4

DELETE /api/app/v1/net/(module)/(interface)/ipv6

Delete IPv6 network configuration

PUT /api/app/v1/net/(module)/(interface)/ipv6

Set IPv6 network configuration

PUT /api/app/v1/net/(interface)/ipv6

DELETE /api/app/v1/net/(module)/(interface)/vlan

Remove VLAN

DELETE /api/app/v1/net/(interface)/vlan

PUT /api/app/v1/net/(module)/(interface)/vlan

Set VLAN on an interface

PUT /api/app/v1/net/(interface)/vlan

DELETE /api/app/v1/net/(module)/(phys_interface)

Remove interface dedication

POST /api/app/v1/net/(module)/(phys_interface)/(virt_interface)

Dedicate interface

POST /api/app/v1/net/(module)/(phys_interface)

GET /api/app/v1/net/(module)/dedicated

Show dedicated interfaces

PUT /api/app/v1/net/(module)/dns

Set DNS servers

PUT /api/app/v1/net/dns

DELETE /api/app/v1/net/(module)/dns/(dns_server)

Delete DNS servers

DELETE /api/app/v1/net/dns/(dns_server)

GET /api/app/v1/net/(module)/mac

Get MAC address

GET /api/app/v1/net/mac

GET /api/app/v1/net/(module)/port

Get port information

GET /api/app/v1/net/port

DELETE /api/app/v1/net/(module)/port/(protocol)/(port_num)

Close port

PUT /api/app/v1/net/(module)/port/(protocol)/(port_num)

Open Port

POST /api/app/v1/net/bond/(p_interface)/(e_interface)

Bond interfaces

DELETE /api/app/v1/net/bond/(p_interface)/(e_interface)

Unbond interfaces

GET /api/app/v1/net/bond/exists

Get current bonds

GET /api/app/v1/net/bond/possible

Get possible bonds

PUT /api/app/v1/net/change_gateway/(module)/(interface)

Switch the gateway to another module interface if it is on the same subnet

DELETE /api/app/v1/net/dhcp/(module)/(interface)

Remove IPv4 network configuration set with DHCP

DELETE /api/app/v1/net/dhcp/(interface)

PUT /api/app/v1/net/dhcp/(module)/(interface)

Set IPv4 network configuration using DHCP

PUT /api/app/v1/net/dhcp/(interface)

GET /api/app/v1/net/dhcp/(module)/(interface)

Get DHCP lease information for an interface

GET /api/app/v1/net/dhcp/(interface)

PUT /api/app/v1/net/dhcp/module_hooks

Run module hooks due to DHCP changes onboot

DELETE /api/app/v1/net/diagnostic_ports

Close diagnostic ports

PUT /api/app/v1/net/diagnostic_ports

Open diagnostic ports

GET /api/app/v1/net/diagnostic_ports

Show diagnostic ports status

GET /api/app/v1/net/info/(interface)

Get interface speed/status

GET /api/app/v1/net/interface

Get undedicated interfaces

GET /api/app/v1/net/interface/physical/(interface)

Translate physical to virtual interface

GET /api/app/v1/net/interface/virtual/(module)/(interface)

Translate virtual to physical interface

GET /api/app/v1/net/is_valid_gateway/(module)/(interface)

Check if gateway is valid for the other module interface

GET /api/app/v1/net/mgmt

Get management inteface ip

GET /api/app/v1/net/status/(module)/(interface)

Get interface status

GET /api/app/v1/net/virtual

Get virtual interface mapping

GET /api/app/v1/net/vswitch/priority

Get RSTP priority

PUT /api/app/v1/net/vswitch/priority/(priority)

Set RSTP priority

GET /api/app/v1/net/vswitch/status

Get RSTP status

Polling

GET /api/app/v1/polling/bandwidth

Get bandwidth stats

GET /api/app/v1/polling/cpu

Get CPU stats

GET /api/app/v1/polling/disk

Get diskspace

GET /api/app/v1/polling/diskio

Get diskio stats

GET /api/app/v1/polling/mem

Get memory usage stats

Route

POST /api/app/v1/net/route

Get static IPv4 routes

DELETE /api/app/v1/net/route

Delete static IPv4 route

POST /api/app/v1/net/route/component

Add static IPv4 component route

DELETE /api/app/v1/net/route/component

Delete IPv4 component route

PUT /api/app/v1/net/route/load

Load IPv4 routes from filestore

PUT /api/app/v1/net/route/save

Save IPv4 routes to filestore

POST /api/app/v1/net/route6

Add static IPv4 route

DELETE /api/app/v1/net/route6

Delete static IPv6 route

PUT /api/app/v1/net/route6/load

Load IPv6 routes from filestore

PUT /api/app/v1/net/route6/save

Save IPv6 routes to filestore

GET /api/app/v1/net/route6_list

Get static IPv6 routes

GET /api/app/v1/net/route_list

Get static IPv4 routes

GET /api/app/v1/net/route_list/component

Get IPv4 component routes

GET /api/app/v1/net/routes

Download routes from filestore

POST /api/app/v1/net/routes

Load routes from file

SNMP

PUT /api/app/v1/snmp/(s_type)/(status)

Set SNMP status

PUT /api/app/v1/snmp/(snmp_mon_trap)

Set SNMP configuration

GET /api/app/v1/snmp/events

Show SNMP trap list

PUT /api/app/v1/snmp/events/import

Import SNMP events

PUT /api/app/v1/snmp/events/load

Load SNMP events

PUT /api/app/v1/snmp/events/load_json

Load SNMP events JSON

PUT /api/app/v1/snmp/events/save

Save SNMP config

PUT /api/app/v1/snmp/mib/save

Save SNMP MIB file

GET /api/app/v1/snmp/monitor

Show SNMP monitor config

GET /api/app/v1/snmp/trap

Show SNMP trap config

GET /api/app/v1/snmp/trap/backup

Send backup trap

GET /api/app/v1/snmp/trap/test

Send test trap

PUT /api/app/v1/snmp/trap/test_before_save

Test trap

GET /api/app/v1/snmp/update

Update snmp configuration

Security

GET /api/app/v1/security/(input_type)

Get security settings

PUT /api/app/v1/security/(input_type)

Set security settings

PUT /api/app/v1/security/restore/defaults

Restore security defaults

GET /api/app/v1/security/status

Get security settings job status

Service

GET /api/app/v1/sys/restart/status

UWSGI restart status

System

GET /api/app/v1/sys/(module)

Get system/module information

GET /api/app/v1/sys

PUT /api/app/v1/sys/(module)/control/(command)

Service control

PUT /api/app/v1/sys/control/(command)

DELETE /api/app/v1/sys/(module)/disable

Disable module

PUT /api/app/v1/sys/(module)/enable

Enable module

GET /api/app/v1/sys/(module)/status

Get module status

GET /api/app/v1/sys/(module)/version

Get module version

GET /api/app/v1/sys/feedback

Feedback setting

PUT /api/app/v1/sys/gui_url

Update URL

GET /api/app/v1/sys/hardware

Hardware information

PUT /api/app/v1/sys/hostname

Set appliance hostname/description

PUT /api/app/v1/sys/hostname/(module)

Set module hostname

GET /api/app/v1/sys/hostname/descr

Get host description

GET /api/app/v1/sys/integration

Get integration mode

GET /api/app/v1/sys/mode

Get security mode

GET /api/app/v1/sys/modules

Module list

GET /api/app/v1/sys/platform

Get platform

GET /api/app/v1/sys/platform_interfaces

Get platform interfaces

GET /api/app/v1/sys/policy_server_mode

Get policy mode

GET /api/app/v1/sys/proxy

Get proxy config

DELETE /api/app/v1/sys/proxy

Set/unset proxy config

PUT /api/app/v1/sys/proxy

PUT /api/app/v1/sys/restart/uwsgi

Restart UWSGI

GET /api/app/v1/sys/salt_status

Salt status

GET /api/app/v1/sys/status

Get system status

PUT /api/app/v1/sys/sysctl/(param)

Cycle sysctl variables

GET /api/app/v1/sys/sysctl/(param)

Get sysctl value

System-Access

PUT /api/app/v1/sys/access

Enable/Disable SSH

GET /api/app/v1/sys/access

Get SSH status

System-Account

GET /api/app/v1/sys/account/(user)

Get account info

PUT /api/app/v1/sys/account/(user)

Modify account properties

GET /api/app/v1/sys/account/(user)/history

Get account hisory

PUT /api/app/v1/sys/account/admin

Update admin password

PUT /api/app/v1/sys/account/admin/forgotpwd

Initialize password recovery

DELETE /api/app/v1/sys/account/email

Delete appliance email

DELETE /api/app/v1/sys/account/smtp

Delete SMTP configuration

PUT /api/app/v1/sys/account/smtp

Setup SMTP configuration

GET /api/app/v1/sys/account/smtp

Show SMTP configuration

PUT /api/app/v1/sys/module/account

Change WCG password

System-Mode

PUT /api/app/v1/sys/mode/filter

Set to Filtering mode

PUT /api/app/v1/sys/mode/lite

Set to User mode

PUT /api/app/v1/sys/mode/primary

Set to Full Policy mode

System-Time

GET /api/app/v1/sys/time/clock

Get system time

PUT /api/app/v1/sys/time/clock

Set time

GET /api/app/v1/sys/time/ntp

Get NTP information

PUT /api/app/v1/sys/time/ntp

Set NTP

PUT /api/app/v1/sys/time/ntp/sync

Sync NTP

GET /api/app/v1/sys/time/timezone

Get system timezone

PUT /api/app/v1/sys/time/timezone

Set system timezone

GET /api/app/v1/sys/time/timezone/list

Get all timezone info

Tools

GET /api/app/v1/tools/(module)/arp

Run arp

GET /api/app/v1/tools/arp

GET /api/app/v1/tools/(module)/ethtool

Run ethtool

GET /api/app/v1/tools/ethtool

GET /api/app/v1/tools/(module)/ifconfig

Run ifconfig

GET /api/app/v1/tools/ifconfig

GET /api/app/v1/tools/(module)/nc

Run nc

GET /api/app/v1/tools/nc

GET /api/app/v1/tools/(module)/netstat

Run netstat

GET /api/app/v1/tools/netstat

GET /api/app/v1/tools/(module)/nslookup

Run nslookup

GET /api/app/v1/tools/nslookup

GET /api/app/v1/tools/(module)/ping

Run ping

GET /api/app/v1/tools/ping

GET /api/app/v1/tools/(module)/ping6

Run ping6

GET /api/app/v1/tools/ping6

GET /api/app/v1/tools/(module)/route

Run route

GET /api/app/v1/tools/route

GET /api/app/v1/tools/(module)/route6

Run route6

GET /api/app/v1/tools/route6

GET /api/app/v1/tools/(module)/top

Run top

GET /api/app/v1/tools/top

GET /api/app/v1/tools/(module)/traceroute

Run traceroute

GET /api/app/v1/tools/traceroute

GET /api/app/v1/tools/(module)/traceroute6

Run traceroute6

GET /api/app/v1/tools/traceroute6

GET /api/app/v1/tools/(module)/wget

Run wget

GET /api/app/v1/tools/wget

GET /api/app/v1/tools/(module)/wget-proxy

Run wget with proxy

GET /api/app/v1/tools/wget-proxy

GET /api/app/v1/tools/ntpq

Run chronyc sources (formerly ntpq -p)

GET /api/app/v1/tools/ntpstat

Run chronyc tracking (formerly ntpstat)

GET /api/app/v1/tools/tcpdump

Run tcpdump

GET /api/app/v1/tools/test_email

Send test email

Upgrade-Hotfix

PUT /api/app/v1/(i_type)/(command)/download

Stop/pause download

POST /api/app/v1/(i_type)/browser_upload

Upload upgrade/hotfix from web browser

GET /api/app/v1/(i_type)/browser_upload/validate

DELETE /api/app/v1/(i_type)/delete

Delete upgrade/hotfix

PUT /api/app/v1/(i_type)/download

Download upgrade/hotfix

PUT /api/app/v1/(i_type)/download/resume

Resume download

GET /api/app/v1/(i_type)/download/status

Download status

GET /api/app/v1/(i_type)/history

Get history

PUT /api/app/v1/(i_type)/install

Install upgrade/hotfix

GET /api/app/v1/(i_type)/install/status

Get install status

GET /api/app/v1/(i_type)/list

Get upgrade/hotfix list

GET /api/app/v1/(i_type)/status/(req_type)

Get local upgrade/hotfix files

PUT /api/app/v1/(i_type)/upload

Upload upgrade/hotfix from filestore

PUT /api/app/v1/(i_type)/upload_url

Upload upgrade/hotfix from URL

GET /api/app/v1/hotfix

Get hotfix info

PUT /api/app/v1/hotfix/uninstall

Uninstall a hotfix

PUT /api/app/v1/schedule_upload_cleanup

Cleanup stranded upload files

PUT /api/app/v1/sys/unlock

GET /api/app/v1/upgrade

Get upgrade info

PUT /api/app/v1/upgrade/license

Get license

PUT /api/app/v1/upgrade/prep_install

Prepare appliance for upgrade

Users

POST /api/app/v1/sys/user/authentication

Authenticate user

GET /api/app/v1/sys/user/authorization

Authorize user

POST /api/app/v1/sys/user/create

Create user

DELETE /api/app/v1/sys/user/delete

Delete user

GET /api/app/v1/sys/user/get

Get user info

PUT /api/app/v1/sys/user/set

Set user attributes
PUT /api/app/v1/(i_type)/(command)/download

Stop/pause a currently downloading upgrade/hotfix file.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

  • command (required) – Command to perform, either pause or stop

Query Parameters:

  • file (optional) – File to delete

  • id (optional) – The ID associated with an available hotfix (only valid when i_type == hotfix)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Pause an upgrade download:

PUT /api/app/v1/upgrade/pause/download?file=upgrade.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Pause an upgrade download:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
POST /api/app/v1/(i_type)/browser_upload

Upload an upgrade/hotfix file from a web browser to the appliance.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

Query Parameters:

  • file (required) – File to upload to the appliance

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Upload an upgrade file to the appliance:

PUT /api/app/v1/upgrade/browser_upload?token=eyJhbGciOiJIUzI1NiIsImV4cCI6MTUwNDExNjMzNSwiaWF0IjoxNTA0MTA5MTM1fQ.eyJyYW5kb21fbnVtYmVyIjowLjkyNDg3MjU5OTQyMjk1MTR9.auaKpyUo-UNsuJ-B-_RaYkWurXti4yBcjoTA0j0eCPA&filename=upgrade_8_5_0_main.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Upload an upgrade file to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/(i_type)/browser_upload/validate

Upload an upgrade/hotfix file from a web browser to the appliance.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

Query Parameters:

  • file (required) – File to upload to the appliance

  • alias (required) – Filestore to upload from

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Upload an upgrade file to the appliance:

PUT /api/app/v1/upgrade/upload?file=upgrade.iso&alias=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Upload an upgrade file to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/(i_type)/delete

Delete an upgrade/hotfix file from the appliance.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

Query Parameters:

  • file (optional) – File to delete

  • id (optional) – The ID associated with an available hotfix (only valid when i_type == hotfix)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete an upgrade file from the appliance:

DELETE /api/app/v1/upgrade/delete?file=upgrade.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Delete an upgrade file from the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/(i_type)/download

Initiates a download of an upgrade/hotfix file in the background. Use the download status API to check status.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

Query Parameters:

  • file (optional) – Filename of upgrade/hotfix to download

  • id (optional) – The ID associated with an available hotfix (only valid when i_type == hotfix)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Start an upgrade download:

PUT /api/app/v1/upgrade/download?file=upgrade.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Start an upgrade download:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/(i_type)/download/resume

Resume a paused download.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

Query Parameters:

  • file (optional) – File to delete

  • id (optional) – The ID associated with an available hotfix (only valid when i_type == hotfix)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Pause an upgrade download:

PUT /api/app/v1/upgrade/download/resume?file=upgrade.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Pause an upgrade download:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/(i_type)/download/status

Get status of the download of an upgrade/hotfix file.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

Query Parameters:

  • file (optional) – Filename of upgrade/hotfix to download

  • id (optional) – The ID associated with an available hotfix (only valid when i_type == hotfix)

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Check the status of an upgrade download:

GET /api/app/v1/upgrade/download/status?file=upgrade.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Check the status of an upgrade download:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "status": "54"
}
GET /api/app/v1/(i_type)/history

Get upgrade/hotfix history.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get hotfix history:

GET /api/app/v1/hotfix/history HTTP/1.1
Accept: text/html

Example 1 - Response: Get hotfix history:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "list": [
    {
      "conflict": "None",
      "dependence": "None",
      "description": "Adding CLI commands to setup controller interface. Relogin appliance after applying this hotfix.",
      "filename": "Websense-Hotfix-App-8.1.3-830.rpm",
      "id": "App-8.1.3-830",
      "module": "app",
      "reboot": "no",
      "size": 121308,
      "status": "Downloaded, Ready to Install",
      "time": "2016-10-12 14:14:10",
      "version": "8.1.3"
    }
  ]
}
PUT /api/app/v1/(i_type)/install

Installs an upgrade/hotfix from the supplied filename. These installations happen in the background. If the hotfix/upgrade requires a reboot you will be able to get the status until the appliance reboots.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Install hotfix:

PUT /api/app/v1/upgrade/install?file=App-Upgrade-8.5.0.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Install hotfix:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/(i_type)/install/status

Get status of currently installing upgrade/hotfix.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get upgrade install status:

GET /api/app/v1/upgrade/install/status HTTP/1.1
Accept: text/html

Example 1 - Response: Get upgrade install status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Backing up configuration files"
}
GET /api/app/v1/(i_type)/list

Get a list of upgrades/hotfixes that are eligible for this Appliance.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Attempt to get available upgrades when none are available:

GET /api/app/v1/upgrade/list HTTP/1.1
Accept: text/html

Example 1 - Response: Attempt to get available upgrades when none are available:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Get available upgrades:

GET /api/app/v1/upgrade/list HTTP/1.1
Accept: text/html

Example 2 - Response: Get available upgrades:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "list":[
    {
      "description": "Patch to upgrade App to version v8.4.0",
      "filename": "Websense-Patch-App-8.4.0_1037.rpm",
      "size": 131345469,
      "status": "available",
      "time": "2016-07-21 09:32:59",
      "version": "8.4.0"
    }
  ]
}

Example 3 - Request: Get available hotfixes:

GET /api/app/v1/hotfix/list HTTP/1.1
Accept: text/html

Example 1 - Response: Get available hotfixes:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "list": [
    {
      "conflict": "None",
      "dependence": "App-8.4.3-830",
      "description": "Adding CLI commands to setup controller interface. Relogin appliance after applying this hotfix.",
      "filename": "Websense-Hotfix-App-8.4.0-830.rpm",
      "id": "App-8.4.0-830",
      "module": "app",
      "reboot": "yes",
      "size": 121308,
      "status": "Dependency Failure",
      "time": "2018-10-12 15:21:30",
      "version": "8.1.0"
    },
    {
      "conflict": "None",
      "dependence": "None",
      "description": "Adding CLI commands to setup controller interface. Relogin appliance after applying this hotfix.",
      "filename": "Websense-Hotfix-App-8.4.3-830.rpm",
      "id": "App-8.4.3-830",
      "module": "app",
      "reboot": "no",
      "size": 121308,
      "status": "Downloaded, Ready to Install",
      "time": "2018-10-12 14:14:10",
      "version": "8.4.3"
    },
  ]
}
GET /api/app/v1/(i_type)/status/(req_type)

Get the list of hotfix/upgrades that are on the local machine and are either installed, uninstalled, deleteable, installable, or all.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

  • req_type (required) – Type of file to view, options (installed, uninstalled, deleteable, installable, uninstallable, all)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Show installable upgrades on the appliance:

GET /api/app/v1/upgrade/status/installable HTTP/1.1
Accept: text/html

Example 1 - Response: Show installable upgrades on the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "list": [
    {
      "description": "TEST: Patch that upgrade the Appliance to version v8.5.0",
      "filename": "App-Upgrade-8.5.0.iso",
      "module": "app",
      "reboot": true,
      "size": 3886022656,
      "status": "Downloaded, Ready to Install",
      "time": "1988-01-04 18:14:39",
      "version": "8.5.0"
    }
  ]
}
PUT /api/app/v1/(i_type)/upload

Upload an upgrade/hotfix file from an external filestore to the appliance.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

Query Parameters:

  • file (required) – File to upload to the appliance

  • alias (required) – Filestore to upload from

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Upload an upgrade file to the appliance:

PUT /api/app/v1/upgrade/upload?file=upgrade.iso&alias=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Upload an upgrade file to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/(i_type)/upload_url

Upload an upgrade/hotfix file from a URL to the appliance.

New in version 1.0.

