Forcepoint Appliance REST API

Resource Operation Description
  GET /api/app/v1/login Authentication
Authentication GET /api/app/v1/form_token Get form token
  GET /api/app/v1/upgrade/form_token  
  GET /api/app/v1/hotfix/form_token  
  PUT /api/app/v1/login Get authentication token
Backup GET /api/app/v1/backup Show backups
  POST /api/app/v1/backup/create Create backup
  POST /api/app/v1/backup/create/schedule Create backup schedule
  DELETE /api/app/v1/backup/delete Delete local backup
  DELETE /api/app/v1/backup/delete/schedule Delete backup schedule
  PUT /api/app/v1/backup/restore Restore backup
  PUT /api/app/v1/backup/save Save backup
  GET /api/app/v1/backup/schedule Show backup schedule
Certificates PUT /api/app/v1/sys/cert/(cert_type)/url_add Add user certificate
  PUT /api/app/v1/sys/cert/ca_add Add ca certificate
  GET /api/app/v1/sys/cert/ca_list List ca certificates
  DELETE /api/app/v1/sys/cert/ca_remove Remove ca certificate
  PUT /api/app/v1/sys/cert/user_add Add user certificate
  GET /api/app/v1/sys/cert/user_list List certificates
  DELETE /api/app/v1/sys/cert/user_remove Remove user certificate
Config Summary GET /api/app/v1/configsummary/download Download config summary file
  PUT /api/app/v1/configsummary/generate Generate a config summary
  PUT /api/app/v1/configsummary/save Generate/save config summary
Filestore POST /api/app/v1/filestore Add filestore
  DELETE /api/app/v1/filestore Delete filestore
  GET /api/app/v1/filestore Get filestore information
  GET /api/app/v1/filestore/download Get file from filestore
  GET /api/app/v1/filestore/list Get filestore files
  PUT /api/app/v1/filestore/upload Upload file to filestore
Logging GET /api/app/v1/log Stream/view logs
  GET /api/app/v1/log/archive Get log file settings
  PUT /api/app/v1/log/archive Set logging settings
  PUT /api/app/v1/log/save Save log to filestore
Module PUT /api/app/v1/(module)/debugging Debug control
  GET /api/app/v1/(module)/debugging  
  PUT /api/app/v1/disk/(mount_type)/(module) Mount a filestore into module
Module-ESG GET /api/app/v1/esg/dig Run dig command
  GET /api/app/v1/esg/email_shell Email shell
  PUT /api/app/v1/esg/email_subscription_reset Reset email subscription
  GET /api/app/v1/esg/maillog Show/Download maillog
  GET /api/app/v1/esg/pem Download PEM backup to filestore
Module-WCG GET /api/app/v1/wcg/content_line Execute WCG content_line
  PUT /api/app/v1/wcg/content_line  
  GET /api/app/v1/wcg/dpm_status Get DPM status
  GET /api/app/v1/wcg/policy_engine Policy Engine control
  PUT /api/app/v1/wcg/policy_engine  
  GET /api/app/v1/wcg/print_bypass Get WCG bypass list
  GET /api/app/v1/wcg/proxy_net_check Proxy Net Check
  PUT /api/app/v1/wcg/pwd_reset Reset WCG password.
Module-WSE GET /api/app/v1/wse/cache_user_names Enable/disable caching of WISP users
  PUT /api/app/v1/wse/cache_user_names  
  PUT /api/app/v1/wse/do/(service) Enable/disable WSE services
  GET /api/app/v1/wse/policy_broker_token Retrieve Policy Broker token
  GET /api/app/v1/wse/user_group_ip_precedence Enable/disable user group ip precedence
  PUT /api/app/v1/wse/user_group_ip_precedence  
Network GET /api/app/v1/net/(module) Get network information
  GET /api/app/v1/net  
  PUT /api/app/v1/net/(module)/(interface)/(state) Set interface state
  DELETE /api/app/v1/net/(module)/(interface)/ipv4 Delete IPv4 network configuration
  PUT /api/app/v1/net/(module)/(interface)/ipv4 Set IPv4 network configuration
  PUT /api/app/v1/net/(interface)/ipv4  
  DELETE /api/app/v1/net/(module)/(interface)/ipv6 Delete IPv6 network configuration
  PUT /api/app/v1/net/(module)/(interface)/ipv6 Set IPv6 network configuration
  PUT /api/app/v1/net/(interface)/ipv6  
  DELETE /api/app/v1/net/(module)/(interface)/vlan Remove VLAN
  DELETE /api/app/v1/net/(interface)/vlan  
  PUT /api/app/v1/net/(module)/(interface)/vlan Set VLAN on an interface
  PUT /api/app/v1/net/(interface)/vlan  
  DELETE /api/app/v1/net/(module)/(phys_interface) Remove interface dedication
  POST /api/app/v1/net/(module)/(phys_interface)/(virt_interface) Dedicate interface
  POST /api/app/v1/net/(module)/(phys_interface)  
  GET /api/app/v1/net/(module)/dedicated Show dedicated interfaces
  PUT /api/app/v1/net/(module)/dns Set DNS servers
  PUT /api/app/v1/net/dns  
  DELETE /api/app/v1/net/(module)/dns/(dns_server) Delete DNS servers
  DELETE /api/app/v1/net/dns/(dns_server)  
  GET /api/app/v1/net/(module)/mac Get MAC address
  GET /api/app/v1/net/mac  
  GET /api/app/v1/net/(module)/port Get port information
  GET /api/app/v1/net/port  
  DELETE /api/app/v1/net/(module)/port/(protocol)/(port_num) Close port
  PUT /api/app/v1/net/(module)/port/(protocol)/(port_num) Open Port
  POST /api/app/v1/net/bond/(p_interface)/(e_interface) Bond interfaces
  DELETE /api/app/v1/net/bond/(p_interface)/(e_interface) Unbond interfaces
  GET /api/app/v1/net/bond/exists Get current bonds
  GET /api/app/v1/net/bond/possible Get possible bonds
  DELETE /api/app/v1/net/dhcp/(module)/(interface) Remove IPv4 network configuration set with DHCP
  DELETE /api/app/v1/net/dhcp/(interface)  
  PUT /api/app/v1/net/dhcp/(module)/(interface) Set IPv4 network configuration using DHCP
  PUT /api/app/v1/net/dhcp/(interface)  
  GET /api/app/v1/net/dhcp/(module)/(interface) Get DHCP lease information for an interface
  GET /api/app/v1/net/dhcp/(interface)  
  PUT /api/app/v1/net/dhcp/module_hooks Run module hooks due to DHCP changes onboot
  DELETE /api/app/v1/net/diagnostic_ports Close diagnostic ports
  PUT /api/app/v1/net/diagnostic_ports Open diagnostic ports
  GET /api/app/v1/net/diagnostic_ports Show diagnostic ports status
  GET /api/app/v1/net/info/(interface) Get interface speed/status
  GET /api/app/v1/net/interface Get undedicated interfaces
  GET /api/app/v1/net/interface/physical/(interface) Translate physical to virtual interface
  GET /api/app/v1/net/interface/virtual/(module)/(interface) Translate virtual to physical interface
  GET /api/app/v1/net/mgmt Get management inteface ip
  GET /api/app/v1/net/status/(module)/(interface) Get interface status
  GET /api/app/v1/net/virtual Get virtual interface mapping
  GET /api/app/v1/net/vswitch/priority Get RSTP priority
  PUT /api/app/v1/net/vswitch/priority/(priority) Set RSTP priority
  GET /api/app/v1/net/vswitch/status Get RSTP status
Polling GET /api/app/v1/polling/bandwidth Get bandwidth stats
  GET /api/app/v1/polling/cpu Get CPU stats
  GET /api/app/v1/polling/disk Get diskspace
  GET /api/app/v1/polling/diskio Get diskio stats
  GET /api/app/v1/polling/mem Get memory usage stats
Route POST /api/app/v1/net/route Get static IPv4 routes
  DELETE /api/app/v1/net/route Delete static IPv4 route
  POST /api/app/v1/net/route/component Add static IPv4 component route
  DELETE /api/app/v1/net/route/component Delete IPv4 component route
  PUT /api/app/v1/net/route/load Load IPv4 routes from filestore
  PUT /api/app/v1/net/route/save Save IPv4 routes to filestore
  POST /api/app/v1/net/route6 Add static IPv4 route
  DELETE /api/app/v1/net/route6 Delete static IPv6 route
  PUT /api/app/v1/net/route6/load Load IPv6 routes from filestore
  PUT /api/app/v1/net/route6/save Save IPv6 routes to filestore
  GET /api/app/v1/net/route6_list Get static IPv6 routes
  GET /api/app/v1/net/route_list Get static IPv4 routes
  GET /api/app/v1/net/route_list/component Get IPv4 component routes
  GET /api/app/v1/net/routes Download routes from filestore
  POST /api/app/v1/net/routes Load routes from file
SNMP PUT /api/app/v1/snmp/(s_type)/(status) Set SNMP status
  PUT /api/app/v1/snmp/(snmp_mon_trap) Set SNMP configuration
  GET /api/app/v1/snmp/events Show SNMP trap list
  PUT /api/app/v1/snmp/events/import Import SNMP events
  PUT /api/app/v1/snmp/events/load Load SNMP events
  PUT /api/app/v1/snmp/events/load_json Load SNMP events JSON
  PUT /api/app/v1/snmp/events/save Save SNMP config
  PUT /api/app/v1/snmp/mib/save Save SNMP MIB file
  GET /api/app/v1/snmp/monitor Show SNMP monitor config
  GET /api/app/v1/snmp/trap Show SNMP trap config
  GET /api/app/v1/snmp/trap/backup Send backup trap
  GET /api/app/v1/snmp/trap/test Send test trap
  PUT /api/app/v1/snmp/trap/test_before_save Test trap
System GET /api/app/v1/sys/(module) Get system/module information
  GET /api/app/v1/sys  
  PUT /api/app/v1/sys/(module)/control/(command) Service control
  PUT /api/app/v1/sys/control/(command)  
  DELETE /api/app/v1/sys/(module)/disable Disable module
  PUT /api/app/v1/sys/(module)/enable Enable module
  GET /api/app/v1/sys/(module)/status Get module status
  GET /api/app/v1/sys/(module)/version Get module version
  GET /api/app/v1/sys/feedback Feedback setting
  PUT /api/app/v1/sys/gui_url Update URL
  GET /api/app/v1/sys/hardware Hardware information
  PUT /api/app/v1/sys/hostname Set appliance hostname/description
  PUT /api/app/v1/sys/hostname/(module) Set module hostname
  GET /api/app/v1/sys/hostname/descr Get host description
  GET /api/app/v1/sys/integration Get integration mode
  GET /api/app/v1/sys/mode Get security mode
  GET /api/app/v1/sys/modules Module list
  GET /api/app/v1/sys/platform Get platform
  GET /api/app/v1/sys/platform_interfaces Get platform interfaces
  GET /api/app/v1/sys/policy_server_mode Get policy mode
  GET /api/app/v1/sys/proxy Get proxy config
  PUT /api/app/v1/sys/proxy Set/unset proxy config
  DELETE /api/app/v1/sys/proxy  
  GET /api/app/v1/sys/salt_status Salt status
  GET /api/app/v1/sys/status Get system status
  PUT /api/app/v1/sys/sysctl/(param) Cycle sysctl variables
  GET /api/app/v1/sys/sysctl/(param) Get sysctl value
System-Access PUT /api/app/v1/sys/access Enable/Disable SSH
  GET /api/app/v1/sys/access Get SSH status
System-Account GET /api/app/v1/sys/account/(user) Get account info
  PUT /api/app/v1/sys/account/(user) Modify account properties
  GET /api/app/v1/sys/account/(user)/history Get account hisory
  PUT /api/app/v1/sys/account/admin Update admin password
  PUT /api/app/v1/sys/account/admin/forgotpwd Initialize password recovery
  DELETE /api/app/v1/sys/account/email Delete appliance email
  DELETE /api/app/v1/sys/account/smtp Delete SMTP configuration
  PUT /api/app/v1/sys/account/smtp Setup SMTP configuration
  GET /api/app/v1/sys/account/smtp Show SMTP configuration
  PUT /api/app/v1/sys/module/account Change WCG password
System-Mode PUT /api/app/v1/sys/mode/filter Set to Filtering mode
  PUT /api/app/v1/sys/mode/lite Set to User mode
  PUT /api/app/v1/sys/mode/primary Set to Full Policy mode
System-Time GET /api/app/v1/sys/time/clock Get system time
  PUT /api/app/v1/sys/time/clock Set time
  GET /api/app/v1/sys/time/ntp Get NTP information
  PUT /api/app/v1/sys/time/ntp Set NTP
  PUT /api/app/v1/sys/time/ntp/sync Sync NTP
  GET /api/app/v1/sys/time/timezone Get system timezone
  PUT /api/app/v1/sys/time/timezone Set system timezone
  GET /api/app/v1/sys/time/timezone/list Get all timezone info
Tools GET /api/app/v1/tools/(module)/arp Run arp
  GET /api/app/v1/tools/arp  
  GET /api/app/v1/tools/(module)/ethtool Run ethtool
  GET /api/app/v1/tools/ethtool  
  GET /api/app/v1/tools/(module)/ifconfig Run ifconfig
  GET /api/app/v1/tools/ifconfig  
  GET /api/app/v1/tools/(module)/nc Run nc
  GET /api/app/v1/tools/nc  
  GET /api/app/v1/tools/(module)/netstat Run netstat
  GET /api/app/v1/tools/netstat  
  GET /api/app/v1/tools/(module)/nslookup Run nslookup
  GET /api/app/v1/tools/nslookup  
  GET /api/app/v1/tools/(module)/ping Run ping
  GET /api/app/v1/tools/ping  
  GET /api/app/v1/tools/(module)/ping6 Run ping6
  GET /api/app/v1/tools/ping6  
  GET /api/app/v1/tools/(module)/route Run route
  GET /api/app/v1/tools/route  
  GET /api/app/v1/tools/(module)/route6 Run route6
  GET /api/app/v1/tools/route6  
  GET /api/app/v1/tools/(module)/top Run top
  GET /api/app/v1/tools/top  
  GET /api/app/v1/tools/(module)/traceroute Run traceroute
  GET /api/app/v1/tools/traceroute  
  GET /api/app/v1/tools/(module)/traceroute6 Run traceroute6
  GET /api/app/v1/tools/traceroute6  
  GET /api/app/v1/tools/(module)/wget Run wget
  GET /api/app/v1/tools/wget  
  GET /api/app/v1/tools/(module)/wget-proxy Run wget with proxy
  GET /api/app/v1/tools/wget-proxy  
  GET /api/app/v1/tools/ntpq Run ntpq
  GET /api/app/v1/tools/ntpstat Run ntpstat
  GET /api/app/v1/tools/tcpdump Run tcpdump
  GET /api/app/v1/tools/test_email Send test email
Upgrade-Hotfix PUT /api/app/v1/(i_type)/(command)/download Stop/pause download
  POST /api/app/v1/(i_type)/browser_upload Upload upgrade/hotfix from web browser
  GET /api/app/v1/(i_type)/browser_upload/validate  
  DELETE /api/app/v1/(i_type)/delete Delete upgrade/hotfix
  PUT /api/app/v1/(i_type)/download Download upgrade/hotfix
  PUT /api/app/v1/(i_type)/download/resume Resume download
  GET /api/app/v1/(i_type)/download/status Download status
  GET /api/app/v1/(i_type)/history Get history
  PUT /api/app/v1/(i_type)/install Install upgrade/hotfix
  GET /api/app/v1/(i_type)/install/status Get install status
  GET /api/app/v1/(i_type)/list Get upgrade/hotfix list
  GET /api/app/v1/(i_type)/status/(req_type) Get local upgrade/hotfix files
  PUT /api/app/v1/(i_type)/upload Upload upgrade/hotfix from filestore
  PUT /api/app/v1/(i_type)/upload_url Upload upgrade/hotfix from URL
  GET /api/app/v1/hotfix Get hotfix info
  PUT /api/app/v1/hotfix/uninstall Uninstall a hotfix
  PUT /api/app/v1/schedule_upload_cleanup Cleanup stranded upload files
  PUT /api/app/v1/sys/unlock  
  GET /api/app/v1/upgrade Get upgrade info
  PUT /api/app/v1/upgrade/license Get license
  PUT /api/app/v1/upgrade/prep_install Prepare appliance for upgrade
Users POST /api/app/v1/sys/user/authentication Authenticate user
  GET /api/app/v1/sys/user/authorization Authorize user
  POST /api/app/v1/sys/user/create Create user
  DELETE /api/app/v1/sys/user/delete Delete user
  GET /api/app/v1/sys/user/get Get user info
  PUT /api/app/v1/sys/user/set Set user attributes
PUT /api/app/v1/(i_type)/(command)/download