Parameters:

  • i_type (required) – Installation type, either upgrade or hotfix

Query Parameters:

  • url (required) – URL of the file to upload to the appliance

  • no-cert-verification (optional) – Do not verify ssl certificate

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Upload an upgrade file to the appliance:

PUT /api/app/v1/upgrade/upload?file=upgrade.iso&alias=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Upload an upgrade file to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/(module)/debugging

Resets debug to default or gets the status.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the modules

Parameters:

  • module (required) – Module to execute the command on

Query Parameters:

  • command (optional) – Either status or reset

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Get debugging status on WCG:

GET /api/app/v1/wcg/debugging?command=status HTTP/1.1
Accept: text/html

Example 1 - Response: Get debugging status on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "Debug log is disabled"
}

Example 2 - Request: Reset debugging on WCG:

PUT /api/app/v1/wcg/policy_engine?command=reset HTTP/1.1
Accept: text/html

Example 2 - Response: Reset debugging on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/(module)/debugging

Resets debug to default or gets the status.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the modules

Parameters:

  • module (required) – Module to execute the command on

Query Parameters:

  • command (optional) – Either status or reset

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Get debugging status on WCG:

GET /api/app/v1/wcg/debugging?command=status HTTP/1.1
Accept: text/html

Example 1 - Response: Get debugging status on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "Debug log is disabled"
}

Example 2 - Request: Reset debugging on WCG:

PUT /api/app/v1/wcg/policy_engine?command=reset HTTP/1.1
Accept: text/html

Example 2 - Response: Reset debugging on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/backup

Show a list of backup files in specified location (local or filestore).

Note

The timestamp displayed will be in UTC time.

New in version 1.0.

Query Parameters:

  • location (required) – Location to show backups from (local or filestore alias)

  • sort (optional) – How to sort the backups, only option is timestamp

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Show local backups:

GET /api/app/v1/backup?location=local HTTP/1.1
Accept: text/html

Example 1 - Response: Show local backups:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "local": {
    "Full-v10k-web-22-V10KG4-v8.3.0-20170227.bak": {
      "description": "new_test1",
      "timestamp": "2017/02/27 11:23:32"
    },
    "Full-v10k-web-22-V10KG4-v8.3.0-20170227-1.bak": {
      "description": "this is a test",
      "timestamp": "2017/02/27 11:25:30"
    },
    "Full-v10k-web-22-V10KG4-v8.3.0-20170227-2.bak": {
      "description": "this is a test2",
      "timestamp": "2017/02/27 11:27:17"
    },
    "Full-v10k-web-22-V10KG4-v8.3.0-20170227-3.bak": {
      "description": "this is a test3",
      "timestamp": "2017/02/27 11:28:45"
   }
}
POST /api/app/v1/backup/create

Create a backup and save it to specified location (local or filestore).

Note

The timestamp for the backup will be stored in UTC time.

New in version 1.0.

Query Parameters:

  • location (required) – Location to store the backup file (local or filestore alias)

  • bu_type (required) – Type of backup (web, email, full)

  • description (optional) – Description for the backup

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Create local web backup:

POST /api/app/v1/backup/create?location=local&bu_type=web&description=Web HTTP/1.1
Accept: text/html

Example 1 - Response: Create local web backup:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "bu_filename": "Web-V10KG4-v8.3.0-20161114-1.bak"
}

Example 2 - Request: Create web backup on filestore:

POST /api/app/v1/backup/create?location=myfilestore&bu_type=web&description=Web HTTP/1.1
Accept: text/html

Example 2 - Response: Create web backup on filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "bu_filename": "Web-V10KG4-v8.3.0-20161114-2.bak"
}

Example 3 - Request: Create full backup to url:

POST /api/app/v1/backup/create?url=ftp://ftp_backup:Firewall1_backup@10.206.6.87/sub1&bu_type=full HTTP/1.1
Accept: text/html

Example 3 - Response: Create full backup to url:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "bu_filename": "Full-main-latest-web-86-V5KG4-v8.5.3-20180521155516.bak"
}

Example 4 - Request: Create full backup to filestore, with save-path:

POST /api/app/v1/backup/create?url=ftp://ftp_backup:Firewall1_backup@10.206.6.87/sub1&bu_type=full&save-path=sub1 HTTP/1.1
Accept: text/html

Example 4 - Response: Create full backup to filestore, with save-path:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "bu_filename": "Full-main-latest-web-86-V5KG4-v8.5.3-20180521155516.bak"
}
POST /api/app/v1/backup/create/schedule

Create a backup schedule.

New in version 1.0.

Query Parameters:

  • time (required) – Time to perform backup (HH:MM)

  • location (required) – Location to store the backup file (local or filestore alias)

  • freq (required) – Frequency to perform the backup (daily, weekly, monthly)

  • date (optional) – Date of the month to perform backup (1-29), required if freq is set to monthly

  • day (optional) – Day of the week to perform backup (mon-sun), required if freq set to weekly

  • bu_type (required) – Type of backup (web, email, full)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Create backup schedule:

POST /api/app/v1/backup/create/schedule?location=local&freq=daily&time=12:20&bu_type=full HTTP/1.1
Accept: text/html

Example 1 - Response: Create backup schedule:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/backup/delete

Delete one or all local backup files.

New in version 1.0.

Query Parameters:

  • filename (required) – Name of backup file to delete, or ‘all’ to delete all local backups

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete a backup file:

POST /api/app/v1/backup/delete?filename=test.back HTTP/1.1
Accept: text/html

Example 1 - Response: Delete a backup file:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/backup/delete/schedule

Delete backup schedule.

New in version 1.0.

Query Parameters:

  • bu_type (required) – Type of backup to delete

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete backup schedule:

DELETE /api/app/v1/backup/schedule?bu_type=full HTTP/1.1
Accept: text/html

Example 1 - Response: Delete backup schedule:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/backup/restore

Restore a backup from the specified location (local, filestore or url).

New in version 1.0.

Note

After the restore is completed and the appliance reboots, the output is no longer a JSON. Instead, due to the reboot, an http error is encountered.

Query Parameters:

  • filename (optional) – Backup filename

  • location (optional) – Location to store the backup file (local or filestore alias)

  • url (optional) – URL of the backup to restore

  • no-cert-verification (optional) – Ignore SSL certificate checks (only valid with –url, with scheme https)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Restore backup from a filestore:

PUT /api/app/v1/backup/restore?location=myfilestore&filename=file.bak HTTP/1.1
Accept: text/html

Example 1 - Response: Restore backup from a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Restore backup from an ftp server:

PUT /api/app/v1/backup/restore?location=myfilestore&url=ftp://ftp_user:ftp_passwd@10.206.6.89/backups/my_backup.bak HTTP/1.1
Accept: text/html

Example 2 - Response: Restore backup from an ftp server:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Restore backup from an encrypted web server:

PUT /api/app/v1/backup/restore?location=myfilestore&url=https://web_user:web_passwd@10.206.6.89/backup/my_backup.bak HTTP/1.1
Accept: text/html

Example 3 - Response: Restore backup from an encrypted web server:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/backup/save

save a local backup to the specified filestore location.

New in version 1.0.

Query Parameters:

  • filename (required) – Local backup filename

  • location (optional) – Location to store the backup file (filestore alias)

  • save-path (optional) – directory under location to store the file

  • url (optional) – The url of the filestore

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Save a local backup to filestore:

PUT /api/app/v1/backup/save?location=myfilestore&filename=file.bak HTTP/1.1
Accept: text/html

Example 1 - Response: Save a local backup to filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'Web-hostname-v8.4.0-20170720201913.bak' has been saved to ftp://anonymous@10.206.6.131/."
}

Example 2 - Request: Save a local backup to URL:

PUT api/app/v1/backup/save?url=ftp%3A%2F%2Fftp_backup%3Aftp_backup%4010.206.6.87%2F&file=Full-travis-latest-email-85-V5KG4-v8.5.3-20180430160249.bak
Accept: text/html

Example 2 - Response: Save a local backup to URL:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'Full-travis-latest-email-85-V5KG4-v8.5.3-20180430160249.bak' has been saved to ftp://ftp_backup@10.206.6.87/"
}
GET /api/app/v1/backup/schedule

Show backup schedule.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Show backup schedule:

GET /api/app/v1/backup/schedule HTTP/1.1
Accept: text/html

Example 1 - Response: Show backup schedule:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Last Scheduled Backup": "Successfully completed backup on 2016-11-14 12:21",
  "Location": "local",
  "Next Scheduled Backup": "Wed, Nov 23 2016, 12:20 ",
  "Schedule Frequency": "monthly",
  "Type": "full"
}
GET /api/app/v1/configsummary/download

Download the specified config summary file.

Accepts:

text/html

Query Parameters:

  • filename (required) – Config summary file to download.

Response Headers:
Status Codes:

Example 1 - Request: Download config summary file:

GET /api/app/v1/configsummary/download?filename=<VALID_CS_FILE>.enc HTTP/1.1
Accept: text/html

Example 1 - Response: Download config summary file:

HTTP/1.1 200 OK
Content-Type: application/octetstring

<Encrypted Config Summary File>

Example 2 - Request: Invalid config summary file:

GET api/app/v1/configsummary/download?filename=<INVALID_CS_FILE>.enc HTTP/1.1
Accept: text/html

Example 2 - Response: Invalid config summary file:

HTTP/1.1 401 OK
Content-Type: application/json

{
 "Reason": "<CONFIG_SUMMARY_FILE>.enc does not exist",
 "Status": "Failure"
}
PUT /api/app/v1/configsummary/generate

Generate the config summary file for download.

Accepts:

text/html

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Generate config summary file:

PUT /api/app/v1/configsummary/generate HTTP/1.1
Accepts: text/html

Example 1 - Response: Generate config summary file:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Filename": "<NAME_OF_CONFIGSUM_FILE>.enc"
}
PUT /api/app/v1/configsummary/save

Generate and save config summary file to filestore server.

Accepts:

application/json

Query Parameters:

  • location (optional) – Location of filestore; filestore alias

  • url (required) – URL of the location in which to store the config summary

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Save config summary to filestore:

PUT /api/app/v1/configsummary/save?location=<VALID_FS_ALIAS> HTTP/1.1
Accepts: text/html

Example 1 - Response: Save config summary to filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'<CONFIG_SUMMARY>.enc' has been saved to <FILESTORE_PATH>."
}

Example 2 - Request: Invalid filestore alias:

PUT /api/app/v1/configsummary/save?location=<INVALID_FILESTORE_ALIAS> HTTP/1.1
Accepts: text/html

Example 2 - Response: Invalid filestore alias:

HTTP/1.1 400 OK
Content-Type: application/json

{
  "Reason": "Alias <INVALID_FILESTORE_ALIAS> does not exist.",
  "Status": "Failure"
}
GET /api/app/v1/configsummary/status

Get status of generation of config summary file. If not generating, returns last successful generation if it exists.

Accepts:

text/html.

Response Headers:
Status Codes:

  • 200 OK – Success - Status of process, and if not process, the last known good file if exists.

Example 1 - Request: Download config summary file:

GET /api/app/v1/configsummary/download?filename=<VALID_CS_FILE>.enc HTTP/1.1
Accept: text/html

Example 1 - Response: No file generating. Last known good file exists.:

HTTP/1.1 200 OK
Content-Type: application/json

  {
    "Filename": "FpTs_v.email.22.14_20180404113502.enc",
    "Generated Time": "2018-04-04 11:35:18",
    "Status": false
  }

Example 2 - Response: No file generating. No last known file exists.:

HTTP/1.1 200 OK
Content-Type: application/json

  {
    "Filename": null,
    "Generated Time": null,
    "Status": false
  }

Example 3 - Response: File is generating.:

HTTP/1.1 200 OK
Content-Type: application/json

  {
    "Status": true
  }
PUT /api/app/v1/disk/(mount_type)/(module)

Mount a filestore into a module.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the modules

Warning

If your Samba server does not support v1 the vers parameter is required. Otherwise the mount will fail.

Parameters:

  • mount_type (requred) – Mount action (mount, unmount)

  • module (required) – Module to mount into

Query Parameters:

  • type (required) – Type of mount (samba, nfs)

  • path (required) – Path within the module to mount to

  • location (required) – Location of the network drive to mount

  • user (optional) – username for Samba

  • passwd (optional) – password for Samba user

  • vers (optional) – version for Samba (required for any version of Samba higher that 1.0)

  • sec (optional) – security mode

Response Headers:
Status Codes:

Example 1 - Request: Samba mount:

PUT /api/app/v1/disk/mount/wcg?type=samba&path=/mnt&location=//10.206.6.76/anonymous&user=guest&passwd=guest HTTP/1.1
Accept: text/html

Example 1 - Response: Samba mount:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: NFS Mount:

PUT /api/app/v1/disk/mount/wcg?type=nfs&path=/mnt&location=10.206.4.100:/data/ISOs HTTP/1.1
Accept: text/html

Example 2 - Response: NFS Mount:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Unmount:

PUT /api/app/v1/disk/umount/wcg?path=/mnt HTTP/1.1
Accept: text/html

Example 3 - Response: Unmount:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/esg/dig

Runs DIG.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the ESG container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe unless scrub_output parameter is used.

Query Parameters:

  • x (optional) – PTR lookup. Takes IP address

  • txt (optional) – TXT lookup

  • mx (optional) – MX lookup

  • scrub_output (optional) – If output should be stripped of unescaped characters, True or False. Default: False, output will contain new line characters, etc.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Dig using PTR lookup:

GET /api/app/v1/esg/dig?x=10.206.4.166 HTTP/1.1
Accept: text/html

Example 1 - Response: Dig using PTR lookup:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "<DIG_OUTPUT>"
}
GET /api/app/v1/esg/email_shell

Sends email-shell debug module to ESG

Accepted Authorization:

admin

PUT /api/app/v1/esg/email_subscription_reset

Reset email subscription.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the ESG container

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Reset email subscription:

GET /api/app/v1/esg/email_subscription_reset HTTP/1.1
Accept: application/json

Example 1 - Response: Reset email subscription:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "Success"
}
GET /api/app/v1/esg/maillog

Show or Download ESG maillog.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the ESG container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe unless scrub_output parameter is used.

Query Parameters:

  • command (required) – Command to execute (show, download)

  • alias (optional) – Filestore to download to

  • file (optional) – Name of the file to download to the filestore

  • scrub_output (optional) – If output should be stripped of unescaped characters, True or False. Default: False, output will contain new line characters, etc.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Show maillog:

GET /api/app/v1/esg/maillog?command=show HTTP/1.1
Accept: application/json

Example 1 - Response: Show maillog:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "<MAILLOG_INFO>"
}

Example 2 - Request: Download maillog to filestore:

GET /api/app/v1/esg/maillog?command=download\&alias=myfilestore\&file=maillog.5.gz HTTP/1.1
Accept: application/json

Example 2 - Response: Download maillog to filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/esg/pem

Download PEM backup to filestore.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the ESG container

Query Parameters:

  • alias (required) – Filestore to download to

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Download PEM data to filestore:

GET /api/app/v1/esg/pem?alias=myfilestore HTTP/1.1
Accept: application/json

Example 1 - Response: Download PEM data to filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
POST /api/app/v1/filestore

Add a filestore to the appliance.

New in version 1.0.

Query Parameters:

  • alias (required) – Desired name of the filestore

  • host (required) – IPv4 address or hostname of the filestore

  • path (required) – Directory to save the file to on the filestore

  • type (required) – Protocol to use (ftp, samba)

  • user (optional) – User to log in as

  • password (optional) – Password for the user

  • port (optional) – Port to connect across

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Add filestore to the appliance:

POST /api/app/v1/filestore?alias=ftptest&host=10.206.6.196&path=.&type=ftp&user=<USER>&password=<PASSWORD>&port=21 HTTP/1.1
Accept: text/html

Example 1 - Response: Add filestore to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/filestore

Delete filestore item by alias.

New in version 1.0.

Query Parameters:

  • alias (required) – Filestore alias to delete

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete filestore:

DELETE /api/app/v1/filestore?alias=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Delete filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/filestore

Get currently set up filestore information.

New in version 1.0.

Query Parameters:

  • filestore (optional) – Filestore alias to get information, if omitted list all filestore information

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get filestore information for myfilestore alias:

GET /api/app/v1/filestore?alias=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Get filestore information for myfilestore alias:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "myfilestore": {
    "alias": "myfilestore",
    "host": "10.206.6.131",
    "password": "",
    "path": ".",
    "type": "ftp",
    "user": "anonymous"
  }
}
GET /api/app/v1/filestore/download

Download a file from a filestore to the appliance or a module. The file will appear in /transfers.

New in version 1.0.

Query Parameters:

  • alias (required) – The filestore alias

  • file (required) – The name of the file to download

  • filesize (optional) – The size (in MiB) of the file to download

  • module (optional) – The container to which file will be downloaded

Response Headers:
Status Codes:
Accepted Authorization:

skey

Example 1 - Request: Download a file from a filestore to the appliance:

GET /api/app/v1/download?alias=myfilestore&file=test.txt HTTP/1.1
Accept: text/html

Example 1 - Response: Download a file from a filestore to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Result": "Download successful"
}

Example 2 - Request: Download a file from a filestore to wcg:

GET /api/app/v1/download?alias=myfilestore&file=test.txt&module=wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Download a file from a filestore to wcg:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Result": "Download successful"
}
GET /api/app/v1/filestore/list

Get a list of all files in a filestore.

New in version 1.0.

Query Parameters:

  • filestore (required) – Filestore alias to get files from

  • filetype (required) – Filetype to display

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Show all txt files on a filestore:

GET /api/app/v1/filestore/?alias=myfilestore&filetype=txt HTTP/1.1
Accept: text/html

Example 1 - Response: Show all txt files on a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "list": [
    {
      "date": "05-02-17, 10:24AM",
      "filename": "foo.txt",
      "filesize": "129"
    },
    {
      "date": "05-02-17, 10:41AM",
      "filename": "bar.txt",
      "filesize": "116"
    },
  ]
}
PUT /api/app/v1/filestore/upload

Upload a file to a filestore from the appliance or a module.

New in version 1.0.

Query Parameters:

  • alias (required) – The filestore alias

  • filepath (required) – The filepath to the file that will be uploaded

  • module (optional) – The container to in which filepath is located

Response Headers:
Status Codes:
Accepted Authorization:

skey

Example 1 - Request: Upload a file from the appliance to a filestore:

PUT /api/app/v1/filestore/upload?alias=myfilestore&filepath=/opt/test.txt HTTP/1.1
Accept: text/html

Example 1 - Response: Upload a file from the appliance to a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Upload a file from wcg to a filestore:

GET /api/app/v1/filestore/upload?alias=myfilestore&filepath=/tmp/test.txt&module=wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Upload a file from wcg to a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/form_token
GET /api/app/v1/upgrade/form_token
GET /api/app/v1/hotfix/form_token

Get a form token. Form uploads cannot have their headers modified. This method will generate a very short timed token that is tied to the IP of the requester. It must come in as a parameter for an upload.

Note

Username/password is sent with the -u option with curl for Basic Auth.

Response Headers:
Status Codes:

Example 1 - Valid Request: Get form token:

GET /api/app/v1/form_token HTTP/1.1
Accept: text/html

Example 1 - Valid Response: Get form token:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "token": "<FORM_TOKEN>"
}
GET /api/app/v1/hotfix

Get hotfix information for a specific hotfix file.

New in version 1.0.

Query Parameters:

  • file (required) – Filename of upgrade/hotfix to get info for

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get hotfix information:

GET /api/app/v1/hotfix/?file=Websense-Hotfix-App-8.4.0-022.rpm HTTP/1.1
Accept: text/html

Example 1 - Response: Get hotfix information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "conflict": "None",
  "dependence": "None",
  "description": "App Fake Big Hotfix",
  "filename": "Websense-Hotfix-App-8.4.0-022.rpm",
  "id": "App-8.4.0-022",
  "module": "app",
  "reboot": "no",
  "release_note_url": "",
  "rollup": "None",
  "size": 555777848,
  "status": "Downloaded, Ready to Install",
  "time": "1988-01-04 18:12:46",
  "url": "http://10.206.22.199/download/hotfixes/app/8.4.0/Websense-Hotfix-App-8.4.0-022.rpm",
  "version": "8.4.0"
}
PUT /api/app/v1/hotfix/uninstall

Uninstall a hotfix.

New in version 1.0.

Query Parameters:

  • id (required) – ID of the hotfix to uninstall

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Uninstall a hotfix:

PUT /api/app/v1/hotfix/uninstall?id=App-8.4.0-011 HTTP/1.1
Accept: text/html

Example 1 - Response: Uninstall a hotfix:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/log

Stream log file or view last X lines in a log file. Currently only appliance level logs supported.

New in version 1.0.

Query Parameters:

  • log (required) – Log file to view.

  • module (required) – Module where the log resides. Options (esg, appliance, wse, wcg, na).

  • timeout (optional) – Timeout for log stream. Defaults to 150 seconds.

  • lines (optional) – Number of lines to read. Must be using last action.

  • action (optional) – Set this to last to view the last X number of lines.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get last ten lines from audit log:

GET /api/app/v1/log?log=audit&module=appliance&lines=10&action=last HTTP/1.1
Accept: text/html

Example 1 - Response: Get last ten lines from audit log:

HTTP/1.1 200 OK
Content-Type: text/html

<LAST 10 LINES>

Example 2 - Request: Stream logs for three minutes:

GET /api/app/v1/log?log=audit&module=appliance&timeout=180 HTTP/1.1
Accept: text/html

Example 2 - Response: Stream logs for three minutes:

HTTP/1.1 200 OK
Content-Type: text/html

<LOG LINES>
GET /api/app/v1/log/archive

Get log file settings.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get log file settings:

GET /api/app/v1/log/archive HTTP/1.1
Accept: text/html

Example 1 - Response: Get log file settings:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "app": {
    "audit": {
      "filepath": "/var/log/appliance/audit.log",
      "frequency": "Not Set",
      "size": "Not Set"
    },
    "system": {
      "filepath": "/var/log/appliance/cli.log",
      "frequency": "Not Set",
      "size": "Not Set"
    }
  },
  "network-agent": {
    "network-agent": {
      "filepath": [
        "/var/lib/lxc/na/rootfs/opt/Websense/bin/NetworkAgent.log"
      ],
      "frequency": "Not Set",
      "size": "Not Set"
    }
  },
  "proxy": {
    "proxy": {
      "filepath": [
        "/var/lib/lxc/wcg/rootfs/opt/WCG/logs/content_gateway.out"
      ],
      "frequency": "Not Set",
      "size": "Not Set"
    }
  },
  "web": {
    "web": {
      "filepath": [
        "/var/lib/lxc/wse/rootfs/opt/Websense/bin/Websense.log"
      ],
      "frequency": "Not Set",
      "size": "Not Set"
    }
  }
}
PUT /api/app/v1/log/archive

Set the archive frequency or the size. Works for audit and module logs. You can only set size or frequency, not both.

New in version 1.0.

Query Parameters:

  • log (required) – Log file archive to modify.

  • module (required) – Module where the log resides. Options (esg, appliance, wse, wcg, na).

  • frequency (optional) – Frequency in which to rotate the logs.

  • size (optional) – Size to allow the log file to get to before rotating it.

  • rotate (optional) – Number of archive log files to store locally before deleting the oldest.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set log archive to rotate when the log file is 10 megabytes:

PUT api/app/v1/log/archive?module=na&log=na&size=10m HTTP/1.1
Accept: text/html

Example 1 - Response: Set log archive to rotate when the log file is 10 megabytes:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Status": "Success"
}

Example 2 - Request: Set log archive to rotate weekly, keeping 10 files:

PUT api/app/v1/log/archive?module=na&log=na&frequency=weekly&rotate=10 HTTP/1.1
Accept: text/html

Example 1 - Response: Set log archive to rotate weekly:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Status": "Success"
}
PUT /api/app/v1/log/save

Save a local log to a filestore.

New in version 1.0.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

Query Parameters:

  • alias (optional) – Filestore alias to save the log to.

  • save-path (optional) – directory within filstore to store the logs in

  • module (required) – Module where the log resides. Options (esg, appliance, wse, wcg, na).

  • url (optional) – URL of the location in which to store the logs

  • type (required) – Type of log file to save (all, system, audit).

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Save audit log to filestore:

PUT api/app/v1/log/save?alias=myfilestore&module=appliance&type=audit HTTP/1.1
Accept: text/html

Example 1 - Response: Save audit log to filestore:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Result": "'audit_20170517094711.log' has been saved to ftp://anonymous@10.206.6.131/."
}
DELETE /api/app/v1/log/siem

Retrieve configuration for exporting local log to SIEM server

New in version 1.0.

Query Parameters:

  • type (required) – Type of log file to save (system, audit).

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete SIEM configurartion for audit log:

DELETE api/app/v1/log/siem?type=audit HTTP/1.1
Accept: text/html

Example 1 - Response: Delete SIEM configuration for audit log:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Result": "Success"
}
GET /api/app/v1/log/siem

Retrieve configuration for exporting local log to SIEM server

New in version 1.0.

Query Parameters:

  • type (required) – Type of log file to retrieve SIEM configuration (system, audit).

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: View SIEM log configuration for audit log:

GET api/app/v1/log/siem?type=audit HTTP/1.1
Accept: text/html

Example 1 - Response: Set local log to export:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "siem_host": "10.206.11.186",
  "siem_port": 514,
  "siem_protocol": "udp"
}
PUT /api/app/v1/log/siem

Set a local log to export to a SIEM server

New in version 1.0.

Query Parameters:

  • host (required) – IP or hostname of SIEM server

  • port (required) – Port to send SIEM data to

  • protocol (required) – Protocol to send data (tcp, udp)

  • type (required) – Type of log file to save (system, audit).

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set audit log to export on port 514 via udp:

PUT api/app/v1/log/siem?host=10.206.11.1&port=514&protocol=udp&type=audit HTTP/1.1
Accept: text/html

Example 1 - Response: SIEM configuration implemented for audit log:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "audit": {
    "siem_host": "10.206.11.1",
    "siem_port": 514,
    "siem_protocol": "udp"
  }
}
PUT /api/app/v1/login

Generate an API authentication token.

Note

Username/password is sent with the -u option with curl for Basic Auth.

Response Headers:
Status Codes:

Example 1 - Valid Request: Correct username/password:

GET /api/app/v1/login HTTP/1.1
Accept: text/html

Example 1 - Valid Response: Correct username/password:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "token": "<AUTH_TOKEN>"
}

Example 2 - Invalid Request: Incorrect username/password:

GET /api/app/v1/login HTTP/1.1
Accept: text/html

Example 2 - Invalid Response: Incorrect username/password:

HTTP/1.1 403 OK
Content-Type: text/html

Unauthorized Access
GET /api/app/v1/login

Verify API login credentials

Note

Username/password is sent with the -u option with curl for Basic Auth.

Response Headers:
Status Codes:

Example 1 - Valid Request: Correct username/password:

GET /api/app/v1/login HTTP/1.1
Accept: text/html

Example 1 - Valid Response: Correct username/password:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Login": "true"
}

Example 2 - Invalid Request: Incorrect username/password:

GET /api/app/v1/login HTTP/1.1
Accept: text/html

Example 2 - Invalid Response: Incorrect username/password:

HTTP/1.1 401 OK
Content-Type: text/html

Unauthorized Access
GET /api/app/v1/net/(module)
GET /api/app/v1/net

Shows network information for the appliance or modules.

New in version 1.0.

Note

Information will only appear on options that have been configured. For example, if you haven’t configured an IPv6 gateway it will not appear.

Warning

The non formatted version has been deprecated. Use the formatted version

Parameters:

  • module (required) – Module to get the information on. If excluded it defaults to all

Query Parameters:

  • format (optional) – If set to true use optional second format

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get all network information not formatted:

GET /api/app/v1/net HTTP/1.1
Accept: text/html

Example 1 - Response: Get all network information not formatted:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "APPLIANCE": {
    "DNS": {
      "dns_primary": "8.8.8.8",
      "dns_secondary": "8.8.4.4",
      "dns_tertiary": null
    },
    "GATEWAY": {
      "ipv4": {
        "gateway": "192.168.92.1",
        "interface": "eth0"
      }
    },
    "eth0": {
      "data": {
        "ip_address": "192.168.92.2",
        "ipv4_config_source": "static",
        "ipv6_address": null,
        "ipv6_status": "disabled",
        "mac": "ca:87:3f:5d:68:00",
        "netmask": "255.255.254.0",
        "prefix": null
      },
      "phys_interfaces": [
        "C"
      ]
    }
  },
 "WCG": {
    "DNS": {
      "dns_primary": "8.8.8.8",
      "dns_secondary": null,
      "dns_tertiary": "8.8.4.4"
    },
    "GATEWAY": {
      "ipv4": {
        "gateway": "10.206.7.254",
        "interface": "eth1"
      },
      "ipv6": {
        "gateway": "2017::0002",
        "interface": "eth0"
      }
    },
    "eth0": {
      "data": {
        "interface_status": "up",
        "ip_address": null,
        "ipv4_config_source": "static",
        "ipv6_address": "2017::1235",
        "ipv6_status": "enabled",
        "mac": "00:50:56:a2:3f:4b",
        "netmask": null,
        "prefix": "64"
      },
      "phys_interfaces": [
        "P1"
      ]
    },
    "eth1": {
      "data": {
        "interface_status": "up",
        "ip_address": "10.206.6.69",
        "ipv4_config_source": "static",
        "mac": "00:50:56:a2:76:22",
        "netmask": "255.255.252.0"
      },
      "phys_interfaces": [
        "P2"
      ]
    }
  }
}

Example 2 - Request: Get all network information formatted:

GET /api/app/v1/net?format=true HTTP/1.1
Accept: text/html

Example 2 - Response: Get all network information formatted:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "APP": {
    "C": {
      "data": {
        "ip_address": "10.206.6.69",
        "ipv4_config_source": "static",
        "ipv6_address": null,
        "ipv6_status": "disabled",
        "mac": "6a:de:4f:4f:be:42",
        "netmask": "255.255.252.0",
        "prefix": null,
        "virt_interface": "eth0"
      }
    },
    "DNS": {
      "dns_primary": "10.51.80.10",
      "dns_secondary": "10.51.80.11",
     "dns_tertiary": null
    },
    "GATEWAY": {
      "ipv4": {
        "gateway": "10.206.7.254",
        "interface": "C"
      }
    }
  },
  "PROXY": {
    "DNS": {
      "dns_primary": null,
      "dns_secondary": null,
      "dns_tertiary": null
    },
    "P1": {
      "data": {
        "mac": "be:b4:f1:2a:95:bd",
        "virt_interface": "eth0",
        "vlan_id": 123
      }
    },
    "P2": {
      "data": {
        "interface_status": "up",
        "mac": "d2:ee:e8:af:c3:ce",
        "virt_interface": "eth1"
      }
    }
  },
  "WEB": {
    "DNS": {
      "dns_primary": null,
      "dns_secondary": null,
      "dns_tertiary": null
    }
  }
}

Example 3 - Request: Get WCG network information not formatted:

GET /api/app/v1/net/wcg HTTP/1.1
Accept: text/html

Example 3 - Response: Get WCG network information not formatted:

HTTP/1.1 200 OK
Content-Type: application/json

{
 "WCG": {
    "DNS": {
      "dns_primary": "8.8.8.8",
      "dns_secondary": null,
      "dns_tertiary": "8.8.4.4"
    },
    "GATEWAY": {
      "ipv4": {
        "gateway": "10.206.7.254",
        "interface": "eth1"
      },
      "ipv6": {
        "gateway": "2017::0002",
        "interface": "eth0"
      }
    },
    "eth0": {
      "data": {
        "interface_status": "up",
        "ip_address": null,
        "ipv4_config_source": "static",
        "ipv6_address": "2017::1235",
        "ipv6_status": "enabled",
        "mac": "00:50:56:a2:3f:4b",
        "netmask": null,
        "prefix": "64"
      },
      "phys_interfaces": [
        "P1"
      ]
    },
    "eth1": {
      "data": {
        "interface_status": "up",
        "ip_address": "10.206.6.69",
        "ipv4_config_source": "static",
        "mac": "00:50:56:a2:76:22",
        "netmask": "255.255.252.0"
      },
      "phys_interfaces": [
        "P2"
      ]
    }
  }
}

Example 4 - Request: Get WCG network information formatted:

GET /api/app/v1/net/wcg HTTP/1.1
Accept: text/html

Example 4 - Response: Get WCG network information formatted:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "DNS": {
    "dns_primary": null,
    "dns_secondary": null,
    "dns_tertiary": null
  },
  "P1": {
    "data": {
      "mac": "be:b4:f1:2a:95:bd",
      "virt_interface": "eth0",
      "vlan_id": 123
    }
  },
  "P2": {
    "data": {
      "interface_status": "up",
      "mac": "d2:ee:e8:af:c3:ce",
      "virt_interface": "eth1"
    }
  }
}

Example 5 - Request: No information for module:

GET /api/app/v1/net/na HTTP/1.1
Accept: text/html

Example 5 - Response: No information for module:

HTTP/1.1 424 FAILED DEPENDENCY
Content-Type: application/json

{
  "Reason": "No network information on na",
  "Status": "Failure"
}
PUT /api/app/v1/net/(module)/(interface)/(state)

Brings specified interface up or down. Can be used on any interface.

New in version 1.0.

Parameters:

  • module (required) – Module to set interface state on

  • interface (required) – Interface to act upon (eth1)

  • status (required) – (up, down)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Bring down WCG eth1:

PUT /api/app/v1/net/wcg/eth1/down HTTP/1.1
Accept: text/html

Example 1 - Response: Disable WCG eth1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Bringing up an already up interface/Bringing down an already down interface:

PUT /api/app/v1/net/wcg/eth1/up HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid IP Address:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Interface is already up",
  "Status": "Failure"
}
DELETE /api/app/v1/net/(module)/(interface)/ipv4

Delete IPv4 network configuration.

New in version 1.0.

Parameters:

  • module (required) – Module to delete information on

  • interface (required) – Inteface to delete the information on

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete WCG eth0 IPv4 information:

DELETE /api/app/v1/net/wcg/eth0/ipv4 HTTP/1.1
Accept: text/html

Example 1 - Response: Delete WCG eth0 IPv4 information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: No IPv4 address associated with interface:

DELETE /api/app/v1/net/wcg/eth0/ipv4 HTTP/1.1
Accept: text/html

Example 2 - Response: No IPv4 associated with interface:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "There is no IP address associated with this interface to delete."
  "Status": "Failure"
}

Example 3 - Request: Invalid interface:

DELETE /api/app/v1/net/wcg/eth2/ipv4 HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid interface:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid interface supplied"
  "Status": "Failure"
}
PUT /api/app/v1/net/(module)/(interface)/ipv4
PUT /api/app/v1/net/(interface)/ipv4

Sets IPv4 network configuration.

New in version 1.0.

Parameters:

  • module (optional) – Module to set information on. If omitted it will set on the appliance

Query Parameters:

  • ip_address (optional) – IPv4 address of the specified interface

  • netmask (optional) – Netmask of the specified interface

  • gateway (optional) – Gateway address of the specified interface

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set appliance eth0:

PUT /api/app/v1/net/eth0/ipv4?ip_address=192.168.0.3&netmask=255.255.252.0&gateway=192.168.0.1 HTTP/1.1
Accept: text/html

Example 1 - Response: Set appliance eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set module (esg) eth0:

PUT /api/app/v1/net/esg/eth0/ipv4?ip_address=192.168.0.3&netmask=255.255.252.0&gateway=192.168.0.1 HTTP/1.1
Accept: text/html

Example 2 - Response: Set module (esg) eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Incorrect IPv4 address:

PUT /api/app/v1/net/eth0/ipv4?ip_address=192.168.0.300&netmask=255.255.252.0&gateway=192.168.0.1 HTTP/1.1
Accept: text/html

Example 3 - Response: Incorrect IPv4 address:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid IP address supplied"
  "Status": "Failure"
}
DELETE /api/app/v1/net/(module)/(interface)/ipv6

Delete ipv6 network configuration.

New in version 1.0.

Parameters:

  • module (required) – Module to delete information on

  • interface (required) – Inteface to delete the information on

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete WCG eth0 IPv6 information:

DELETE /api/app/v1/net/wcg/eth0/ipv6 HTTP/1.1
Accept: text/html

Example 1 - Response: Delete WCG eth0 IPv6 information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: No IPv6 address associated with interface:

DELETE /api/app/v1/net/wcg/eth0/ipv6 HTTP/1.1
Accept: text/html

Example 2 - Response: No IPv6 address associated with interface:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "There is no IP address associated with this interface to delete."
  "Status": "Failure"
}

Example 3 - Request: Invalid interface:

DELETE /api/app/v1/net/wcg/eth2/ipv6 HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid interface:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid interface supplied"
  "Status": "Failure"
}
PUT /api/app/v1/net/(module)/(interface)/ipv6
PUT /api/app/v1/net/(interface)/ipv6

Set IPv6 network configuration.

New in version 1.0.

Parameters:

  • module (optional) – Module to set information on. If omitted it will set on the appliance

  • interface (optional) – Interface to set IPv6 on

Query Parameters:

  • ipv6_address (optional) – IPv6 address of the specified interface

  • prefix (optional) – Prefix Length

  • ipv6_gateway (optional) – IPv6 Gateway address of the specified interface

  • ipv6_status (optional) – Status of IPv6. (enabled, disabled). Required if status is disabled, optional if status is enabled

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set appliance eth0:

PUT /api/app/v1/net/eth0/ipv6?ipv6_address=2017::0001&ipv6_status=enabled&prefix=64&ipv6_gateway=2017::1234 HTTP/1.1
Accept: text/html

Example 1 - Response: Set appliance eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set module (wcg) eth0:

PUT /api/app/v1/net/wcg/eth0/ipv6?ipv6_address=2017::0001&ipv6_status=enabled&prefix=64&ipv6_gateway=2017::1234 HTTP/1.1
Accept: text/html

Example 2 - Response: Set module (wcg) eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Incorrect IPv6 address:

PUT /api/app/v1/net/wcg/eth0/ipv6?ipv6_address=201G::0001&ipv6_status=enabled&prefix=64&ipv6_gateway=2017::1234 HTTP/1.1
Accept: text/html

Example 3 - Response: Set appliance eth0:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid IP address supplied"
  "Status": "Failure"
}
DELETE /api/app/v1/net/(module)/(interface)/vlan
DELETE /api/app/v1/net/(interface)/vlan

Remove VLAN configuration on an interface.

New in version 1.0.

Note

This feature is only available on X Series Appliances

Note

Changing the VLAN id on the C interface may affect your access to the API

Note

eth0 and eth1 are the P1 and P2 interfaces respectively

Parameters:

  • interface (required) – Interface to set the vlan on

  • module (optional) – Module to set the vlan on. If ommitted then set on appliance

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete VLAN on WCG eth0 interface:

DELETE /api/app/v1/net/wcg/eth0/vlan HTTP/1.1
Accept: text/html

Example 1 - Response: Delete VLAN on WCG eth0 interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Delete VLAN on V Series:

DELETE /api/app/v1/net/wcg/eth0/vlan HTTP/1.1
Accept: text/html

Example 2 - Response: Delete VLAN on V Series:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "This feature is only available on X Series hardware.",
  "Status": "Failure"
}

Example 3 - Request: Delete already configured vlan:

DELETE /api/app/v1/net/wcg/eth0/vlan HTTP/1.1
Accept: text/html

Example 3 - Response: Delete already configured vlan:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "No vlan configured",
  "Status": "Failure"
}
PUT /api/app/v1/net/(module)/(interface)/vlan
PUT /api/app/v1/net/(interface)/vlan

Configures VLAN settings

New in version 1.0.

Note

This feature is only available on X Series Appliances

Note

Changing the VLAN id on the C interface may affect your access to the API

Note

eth0 and eth1 are the P1 and P2 interfaces respectively

Parameters:

  • interface (required) – Interface to set the vlan on

  • module (optional) – Module to set the vlan on. If ommitted then set on appliance

Query Parameters:

  • vlan_id (required) – vlan id to set

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set VLAN on WCG eth0 interface:

PUT /api/app/v1/net/wcg/eth0/vlan?vlan_id=123 HTTP/1.1
Accept: text/html

Example 1 - Response: Set VLAN on WCG eth0 interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set VLAN on V Series:

PUT /api/app/v1/net/wcg/eth0/vlan?vlan_id=123 HTTP/1.1
Accept: text/html

Example 2 - Response: Set VLAN on V Series:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "This feature is only available on X Series hardware.",
  "Status": "Failure"
}

Example 3 - Request: Set invalid VLAN:

PUT /api/app/v1/net/wcg/eth0/vlan?vlan_id=123456 HTTP/1.1
Accept: text/html

Example 3 - Response: Set invalid VLAN:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid vlan id, must be between 2-4094",
  "Status": "Failure"
}
DELETE /api/app/v1/net/(module)/(phys_interface)

Removes the specified interface dedication from the specified module.

New in version 1.0.

Parameters:

  • module (required) – Module to remove the interface dedication from

  • phys_interface (required) – Physical interface to remove dedication from

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Detach E1 from WCG:

DELETE /api/app/v1/net/wcg/e1 HTTP/1.1
Accept: text/html

Example 1 - Response: Detach E1 from WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Detach an nonattached interface from WCG:

DELETE /api/app/v1/net/wcg/e1 HTTP/1.1
Accept: text/html

Example 2 - Response: Detach an nonattached interface from WCG:

HTTP/1.1 422 UNPROCESSABLE ENTITY
Content-Type: application/json

{
  "Reason": "E1 is not dedicated to wcg.",
  "Status": "Failure"
}
POST /api/app/v1/net/(module)/(phys_interface)/(virt_interface)
POST /api/app/v1/net/(module)/(phys_interface)

Dedicates the specified interface to the specified module.

New in version 1.0.

Parameters:

  • module (required) – Module to dedicate the interface to

  • phys_interface (required) – Physical interface to dedicate

  • virt_interface (optional) – Virtual interface to attach the physical interface to

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Attach E1 to WCG:

POST /api/app/v1/net/wcg/e1 HTTP/1.1
Accept: text/html

Example 1 - Response: Attach E1 to WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "virt_interface": "wcg.aux0"
}

Example 2 - Request: Attach E1 to WCG Aux1 interface:

POST /api/app/v1/net/wcg/e1/aux1 HTTP/1.1
Accept: text/html

Example 2 - Response: Attach E1 to WCG Aux1 interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "virt_interface": "wcg.aux1"
}

Example 3 - Request: Interface not available:

POST /api/app/v1/net/wcg/wcg.eth1 HTTP/1.1
Accept: text/html

Example 3 - Response: Interface not available:

HTTP/1.1 422 BAD UNPROCESSABLE ENTITY
Content-Type: application/json

{
  "Reason": "WCG.ETH0 interface is not available.",
  "Status": "Failure"
}
GET /api/app/v1/net/(module)/dedicated

Show the interfaces that are dedicated to the specified module.