Stop/pause a currently downloading upgrade/hotfix file.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
  • command (required) – Command to perform, either pause or stop
Query Parameters:
 
  • file (optional) – File to delete
  • id (optional) – The ID associated with an available hotfix (only valid when i_type == hotfix)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Pause an upgrade download:

PUT /api/app/v1/upgrade/pause/download?file=upgrade.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Pause an upgrade download:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
POST /api/app/v1/(i_type)/browser_upload

Upload an upgrade/hotfix file from a web browser to the appliance.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
Query Parameters:
 
  • file (required) – File to upload to the appliance
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Upload an upgrade file to the appliance:

PUT /api/app/v1/upgrade/browser_upload?token=eyJhbGciOiJIUzI1NiIsImV4cCI6MTUwNDExNjMzNSwiaWF0IjoxNTA0MTA5MTM1fQ.eyJyYW5kb21fbnVtYmVyIjowLjkyNDg3MjU5OTQyMjk1MTR9.auaKpyUo-UNsuJ-B-_RaYkWurXti4yBcjoTA0j0eCPA&filename=upgrade_8_5_0_main.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Upload an upgrade file to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/(i_type)/browser_upload/validate

Upload an upgrade/hotfix file from a web browser to the appliance.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
Query Parameters:
 
  • file (required) – File to upload to the appliance
  • alias (required) – Filestore to upload from
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Upload an upgrade file to the appliance:

PUT /api/app/v1/upgrade/upload?file=upgrade.iso&alias=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Upload an upgrade file to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/(i_type)/delete

Delete an upgrade/hotfix file from the appliance.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
Query Parameters:
 
  • file (optional) – File to delete
  • id (optional) – The ID associated with an available hotfix (only valid when i_type == hotfix)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Delete an upgrade file from the appliance:

DELETE /api/app/v1/upgrade/delete?file=upgrade.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Delete an upgrade file from the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/(i_type)/download

Initiates a download of an upgrade/hotfix file in the background. Use the download status API to check status.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
Query Parameters:
 
  • file (optional) – Filename of upgrade/hotfix to download
  • id (optional) – The ID associated with an available hotfix (only valid when i_type == hotfix)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Start an upgrade download:

PUT /api/app/v1/upgrade/download?file=upgrade.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Start an upgrade download:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/(i_type)/download/resume