New in version 1.0.

Parameters:

  • module (required) – Module to get the information on

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get dedicated interfaces on WCG:

GET /api/app/v1/net/wcg/dedicated HTTP/1.1
Accept: text/html

Example 1 - Response: Get dedicated interfaces on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Result": {
    "wcg.aux1": "E1"
  }
}

Example 2 - Request: No dedicated interfaces on WCG:

GET /api/app/v1/net/wcg/dedicated HTTP/1.1
Accept: text/html

Example 2 - Response: No dedicated interfaces on WCG:

HTTP/1.1 424 FAILED DEPENDENCY
Content-Type: application/json

{
  "Reason": "There are no mapped interfaces.",
  "Status": "Failure"
}
PUT /api/app/v1/net/(module)/dns
PUT /api/app/v1/net/dns

Set the primary, secondary, tertiary dns servers.

New in version 1.0.

Parameters:

  • module (required) – Module to set DNS on. If ommitted set on appliance

Query Parameters:

  • dns_primary (optional) – Primary DNS server

  • dns_secondary (optional) – Secondary DNS server

  • dns_tertiary (optional) – Tertiary DNS server

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set DNS server on appliance:

PUT /api/app/v1/net/dns?dns_primary=8.8.8.8&dns_secondary=8.8.4.4&dns_tertiary=8.8.2.2 HTTP/1.1
Accept: text/html

Example 1 - Response: Set DNS server on appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set DNS server on module:

PUT /api/app/v1/net/wcg/dns?dns_primary=8.8.8.8&dns_secondary=8.8.4.4&dns_tertiary=8.8.2.2 HTTP/1.1
Accept: text/html

Example 2 - Response: Set DNS server on module:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Invalid IP address:

PUT /api/app/v1/net/dns?dns_primary=8.8.8.500 HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid IP address:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid IPv4 address supplied"
  "Status": "Failure"
}
DELETE /api/app/v1/net/(module)/dns/(dns_server)
DELETE /api/app/v1/net/dns/(dns_server)

Delete the primary, secondary, tertiary dns servers.

New in version 1.0.

Parameters:

  • module (required) – Module to delete DNS on. If ommitted delte on appliance

Query Parameters:

  • dns_server (optional) – DNS server to delete. Options(dns2, dns3)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete DNS server on appliance:

DELETE /api/app/v1/net/dns?dns_server=dns2 HTTP/1.1
Accept: text/html

Example 1 - Response: Delete DNS server on appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Delete DNS server on module:

DELETE /api/app/v1/net/wcg/dns?dns_server=dns2 HTTP/1.1
Accept: text/html

Example 2 - Response: Delete DNS server on module:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/net/(module)/mac
GET /api/app/v1/net/mac

Gets MAC addresses for interfaces in a specified module or appliance.

New in version 1.0.

Parameters:

  • module (optional) – Module of which to get the MAC address. If ommitted defaults to appliance

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get WCG MAC address:

GET /api/app/v1/net/wcg/mac HTTP/1.1
Accept: text/html

Example 1 - Response: Get WCG MAC address:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "aux0": "2e:7c:7f:3f:ce:be",
  "aux1": "42:e5:c4:7f:65:92",
  "eth0": "be:b4:f1:2a:95:bd",
  "eth1": "d2:ee:e8:af:c3:ce"
}
GET /api/app/v1/net/(module)/port
GET /api/app/v1/net/port

Get port information on a module or the appliance.

New in version 1.0.

Parameters:

  • module (optional) – Module to view port information. If ommitted it shows appliance information.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Show all port information:

GET /api/app/v1/net/port HTTP/1.1
Accept: text/html

Example 1 - Response: Show all port information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "WCG": {
    "TCP": [
      "8888"
    ]
  }
}

Example 2 - Request: Show WCG port information:

GET /api/app/v1/net/wcg/port HTTP/1.1
Accept: text/html

Example 2 - Response: Show WCG port information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "PROXY": {
    "TCP": [
      "8888"
    ]
  }
}
DELETE /api/app/v1/net/(module)/port/(protocol)/(port_num)

Closes a UDP or TCP port for specified module.

New in version 1.0.

Parameters:

  • module (required) – Module to close the port on

  • protocol (required) – Protocol of the port. Options (tcp, udp)

  • port_num (required) – Port number

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Close TCP Port 8888 on WCG:

DELETE /api/app/v1/net/wcg/port/tcp/8888 HTTP/1.1
Accept: text/html

Example 1 - Response: Close TCP Port 8888 on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Close a port that is already closed:

DELETE /api/app/v1/net/wcg/port/tcp/8888 HTTP/1.1
Accept: text/html

Example 2 - Response: Close a port that is already closed:

HTTP/1.1 424 FAILED DEPENDENCY
Content-Type: application/json

{
  "Reason": "Port has not been opened by user",
  "Status": "Failure"
}
PUT /api/app/v1/net/(module)/port/(protocol)/(port_num)

Open a UDP or TCP port for specified module.

New in version 1.0.

Warning

This does no validation of currently open ports. If you forward 443 to a container it will break the API

Parameters:

  • module (required) – Module to open the port on

  • protocol (required) – Protocol of the port. Options(tcp, udp)

  • port_num (required) – Port number

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Open TCP Port 8888 on WCG:

PUT /api/app/v1/net/wcg/port/tcp/8888 HTTP/1.1
Accept: text/html

Example 1 - Response: Open TCP Port 8888 on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Open a port that is already open:

PUT /api/app/v1/net/wcg/port/tcp/8888 HTTP/1.1
Accept: text/html

Example 2 - Response: Open a port that is already open:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Port is already open",
  "Status": "Failure"
}
POST /api/app/v1/net/bond/(p_interface)/(e_interface)

Bonds interfaces together.

New in version 1.0.

Parameters:

  • p_interface (required) – P interface to bond. Options (p1, p2)

  • e_interface (required) – E interface to bond. Options (e1, e2)

Query Parameters:

  • bond_mode (optional) – Bond mode for the interfaces. Options (active-backup, balance-rr)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Bond interfaces:

POST /api/app/v1/net/bond/p1/e1?bond_mode=active-backup HTTP/1.1
Accept: text/html

Example 1 - Response: Bond interfaces:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/net/bond/(p_interface)/(e_interface)

Unbond interfaces.

New in version 1.0.

Parameters:

  • p_interface (required) – P interface to unbond. Options (p1, p2)

  • e_interface (required) – E interface to unbond. Options (e1, e2)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Bond interfaces:

GET /api/app/v1/net/bond/p1/e1 HTTP/1.1
Accept: text/html

Example 1 - Response: Bond interfaces:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/net/bond/exists

Get the list of bonds that exist.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get possible bonds:

GET /api/app/v1/net/bond/exists HTTP/1.1
Accept: text/html

Example 1 - Response: Get possible bonds:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "bond_list": [
    [
      "P1",
      "E1"
    ],
    [
      "P2",
      "E2"
    ]
  ]
}

Example 2 - Request: No bonds exist:

GET /api/app/v1/net/bond/exists HTTP/1.1
Accept: text/html

Example 2 - Response: No bonds exist:

HTTP/1.1 422 FAILED DEPENDENCY
Content-Type: application/json

{
  "Reason": "There are no bonded interfaces.",
  "Status": "Failure"
}

Example 3 - Request: Get current bonds on an appliance that doesn’t allow bonds:

GET /api/app/v1/net/wcg/dedicated HTTP/1.1
Accept: text/html

Example 3 - Response: Get current bonds on an applaince that doesn’t allow bonds:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "This feature is only available on V10K/V20K hardware.",
  "Status": "Failure"
}
GET /api/app/v1/net/bond/possible

Get the list of possible bonds.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get possible bonds:

GET /api/app/v1/net/bond/possible HTTP/1.1
Accept: text/html

Example 1 - Response: Get possible bonds:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "bond_list": [
    [
      "P1",
      "E1"
    ],
    [
      "P2",
      "E2"
    ]
  ]
}

Example 2 - Request: Get possible bonds on an appliance that doesn’t allow bonds:

GET /api/app/v1/net/wcg/dedicated HTTP/1.1
Accept: text/html

Example 2 - Response: Get possible bonds on an applaince that doesn’t allow bonds:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "This feature is only available on V10K/V20K hardware.",
  "Status": "Failure"
}
PUT /api/app/v1/net/change_gateway/(module)/(interface)

Change the default gateway on a given module to the specified interface

New in version 1.0.

Parameters:

  • module (required) – Module of the gateway we are changing

  • interface (required) – Interface to switch the gateway to

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Check if current gateway in wcg module is valid for eth0:

PUT /api/app/v1/net/change_gateway/wcg/eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Change the gateway on wcg module to eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: No IPv4 address associated with the eth1 interface:

PUT /api/app/v1/net/change_gateway/wcg/eth1 HTTP/1.1
Accept: text/html

Example 2 - Response: No IPv4 associated with the other interface:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Error retrieving interface eth1 configuration. Is the interface configured?"
  "Status": "Failure"
}

Example 3 - Request: Interface eth1 not in same subnet as gateway:

PUT /api/app/v1/net/is_valid_gateway/wcg/eth1 HTTP/1.1
Accept: text/html

Example 3 - Response: Gateway not in same subnet as interface:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Changing gateway will cause loss of connectivity"
  "Status": "Failure"
}
DELETE /api/app/v1/net/dhcp/(module)/(interface)
DELETE /api/app/v1/net/dhcp/(interface)

Remove IPv4 address set with DHCP from interface

New in version 1.0.

Parameters:

  • interface (required) – The name of the interface within the host to uncongifure.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Remove wcg eth0 IPv4 configuration:

DELETE /api/app/v1/net/dhcp/wcg/eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: remove wcg eth0 IPv4 network configuration set with DHCP:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/net/dhcp/(module)/(interface)
PUT /api/app/v1/net/dhcp/(interface)

Enables interface’s IPv4 address to be set with DHCP

New in version 1.0.

Parameters:

  • interface (required) – The name of the interface within the host to congifure.

Query Parameters:

  • allow_gateway (optional) – Whether or not to attempt to dynamically configure the gateway on this interface.

  • allow_dns (optional) – Whether or not to attempt to dynamically configure the DNS servers.

  • allow_ntp (optional) – Whether or not to attempt to dynamically configure the NTP servers.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set wcg eth0:

PUT /api/app/v1/net/dhcp/wcg/eth0?allow_gateway=True&allow_dns=True&allow_ntp=True HTTP/1.1
Accept: text/html

Example 1 - Response: Set wcg eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/net/dhcp/(module)/(interface)
GET /api/app/v1/net/dhcp/(interface)

Get the DHCP lease information for an interface

New in version 1.0.

Parameters:

  • interface (required) – The name of the interface within the host about which to get lease information .

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Get DHCP lease information for wcg eth0:

GET /api/app/v1/net/dhcp/wcg/eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Get DHCP lease information for wcg eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "dhcp-lease-time": "600",
  "dhcp-message-type": "5",
  "dhcp-server-identifier": "10.206.6.239",
  "domain-name": "dev.forcepoint.com",
  "domain-name-servers": "10.51.80.10,10.51.80.11,8.8.8.8",
  "expire": "2017/08/30 15:51:26 UTC",
  "fixed-address": "10.206.6.91",
  "interface": "eth0",
  "ntp-servers": "216.239.35.4",
  "rebind": "2017/08/30 15:50:11 UTC",
  "renew": "2017/08/30 15:45:25 UTC",
  "routers": "10.206.7.254",
  "subnet-mask": "255.255.252.0"
}
PUT /api/app/v1/net/dhcp/module_hooks

Run module hooks that DHCP was unable to run onboot.

New in version 1.0.

Response Headers:
Status Codes:

  • 200 OK – Success - ran module hooks successfully

Accepted Authorization:

skey

**Example 1 - Request: Run module hooks that DHCP was unable to run onboot:

PUT /api/app/v1/net/dhcp/module_hooks HTTP/1.1
Accept: text/html

**Example 1 - Run module hooks that DHCP was unable to run onboot:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/net/diagnostic_ports

Close diagnostic ports

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Close diagnostic ports:

DELETE /api/app/v1/net/diagnostic_ports HTTP/1.1
Accept: text/html

Example 1 - Response: Close diagnostic ports:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Close already closed diagnostic ports:

DELETE /api/app/v1/net/diagnostic_ports HTTP/1.1
Accept: text/html

Example 2 - Response: Close already closed diagnostic ports:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Diagnostic ports are already disabled",
  "Status": "Failure"
}
PUT /api/app/v1/net/diagnostic_ports

Open diagnostic ports.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Open diagnostic ports:

PUT /api/app/v1/net/diagnostic_ports HTTP/1.1
Accept: text/html

Example 1 - Response: Open diagnostic ports:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Open already opened diagnostic ports:

PUT /api/app/v1/net/diagnostic_ports HTTP/1.1
Accept: text/html

Example 2 - Response: Open already opened diagnostic ports:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Diagnostic ports are already enabled",
  "Status": "Failure"
}
GET /api/app/v1/net/diagnostic_ports

Show diagnostic ports status

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get diagnostic ports status:

GET /api/app/v1/net/diagnostic_ports HTTP/1.1
Accept: text/html

Example 1 - Response: Get diagnostic ports status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "disabled"
}
GET /api/app/v1/net/info/(interface)

Returns the speed and connection status of a physical NIC.

New in version 1.0.

Parameters:

  • interface (required) – Interface to retrieve info about

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get P1 interface status/speed:

GET /api/app/v1/net/info/p1 HTTP/1.1
Accept: text/html

Example 1 - Response: Get P1 interface status/speed:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "isup": "True",
  "speed": "10000"
}

Example 2 - Request: Get invalid interface status/speed:

GET /api/app/v1/net/info/p4 HTTP/1.1
Accept: text/html

Example 1 - Response: Get invalid interface status/speed:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid interface supplied.",
  "Status": "Failure"
}
GET /api/app/v1/net/interface

Returns undedicated/free physical interfaces.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get undedicated interfaces:

GET /api/app/v1/net/interface HTTP/1.1
Accept: text/html

Example 1 - Response: Get undedicated interfaces:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "interfaces": [
    "E2"
  ]
}
GET /api/app/v1/net/interface/physical/(interface)

Translates a physical interface (ex: P1) to the virtual interface(s) equivalent (ex: wcg.eth0).

New in version 1.0.

Parameters:

  • interface (required) – Physical interface to translate

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Translate P1 to virtual interface:

GET /api/app/v1/net/interface/physical/p1 HTTP/1.1
Accept: text/html

Example 1 - Response: Translate P1 to virtual interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "virt_interfaces": [
    "wcg.eth0"
  ]
}

Example 2 - Request: Attempt to translate invalid interface:

GET /api/app/v1/net/interface/physical/p3 HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to translate invalid interface:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "This is not a valid interface.",
  "Status": "Failure"
}
GET /api/app/v1/net/interface/virtual/(module)/(interface)

Translates a virtual interface (ex: wcg.eth0) to the physical interface(s) equivalent (ex: P1).

New in version 1.0.

Parameters:

  • interface (required) – Virtual inteface to translate

  • module (required) – Module the interface is attached to

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Translate wcg eth0 to physical:

GET /api/app/v1/net/interface/virtual/wcg/eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Translate wcg eth0 to physical:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "phys_interfaces": [
    "P1"
  ]
}

Example 2 - Request: Translate nonexistent interface to physical:

GET /api/app/v1/net/interface/virtual/wcg/eth2 HTTP/1.1
Accept: text/html

Example 2 - Response: Translate nonexistent interface to physical:

HTTP/1.1 424 FAILED DEPENDENCY
Content-Type: application/json

{
  "Reason": "There are no physical interfaces associated with module proxy",
  "Status": "Failure"
}
GET /api/app/v1/net/is_valid_gateway/(module)/(interface)

Check if the gateway is valid for the other module interface

New in version 1.0.

Parameters:

  • module (required) – Module of the gateway we are checking

  • interface (required) – Current interface that the gateway is on

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Check if gateway currently assigned to eth0 is valid for eth1:

GET /api/app/v1/net/is_valid_gateway/wcg/eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Check if gateway currently assigned to wcg module is valid for eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: No IPv4 address associated with the interface:

GET /api/app/v1/net/is_valid_gateway/wcg/eth1 HTTP/1.1
Accept: text/html

Example 2 - Response: No IPv4 associated with the interface:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Error retrieving interface configuration."
  "Status": "Failure"
}
GET /api/app/v1/net/mgmt

Returns the IP address for the management interface (C).

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get management interface(C) IP:

GET /api/app/v1/net/mgmt HTTP/1.1
Accept: text/html

Example 1 - Response: Get management interface(C) IP:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "ip": "10.206.6.67"
}
POST /api/app/v1/net/route

Add static IPv4 route.

New in version 1.0.

Query Parameters:

  • dest (required) – Destination IP address (or subnet) in IPv4 format

  • mask (required) – Netmask in IPv4 format

  • gateway (required) – Gateway (next hop) in IPv4 format

  • interface (required) – Interface name (eth0, eth1, aux0, aux1)

  • module (optional) – Module the interface belongs to. If omitted route will be set on the appliance

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set route on the appliance:

POST /api/app/v1/net/route?dest=30.10.0.0&mask=255.255.255.0&gateway=192.168.0.1&interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Set route on the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set route on WCG P1:

POST /api/app/v1/net/route?dest=30.10.0.0&mask=255.255.255.0&gateway=192.168.0.1&interface=eth0&module=wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Set route on WCG P1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Invalid gateway for the interface:

POST /api/app/v1/net/route?dest=30.10.0.0&mask=255.255.255.0&gateway=192.168.0.7&interface=eth0 HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid gateway for the interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Invalid gateway '10.206.22.254'",
  "Status": "Failure"
}
DELETE /api/app/v1/net/route

Delete single static IPv4 route.

New in version 1.0.

Query Parameters:

  • dest (required) – Destination IP address(or subnet) in IPv4 format

  • mask (required) – Netmask in IPv4 format

  • gateway (required) – Gateway (next hop) in IPv4 format

  • interface (required) – Interface name. (eth0, eth1, aux0, aux1)

  • module (optional) – Module the interface belongs to. If ommitted route will be set on the appliance

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete route on the appliance:

DELETE /api/app/v1/net/route?dest=30.10.0.0&mask=255.255.255.0&gateway=192.168.0.1&interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Delete route on the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Delete route on WCG P1:

DELETE /api/app/v1/net/route?dest=30.10.0.0&mask=255.255.255.0&gateway=192.168.0.1&interface=eth0&module=wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Delete route on WCG P1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Invalid gateway for the interface:

DELETE /api/app/v1/net/route?dest=30.10.0.0&mask=255.255.255.0&gateway=192.168.0.7&interface=eth0 HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid gateway for the interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Invalid gateway '10.206.22.254'",
  "Status": "Failure"
}
POST /api/app/v1/net/route/component

Add single IPv4 component route.

New in version 1.0.

Query Parameters:

  • dest (required) – Destination IP address(or subnet) in IPv4 format

  • mask (required) – Netmask in IPv4 format

  • module (required) – Module to set the route on (only wcg and esg supported)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Add component route on WCG P1:

POST /api/app/v1/net/route/component?dest=40.10.0.0&mask=255.255.255.0&module=wcg HTTP/1.1
Accept: text/html

Example 1 - Response: Add component route on WCG P1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Invalid module:

POST /api/app/v1/net/route?dest=40.10.0.0&mask=255.255.255.0&module=abc HTTP/1.1
Accept: text/html

Example 2 - Response: Invalid module:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Invalid module: None",
  "Status": "Failure"
}
DELETE /api/app/v1/net/route/component

Delete single IPv4 component route.

New in version 1.0.

Query Parameters:

  • dest (required) – Destination IP address (or subnet) in IPv4 format

  • mask (required) – Netmask in IPv4 format

  • module (required) – Module to delete the route from (only wcg and esg supported)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete component route:

DELETE /api/app/v1/net/route/component?dest=40.10.0.0&mask=255.255.255.0&interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Delete component route:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Invalid module:

DELETE /api/app/v1/net/route?dest=40.10.0.0&mask=255.255.255.0&module=abc HTTP/1.1
Accept: text/html

Example 2 - Response: Invalid module:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Invalid module: None",
  "Status": "Failure"
}
PUT /api/app/v1/net/route/load

Load multiple IPv4 routes from filestore server.

New in version 1.0.

Query Parameters:

  • location (required) – Filestore alias the routes are saved too

  • file (required) – Route file on the filestore

  • action (required) – Add or Delete (del)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Add IPv4 routes from filestore:

PUT /api/app/v1/net/route/load?location=myfilestore&file=ipv4_rules.txt&action=add HTTP/1.1

Accept: text/html

Example 1 - Response: Add IPv4 routes from filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "Total added 1 routes. 0 failed."
}

Example 2 - Request: Delete IPv4 routes from filestore:

PUT /api/app/v1/net/route/load?location=myfilestore&file=ipv4_rules.txt&action=del HTTP/1.1

Accept: text/html

Example 2 - Response: Delete IPv4 routes from filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "Total deleted 1 routes. 0 failed."
}
PUT /api/app/v1/net/route/save

Save multiple IPv4 routes to filestore server.

New in version 1.0.

Query Parameters:

  • location (required) – Filestore alias name

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Save routes to a filestore:

PUT /api/app/v1/net/route/save?location=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Save routes to a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'Route_appliance_20170502102731.txt' has been saved to ftp://anonymous@10.206.6.131/."
}

Example 2 - Request: Invalid filestore:

PUT /api/app/v1/net/route/save?location=notmyfilestore HTTP/1.1
Accept: application/json

Example 2 - Response: Invalid filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Alias notmyfilestore does not exist.",
  "Status": "Failure"
}

Example 3 - Request: Save routes to a URL:

PUT /api/app/v1/net/route/save?url=ftp://ftp_route:ftp_route_password@10.206.6.131/ HTTP/1.1
Accept: text/html

Example 3 - Response: Save routes to a URL:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'Route_travis-latest-email-85_20180430153335.txt' has been saved to ftp://ftp_route@10.206.6.131/"
}
POST /api/app/v1/net/route6

Add single static IPv6 route.

New in version 1.0.

Query Parameters:

  • dest (required) – Destination IP address (or subnet) in IPv6 format

  • prefixlen (required) – Prefix Length

  • gateway (required) – Gateway (next hop) in IPv6 format

  • interface (required) – Interface name. (eth0, eth1, aux0, aux1)

  • module (optional) – Module the interface belongs to. If ommitted route will be set on the appliance

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Add IPv6 route on the appliance:

POST /api/app/v1/net/route6?dest=2804:10:206:4::&prefix=62&gateway=2017::0010&interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Add IPv6 route on the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Add IPv6 route on WCG P1:

POST /api/app/v1/net/route6?dest=2804:10:206:4::&prefix=62&gateway=2017::0010&interface=eth0&module=wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Add IPv6 route on WCG P1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Invalid gateway for the interface:

POST /api/app/v1/net/route6?dest=2804:10:206:4::&prefix=62&gateway=2017::001R&interface=eth0&module=wcg HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid gateway for the interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Invalid gateway '2017::001R'",
  "Status": "Failure"
}
DELETE /api/app/v1/net/route6

Delete single static IPv6 route.

New in version 1.0.

Query Parameters:

  • dest (required) – Destination IP address(or subnet) in IPv6 format

  • prefixlen (required) – IPv6 Prefix Length

  • gateway (required) – Gateway (next hop) in IPv6 format

  • interface (required) – Interface name. (eth0, eth1, aux0, aux1)

  • module (optional) – Module the interface belongs to. If ommitted route will be set on the appliance

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete IPv6 route on the appliance:

DELETE /api/app/v1/net/route?dest=2804:10:206:4::&prefix=62&gateway=2017::0010&interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Delete IPv6 route on the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Delete IPv6 route on WCG P1:

DELETE /api/app/v1/net/route?dest=2804:10:206:4::&prefix=62&gateway=2017::001&interface=eth0&module=wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Delete IPv6 route on WCG P1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Invalid gateway for the interface:

DELETE /api/app/v1/net/route?dest=2804:10:206:4::&prefix=62&gateway=2017::001R&interface=eth0&module=wcg HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid gateway for the interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Invalid gateway '2017::001R'",
  "Status": "Failure"
}
PUT /api/app/v1/net/route6/load

Load multiple IPv6 routes from filestore server.

New in version 1.0.

Query Parameters:

  • location (required) – Filestore alias the routes are saved too

  • file (required) – Route file on the filestore

  • action (required) – Add or Delete (del)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Add IPv6 routes from filestore:

PUT /api/app/v1/net/route6/load?location=myfilestore&file=ipv6_rules.txt&action=add HTTP/1.1

Accept: text/html

Example 1 - Response: Add IPv6 routes from filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "Total added 1 routes. 0 failed."
}

Example 2 - Request: Delete IPv6 routes from filestore:

PUT /api/app/v1/net/route6/load?location=myfilestore&file=ipv6_rules.txt&action=del HTTP/1.1

Accept: text/html

Example 2 - Response: Delete IPv6 routes from filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "Total deleted 1 routes. 0 failed."
}
PUT /api/app/v1/net/route6/save

Save multiple IPv6 routes to filestore server.

New in version 1.0.

Query Parameters:

  • location (required) – Filestore alias name

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Save IPv6 routes to a filestore:

PUT /api/app/v1/net/route6/save?location=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Save IPv6 routes to a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'Route6_mason67_20170502104420.txt' has been saved to ftp://anonymous@10.206.6.131/."
}

Example 2 - Request: Invalid filestore:

PUT /api/app/v1/net/route6/save?location=notmyfilestore HTTP/1.1
Accept: text/html

Example 2 - Response: Invalid filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Alias notmyfilestore does not exist.",
  "Status": "Failure"
}

Example 3 - Request: Save routes to a URL:

PUT /api/app/v1/net/route6/save?url=ftp://ftp_route:ftp_route_passwd@10.206.6.131/ HTTP/1.1
Accept: text/html

Example 3 - Response: Save routes to a URL:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'Route6_travis-latest-email-85_20180430153335.txt' has been saved to ftp://ftp_route@10.206.6.131/"
GET /api/app/v1/net/route6_list

Get static IPv6 route list.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get IPv6 routes:

GET /api/app/v1/net/route6_list HTTP/1.1
Accept: text/html

Example 1 - Response: Get IPv6 routes:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "route_list": [
    {
      "dest": "2804:10:206:4::",
      "gateway": "2017::0002",
      "interface": "c",
      "module": "app",
      "prefix": "64",
      "valid": "Y"
    }
  ]
}
GET /api/app/v1/net/route_list

Get static IPv4 route.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get IPv4 routes:

GET /api/app/v1/net/route_list HTTP/1.1
Accept: text/html

Example 1 - Response: Get IPv4 routes:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "route_list": [
    {
      "dest": "30.10.0.0",
      "gateway": "10.206.7.254",
      "interface": "c",
      "mask": "255.255.0.0",
      "valid": "Y"
    }
  ]
}
GET /api/app/v1/net/route_list/component

Get Ipv4 component route list.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get IPv4 component routes:

GET /api/app/v1/net/route_list/component HTTP/1.1
Accept: text/html

Example 1 - Response: Get IPv4 component routes:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "route_list": [
    {
      "dest": "40.10.0.0",
      "mask": "255.255.0.0",
      "module": "proxy",
      "valid": "Y"
    }
  ]
}
GET /api/app/v1/net/routes

Download routes from filestore.

New in version 1.0.

Note

This API call doesn’t use basic auth. Use the login API from the Authentication module to get a token.

Query Parameters:

  • location (required) – Filestore alias the routes are saved too

  • type (required) – Type of route to download. ipv4 or ipv6

  • token (required) – Authentication Token

Response Headers:
Status Codes:

Example 1 - Request: Download IPv4 routes:

GET /api/app/v1/net/route?location=myfilestore&type=ipv4&token=<AUTH_TOKEN> HTTP/1.1
Accept: text/html

Example 1 - Response: Download IPv4 routes:

HTTP/1.1 200 OK
Content-Type: text/plain

<ROUTES_FILE_CONTENT>
POST /api/app/v1/net/routes

Upload multiple routes (IPv4 or IPv6) from web browser.

New in version 1.0.

Note

This API call uses form data. Craft your requests accordingly.

Note

This API call doesn’t use basic auth. Use the login API from the Authentication module to get a token.

Query Parameters:

  • type (required) – Type of routes (IPv4 or IPv6)

  • file (required) – Route file on the filestore

  • action (required) – Add or Delete(del)

  • token (required) – Auth token

Response Headers:
Status Codes:

Example 1 - Request: Add IPv4 routes from file:

POST /api/app/v1/net/routes HTTP/1.1

--form 'file=@/root/routes4.txt' --form 'type=ipv4' --form 'action=add'
Accept: text/plain

Example 1 - Response: Add IPv4 routes from file:

HTTP/1.1 200 OK
Content-Type: text/html
<html><head>{"success" : true}</head></html>
GET /api/app/v1/net/status/(module)/(interface)

Returns physical interface status (enabled or disabled).

New in version 1.0.

Parameters:

  • module (required) – Module that contains the interface

  • interface (required) – Interface to check

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get interface status:

GET /api/app/v1/net/wcg/eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Get interface status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "status": "up"
}
GET /api/app/v1/net/virtual

Gets the virtual interface mapping for the appliance.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get virtual interface mapping V10K/V20K**:

GET /api/app/v1/net/virtual HTTP/1.1
Accept: text/html

Example 1 - Response: Get virtual interface mapping V10K/V20K**:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "virt_interfaces": {
    "esg.eth0": "br-e1",
    "esg.eth1": "br-e2",
    "esg.internal": "br-mgmt",
    "eth0": "br-main",
    "na.eth0": "br-n",
    "na.internal": "br-mgmt",
    "wcg.eth0": "br-p1",
    "wcg.eth1": "br-p2",
    "wcg.internal": "br-mgmt",
    "wse.internal": "br-mgmt"
  }
}
GET /api/app/v1/net/vswitch/priority

Retrieves Rapid Spanning Tree Protocol priority for the switch the physical interface is on.

New in version 1.0.

Note

This is only available on the X Series

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get RSTP priority:

GET /api/app/v1/net/vswitch/priority HTTP/1.1
Accept: text/html

Example 1 - Response: Get RSTP priority:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "rstp_priority": "61440"
}
PUT /api/app/v1/net/vswitch/priority/(priority)

Sets Rapid Spanning Tree Protocol priority.

New in version 1.0.

Note

This is only available on the X Series

Note

The default for the appliance is the lowest priority, 61440

Parameters:

  • priority (required) – RSTP priority of the bridge. Must be between 0 and 61440, and a multiple of 4096

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set RSTP priority:

PUT /api/app/v1/net/vswitch/priority/57344 HTTP/1.1
Accept: text/html

Example 1 - Response: Set RSTP priority:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/net/vswitch/status

Retrieves Rapid Spanning Tree Protocol status.

New in version 1.0.

Note

This is only available on the X Series

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get RSTP status:

GET /api/app/v1/net/vswitch/status HTTP/1.1
Accept: text/html

Example 1 - Response: Get RSTP status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "P1": {
    "state": "active"
  },
  "P2": {
    "state": "standby"
  }
}
GET /api/app/v1/polling/bandwidth

Get bandwidth stats for a module and appliance interfaces.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get appliance bandwidth stats:

GET /api/app/v1/polling/bandwidth HTTP/1.1
Accept: text/html

Example 1 - Response: Get appliance bandwidth stats:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Bonded Interfaces E2, P2": {
    "b_recv": "84325549",
    "b_sent": "2059375",
    "drop_in": "4325",
    "drop_out": "0",
    "err_in": "0",
    "err_out": "0",
    "in": "0.01",
    "mac_addr": "44:a8:42:48:2a:9c",
    "out": "0.00",
    "p_recv": "100979",
    "p_sent": "32028",
    "speed": "1000Mb/s",
    "status": "True"
  },
  "C": {
    "b_recv": "10550315",
    "b_sent": "9359403",
    "drop_in": "32",
    "drop_out": "0",
    "err_in": "0",
    "err_out": "0",
    "in": "0.02",
    "mac_addr": "2e:c7:08:36:99:8c",
    "out": "0.03",
    "p_recv": "76028",
    "p_sent": "65276",
    "speed": "0Mb/s",
    "status": "True"
  },
  "N": {
    "b_recv": "342",
    "b_sent": "2883142",
    "drop_in": "0",
    "drop_out": "0",
    "err_in": "0",
    "err_out": "0",
    "in": "0.00",
    "mac_addr": "96:08:83:f5:e6:15",
    "out": "0.01",
    "p_recv": "5",
    "p_sent": "37346",
    "speed": "10000Mb/s",
    "status": "True"
  },
  "P1": {
    "b_recv": "3114",
    "b_sent": "1397298",
    "drop_in": "0",
    "drop_out": "0",
    "err_in": "0",
    "err_out": "0",
    "in": "0.00",
    "mac_addr": "7e:ee:e7:70:e2:45",
    "out": "0.00",
    "p_recv": "35",
    "p_sent": "18096",
    "speed": "10000Mb/s",
    "status": "True"
  }
}
GET /api/app/v1/polling/cpu

Get CPU usage stats.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get CPU stats:

GET /api/app/v1/polling/cpu HTTP/1.1
Accept: text/html

Example 1 - Response: Get CPU stats:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "cpu_usage": [
    "Total=2.8%",
    "CPU-0=2.0%",
    "CPU-1=1.0%",
    "CPU-2=2.0%",
    "CPU-3=0.0%",
    "CPU-4=3.0%",
    "CPU-5=0.0%",
    "CPU-6=5.0%",
    "CPU-7=1.0%",
    "CPU-8=1.0%",
    "CPU-9=1.0%",
    "CPU-10=2.0%",
    "CPU-11=0.0%",
    "CPU-12=0.0%",
    "CPU-13=1.0%",
    "CPU-14=0.0%",
    "CPU-15=0.0%",
    "CPU-16=0.0%",
    "CPU-17=1.0%",
    "CPU-18=0.0%",
    "CPU-19=0.0%",
    "CPU-20=0.0%",
    "CPU-21=1.0%",
    "CPU-22=1.0%",
    "CPU-23=1.0%"
  ]
}
GET /api/app/v1/polling/disk

Get diskspace.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get diskspace:

GET /api/app/v1/polling/disk HTTP/1.1
Accept: text/html

Example 1 - Response: Get diskspace:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Fingerprinting": {
    "free": "16G",
    "rate": "0%",
    "total": "16G",
    "used": "0"
  },
  "Proxy Cache": {
    "free": "16G",
    "rate": "0%",
    "total": "16G",
    "used": "0"
  },
  "System": {
    "free": "92G",
    "rate": "21%",
    "total": "120G",
    "used": "24G"
  }
}
GET /api/app/v1/polling/diskio

Get diskio stats.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get diskio stats:

GET /api/app/v1/polling/diskio HTTP/1.1
Accept: text/html

Example 1 - Response: Get diskio stats:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "iops": {
    "Fingerprinting": "0io/s",
    "System": "326io/s"
  }
}
GET /api/app/v1/polling/mem

Get memory usage stats.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get memory usage stats:

GET /api/app/v1/polling/mem HTTP/1.1
Accept: text/html

Example 1 - Response: Get memory usage stats:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "MTOTAL": "12599218176",
  "MUSED": "5814579200",
  "MUSEDPRC": "46"
}
PUT /api/app/v1/schedule_upload_cleanup

Creates a cron job to cleanup any stranded uploads due to cancels.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Schedule upload cleanup:

PUT /api/app/v1/schedule_upload_cleanup HTTP/1.1
Accept: text/html

Example 1 - Response: Schedule upload cleanup:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/security/(input_type)

Retrieve security settings for CLI (SSH), API, or SSO

New in version 1.0.

Warning

This call for security settings is not available on appliance version 8.5.2 or earlier.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get security settings:

GET /api/app/v1/security/api HTTP/1.1
Accept: text/html

Example 1 - Response: Get security settings:

HTTP/1.1 200 OK
Content-Type: application/json

{

“ssl_ciphers”: “AES:AES128-SHA256”, “ssl_protocols”: “TLSv1.2”

}

PUT /api/app/v1/security/(input_type)

Set security settings for CLI (SSH), API, and SSO.

New in version 1.0.

Warning

This call to set security settings is not available on appliance version 8.5.2 or earlier.

Parameters:

  • protocol (optional) – Value of protocol to be set

  • cipher (optional) – Value of cipher to be set

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Set security settings:

PUT /api/app/v1/security/api?protocol=TLSv1.2 HTTP/1.1
Accept: text/html

Example 1 - Response: Set security settings:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "job_id": "20180806111232015557"
}
PUT /api/app/v1/security/restore/defaults

Restore security default settings for CLI (SSH), API, and SSO.

New in version 1.0.

Warning

This call to restore security default settings is not available on appliance version 8.5.2 or earlier.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Restore security defaults:

PUT /api/app/v1/security/restore/defaults?type=all HTTP/1.1
Accept: text/html

Example 1 - Response: Restore security defaults:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "sso_job_id": "20180806111232015557"
  "api_job_id": "20180806111232015558"
  "cli_job_id": "20180806111232015559"
}

Example 2 - Request: Restore security defaults:

PUT /api/app/v1/security/restore/defaults?type=sso HTTP/1.1
Accept: text/html

Example 2 - Response: Restore security defaults:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "sso_job_id": "20180806111232015557"
}
GET /api/app/v1/security/status

Retrieves job status for a set of security settings for CLI (SSH), API, and SSO.

New in version 1.0.

Warning

This call to get a security settings status is not available on appliance version 8.5.2 or earlier.

Parameters:

  • protocol (optional) – Value of protocol to be set

  • cipher (optional) – Value of cipher to be set

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get security settings job status:

PUT /api/app/v1/security/status?jid=20180803152057785532 HTTP/1.1
Accept: text/html

Example 1 - Response: Get security settings job status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "status": "Service was successfully restarted.  Settings file saved and in use."
}
PUT /api/app/v1/snmp/(s_type)/(status)

Enable/disable SNMP monitor or trap.

New in version 1.0.

Parameters:

  • s_type (required) – Type to act upon (monitor, trap)

  • status (required) – (enabled or disabled)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Enable SNMP monitoring:

PUT /api/app/v1/snmp/monitor/enabled HTTP/1.1
Accept: text/html

Example 1 - Response: Enable SNMP monitoring:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Disable SNMP monitoring:

PUT /api/app/v1/snmp/monitor/disabled HTTP/1.1
Accept: text/html

Example 2 - Response: Disable SNMP monitoring:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Enable SNMP traps:

PUT /api/app/v1/snmp/trap/enabled HTTP/1.1
Accept: text/html

Example 3 - Response: Enable SNMP traps:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 4 - Request: Enable SNMP monitor before configuring SNMP monitoring:

PUT /api/app/v1/snmp/monitor/enabled HTTP/1.1
Accept: text/html

Example 4 - Response: Enable SNMP monitor before configuring SNMP monitoring:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Required SNMP type not specified",
    "Status": "Failure"
}
PUT /api/app/v1/snmp/(snmp_mon_trap)

Set the SNMP configuration.

New in version 1.0.

Note

Some parameters are required for certain versions of SNMP or if you are configuring monitor vs. trap. To know which parameters are required per version consult with the SNMP documentation.

Parameters:

  • snmp_mon_trap (required) – Type to act upon (monitor, trap)

Query Parameters:

  • type – Type/version of SNMP to set (v1, v2c, v3)

  • community – Community name, length(4 < name < 64), no spaces allowed

  • ip – IP address of the server to send SNMP data to

  • ip – Port on the server to connect to

  • authentication – Authentication for the server

  • encrypt – Type of encryption to use ex: (None, des)

  • security_level – SNMP v3 security level

  • user – Username for authentication

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set basic SNMP v1:

PUT /api/app/v1/snmp/monitor\?type\=v1\&community\=mysnmp HTTP/1.1
Accept: text/html

Example 1 - Response: Set basic SNMP v1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set SNMP v3 with authPriv security level:

PUT /api/app/v1/snmp/monitor?type=v3&username=tsnmpser&securitylevel=authPriv&encrypt=des&&encrypt_key=mypassword&authentication=md5&password=mypassword HTTP/1.1
Accept: text/html

Example 2 - Response: Set SNMP v3 with authPriv security level:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/snmp/events

Show SNMP trap event lists for appliance or module.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get SNMP event list:

GET /api/app/v1/snmp/events HTTP/1.1
Accept: text/html

Example 1 - Response: Get SNMP event list:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "app": [
      {
         "class": "System resource",
         "clear_capable": "yes",
         "description": "CPU usage",
         "enabled": "yes",
         "interval": "60",
         "name": "CPU usage",
         "oid": "cpuMaxUsageExceed",
         "subclass": "system",
         "threshold1": {
            "current": "90",
            "default": "90",
            "description": "Exceeds",
            "name": "extremum",
            "range": "95,90,80,70,60,50;;%",
            "settable": "yes"
         },
         "threshold2": {
            "current": "1",
            "default": "1",
            "description": "for",
            "name": "duration",
            "range": "1,2,5,10,15,20;; min",
            "settable": "yes"
         }
      }
    ]
}
PUT /api/app/v1/snmp/events/import
Apply SNMP trap events to snmpd server from filename.

The contents of the file at the supplied filename should contain full event JSON. If loading is successful its content will replace those of snmp_events.json.

Note

Currently a user has no method of manually loading SNMP events to this location. This is currently for upgrade only.

New in version 1.0.

Query Parameters:

  • filename (required) – Filename of the file containing snmp events.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Import SNMP trap events from local file:

PUT /api/app/v1/snmp/events/import?filename=myevents.json HTTP/1.1
Accept: text/html

Example 1 - Response: Import SNMP trap events from local file:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/snmp/events/load

Load SNMP trap events from filestore server.

Note

The file must be yaml formatted.

New in version 1.0.

Query Parameters:

  • location (required) – Configured filestore alias

  • file (required) – File on the filestore containing SNMP events

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Load SNMP trap events from filestore:

PUT /api/app/v1/snmp/events/load?location=<ALIAS>&file=<FILENAME> HTTP/1.1
Accept: text/html

Example 1 - Response: Load SNMP trap events from filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/snmp/events/load_json

Load SNMP trap events from JSON parameter.

Note

Use primarily by FSAM

New in version 1.0.

JSON Parameters:

  • events_data (required) – SNMP events in JSON format

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Load SNMP trap events:

PUT /api/app/v1/snmp/events/load_json HTTP/1.1
Accept: application/json

Example 1 - Response: Load SNMP trap events:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/snmp/events/save

Save SNMP trap events to filestore server for editing or later use.