Resume a paused download.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
Query Parameters:
 
  • file (optional) – File to delete
  • id (optional) – The ID associated with an available hotfix (only valid when i_type == hotfix)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Pause an upgrade download:

PUT /api/app/v1/upgrade/download/resume?file=upgrade.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Pause an upgrade download:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/(i_type)/download/status

Get status of the download of an upgrade/hotfix file.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
Query Parameters:
 
  • file (optional) – Filename of upgrade/hotfix to download
  • id (optional) – The ID associated with an available hotfix (only valid when i_type == hotfix)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Check the status of an upgrade download:

GET /api/app/v1/upgrade/download/status?file=upgrade.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Check the status of an upgrade download:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "status": "54"
}
GET /api/app/v1/(i_type)/history

Get upgrade/hotfix history.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get hotfix history:

GET /api/app/v1/hotfix/history HTTP/1.1
Accept: text/html

Example 1 - Response: Get hotfix history:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "list": [
    {
      "conflict": "None",
      "dependence": "None",
      "description": "Adding CLI commands to setup controller interface. Relogin appliance after applying this hotfix.",
      "filename": "Websense-Hotfix-App-8.1.3-830.rpm",
      "id": "App-8.1.3-830",
      "module": "app",
      "reboot": "no",
      "size": 121308,
      "status": "Downloaded, Ready to Install",
      "time": "2016-10-12 14:14:10",
      "version": "8.1.3"
    }
  ]
}
PUT /api/app/v1/(i_type)/install

Installs an upgrade/hotfix from the supplied filename. These installations happen in the background. If the hotfix/upgrade requires a reboot you will be able to get the status until the appliance reboots.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Install hotfix:

PUT /api/app/v1/upgrade/install?file=App-Upgrade-8.5.0.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Install hotfix:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/(i_type)/install/status

Get status of currently installing upgrade/hotfix.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get upgrade install status:

GET /api/app/v1/upgrade/install/status HTTP/1.1
Accept: text/html

Example 1 - Response: Get upgrade install status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Backing up configuration files"
}
GET /api/app/v1/(i_type)/list

Get a list of upgrades/hotfixes that are eligible for this Appliance.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Attempt to get available upgrades when none are available:

GET /api/app/v1/upgrade/list HTTP/1.1
Accept: text/html

Example 1 - Response: Attempt to get available upgrades when none are available:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Get available upgrades:

GET /api/app/v1/upgrade/list HTTP/1.1
Accept: text/html

Example 2 - Response: Get available upgrades:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "list":[
    {
      "description": "Patch to upgrade App to version v8.4.0",
      "filename": "Websense-Patch-App-8.4.0_1037.rpm",
      "size": 131345469,
      "status": "available",
      "time": "2016-07-21 09:32:59",
      "version": "8.4.0"
    }
  ]
}

Example 3 - Request: Get available hotfixes:

GET /api/app/v1/hotfix/list HTTP/1.1
Accept: text/html

Example 1 - Response: Get available hotfixes:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "list": [
    {
      "conflict": "None",
      "dependence": "App-8.4.3-830",
      "description": "Adding CLI commands to setup controller interface. Relogin appliance after applying this hotfix.",
      "filename": "Websense-Hotfix-App-8.4.0-830.rpm",
      "id": "App-8.4.0-830",
      "module": "app",
      "reboot": "yes",
      "size": 121308,
      "status": "Dependency Failure",
      "time": "2018-10-12 15:21:30",
      "version": "8.1.0"
    },
    {
      "conflict": "None",
      "dependence": "None",
      "description": "Adding CLI commands to setup controller interface. Relogin appliance after applying this hotfix.",
      "filename": "Websense-Hotfix-App-8.4.3-830.rpm",
      "id": "App-8.4.3-830",
      "module": "app",
      "reboot": "no",
      "size": 121308,
      "status": "Downloaded, Ready to Install",
      "time": "2018-10-12 14:14:10",
      "version": "8.4.3"
    },
  ]
}
GET /api/app/v1/(i_type)/status/(req_type)

Get the list of hotfix/upgrades that are on the local machine and are either installed, uninstalled, deleteable, installable, or all.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
  • req_type (required) – Type of file to view, options (installed, uninstalled, deleteable, installable, all)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Show installable upgrades on the appliance:

GET /api/app/v1/upgrade/status/installable HTTP/1.1
Accept: text/html

Example 1 - Response: Show installable upgrades on the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "list": [
    {
      "description": "TEST: Patch that upgrade the Appliance to version v8.5.0",
      "filename": "App-Upgrade-8.5.0.iso",
      "module": "app",
      "reboot": true,
      "size": 3886022656,
      "status": "Downloaded, Ready to Install",
      "time": "1988-01-04 18:14:39",
      "version": "8.5.0"
    }
  ]
}
PUT /api/app/v1/(i_type)/upload

Upload an upgrade/hotfix file from an external filestore to the appliance.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
Query Parameters:
 
  • file (required) – File to upload to the appliance
  • alias (required) – Filestore to upload from
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Upload an upgrade file to the appliance:

PUT /api/app/v1/upgrade/upload?file=upgrade.iso&alias=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Upload an upgrade file to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/(i_type)/upload_url

Upload an upgrade/hotfix file from a URL to the appliance.

New in version 1.0.

Parameters:
  • i_type (required) – Installation type, either upgrade or hotfix
Query Parameters:
 
  • url (required) – URL of the file to upload to the appliance
  • no-cert-verification (optional) – Do not verify ssl certificate
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Upload an upgrade file to the appliance:

PUT /api/app/v1/upgrade/upload?file=upgrade.iso&alias=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Upload an upgrade file to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/(module)/debugging

Resets debug to default or gets the status.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the modules

Parameters:
  • module (required) – Module to execute the command on
Query Parameters:
 
  • command (optional) – Either status or reset
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Get debugging status on WCG:

GET /api/app/v1/wcg/debugging?command=status HTTP/1.1
Accept: text/html

Example 1 - Response: Get debugging status on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "Debug log is disabled"
}

Example 2 - Request: Reset debugging on WCG:

PUT /api/app/v1/wcg/policy_engine?command=reset HTTP/1.1
Accept: text/html

Example 2 - Response: Reset debugging on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/(module)/debugging

Resets debug to default or gets the status.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the modules

Parameters:
  • module (required) – Module to execute the command on
Query Parameters:
 
  • command (optional) – Either status or reset
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Get debugging status on WCG:

GET /api/app/v1/wcg/debugging?command=status HTTP/1.1
Accept: text/html

Example 1 - Response: Get debugging status on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "Debug log is disabled"
}

Example 2 - Request: Reset debugging on WCG:

PUT /api/app/v1/wcg/policy_engine?command=reset HTTP/1.1
Accept: text/html

Example 2 - Response: Reset debugging on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/backup

Show a list of backup files in specified location (local or filestore).

Note

The timestamp displayed will be in UTC time.

New in version 1.0.

Query Parameters:
 
  • location (required) – Location to show backups from (local or filestore alias)
  • sort (optional) – How to sort the backups, only option is timestamp
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Show local backups:

GET /api/app/v1/backup?location=local HTTP/1.1
Accept: text/html

Example 1 - Response: Show local backups:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "local": {
    "Full-v10k-web-22-V10KG4-v8.3.0-20170227.bak": {
      "description": "new_test1",
      "timestamp": "2017/02/27 11:23:32"
    },
    "Full-v10k-web-22-V10KG4-v8.3.0-20170227-1.bak": {
      "description": "this is a test",
      "timestamp": "2017/02/27 11:25:30"
    },
    "Full-v10k-web-22-V10KG4-v8.3.0-20170227-2.bak": {
      "description": "this is a test2",
      "timestamp": "2017/02/27 11:27:17"
    },
    "Full-v10k-web-22-V10KG4-v8.3.0-20170227-3.bak": {
      "description": "this is a test3",
      "timestamp": "2017/02/27 11:28:45"
   }
}
POST /api/app/v1/backup/create

Create a backup and save it to specified location (local or filestore).

Note

The timestamp for the backup will be stored in UTC time.

New in version 1.0.

Query Parameters:
 
  • location (required) – Location to store the backup file (local or filestore alias)
  • bu_type (required) – Type of backup (web, email, full)
  • description (optional) – Description for the backup
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Create local web backup:

POST /api/app/v1/backup/create?location=local&bu_type=web&description=Web HTTP/1.1
Accept: text/html

Example 1 - Response: Create local web backup:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "bu_filename": "Web-V10KG4-v8.3.0-20161114-1.bak"
}

Example 2 - Request: Create web backup on filestore:

POST /api/app/v1/backup/create?location=myfilestore&bu_type=web&description=Web HTTP/1.1
Accept: text/html

Example 1 - Response: Create web backup on filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "bu_filename": "Web-V10KG4-v8.3.0-20161114-2.bak"
}
POST /api/app/v1/backup/create/schedule

Create a backup schedule.

New in version 1.0.

Query Parameters:
 
  • time (required) – Time to perform backup (HH:MM)
  • location (required) – Location to store the backup file (local or filestore alias)
  • freq (required) – Frequency to perform the backup (daily, weekly, monthly)
  • date (optional) – Date of the month to perform backup (1-29), required if freq is set to monthly
  • day (optional) – Day of the week to perform backup (mon-sun), required if freq set to weekly
  • bu_type (required) – Type of backup (web, email, full)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Create backup schedule:

POST /api/app/v1/backup/create/schedule?location=local&freq=daily&time=12:20&bu_type=full HTTP/1.1
Accept: text/html

Example 1 - Response: Create backup schedule:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/backup/delete

Delete one or all local backup files.

New in version 1.0.

Query Parameters:
 
  • filename (required) – Name of backup file to delete, or ‘all’ to delete all local backups
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Delete a backup file:

POST /api/app/v1/backup/delete?filename=test.back HTTP/1.1
Accept: text/html

Example 1 - Response: Delete a backup file:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/backup/delete/schedule

Delete backup schedule.

New in version 1.0.

Query Parameters:
 
  • bu_type (required) – Type of backup to delete
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Delete backup schedule:

DELETE /api/app/v1/backup/schedule?bu_type=full HTTP/1.1
Accept: text/html

Example 1 - Response: Delete backup schedule:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/backup/restore

Restore a backup from the specified location (local, filestore or url).

New in version 1.0.

Note

After the restore is completed and the appliance reboots, the output is no longer a JSON. Instead, due to the reboot, an http error is encountered.

Query Parameters:
 
  • filename (optional) – Backup filename
  • location (optional) – Location to store the backup file (local or filestore alias)
  • url (optional) – URL of the backup to restore
  • no-cert-verification (optional) – Ignore SSL certificate checks (only valid with –url, with scheme https)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Restore backup from a filestore:

PUT /api/app/v1/backup/restore?location=myfilestore&filename=file.bak HTTP/1.1
Accept: text/html

Example 1 - Response: Restore backup from a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Restore backup from an ftp server:

PUT /api/app/v1/backup/restore?location=myfilestore&url=ftp://ftp_user:ftp_passwd@10.206.6.89/backups/my_backup.bak HTTP/1.1
Accept: text/html

Example 2 - Response: Restore backup from an ftp server:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Restore backup from an encrypted web server:

PUT /api/app/v1/backup/restore?location=myfilestore&url=https://web_user:web_passwd@10.206.6.89/backup/my_backup.bak HTTP/1.1
Accept: text/html

Example 3 - Response: Restore backup from an encrypted web server:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/backup/save

save a local backup to the specified filestore location.

New in version 1.0.

Query Parameters:
 
  • filename (required) – Local backup filename
  • location (required) – Location to store the backup file (filestore alias)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Save a local backup to filestore:

PUT /api/app/v1/backup/save?location=myfilestore&filename=file.bak HTTP/1.1
Accept: text/html

Example 1 - Response: Save a local backup to filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'Web-hostname-v8.4.0-20170720201913.bak' has been saved to ftp://anonymous@10.206.6.131/."
}
GET /api/app/v1/backup/schedule

Show backup schedule.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Show backup schedule:

GET /api/app/v1/backup/schedule HTTP/1.1
Accept: text/html

Example 1 - Response: Show backup schedule:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Last Scheduled Backup": "Successfully completed backup on 2016-11-14 12:21",
  "Location": "local",
  "Next Scheduled Backup": "Wed, Nov 23 2016, 12:20 ",
  "Schedule Frequency": "monthly",
  "Type": "full"
}
GET /api/app/v1/configsummary/download

Download the specified config summary file.