New in version 1.0.

Query Parameters:

  • location (required) – Configured filestore alias

  • default (required) – Save default traps (yes, no)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Save SNMP config to a filestore:

PUT /api/app/v1/snmp/events/save?location=<ALIAS>&default=yes HTTP/1.1
Accept: text/html

Example 1 - Response: Save SNMP config to a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'Trap_mason67_default.yml' has been saved to ftp://anonymous@10.206.6.131/."
}

Example 2 - Request: Save SNMP config to a url:

PUT /api/app/v1/snmp/events/save?url=ftp://ftp_trap:Firewall1_trap@10.206.6.87&&default=no HTTP/1.1
Accept: text/html

Example 2 - Response: Save SNMP config to a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'Trap_latest-email-85_20180509154905.yml' has been saved to ftp://ftp_trap@10.206.6.87/"
}
PUT /api/app/v1/snmp/mib/save

Save SNMP trap events to filestore server.

New in version 1.0.

Query Parameters:

  • location (optional) – Filestore alias

  • url (optional) – URL of storage location

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Save SNMP MIB to filestore:

PUT /api/app/v1/snmp/mib/save?location=<ALIAS> HTTP/1.1
Accept: text/html

Example 1 - Response: Save SNMP MIB to filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'WBSN-APPLIANCE-MIB.txt' has been saved to ftp://filestore@192.168.1.100/."
}
GET /api/app/v1/snmp/monitor

Get SNMP monitor config.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get SNMP monitor config:

GET /api/app/v1/snmp/monitor HTTP/1.1
Accept: text/html

Example 1 - Response: Get SNMP monitor config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "authentication": "SHA",
  "community": "public",
  "encrypt": "AES",
  "encrypt_key": "************",
  "password": "********",
  "securitylevel": "authPriv",
  "status": "disabled",
  "type": "v3",
  "username": "snmpUser"
}

Example 2 - Request: Get SNMP monitor config before SNMP monitor configuration:

GET /api/app/v1/snmp/monitor HTTP/1.1
Accept: text/html

Example 2 - Response: Get SNMP monitor config before SNMP monitor configuration:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "status": "disabled"
}
GET /api/app/v1/snmp/trap

Get SNMP trap config.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get SNMP trap config:

GET /api/app/v1/snmp/trap HTTP/1.1
Accept: text/html

Example 1 - Response: Get SNMP trap config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "community": "pupblic",
  "ip_address": "10.206.6.89",
  "port": "162",
  "status": "enabled",
  "type": "v2c"
}

Example 2 - Request: Get SNMP trap config before SNMP trap configuration:

GET /api/app/v1/snmp/trap HTTP/1.1
Accept: text/html

Example 2 - Response: Get SNMP trap config before SNMP trap configuration:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "status": "disabled"
}
GET /api/app/v1/snmp/trap/backup

Send a backup trap to configured SNMP trap recipient.

Note

Use primarily by FSAM

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Send backup trap:

GET /api/app/v1/snmp/trap/backup HTTP/1.1
Accept: text/html

Example 1 - Response: Send backup trap:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/snmp/trap/test

Send a test trap to configured SNMP trap recipient.

New in version 1.0.

Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Send a test SNMP trap:

GET /api/app/v1/snmp/trap/test HTTP/1.1
Accept: text/html

Example 1 - Response: Send a test SNMP trap:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/snmp/trap/test_before_save

Send a test trap with data to validate SNMP trap server.

Note

Use primarily by FSAM

New in version 1.0.

Query Parameters:

  • ip_address (required) – IP address to SNMP trap server

  • port (required) – Port on the server to connect to

  • status (required) – SNMP status

  • type (required) – Type/version of SNMP to set (v1, v2c, v3)

  • community – Community name, length(4 < name < 64), no spaces allowed

  • securitylevel – SNMP v3 security level

  • username – Username for authentication

  • engine_id – SNMP engine id

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Send a test SNMP trap without configuring SNMP:

PUT /api/app/v1/snmp/trap/test_before_save?status=enabled&type=v1&community=public&ip_address=<IP>&port=162 HTTP/1.1
Accept: text/html

Example 1 - Response: Send a test SNMP trap without configuring SNMP:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/snmp/update

Update various aspects of SNMP configuration

New in version 1.0.

Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Update monitored module list:

GET /api/app/v1/snmp/update?trap_params=module_list HTTP/1.1
Accept: text/html

Example 1 - Response: Send a test SNMP trap:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/(module)
GET /api/app/v1/sys

Get information about appliance or a module.

New in version 1.0.

Warning

This call for modules is not available on appliance version 8.3.

Parameters:

  • module (optional) – Module to get information about (wcg, wse, na, esg).

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get appliance information:

GET /api/app/v1/sys HTTP/1.1
Accept: text/html

Example 1 - Response: Get appliance information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "appliance": {
    "NA": {
      "hostname": "mason67"
    },
    "WCG": {
      "hostname": "mason67-wcg"
    },
    "WSE": {
      "hostname": "mason67"
    },
    "appliance_version": "8.4.0",
    "hardware_platform": "Virtual",
    "hostname": "mason67",
    "mode": "Forcepoint Web Security",
    "policy_mode": "Filtering only (hosts only Filtering Service and Content Gateway)",
    "policy_source_ip": "10.206.6.68",
    "uptime": "5 days, 23 hours, 7 minutes"
  }
}

Example 2 - Request: Get proxy information:

GET /api/app/v1/sys/wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Get proxy information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "wcg": {}
}
PUT /api/app/v1/sys/(module)/control/(command)
PUT /api/app/v1/sys/control/(command)

Service control for appliance and modules.

New in version 1.0.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe.

Parameters:

  • module (optional) – Module to execute service command on. If omitted the action is executed on the appliance.

  • command (required) – Command to perform. Options (start, stop, restart, shutdown, reboot).

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Restart network agent:

PUT /api/app/v1/sys/na/control/restart HTTP/1.1
Accept: text/html

Example 1 - Response: Restart network agent:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Response": "<NA RESPONSE>"
}

Example 2 - Request: Reboot appliance:

PUT /api/app/v1/sys/control/reboot HTTP/1.1
Accept: text/html

Example 2 - Response: Reboot appliance:

HTTP/1.1 502 Bad Gateway
DELETE /api/app/v1/sys/(module)/disable

Disable specified module.

New in version 1.0.

Parameters:

  • module (required) – Module to disable

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Disable proxy:

DELETE /api/app/v1/sys/wcg/disable HTTP/1.1
Accept: text/html

Example 1 - Response: Disable proxy:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/sys/(module)/enable

Enables specified module.

New in version 1.0.

Parameters:

  • module (required) – Module to enable

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Enable proxy:

PUT /api/app/v1/sys/wcg/enable HTTP/1.1
Accept: text/html

Example 1 - Response: Enable proxy:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/(module)/status

Get the status of services in the specified module.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get proxy status:

GET /api/app/v1/sys/wcg/status HTTP/1.1
Accept: text/html

Example 1 - Response: Get proxy status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Analytics Server": "Stopped",
  "Content Cop": "Running",
  "Content Gateway": "Running",
  "Content Gateway Manager": "Running",
  "Endpoint Authentication Server": "Running"
}
GET /api/app/v1/sys/(module)/version

Shows the version of the module.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get proxy version:

GET /api/app/v1/sys/wcg/version HTTP/1.1
Accept: text/html

Example 1 - Response: Get proxy version:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "version": "8.4.0"
}
PUT /api/app/v1/sys/access

Enable or disable SSH access.

New in version 1.0.

Query Parameters:

  • enabled (required) – (true, false)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Enable SSH:

PUT /api/app/v1/sys/access?enabled=True HTTP/1.1
Accept: text/html

Example 1 - Response: Enable SSH:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "enabled": true
}

Example 1 - Request: Disable SSH:

PUT /api/app/v1/sys/access?enabled=False HTTP/1.1
Accept: application/json

Example 1 - Response: Disable SSH:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "enabled": false
}
GET /api/app/v1/sys/access

Get the configured SSH status.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get SSH status:

GET /api/app/v1/sys/access HTTP/1.1
Accept: text/html

Example 1 - Response: Get SSH status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "enabled": "True"
}
GET /api/app/v1/sys/account/(user)

Access account information.

Note

Data varies by user

New in version 1.0.

Parameters:

  • user (required) – User name to get information on (tech-support, email, audit)

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get disabled tech-support user information:

GET /api/app/v1/sys/account/tech-support HTTP/1.1
Accept: text/html

Example 1 - Response: Get disabled tech-support user information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "hostname": "mason67"
}

Example 2 - Request: Get enabled tech-support user information:

GET /api/app/v1/sys/account/tech-support HTTP/1.1
Accept: text/html

Example 2 - Response: Get enabled tech-support user information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "account": "tech-support",
  "hostname": "mason67",
  "passcode": "<PASSCODE>",
  "timeout": "240"
}
PUT /api/app/v1/sys/account/(user)

Modify account properties.

New in version 1.0.

Parameters:

  • user (requred) – User to modify (tech-support, email, audit)

Query Parameters:

  • password (optional) – New password

  • enabled (optional) – (True, False)

  • email (optional) – Email address (only available for email user)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Enable audit user:

PUT /api/app/v1/sys/account/audit?enabled=True HTTP/1.1
Accept: text/html

Example 1 - Response: Enable audit user:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Success": "Password was updated, audit"
}

Example 2 - Request: Set appliance email:

PUT /api/app/v1/sys/account/email?email=<EMAIL_ADDR> HTTP/1.1
Accept: text/html

Example 2 - Response: Set appliance email:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Success": "Appliance email updated"
}

Example 3 - Request: Enable tech-support user:

PUT /api/app/v1/sys/account/tech-support?enabled=True HTTP/1.1
Accept: text/html

Example 3 - Response: Enable tech-support user:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "account": "tech-support",
  "passcode": "<PASSCODE>",
  "timeout": "240"
}
GET /api/app/v1/sys/account/(user)/history

Get account history for a user.

Note

Currenly only available for tech-support user.

New in version 1.0.

Parameters:

  • user (required) – User name to get information on (tech-support)

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get tech-support user history:

GET /api/app/v1/sys/account/tech-support/history HTTP/1.1
Accept: text/html

Example 1 - Response: Get tech-support user history:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "history": []
}
PUT /api/app/v1/sys/account/admin

Update admin password.

New in version 1.0.

Query Parameters:

  • password (required) – New password

Response Headers:
Status Codes:
Accepted Authorization:

super-admin

Example 1 - Request: Set admin password:

PUT /api/app/v1/sys/account/admin?password=<PASSWORD> HTTP/1.1
Accept: text/html

Example 1 - Response: Set admin password:

HTTP/1.1 200 OK
Content-Type: application/json

{
 "Success": "Password was updated, admin"
}
PUT /api/app/v1/sys/account/admin/forgotpwd

Initialize password recovery. You will either be provided a code to contact tech support, or, if you have an SMTP server setup you will be emailed your password.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Password recovery for admin user with no SMTP server configured:

PUT /api/app/v1/sys/account/admin/forgotpwd HTTP/1.1
Accept: text/html

Example 1 - Response: Password recovery for admin user with no SMTP server configured:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Result": "There is no SMTP host configured and/or there is no email address configured. $To reset your password, please contact Technical Support and provide this security code: MU3H9M4S$"
}
DELETE /api/app/v1/sys/account/email

Delete appliance email setting.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete email setting:

DELETE /api/app/v1/sys/account/email HTTP/1.1
Accept: text/html

Example 1 - Response: Delete email setting:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/sys/account/smtp

Delete SMTP configuration.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Delete SMTP configuration:

DELETE /api/app/v1/sys/account/smtp HTTP/1.1
Accept: application/json

Example 1 - Response: Delete SMTP configuration:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/sys/account/smtp

Sets SMTP configuration.

New in version 1.0.

Query Parameters:

  • host (required) – Hostname or IP address of SMTP server

  • port (optional) – Port for SMTP server. Defaults to 25

  • user (optional) – User to authenticate with against the SMTP server

  • password (optional) – Password for user

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Setup SMTP configurtion:

PUT /api/app/v1/sys/account/smtp?host=10.206.12.219&port=25&user=<USER>&password=<PASSWORD>"HTTP/1.1
Accept: text/html

Example 1 - Response: Setup SMTP configuration:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/account/smtp

Shows SMTP configuration

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Show SMTP configuration:

GET /api/app/v1/sys/account/smtp HTTP/1.1
Accept: text/html

Example 1 - Response: Show SMTP configuration:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "auth": true,
  "host": "10.206.12.219",
  "mailaddr": "user100@gperkins.net",
  "password": "****",
  "port": 25,
  "user": "User100@esgregression.org"
}
PUT /api/app/v1/sys/cert/(cert_type)/url_add

Add user certificate (stored on filestore) to the appliance. The user must exist on the system before adding the certificate.

New in version 1.0.

Parameters:

  • username (required) – Username of single user to view the certificates of.

  • name (required) – Name of the certificate as it is on the filestore.

  • url (required) – URL to retrieve cert file from

  • new_name (optional) – Name to save the certificate as on the appliance. If omitted it will use the name parameter.

Note

Duplicate certificate names are not permitted.

Response Headers:
Status Codes:
Accepted Authorization:

super-admin

Example 1 - Request: Add a new certificate to the appliance:

PUT /api/app/v1/sys/cert/ca/url_add?url=ftp://ftpk:Firewall1@10.206.6.196/ca.cert.pem&name=ca_cert HTTP/1.1
Accept: text/html

Example 1 - Response: Add a new certificate to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Attempt to add a certificate not located on the filestore:

PUT /api/app/v1/sys/cert/ca/url_add?url=ftp://ftpk:Firewall1@10.206.6.16/c.cert.pem&name=ca_cert HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to add a certificate not located on the URL:

HTTP/1.1 404 NOT FOUND
Content-Type: application/json

{
  "Reason": "Certificate c.cert.pem was not found or unable to be retrieved from filestore ftp://10.206.6.196/././c.cert.pem.",
  "Status": "Failure"
}

Example 3 - Request: Attempt to add a duplicate cert:

PUT /api/app/v1/sys/cert/ca/url_add?url=ftp://ftpk:Firewall1@10.206.6.196/ca.cert.pem&name=ca_cert HTTP/1.1
Accept: text/html

Example 3 - Response: Attempt to add a duplicate cert:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Certificate already exists with name ca.cert.pem.",
  "Status": "Failure"
}
PUT /api/app/v1/sys/cert/ca_add

Add ca certificate (stored on filestore) to the appliance.

New in version 1.0.

Parameters:

  • name (required) – Name of the certificate as it is on the filestore.

  • alias (required) – Alias for the filestore.

  • new_name (optional) – Name to save the certificate as on the appliance. If omitted it will use the name parameter.

Note

Duplicate certificate names are not permitted.

Response Headers:
Status Codes:
Accepted Authorization:

super-admin

Example 1 - Request: Add a new certificate to the appliance:

PUT /api/app/v1/sys/cert/ca_add?alias=myfilestore&name=cert.crt&new_name=new.crt HTTP/1.1
Accept: text/html

Example 1 - Response: Add a new certificate to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Attempt to add a certificate not located on the filestore:

PUT /api/app/v1/sys/cert/ca_add?alias=myfilestore&name=missing.crt HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to add a certificate not located on the filestore:

HTTP/1.1 404 NOT FOUND
Content-Type: application/json

{
  "Reason": "Certificate missing.crt was not found or unable to be retrieved from filestore myfilestore.",
  "Status": "Failure"
}

Example 3 - Request: Attempt to add a duplicate cert:

PUT /api/app/v1/sys/cert/ca_add?alias=myfilestore&name=dupe.crt HTTP/1.1
Accept: text/html

Example 3 - Response: Attempt to add a duplicate cert:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Certificate already exists with name dupe.crt.",
  "Status": "Failure"
}
GET /api/app/v1/sys/cert/ca_list

List all root and intermediate certificates.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

super-admin

Example 1 - Request: View all ca certificates:

GET /api/app/v1/sys/cert/ca_list HTTP/1.1
Accept: text/html

Example 1 - Response: View all ca certificates:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "certificates": [
    {
      "cert_fingerprint": "DC:9D:EA:72:3F:BA:E5:99:14:1E:74:DC:8E:B9:FD:9B:81:E1:8A:FA",
      "cert_name": "cert1.crt",
    },
    {
      "cert_fingerprint": "08:5A:CF:0F:7E:31:C7:60:82:78:06:3A:7F:D2:26:36:57:F2:5F:C8",
      "cert_name": "cert2.crt",
    }
  ]
}
DELETE /api/app/v1/sys/cert/ca_remove

Remove ca certificate.

New in version 1.0.

Parameters:

  • name (required) – Name of the certificate to remove.

Response Headers:
Status Codes:
Accepted Authorization:

super-admin

Example 1 - Request: Remove a ca certificate:

DELETE /api/app/v1/sys/cert/ca_remove?name=cert.crt HTTP/1.1
Accept: text/html

Example 1 - Response: Remove a ca certificate:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Attempt to remove a non-existent certificate:

DELETE /api/app/v1/sys/cert/ca_remove?name=fake.crt HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to remove a non-existent certificate:

HTTP/1.1 404 NOT FOUND
Content-Type: application/json

{
  "Reason": "Certificate does not exist.",
  "Status": "Failure"
}
PUT /api/app/v1/sys/cert/user_add

Add user certificate (stored on filestore) to the appliance. The user must exist on the system before adding the certificate.

New in version 1.0.

Parameters:

  • username (required) – Username of single user to view the certificates of.

  • name (required) – Name of the certificate as it is on the filestore.

  • alias (required) – Alias for the filestore.

  • new_name (optional) – Name to save the certificate as on the appliance. If omitted it will use the name parameter.

Note

Duplicate certificate names are not permitted.

Response Headers:
Status Codes:
Accepted Authorization:

super-admin

Example 1 - Request: Add a new certificate to the appliance:

PUT /api/app/v1/sys/cert/user_add?alias=myfilestore&name=cert.crt&username=hhill&new_name=new.crt HTTP/1.1
Accept: text/html

Example 1 - Response: Add a new certificate to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Attempt to add a certificate not located on the filestore:

PUT /api/app/v1/sys/cert/user_add?alias=myfilestore&name=missing.crt&username=hhill HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to add a certificate not located on the filestore:

HTTP/1.1 404 NOT FOUND
Content-Type: application/json

{
  "Reason": "Certificate missing.crt was not found or unable to be retrieved from filestore myfilestore.",
  "Status": "Failure"
}

Example 3 - Request: Attempt to add a duplicate cert:

PUT /api/app/v1/sys/cert/user_add?alias=myfilestore&name=dupe.crt&username=hhill HTTP/1.1
Accept: text/html

Example 3 - Response: Attempt to add a duplicate cert:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Certificate already exists with name dupe.crt.",
  "Status": "Failure"
}
GET /api/app/v1/sys/cert/user_list

List all certificates or a specific user’s certificates.

New in version 1.0.

Parameters:

  • username (optional) – Username of single user to view the certificates of.

Response Headers:
Status Codes:
Accepted Authorization:

super-admin

Example 1 - Request: View all certificates:

GET /api/app/v1/sys/cert/user_list HTTP/1.1
Accept: text/html

Example 1 - Response: View all certificates:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "certificates": [
    {
      "cert_fingerprint": "DC:9D:EA:72:3F:BA:E5:99:14:1E:74:DC:8E:B9:FD:9B:81:E1:8A:FA",
      "cert_name": "ale.crt",
      "user_name": "ale"
    },
    {
      "cert_fingerprint": "08:5A:CF:0F:7E:31:C7:60:82:78:06:3A:7F:D2:26:36:57:F2:5F:C8",
      "cert_name": "mason.crt",
      "user_name": "megger"
    }
  ]
}

Example 2 - Request: View a single user’s certificates:

GET /api/app/v1/sys/cert/user_list?username=megger HTTP/1.1
Accept: text/html

Example 2 - Response: View a single user’s certificates:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "certificates": [
    {
      "cert_fingerprint": "08:5A:CF:0F:7E:31:C7:60:82:78:06:3A:7F:D2:26:36:57:F2:5F:C8",
      "cert_name": "mason.crt",
      "user_name": "megger"
    }
  ]
}
DELETE /api/app/v1/sys/cert/user_remove

Remove user certificate.

New in version 1.0.

Parameters:

  • name (required) – Name of the certificate to remove.

Response Headers:
Status Codes:
Accepted Authorization:

super-admin

Example 1 - Request: Remove a user certificate:

DELETE /api/app/v1/sys/cert/user_remove?name=cert.crt HTTP/1.1
Accept: text/html

Example 1 - Response: Remove a user certificate:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Attempt to remove a non-existent certificate:

DELETE /api/app/v1/sys/cert/user_remove?name=fake.crt HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to remove a non-existent certificate:

HTTP/1.1 404 NOT FOUND
Content-Type: application/json

{
  "Reason": "Certificate does not exist.",
  "Status": "Failure"
}
GET /api/app/v1/sys/feedback

Get feedback setting.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get feedback setting:

GET /api/app/v1/sys/feedback HTTP/1.1
Accept: text/html

Example 1 - Response: Get feedback setting:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Feedback": true
}
PUT /api/app/v1/sys/gui_url

Updates the URL to be used for any future GUIs

New in version 1.0.