Accepts:

text/html
Query Parameters:
 
  • filename (required) – Config summary file to download.
Response Headers:
 
Status Codes:

Example 1 - Request: Download config summary file:

GET /api/app/v1/configsummary/download?filename=<VALID_CS_FILE>.enc HTTP/1.1
Accept: text/html

Example 1 - Response: Download config summary file:

HTTP/1.1 200 OK
Content-Type: application/octetstring

<Encrypted Config Summary File>

Example 2 - Request: Invalid config summary file:

GET api/app/v1/configsummary/download?filename=<INVALID_CS_FILE>.enc HTTP/1.1
Accept: text/html

Example 2 - Response: Invalid config summary file:

HTTP/1.1 401 OK
Content-Type: application/json

{
 "Reason": "<CONFIG_SUMMARY_FILE>.enc does not exist",
 "Status": "Failure"
}
PUT /api/app/v1/configsummary/generate

Generate the config summary file for download.

Accepts:

text/html
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Generate config summary file:

PUT /api/app/v1/configsummary/generate HTTP/1.1
Accepts: text/html

Example 1 - Response: Generate config summary file:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Filename": "<NAME_OF_CONFIGSUM_FILE>.enc"
}
PUT /api/app/v1/configsummary/save

Generate and save config summary file to filestore server.

Accepts:

application/json
Query Parameters:
 
  • location (optional) – Location of filestore; filestore alias
  • url (required) – URL of the location in which to store the config summary
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Save config summary to filestore:

PUT /api/app/v1/configsummary/save?location=<VALID_FS_ALIAS> HTTP/1.1
Accepts: text/html

Example 1 - Response: Save config summary to filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'<CONFIG_SUMMARY>.enc' has been saved to <FILESTORE_PATH>."
}

Example 2 - Request: Invalid filestore alias:

PUT /api/app/v1/configsummary/save?location=<INVALID_FILESTORE_ALIAS> HTTP/1.1
Accepts: text/html

Example 2 - Response: Invalid filestore alias:

HTTP/1.1 400 OK
Content-Type: application/json

{
  "Reason": "Alias <INVALID_FILESTORE_ALIAS> does not exist.",
  "Status": "Failure"
}
PUT /api/app/v1/disk/(mount_type)/(module)

Mount a filestore into a module.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the modules

Warning

If your Samba server does not support v1 the vers parameter is required. Otherwise the mount will fail.

Parameters:
  • mount_type (requred) – Mount action (mount, unmount)
  • module (required) – Module to mount into
Query Parameters:
 
  • type (required) – Type of mount (samba, nfs)
  • path (required) – Path within the module to mount to
  • location (required) – Location of the network drive to mount
  • user (optional) – username for Samba
  • password (optional) – password for Samba user
  • vers (optional) – version for Samba (required for any version of Samba higher that 1.0)
Response Headers:
 
Status Codes:

Example 1 - Request: Samba mount:

PUT /api/app/v1/disk/mount/wcg?type=samba&path=/mnt&location=//10.206.6.76/anonymous&user=guest&passwd=guest HTTP/1.1
Accept: text/html

Example 1 - Response: Samba mount:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: NFS Mount:

PUT /api/app/v1/disk/mount/wcg?type=nfs&path=/mnt&location=10.206.4.100:/data/ISOs HTTP/1.1
Accept: text/html

Example 2 - Response: NFS Mount:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Unmount:

PUT /api/app/v1/disk/umount/wcg?path=/mnt HTTP/1.1
Accept: text/html

Example 3 - Response: Unmount:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/esg/dig

Runs DIG.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the ESG container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

Query Parameters:
 
  • x (optional) – PTR lookup. Takes IP address
  • txt (optional) – TXT lookup
  • mx (optional) – MX lookup
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Dig using PTR lookup:

GET /api/app/v1/esg/dig?x=10.206.4.166 HTTP/1.1
Accept: text/html

Example 1 - Response: Dig using PTR lookup:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "<DIG_OUTPUT>"
}
GET /api/app/v1/esg/email_shell

Sends email-shell debug module to ESG

Accepted Authorization:
 admin
PUT /api/app/v1/esg/email_subscription_reset

Reset email subscription.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the ESG container

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Reset email subscription:

GET /api/app/v1/esg/email_subscription_reset HTTP/1.1
Accept: application/json

Example 1 - Response: Reset email subscription:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "Success"
}
GET /api/app/v1/esg/maillog

Show or Download ESG maillog.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the ESG container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

Query Parameters:
 
  • command (optional) – Command to execute (show, download)
  • alias (optional) – Filestore to download to
  • file (optional) – Name of the file to download to the filestore
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Show maillog:

GET /api/app/v1/esg/maillog?command=show HTTP/1.1
Accept: application/json

Example 1 - Response: Show maillog:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "<MAILLOG_INFO>"
}

Example 2 - Request: Download maillog to filestore:

GET /api/app/v1/esg/maillog?command=download\&alias=myfilestore\&file=maillog.5.gz HTTP/1.1
Accept: application/json

Example 2 - Response: Download maillog to filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/esg/pem

Download PEM backup to filestore.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the ESG container

Query Parameters:
 
  • alias (optional) – Filestore to download to
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Download PEM data to filestore:

GET /api/app/v1/esg/pem?alias=myfilestore HTTP/1.1
Accept: application/json

Example 1 - Response: Download PEM data to filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
POST /api/app/v1/filestore

Add a filestore to the appliance.

New in version 1.0.

Query Parameters:
 
  • alias (required) – Desired name of the filestore
  • host (required) – IPv4 address or hostname of the filestore
  • path (required) – Directory to save the file to on the filestore
  • type (required) – Protocol to use (ftp, samba)
  • user (optional) – User to log in as
  • password (optional) – Password for the user
  • port (optional) – Port to connect across
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Add filestore to the appliance:

POST /api/app/v1/filestore?alias=ftptest&host=10.206.6.196&path=.&type=ftp&user=<USER>&password=<PASSWORD>&port=21 HTTP/1.1
Accept: text/html

Example 1 - Response: Add filestore to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/filestore

Delete filestore item by alias.

New in version 1.0.

Query Parameters:
 
  • alias (required) – Filestore alias to delete
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Delete filestore:

DELETE /api/app/v1/filestore?alias=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Delete filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/filestore

Get currently set up filestore information.

New in version 1.0.

Query Parameters:
 
  • filestore (optional) – Filestore alias to get information, if omitted list all filestore information
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get filestore information for myfilestore alias:

GET /api/app/v1/filestore?alias=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Get filestore information for myfilestore alias:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "myfilestore": {
    "alias": "myfilestore",
    "host": "10.206.6.131",
    "password": "",
    "path": ".",
    "type": "ftp",
    "user": "anonymous"
  }
}
GET /api/app/v1/filestore/download

Download a file from a filestore to the appliance or a module. The file will appear in /transfers.