Query Parameters:

  • url (required) – URL to change to

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Change URL:

PUT /api/app/v1/sys/gui_url?url=<NEW_URL> HTTP/1.1
Accept: text/html

Example 1 - Response: Change URL:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/hardware

Get hardware information.

New in version 1.0.

Query Parameters:

  • request (optional) – A list of options to filter by. If omitted get all information. Filter options (UUID, name, hardware_model, nics, serial_number)

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get hardware information:

GET /api/app/v1/sys/hardware HTTP/1.1
Accept: text/html

Example 1 - Response: Get hardware information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "ApplianceRole": "user",
  "ApplianceVersion": "8.3.0.1198",
  "BIOSInfo": {
    "Revision": "1.5",
    "Version": "1.5.4"
  },
  "CpuModel": "Intel(R) Xeon(R) CPU E5-2620 v3 @ 2.40GHz",
  "ProvisioningMode": "wse-contentgateway",
  "UUID": "4C4C4544-0044-3210-8037-B3C04F323832",
  "hardware_model": "PowerEdge R430",
  "name": "V10KG4",
  "nics": [
    "Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe",
    "Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe",
    "Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe",
    "Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe",
    "Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe",
    "Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe"
  ],
  "serial_number": "3D27282"
}
PUT /api/app/v1/sys/hostname

Set the hostname/description on the appliance. This will update the hostname in the containers.

New in version 1.0.

Query Parameters:

  • hostname (optional) – Hostname to change to

  • hostname_desc (optional) – Appliance description, limit 100 characters

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set appliance hostname:

GET /api/app/v1/sys/hostname?hostname=myhost HTTP/1.1
Accept: text/html

Example 1 - Response: Set appliance hostname:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set appliance hostname and description:

GET /api/app/v1/sys/hostname?hostname=myhost&hostname_desc=my_host HTTP/1.1
Accept: text/html

Example 2 - Response: Set appliance hostname and description:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/sys/hostname/(module)

Set a module’s hostname.

New in version 1.0.

Query Parameters:

  • hostname (required) – Hostname to change the module to

Response Headers:
Status Codes:
Accepted Authorization:

admin

Warning

This API can only be accessed from the internal endpoint within the appliance.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe.

Example 1 - Request: Set module hostname:

PUT /api/app/v1/sys/hostname/wcg?hostname=kittens HTTP/1.1
Accept: text/html

Example 1 - Response: Set module hostname:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Result": [
    {
      "wcg": true
    },
    {
      "appliance": "<SALT file.line DATA>"
    },
    true
  ]
}
GET /api/app/v1/sys/hostname/descr

Get host description

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get host description:

GET /api/app/v1/sys/feedback HTTP/1.1
Accept: text/html

Example 1 - Response: Get host description:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Feedback": true
}
GET /api/app/v1/sys/integration

Get web integration mode setting.

New in version 1.0.

Deprecated since version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Note

This is only available in Web Filtering and Security mode on a V5K or virtual appliance.

Example 1 - Request: Get integration mode:

GET /api/app/v1/sys/integration HTTP/1.1
Accept: text/html

Example 1 - Response: Get integration mode:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Integration": "WNA"
}

Example 2 - Request: Get integration mode on an invalid appliance:

GET /api/app/v1/sys/integration HTTP/1.1
Accept: text/html

Example 2 - Response: Get integration mode on an invalid appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Integration": null
}
GET /api/app/v1/sys/mode

Get appliance security mode.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get security mode:

GET /api/app/v1/sys/mode HTTP/1.1
Accept: text/html

Example 1 - Response: Get security mode:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "mode": "wse-contentgateway"
}
PUT /api/app/v1/sys/mode/filter

Switches the policy mode to Filtering Only mode.

New in version 1.0.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe.

Query Parameters:

  • off_box_ip (required) – IPv4 address of the off box Policy Server

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Change to Filtering Only mode:

PUT /api/app/v1/sys/mode/filter?off_box_ip=10.206.6.68 HTTP/1.1
Accept: text/html

Example 1 - Response: Change to Filtering Only mode:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Result": "Successfully changed to filter mode."
}

Example 2 - Request: Attempt to change to an unreachable off box Policy Server:

PUT /api/app/v1/sys/mode/filter?off_box_ip=10.206.6.69 HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to change to an unreachable off box Policy Server:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Reason": "Change to filter mode FAILED. The Policy Server at 10.206.6.69 did not respond on port 55806.",
  "Status": "Failure"
}
PUT /api/app/v1/sys/mode/lite

Switches the policy mode to User Directory and Filtering Only mode.

New in version 1.0.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe.

Query Parameters:

  • off_box_ip (required) – IPv4 address of the off box Policy Broker

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Change to User Directory and Filtering mode:

PUT /api/app/v1/sys/mode/lite?off_box_ip=10.206.6.68 HTTP/1.1
Accept: text/html

Example 1 - Response: Change to User Directory and Filtering mode:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Result": "Successfully changed to full policy mode."
}

Example 2 - Request: Attempt to change to an unreachable off box Policy Broker:

PUT /api/app/v1/sys/mode/lite?off_box_ip=10.206.6.69 HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to change to an unreachable off box Policy Broker:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Reason": "Change to policy lite mode FAILED. The Policy Source at 10.206.6.69 did not respond on port 55806 and/or 55880.",
  "Status": "Failure"
}
PUT /api/app/v1/sys/mode/primary

Switches the policy mode to Full Policy mode.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Change to Full Policy mode:

PUT /api/app/v1/sys/mode/primary HTTP/1.1
Accept: text/html

Example 1 - Response: Change to Full Policy mode:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Result": "Successfully changed to full policy mode."
}
PUT /api/app/v1/sys/module/account

Change WCG admin password.

New in version 1.0.

Query Parameters:

  • password (required) – New WCG password

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Change WCG admin password:

PUT /api/app/v1/sys/module/account?password=<PASSWORD> HTTP/1.1
Accept: text/html

Example 1 - Response: Change WCG admin password:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Success": "Password was updated"
}
GET /api/app/v1/sys/modules

Get a list of available modules on the appliance and their current status.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get available modules:

GET /api/app/v1/sys/modules HTTP/1.1
Accept: text/html

Example 1 - Response: Get available modules:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "na": "RUNNING",
  "wcg": "RUNNING",
  "wse": "RUNNING"
}
GET /api/app/v1/sys/platform

Get hardware platform.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get platform:

GET /api/app/v1/sys/platform HTTP/1.1
Accept: text/html

Example 1 - Response: Get platform:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "platform": "V10KG4"
}
GET /api/app/v1/sys/platform_interfaces

Get available platform interfaces.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get platform interfaces:

GET /api/app/v1/sys/platform_interfaces HTTP/1.1
Accept: text/html

Example 1 - Response: Get platform interfaces:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "interfaces": [
    "C",
    "N",
    "P1",
    "P2",
    "E1",
    "E2"
  ]
}
GET /api/app/v1/sys/policy_server_mode

Get the web policy mode.

New in version 1.0.

Deprecated since version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get policy mode:

GET /api/app/v1/sys/policy_server_mode HTTP/1.1
Accept: text/html

Example 1 - Response: Get policy mode:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "policy_mode": "filter"
}
GET /api/app/v1/sys/proxy

Gets the proxy values in the config.

New in version 1.0.

Deprecated since version 1.0.

Warning

Not sure if this command actually does anything.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get host description:

GET /api/app/v1/sys/proxy HTTP/1.1
Accept: text/html

Example 1 - Response: Get host description:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "ip_address": "10.206.6.68",
  "port": "8081",
  "user": "kitten"
}
DELETE /api/app/v1/sys/proxy

Set/unset the proxy values in the config.

New in version 1.0.

Deprecated since version 1.0.

Warning

Not sure if this command actually does anything.

Query Parameters:

  • ip_address (required) – IP address of the filestore

  • port (required) – Port to connect to the filestore

  • user (optional) – User for the filestore

  • password (optional) – Filestore user password

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set proxy config:

PUT /api/app/v1/sys/proxy?ip_address=10.206.6.68&port=8081&password=Firewall1=tx&user=kitten HTTP/1.1
Accept: text/html

Example 1 - Response: Set proxy config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set proxy config no user/password:

PUT /api/app/v1/sys/proxy?ip_address=10.206.6.68&port=8081 HTTP/1.1
Accept: text/html

Example 2 - Response: Set proxy config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Delete proxy config:

DELETE /api/app/v1/sys/proxy HTTP/1.1
Accept: text/html

Example 3 - Response: Delete proxy config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/sys/proxy

Set/unset the proxy values in the config.

New in version 1.0.

Deprecated since version 1.0.

Warning

Not sure if this command actually does anything.

Query Parameters:

  • ip_address (required) – IP address of the filestore

  • port (required) – Port to connect to the filestore

  • user (optional) – User for the filestore

  • password (optional) – Filestore user password

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set proxy config:

PUT /api/app/v1/sys/proxy?ip_address=10.206.6.68&port=8081&password=Firewall1=tx&user=kitten HTTP/1.1
Accept: text/html

Example 1 - Response: Set proxy config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set proxy config no user/password:

PUT /api/app/v1/sys/proxy?ip_address=10.206.6.68&port=8081 HTTP/1.1
Accept: text/html

Example 2 - Response: Set proxy config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Delete proxy config:

DELETE /api/app/v1/sys/proxy HTTP/1.1
Accept: text/html

Example 3 - Response: Delete proxy config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/restart/status

Retrieves the status of the UWSGI job ID requested

New in version 1.0.

Status Codes:
Accepted Authorization:

admin, audit

**Example 1 - Request: Get restart status .. sourcecode:: http

GET /api/app/v1/sys/restart/status?jid=20180809115938791888 HTTP/1.1 Accept: text/html

Example 1 - Response: Get restart status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "status": "Service successfully restarted"
}
PUT /api/app/v1/sys/restart/uwsgi

Restarts the UWSGI service

New in version 1.0.

Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Restart UwSGI:

PUT /api/app/v1/sys/restart/uwsgi HTTP/1.1
Accept: text/html

Example 1 - Response: Restart UWSGI:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "jid": "20180809115938791888"
}
GET /api/app/v1/sys/salt_status

Gives status on if the Salt master and minions are ready

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Salt status:

GET /api/app/v1/sys/salt_status HTTP/1.1
Accept: text/html

Example 1 - Response: Salt is ready:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "is_salt_ready": true
}

Example 2 - Request: Salt status:

GET /api/app/v1/sys/salt_status HTTP/1.1
Accept: text/html

Example 1 - Response: Salt is not ready:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "is_salt_ready": false
}
GET /api/app/v1/sys/status

Get the status of all services in all modules on the appliance.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get system status in Filtering Only mode:

GET /api/app/v1/sys/status HTTP/1.1
Accept: text/html

Example 1 - Response: Get system status in Filtering Only mode:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "NA": {
    "Control Service": "Running",
    "Network Agent": "Running"
  },
  "WCG": {
    "Analytics Server": "Stopped",
    "Content Cop": "Running",
    "Content Gateway": "Running",
    "Content Gateway Manager": "Running",
    "Endpoint Authentication Server": "Running"
  },
  "WSE": {
    "Cloud App Agent": "Running",
    "Control Service": "Running",
    "Filtering Service": "Running"
  }
}
PUT /api/app/v1/sys/sysctl/(param)

Set certain Linux sysctl variables.

New in version 1.0.

Parameters:

  • param (required) – Sysctl variable to cycle. Options (net.ipv4.tcp_timestamps, net.ipv4.tcp_window_scaling)

Query Parameters:

  • value (required) – Value to set the variable to

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Cycle sysctl variable:

PUT /api/app/v1/sys/sysctl/net.ipv4.tcp_timestamps?value=0 HTTP/1.1
Accept: text/html

Example 1 - Response: Cycle sysctl variable:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/sysctl/(param)

Get a sysctl value.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get sysctl value:

GET /api/app/v1/sys/sysctl/net.ipv4.ip_forward HTTP/1.1
Accept: text/html

Example 1 - Response: Get sysctl value:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Result": "1"
}
GET /api/app/v1/sys/time/clock

Get system clock time.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get system time:

GET /api/app/v1/sys/time/clock HTTP/1.1
Accept: text/html

Example 1 - Response: Get system time:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "clock": "2017-05-09  14:12:49"
}
PUT /api/app/v1/sys/time/clock

Manually set system clock time. You can configure time, date, or both.

New in version 1.0.

Query Parameters:

  • date (optional) – Format - yyyy/mm/dd

  • time (optional) – Format - hh:mm:ss

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set time:

PUT /api/app/v1/sys/time/clock?time=01:02:03 HTTP/1.1
Accept: text/html

Example 1 - Response: Set time:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set date:

PUT /api/app/v1/sys/time/clock?date=2017/05/10 HTTP/1.1
Accept: text/html

Example 2 - Response: Set date:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Incorrect date format:

PUT /api/app/v1/sys/time/clock?date=05/10/2017 HTTP/1.1
Accept: text/html

Example 2 - Response: Incorrect date format:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": [
    "Invalid date value. Format: yyyy/mm/dd"
  ],
  "Status": "Failure"
}
GET /api/app/v1/sys/time/ntp

Get system NTP information.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get NTP information:

GET /api/app/v1/sys/time/clock HTTP/1.1
Accept: text/html

Example 1 - Response: Get NTP information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "server": [
    "time1.google.com"
  ],
  "status": "on"
}
PUT /api/app/v1/sys/time/ntp

Set NTP on a system. You can also enable or disable NTP on a system.

New in version 1.0.

Note

NTP must be enabled to set NTP servers

Query Parameters:

  • status (optional) – Use to enable/disable NTP (on or off)

  • server (optional) – list of NTP servers, comma seperated

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Disable NTP:

PUT /api/app/v1/sys/time/ntp?status=off HTTP/1.1
Accept: text/html

Example 1 - Response: Disable NTP:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set NTP server when NTP is enabled:

PUT /api/app/v1/sys/time/ntp?server=time1.google.com%2Ctime2.google.com HTTP/1.1
Accept: text/html

Example 2 - Response: Set NTP server when NTP is enabled:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Set NTP server when NTP is disabled:

PUT /api/app/v1/sys/time/ntp?server=time1.google.com%2Ctime2.google.com HTTP/1.1
Accept: text/html

Example 3 - Response: Set NTP server when NTP is disabled:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Could not save NTP server settings. The server parameter cannot be used when status is set to 'off'.",
  "Status": "Failure"
}
PUT /api/app/v1/sys/time/ntp/sync

Sync NTP

New in version 1.0.

Note

NTP must be enabled to sync

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Sync NTP:

PUT /api/app/v1/sys/time/ntp/sync HTTP/1.1
Accept: text/html

Example 1 - Response: Sync NTP:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Attempt to Sync Disabled NTP:

PUT /api/app/v1/sys/time/ntp/sync HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to Sync Disabled NTP:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "The status of NTP service is off.",
  "Status": "Failure"
}
GET /api/app/v1/sys/time/timezone

Return system timezone.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get system timezone:

GET /api/app/v1/sys/time/clock HTTP/1.1
Accept: text/html

Example 1 - Response: Get system timezone:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "clock": "2017-05-09  14:12:49"
}
PUT /api/app/v1/sys/time/timezone

Set timezone

New in version 1.0.

Note

use the GET /api/app/v1/sys/time/timezone/list call to get a list of timezones

Query Parameters:

  • zone (optional) – Zone information

  • index (optional) – Index of timezone from timezone info

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Set system timezone to Central Time with zone parameter:

PUT /api/app/v1/sys/time/timezone?zone=Central%20Time HTTP/1.1
Accept: text/html

Example 1 - Response: Set system timezone to Central Time with zone parameter:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set system timezone to Central Time with index parameter:

PUT /api/app/v1/sys/time/timezone?index=9 HTTP/1.1
Accept: text/html

Example 2 - Response: Set system timezone to Central Time with index parameter:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Attempt to set system timezone to vague Central instead of Central Time:

PUT /api/app/v1/sys/time/timezone?zone=Central HTTP/1.1
Accept: text/html

Example 3 - Response: Attempt to set system timezone to vague Central instead of Central Time:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Data": [
    {
      "timezone": "America/Chicago",
      "zone": "(GMT-06:00) Central Time(US & Canada)",
      "zone_index": 9
    },
    {
      "timezone": "America/Swift_Current",
      "zone": "(GMT-06:00) Central America",
      "zone_index": 12
    },
    {
      "timezone": "Africa/Algiers",
      "zone": "(GMT+01:00) West Central Africa",
      "zone_index": 33
    }
  ],
  "Reason": "Found more then one timezone with 'Central'",
  "Status": "Failure"
}
GET /api/app/v1/sys/time/timezone/list

Return a list of all timezones and data.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get timezone data:

GET /api/app/v1/sys/time/clock HTTP/1.1
Accept: text/html

Example 1 - Response: Get timezone data (full response not shown):

HTTP/1.1 200 OK
Content-Type: application/json

{
  "timezone_list": [
    {
      "timezone": "Pacific/Fiji",
      "zone": "(GMT+12:00) Fiji, Kamchatka, Marshall Is.",
      "zone_index": 84
    },
    {
      "timezone": "Pacific/Kwajalein",
      "zone": "(GMT+12:00) Eniwetok, Kwajalein",
      "zone_index": 85
    },
    {
      "timezone": "Pacific/Enderbury",
      "zone": "(GMT+13:00) Nuku'alofa",
      "zone_index": 86
    }
  ]
}
PUT /api/app/v1/sys/unlock

Removes the lock file that is created during install

New in version 1.0.

Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get upgrade install status:

GET /api/app/v1/sys/unlock HTTP/1.1
Accept: text/html

Example 1 - Response: Get upgrade install status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
POST /api/app/v1/sys/user/authentication

Authenticate a user account by verifying that the account exists and the correct password is supplied.

New in version 1.0.

Form Parameters:

  • required username – The username of the account to authenticate

  • required password – Password of the user

Status Codes:

Example 1 - Request: Authenticate user:

POST /api/app/v1/sys/user/authenticate HTTP/1.1
Accept: application/x-www-form-urlencoded

username=user
password=pass

Example 1 - Response: Authenticate user:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": true
}
GET /api/app/v1/sys/user/authorization

Get user account authorization.

New in version 1.0.

Query Parameters:

  • username (required) – The username for the account to authorize

Status Codes:

Example 1 - Request: Get user authorization:

GET /api/app/v1/sys/user/authorization?username=megger HTTP/1.1
Accept: text/html

Example 1 - Response: Get user authorization:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "group": [
    "admin"
  ]
}
POST /api/app/v1/sys/user/create

Create a user account on the appliance.

New in version 1.0.

Query Parameters:

  • username (required) – The username for the account to create

  • level (required) – The account authorization level (admin, audit)

  • status (optional) – The account status (enabled, disabled), if omitted default to disabled

Status Codes:
Accepted Authorization:

super-admin

Example 1 - Request: Create user:

POST /api/app/v1/sys/user/create?username=user&auth_level=audit& status=enabled HTTP/1.1
Accept: text/html

Example 1 - Response: Create user:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/sys/user/delete

Delete a user account.

New in version 1.0.

Query Parameters:

  • username (required) – The username for the account to delete

  • force (optional) – set to ‘True’ to force deletion of user and any certificates

Status Codes:
Accepted Authorization:

super-admin

Example 1 - Request: Delete user:

DELETE /api/app/v1/sys/user/delete?username=myuser HTTP/1.1
Accept: application/json

Example 1 - Response: Delete user:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Delete user with force=True so user and any associated certificates are deleted:

DELETE /api/app/v1/sys/user/delete?username=myuser&force=True HTTP/1.1
Accept: application/json

Example 1 - Response: Delete user with force=True so user and any associated certifcates are deleted:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/user/get

Get user information.

New in version 1.0.

Query Parameters:

  • username (optional) – The username of the user to view information about, if omitted view all users

Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Get all user information:

DELETE /api/app/v1/sys/user/get?username=myuser HTTP/1.1
Accept: application/json

Example 1 - Response: Get all user information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "users": [
    {
      "authz": [
        {
          "level": "admin",
          "location": "local",
          "status": "enabled"
        }
      ],
      "name": "megger",
      "passwordHash": "$6$CTIrtS73.94N2H6F$Y7hsf5zhDE1qxSNN8U0aAjJ4nx5fccWyPw89i6oex.eXz5dQRmb1gfUVZK7O4ZVGubZaJx772pJszPoeY.Urf/"
    }
  ]
}
PUT /api/app/v1/sys/user/set

Set user account attributes.

Note

Be sure to check appliance documentation for password complexity requirements.

New in version 1.0.