New in version 1.0.

Query Parameters:
 
  • alias (required) – The filestore alias
  • file (required) – The name of the file to download
  • filesize (optional) – The size (in MiB) of the file to download
  • module (optional) – The container to which file will be downloaded
Response Headers:
 
Status Codes:
Accepted Authorization:
 

skey

Example 1 - Request: Download a file from a filestore to the appliance:

GET /api/app/v1/download?alias=myfilestore&file=test.txt HTTP/1.1
Accept: text/html

Example 1 - Response: Download a file from a filestore to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Result": "Download successful"
}

Example 2 - Request: Download a file from a filestore to wcg:

GET /api/app/v1/download?alias=myfilestore&file=test.txt&module=wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Download a file from a filestore to wcg:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Result": "Download successful"
}
GET /api/app/v1/filestore/list

Get a list of all files in a filestore.

New in version 1.0.

Query Parameters:
 
  • filestore (required) – Filestore alias to get files from
  • filetype (required) – Filetype to display
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Show all txt files on a filestore:

GET /api/app/v1/filestore/?alias=myfilestore&filetype=txt HTTP/1.1
Accept: text/html

Example 1 - Response: Show all txt files on a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "list": [
    {
      "date": "05-02-17, 10:24AM",
      "filename": "foo.txt",
      "filesize": "129"
    },
    {
      "date": "05-02-17, 10:41AM",
      "filename": "bar.txt",
      "filesize": "116"
    },
  ]
}
PUT /api/app/v1/filestore/upload

Upload a file to a filestore from the appliance or a module.

New in version 1.0.

Query Parameters:
 
  • alias (required) – The filestore alias
  • filepath (required) – The filepath to the file that will be uploaded
  • module (optional) – The container to in which filepath is located
Response Headers:
 
Status Codes:
Accepted Authorization:
 

skey

Example 1 - Request: Upload a file from the appliance to a filestore:

PUT /api/app/v1/filestore/upload?alias=myfilestore&filepath=/opt/test.txt HTTP/1.1
Accept: text/html

Example 1 - Response: Upload a file from the appliance to a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Upload a file from wcg to a filestore:

GET /api/app/v1/filestore/upload?alias=myfilestore&filepath=/tmp/test.txt&module=wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Upload a file from wcg to a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/form_token
GET /api/app/v1/upgrade/form_token
GET /api/app/v1/hotfix/form_token

Get a form token. Form uploads cannot have their headers modified. This method will generate a very short timed token that is tied to the IP of the requester. It must come in as a parameter for an upload.

Note

Username/password is sent with the -u option with curl for Basic Auth.

Response Headers:
 
Status Codes:

Example 1 - Valid Request: Get form token:

GET /api/app/v1/form_token HTTP/1.1
Accept: text/html

Example 1 - Valid Response: Get form token:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "token": "<FORM_TOKEN>"
}
GET /api/app/v1/hotfix

Get hotfix information for a specific hotfix file.

New in version 1.0.

Query Parameters:
 
  • file (required) – Filename of upgrade/hotfix to get info for
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get hotfix information:

GET /api/app/v1/hotfix/?file=Websense-Hotfix-App-8.4.0-022.rpm HTTP/1.1
Accept: text/html

Example 1 - Response: Get hotfix information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "conflict": "None",
  "dependence": "None",
  "description": "App Fake Big Hotfix",
  "filename": "Websense-Hotfix-App-8.4.0-022.rpm",
  "id": "App-8.4.0-022",
  "module": "app",
  "reboot": "no",
  "release_note_url": "",
  "rollup": "None",
  "size": 555777848,
  "status": "Downloaded, Ready to Install",
  "time": "1988-01-04 18:12:46",
  "url": "http://10.206.22.199/download/hotfixes/app/8.4.0/Websense-Hotfix-App-8.4.0-022.rpm",
  "version": "8.4.0"
}
PUT /api/app/v1/hotfix/uninstall

Uninstall a hotfix.

New in version 1.0.

Query Parameters:
 
  • id (required) – ID of the hotfix to uninstall
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Uninstall a hotfix:

PUT /api/app/v1/hotfix/uninstall?id=App-8.4.0-011 HTTP/1.1
Accept: text/html

Example 1 - Response: Uninstall a hotfix:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/log

Stream log file or view last X lines in a log file. Currently only appliance level logs supported.

New in version 1.0.

Query Parameters:
 
  • log (required) – Log file to view.
  • module (required) – Module where the log resides. Options (esg, appliance, wse, wcg, na).
  • timeout (optional) – Timeout for log stream. Defaults to 150 seconds.
  • lines (optional) – Number of lines to read. Must be using last action.
  • action (optional) – Set this to last to view the last X number of lines.
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get last ten lines from audit log:

GET /api/app/v1/log?log=audit&module=appliance&lines=10&action=last HTTP/1.1
Accept: text/html

Example 1 - Response: Get last ten lines from audit log:

HTTP/1.1 200 OK
Content-Type: text/html

<LAST 10 LINES>

Example 2 - Request: Stream logs for three minutes:

GET /api/app/v1/log?log=audit&module=appliance&timeout=180 HTTP/1.1
Accept: text/html

Example 2 - Response: Stream logs for three minutes:

HTTP/1.1 200 OK
Content-Type: text/html

<LOG LINES>
GET /api/app/v1/log/archive

Get log file settings.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get log file settings:

GET /api/app/v1/log/archive HTTP/1.1
Accept: text/html

Example 1 - Response: Get log file settings:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "app": {
    "audit": {
      "filepath": "/var/log/appliance/audit.log",
      "frequency": "Not Set",
      "size": "Not Set"
    },
    "system": {
      "filepath": "/var/log/appliance/cli.log",
      "frequency": "Not Set",
      "size": "Not Set"
    }
  },
  "network-agent": {
    "network-agent": {
      "filepath": [
        "/var/lib/lxc/na/rootfs/opt/Websense/bin/NetworkAgent.log"
      ],
      "frequency": "Not Set",
      "size": "Not Set"
    }
  },
  "proxy": {
    "proxy": {
      "filepath": [
        "/var/lib/lxc/wcg/rootfs/opt/WCG/logs/content_gateway.out"
      ],
      "frequency": "Not Set",
      "size": "Not Set"
    }
  },
  "web": {
    "web": {
      "filepath": [
        "/var/lib/lxc/wse/rootfs/opt/Websense/bin/Websense.log"
      ],
      "frequency": "Not Set",
      "size": "Not Set"
    }
  }
}
PUT /api/app/v1/log/archive

Set the archive frequency or the size. Works for audit and module logs. You can only set size or frequency, not both.