Query Parameters:

  • username (required) – The username for the account to modify

  • level (optional) – The account authorization level (admin, audit)

  • status (optional) – The account status (enabled, disabled)

  • password (optional) – The password for the account

Status Codes:
Accepted Authorization:

super-admin

Example 1 - Request: Set user attributes:

PUT /api/app/v1/sys/user/set?username=<USERNAME>&auth_level=admin&status=enabled&password=<PASSWORD>HTTP/1.1
Accept: text/html

Example 1 - Response: Set user attributes:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/tools/(module)/arp
GET /api/app/v1/tools/arp

Show the arp table on the appliance or module.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Show arp on the appliance:

GET /api/app/v1/tools/arp HTTP/1.1
Accept: text/html

Example 1 - Response: Show arp on the appliance:

HTTP/1.1 200 OK
Content-Type: text/html

Address                  HWtype  HWaddress           Flags Mask            Iface
wse                      ether   96:99:6d:d2:b4:31   C                     br-mgmt
10.206.6.60              ether   00:50:56:a2:0f:6c   C                     eth0
10.206.6.11              ether   00:50:56:a2:4d:85   C                     eth0
10.206.7.254             ether   00:10:f3:67:08:15   C                     eth0
na                       ether   c2:89:c6:be:5a:82   C                     br-mgmt
wcg                      ether   72:d7:e4:6c:eb:22   C                     br-mgmt
10.206.6.150             ether   00:50:56:a2:73:75   C                     eth0
GET /api/app/v1/tools/(module)/ethtool
GET /api/app/v1/tools/ethtool

Run ethtool command on appliance or a module.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Query Parameters:

  • interface (required) – Interface to run ethtool on

  • expression (optional) – Ethtool flag to execute

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run ethtool for eth0 on wcg:

GET /api/app/v1/tools/wcg/ethtool?interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Run ethtool for eth0 on wcg:

HTTP/1.1 200 OK
Content-Type: text/html

Settings for eth0:
        Supported ports: [ ]
        Supported link modes:   Not reported
        Supported pause frame use: No
        Supports auto-negotiation: No
        Advertised link modes:  Not reported
        Advertised pause frame use: No
        Advertised auto-negotiation: No
        Speed: 10000Mb/s
        Duplex: Full
        Port: Twisted Pair
        PHYAD: 0
        Transceiver: internal
        Auto-negotiation: off
        MDI-X: Unknown
        Link detected: yes
GET /api/app/v1/tools/(module)/ifconfig
GET /api/app/v1/tools/ifconfig

Run ifconfig command on the appliance or a module.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Query Parameters:

  • interface (optional) – Interface to run ifconfig on

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run ifconfig on C:

GET /api/app/v1/tools/arp HTTP/1.1
Accept: text/html

Example 1 - Response: Run ifconfig on C:

HTTP/1.1 200 OK
Content-Type: text/html

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.206.6.67  netmask 255.255.252.0  broadcast 10.206.7.255
        inet6 fe80::c4c8:2ff:fe9d:2ed8  prefixlen 64  scopeid 0x20<link>
        ether c6:c8:02:9d:2e:d8  txqueuelen 1000  (Ethernet)
        RX packets 86789  bytes 7061978 (6.7 MiB)
        RX errors 0  dropped 242  overruns 0  frame 0
        TX packets 712  bytes 124328 (121.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
GET /api/app/v1/tools/(module)/nc
GET /api/app/v1/tools/nc

Run netcat on Centos6 and tcping on Centos7.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Query Parameters:

  • dest (required) – Destination ip address to connect to

  • port (required) – Port to connect accross

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Connect on port 80 to a server:

GET /api/app/v1/tools/nc?dest=10.206.6.60&port=80 HTTP/1.1
Accept: text/html

Example 1 - Response: Connect on port 80 to a server:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Connection to 10.206.6.60 port 80: "Success"
}
GET /api/app/v1/tools/(module)/netstat
GET /api/app/v1/tools/netstat

Run netstat -an.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run netstat on the appliance:

GET /api/app/v1/tools/netstat HTTP/1.1
Accept: text/html

Example 1 - Response: Run netstat on the appliance:

HTTP/1.1 200 OK
Content-Type: text/html

NETSTAT OUTPUT
GET /api/app/v1/tools/(module)/nslookup
GET /api/app/v1/tools/nslookup

Run nslookup

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Query Parameters:

  • dns (optional) – DNS server to run the lookup against

  • host (required) – Host to perform the nslookup on

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run nslookup on www.google.com:

GET /api/app/v1/tools/nslookup?host=www.google.com HTTP/1.1
Accept: text/html

Example 1 - Response: Run nslookup on www.google.com:

HTTP/1.1 200 OK
Content-Type: text/html

Server:     10.51.80.10
Address:    10.51.80.10#53

Non-authoritative answer:
Name:   www.google.com
Address: 216.58.218.100

Example 2 - Request: Run nslookup on www.google.com on wcg:

GET /api/app/v1/tools/wcg/nslookup?host=www.google.com HTTP/1.1
Accept: text/html

Example 2 - Response: Run nslookup on www.google.com on wcg:

HTTP/1.1 200 OK
Content-Type: text/html

Server:     10.51.80.10
Address:    10.51.80.10#53

Non-authoritative answer:
Name:   www.google.com
Address: 216.58.218.100

Example 3 - Request: Run nslookup on www.google.com with specified DNS server:

GET /api/app/v1/tools/nslookup?host=www.google.com?dns=8.8.8.8 HTTP/1.1
Accept: text/html

Example 3 - Response: Run nslookup on www.google.com with specified DNS server:

HTTP/1.1 200 OK
Content-Type: text/html

Server:     10.51.80.11
Address:    10.51.80.11#53

Non-authoritative answer:
Name:   www.google.com
Address: 216.58.218.100
GET /api/app/v1/tools/(module)/ping
GET /api/app/v1/tools/ping

Run ping.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Query Parameters:

  • dest (required) – Destination to ping, can be ip or FQDN

  • interface (optional) – Interface to use in ping test

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Ping 8.8.8.8:

GET /api/app/v1/tools/ping?dest=8.8.8.8 HTTP/1.1
Accept: text/html

Example 1 - Response: Ping 8.8.8.8:

HTTP/1.1 200 OK
Content-Type: text/html

PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=2 ttl=45 time=14.2 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=45 time=13.7 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=45 time=13.7 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=45 time=13.7 ms

--- 8.8.8.8 ping statistics ---
5 packets transmitted, 4 received, 20% packet loss, time 4067ms
rtt min/avg/max/mdev = 13.708/13.857/14.238/0.220 ms
GET /api/app/v1/tools/(module)/ping6
GET /api/app/v1/tools/ping6

Run ping6.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Query Parameters:

  • dest (required) – IPv6 address to ping

  • interface (optional) – Interface to use in ping test

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run ping6 on 2001:4860:b002::68:

GET /api/app/v1/tools/ping6?dest= HTTP/1.1
Accept: text/html

Example 1 - Response: Run ping6 on 2001:4860:b002::68:

HTTP/1.1 200 OK
Content-Type: text/html

PING 2001:4860:b002::68 56 data bytes
64 bytes from 2001:4860:b002::68: icmp_seq=0 ttl=59 time=58.4 ms
64 bytes from 2001:4860:b002::68: icmp_seq=1 ttl=59 time=56.4 ms
64 bytes from 2001:4860:b002::68: icmp_seq=2 ttl=59 time=62.1 ms
64 bytes from 2001:4860:b002::68: icmp_seq=3 ttl=59 time=56.8 ms
64 bytes from 2001:4860:b002::68: icmp_seq=4 ttl=59 time=56.5 ms
64 bytes from 2001:4860:b002::68: icmp_seq=5 ttl=59 time=59.5 ms

--- ipv6.google.com ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5002ms
rtt min/avg/max/mdev = 56.443/58.329/62.150/2.045 ms, pipe 2
GET /api/app/v1/tools/(module)/route
GET /api/app/v1/tools/route

Run route -n.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run route -n:

GET /api/app/v1/tools/netstat HTTP/1.1
Accept: text/html

Example 1 - Response: Run route -n:

HTTP/1.1 200 OK
Content-Type: text/html

route -n OUTPUT
GET /api/app/v1/tools/(module)/route6
GET /api/app/v1/tools/route6

This function shows the route table for IPv6 (route -A inet6 -n)

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run route6 -n:

GET /api/app/v1/tools/netstat HTTP/1.1
Accept: text/html

Example 1 - Response: Run route6 -n:

HTTP/1.1 200 OK
Content-Type: text/html

route6 -n OUTPUT
GET /api/app/v1/tools/(module)/top
GET /api/app/v1/tools/top

Run top -bn1.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run top on the appliance:

GET /api/app/v1/tools/top HTTP/1.1
Accept: text/html

Example 1 - Response: Run top on the appliance:

HTTP/1.1 200 OK
Content-Type: text/html

TOP OUTPUT
GET /api/app/v1/tools/(module)/traceroute
GET /api/app/v1/tools/traceroute

Run traceroute.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Query Parameters:

  • dest (required) – Final target of the traceroute

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run traceroute:

GET /api/app/v1/tools/traceroute?dest=10.206.6.60 HTTP/1.1
Accept: text/html

Example 1 - Response: Run traceroute:

HTTP/1.1 200 OK
Content-Type: text/html

traceroute to 10.206.6.60 (10.206.6.60), 30 hops max, 60 byte packets
 1  10.206.6.60 (10.206.6.60)  1.067 ms  1.170 ms  1.072 ms
GET /api/app/v1/tools/(module)/traceroute6
GET /api/app/v1/tools/traceroute6

Run traceroute6.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Query Parameters:

  • dest (required) – Final target of the traceroute

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run traceroute6:

GET /api/app/v1/tools/traceroute6?dest=2001:4860:4860::8888 HTTP/1.1
Accept: text/html

Example 1 - Response: Run traceroute6:

HTTP/1.1 200 OK
Content-Type: text/html

traceroute6 OUTPUT
GET /api/app/v1/tools/(module)/wget
GET /api/app/v1/tools/wget

Run wget.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Query Parameters:

  • host (required) – Host to perform the wget on

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run wget on www.google.com:

GET /api/app/v1/tools/wget?host=www.google.com HTTP/1.1
Accept: text/html

Example 1 - Response: Run wget on www.google.com:

HTTP/1.1 200 OK
Content-Type: application/json

{"Error": "STATUS MESSAGE, NOT REAL ERROR"}
GET /api/app/v1/tools/(module)/wget-proxy
GET /api/app/v1/tools/wget-proxy

Run wget -e use_proxy=yes. This function does wget -e use_proxy=yes -e http_proxy=<proxy_ip>:<port> <host>” Required args are the host address, proxy_ip address and port

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Query Parameters:

  • host (required) – Host to perform the wget on

  • proxy_ip (required) – IP address of the proxy

  • port (required) – Port to use on the proxy

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run wget on www.google.com through proxy:

GET /api/app/v1/tools/wget?host=www.google.com&proxy_ip=10.206.6.194&port=3128 HTTP/1.1
Accept: text/html

Example 1 - Response: Run wget on www.google.com through proxy:

HTTP/1.1 200 OK
Content-Type: application/json

{"Error": "STATUS MESSAGE, NOT REAL ERROR"}
GET /api/app/v1/tools/ntpq

Run chronyc sources.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run chronyc sources:

GET /api/app/v1/tools/ntpq HTTP/1.1
Accept: text/html

Example 1 - Response: Run chronyc sources:

HTTP/1.1 200 OK
Content-Type: text/html

chronyc sources OUTPUT
GET /api/app/v1/tools/ntpstat

Run chronyc tracking.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Run chronyc tracking:

GET /api/app/v1/tools/ntpstat HTTP/1.1
Accept: text/html

Example 1 - Response: Run chronyc tracking:

HTTP/1.1 200 OK
Content-Type: text/html

chronyc tracking OUTPUT
GET /api/app/v1/tools/tcpdump

Stream the output of tcpdump.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:

  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance

Query Parameters:

  • timeout (required) – Timeout for the stream

  • inteface (optional) – Inteface to listen across

  • expression (optional) – Command line args, such as -v

  • file (optional) – Name of file to save tcpdump

  • location (optional) – Filestore alias to save the pcap file to

  • url (optional) – URL of the location in which to store the tcpdump output

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Stream tcpdump on eth0:

GET /api/app/v1/tools/tcpdump?timeout=30&interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Stream tcpdump on eth0:

HTTP/1.1 200 OK
Content-Type: text/html

TCPDUMP OUTPUT

Example 2 - Request: Stream tcpdump on eth0 and store pcap on a filestore:

GET /api/app/v1/tools/tcpdump?timeout=20&interface=eth0&location=myfilestore&file=mason.pcap HTTP/1.1
Accept: text/html

Example 2 - Response: Stream tcpdump on eth0 and store pcap on a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{"Error": "STATUS MESSAGE, NOT REAL ERROR"}
GET /api/app/v1/tools/test_email

Send an email via SMTP to test settings.

Note

Must first configure SMTP settings.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Send test email:

GET /api/app/v1/tools/test_email HTTP/1.1
Accept: text/html

Example 1 - Response: Send test email:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/upgrade

Get upgrade information for a specific upgrade file.

New in version 1.0.

Query Parameters:

  • file (required) – Filename of upgrade/hotfix to get info for

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get upgrade information:

GET /api/app/v1/upgrade/?file=App-Upgrade-8.5.0.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Get upgrade information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "call": "",
  "dep_app_vers": [
    "8.4.0"
  ],
  "dep_hotfixes": [],
  "dep_vers": [
    "8.4.0"
  ],
  "description": "TEST: Patch that upgrade the Appliance to version v8.5.0",
  "duration": "50 minutes",
  "filename": "App-Upgrade-8.5.0.iso",
  "license": "http://10.206.6.196/download/patches/license.txt",
  "logs": [],
  "md5": "d34fcc5cdb41763b9ad29506e4a526665f2a64be182165b83091dda2fbb65697",
  "method": "script",
  "module": "app",
  "reboot": true,
  "release_date": "",
  "release_note_url": "",
  "size": 3886022656,
  "snapshot": false,
  "snapshot_skip": [],
  "snapsphot_list": [],
  "status": "Downloaded, Ready to Install",
  "time": "1988-01-04 20:58:06",
  "title": "Patch to upgrade Appliance to version v8.5.0",
  "url": "http://10.206.22.199/download/patches/app/App-Upgrade-8.5.0.iso",
  "version": "8.5.0"
}
PUT /api/app/v1/upgrade/license

Mount the install ISO and return information and the license.

Warning

This API call should only be used by a custom application implementing appliance upgrade. Not to be used by the regular user.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Get upgrade license:

PUT /api/app/v1/upgrade/prep_install HTTP/1.1
Accept: text/html

Example 1 - Response: Get upgrade license:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "license": [
     "License strings"
  ]
}
PUT /api/app/v1/upgrade/prep_install

Prepare the appliance for upgrade.

Warning

This API call should only be used by a custom application implementing appliance upgrade. Not to be used by the regular user.

New in version 1.0.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Prepare an appliance for upgrade:

PUT /api/app/v1/upgrade/prep_install HTTP/1.1
Accept: text/html

Example 1 - Response: Prepare an appliance for upgrade:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/wcg/content_line

Runs WCG’s content_line to configure variables.

Deprecated since version 1.0.

Note

The parameters match the usage of the command line content_line

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe unless scrub_output parameter is used.

Query Parameters:

  • r (required) – Read variable

  • scrub_output (optional) – If output should be stripped of unescaped characters, True or False. Default: False, output will contain new line characters, etc.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Read a variable:

GET /api/app/v1/wcg/content_line?r=proxy.config.diags.debug.enabled HTTP/1.1
Accept: text/html

Example 1 - Response: Read a variable:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "0"
}
PUT /api/app/v1/wcg/content_line

Runs WCG’s content_line to configure variables.

Deprecated since version 1.0.

Note

The paramaters match the useage of the command line content_line

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

Query Parameters:

  • s (optional) – Set variable (requires v option)

  • v (optional) – Set value (used with s option)

  • x (optional) – Reread config files (set to on to use)

  • y (optional) – Clear dynamic cert (set to on to use)

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Reread config file:

PUT /api/app/v1/wcg/content_line?x=on HTTP/1.1
Accept: text/html

Example 1 - Response: Reread config file:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/wcg/dpm_status

Get Decrypt Port Mirror status.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get DPM status:

PUT /api/app/v1/wcg/dpm_status HTTP/1.1
Accept: text/html

Example 1 - Response: Get DPM status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "dpm": {
    "proxy.config.ssl_decryption.custom_request_header": "",
    "proxy.config.ssl_decryption.mirror_enabled": 0,
    "proxy.config.ssl_decryption.mirror_interface": "NULL"
  }
}
GET /api/app/v1/wcg/policy_engine

Performs the following for WCG’s policy engine (status)

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Query Parameters:

  • status (optional) – Policy Engine status

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get Policy Engine status:

GET /api/app/v1/wcg/policy_engine?command=status HTTP/1.1
Accept: text/html

Example 1 - Response: Get Policy Engine status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "pewd (pid  660) is running..."
}
PUT /api/app/v1/wcg/policy_engine

Performs the following for WCG’s policy engine (start, stop, restart)

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Query Parameters:

  • start (optional) – Start Policy Engine

  • stop (optional) – Stop Policy Engine

  • restart (optional) – Restart Policy Engine

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Restart Policy Engine:

PUT /api/app/v1/wcg/policy_engine?command=restart HTTP/1.1
Accept: text/html

Example 1 - Response: Restart Policy Engine:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/wcg/print_bypass

Prints WCG bypass list. This is a set of websites that bypass the Content Gateway processing.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe unless scrub_output parameter is used.

Query Parameters:

  • scrub_output (optional) – If output should be stripped of unescaped characters, True or False. Default: False, output will contain new line characters, etc.

Response Headers:
Status Codes:

Example 1 - Request: Get bypass list:

GET /api/app/v1/wcg/print_bypass HTTP/1.1
Accept: text/html

Example 1 - Response: Get bypass list:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "# Reading the bypass entries ... # There are 0 entries in the source bypass table # There are 0 entries in the destination bypass table # There are 0 entries in the and bypass table"
}
GET /api/app/v1/wcg/proxy_net_check

Proxy Net Check

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe unless scrub_output parameter is used.

Query Parameters:

  • scrub_output (optional) – If output should be stripped of unescaped characters, True or False. Default: False, output will contain new line characters, etc.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Check Proxy Network:

GET/api/app/v1/wcg/proxy_net_check HTTP/1.1
Accept: text/html

Example 1 - Response: Check Proxy Network:

Responses vary

PUT /api/app/v1/wcg/pwd_reset

Resets the Web Content Gateway user password and provides the temporary password.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Reset WCG user password:

PUT /api/app/v1/wcg/pwd_reset HTTP/1.1
Accept: application/json

Example 1 - Response: Reset WCG user password:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "password": "<TEMP_PASSWORD>"
}
GET /api/app/v1/wse/cache_user_names

Get current WISTP configuration settings.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe unless scrub_output parameter is used.

Query Parameters:

  • command (required) – Command to execute (status)

  • scrub_output (optional) – If output should be stripped of unescaped characters, True or False. Default: False, output will contain new line characters, etc.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get status:

GET /api/app/v1/wse/cache_user_names?command=status HTTP/1.1
Accept: application/json

Example 1 - Response: Get status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "CacheWISPUsers=off"
}
PUT /api/app/v1/wse/cache_user_names

Enable/disable caching of WISP users.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

resheader Content-Type:

application/json

status 200:

Success

status 401:

Access Denied

Accepted Authorization:

admin

Example 1 - Request: Enable caching:

PUT /api/app/v1/wse/cache_user_names?command=enable HTTP/1.1
Accept: application/json

Example 1 - Response: Enable caching:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/wse/do/(service)

Enable/disable WSE services. This currently only supports State Server or Directory Agent.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe unless scrub_output parameter is used.

Query Parameters:

  • command (required) – Command to execute (enable, disable)

  • scrub_output (optional) – If output should be stripped of unescaped characters, True or False. Default: False, output will contain new line characters, etc.

Response Headers:
Status Codes:
Accepted Authorization:

admin

Example 1 - Request: Disable State Server:

PUT /api/app/v1/wse/do/state_server?command=disable HTTP/1.1
Accept: application/json

Example 1 - Response: Disable State Server:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "Stopping Websense State Server ... Waiting for Websense State Server to terminate... Websense State Server stopped successfully."
}

Example 2 - Request: Enable Directory Agent:

PUT /api/app/v1/wse/do/directory_agent?command=enable HTTP/1.1
Accept: application/json

Example 2 - Response: Enable Directory Agent:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "Starting Websense Directory Agent... Websense Directory Agent started successfully."
}
GET /api/app/v1/wse/policy_broker_token

Retrieves Policy Broker token.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Retrieve Policy Broker token:

GET /api/app/v1/wse/policy_broker_token HTTP/1.1
Accept: application/json

Example 1 - Response: Reset Policy Broker token:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "<POLICY_BROKER_TOKEN>"
}
GET /api/app/v1/wse/user_group_ip_precedence

Get current User Group IP Precedence configuration setting.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe unless scrub_output parameter is used.

Query Parameters:

  • command (required) – Command to execute (status)

  • scrub_output (optional) – If output should be stripped of unescaped characters, True or False. Default: False, output will contain new line characters, etc.

Response Headers:
Status Codes:
Accepted Authorization:

admin, audit

Example 1 - Request: Get status:

GET /api/app/v1/wse/user_group_ip_precedence?command=status HTTP/1.1
Accept: application/json

Example 1 - Response: Get status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "UserGroupIpPrecedence=false"
}
PUT /api/app/v1/wse/user_group_ip_precedence

Enable/disable User Group IP Precedence in AD or get current configuration setting.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

resheader Content-Type:

application/json

status 200:

Success

status 401:

Access Denied

Accepted Authorization:

admin

Example 1 - Request: Enable User Group Precedence:

PUT /api/app/v1/wse/user_group_ip_precedence?command=enable HTTP/1.1
Accept: application/json

Example 1 - Response: Enable User Group Precedence:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}