New in version 1.0.

Query Parameters:
 
  • log (required) – Log file archive to modify.
  • module (required) – Module where the log resides. Options (esg, appliance, wse, wcg, na).
  • frequency (optional) – Frequency in which to rotate the logs.
  • size (optional) – Size to allow the log file to get to before rotating it.
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set log archive to rotate when the log file is 10 megabytes:

PUT api/app/v1/log/archive?module=na&log=na&size=10m HTTP/1.1
Accept: text/html

Example 1 - Response: Set log archive to rotate when the log file is 10 megabytes:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Status": "Success"
}

Example 2 - Request: Set log archive to rotate weekly:

PUT api/app/v1/log/archive?module=na&log=na&frequency=weekly HTTP/1.1
Accept: text/html

Example 1 - Response: Set log archive to rotate weekly:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Status": "Success"
}
PUT /api/app/v1/log/save

Save a local log to a filestore.

New in version 1.0.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

Query Parameters:
 
  • alias (required) – Filestore alias to save the log to.
  • module (required) – Module where the log resides. Options (esg, appliance, wse, wcg, na).
  • type (optional) – Type of log file to save (all, system, audit).
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Save audit log to filestore:

PUT api/app/v1/log/save?alias=myfilestore&module=appliance&type=audit HTTP/1.1
Accept: text/html

Example 1 - Response: Save audit log to filestore:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Result": "'audit_20170517094711.log' has been saved to ftp://anonymous@10.206.6.131/."
}
PUT /api/app/v1/login

Generate an API authentication token.

Note

Username/password is sent with the -u option with curl for Basic Auth.

Response Headers:
 
Status Codes:

Example 1 - Valid Request: Correct username/password:

GET /api/app/v1/login HTTP/1.1
Accept: text/html

Example 1 - Valid Response: Correct username/password:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "token": "<AUTH_TOKEN>"
}

Example 2 - Invalid Request: Incorrect username/password:

GET /api/app/v1/login HTTP/1.1
Accept: text/html

Example 2 - Invalid Response: Incorrect username/password:

HTTP/1.1 403 OK
Content-Type: text/html

Unauthorized Access
GET /api/app/v1/login

Verify API login credentials

Note

Username/password is sent with the -u option with curl for Basic Auth.

Response Headers:
 
Status Codes:

Example 1 - Valid Request: Correct username/password:

GET /api/app/v1/login HTTP/1.1
Accept: text/html

Example 1 - Valid Response: Correct username/password:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Login": "true"
}

Example 2 - Invalid Request: Incorrect username/password:

GET /api/app/v1/login HTTP/1.1
Accept: text/html

Example 2 - Invalid Response: Incorrect username/password:

HTTP/1.1 401 OK
Content-Type: text/html

Unauthorized Access
GET /api/app/v1/net/(module)
GET /api/app/v1/net

Shows network information for the appliance or modules.

New in version 1.0.

Note

Information will only appear on options that have been configured. For example, if you haven’t configured an IPv6 gateway it will not appear.

Warning

The non formatted version has been deprecated. Use the formatted version

Parameters:
  • module (required) – Module to get the information on. If excluded it defaults to all
Query Parameters:
 
  • format (optional) – If set to true use optional second format
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get all network information not formatted:

GET /api/app/v1/net HTTP/1.1
Accept: text/html

Example 1 - Response: Get all network information not formatted:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "APPLIANCE": {
    "DNS": {
      "dns_primary": "8.8.8.8",
      "dns_secondary": "8.8.4.4",
      "dns_tertiary": null
    },
    "GATEWAY": {
      "ipv4": {
        "gateway": "192.168.92.1",
        "interface": "eth0"
      }
    },
    "eth0": {
      "data": {
        "ip_address": "192.168.92.2",
        "ipv4_config_source": "static",
        "ipv6_address": null,
        "ipv6_status": "disabled",
        "mac": "ca:87:3f:5d:68:00",
        "netmask": "255.255.254.0",
        "prefix": null
      },
      "phys_interfaces": [
        "C"
      ]
    }
  },
 "WCG": {
    "DNS": {
      "dns_primary": "8.8.8.8",
      "dns_secondary": null,
      "dns_tertiary": "8.8.4.4"
    },
    "GATEWAY": {
      "ipv4": {
        "gateway": "10.206.7.254",
        "interface": "eth1"
      },
      "ipv6": {
        "gateway": "2017::0002",
        "interface": "eth0"
      }
    },
    "eth0": {
      "data": {
        "interface_status": "up",
        "ip_address": null,
        "ipv4_config_source": "static",
        "ipv6_address": "2017::1235",
        "ipv6_status": "enabled",
        "mac": "00:50:56:a2:3f:4b",
        "netmask": null,
        "prefix": "64"
      },
      "phys_interfaces": [
        "P1"
      ]
    },
    "eth1": {
      "data": {
        "interface_status": "up",
        "ip_address": "10.206.6.69",
        "ipv4_config_source": "static",
        "mac": "00:50:56:a2:76:22",
        "netmask": "255.255.252.0"
      },
      "phys_interfaces": [
        "P2"
      ]
    }
  }
}

Example 2 - Request: Get all network information formatted:

GET /api/app/v1/net?format=true HTTP/1.1
Accept: text/html

Example 2 - Response: Get all network information formatted:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "APP": {
    "C": {
      "data": {
        "ip_address": "10.206.6.69",
        "ipv4_config_source": "static",
        "ipv6_address": null,
        "ipv6_status": "disabled",
        "mac": "6a:de:4f:4f:be:42",
        "netmask": "255.255.252.0",
        "prefix": null,
        "virt_interface": "eth0"
      }
    },
    "DNS": {
      "dns_primary": "10.51.80.10",
      "dns_secondary": "10.51.80.11",
     "dns_tertiary": null
    },
    "GATEWAY": {
      "ipv4": {
        "gateway": "10.206.7.254",
        "interface": "C"
      }
    }
  },
  "PROXY": {
    "DNS": {
      "dns_primary": null,
      "dns_secondary": null,
      "dns_tertiary": null
    },
    "P1": {
      "data": {
        "mac": "be:b4:f1:2a:95:bd",
        "virt_interface": "eth0",
        "vlan_id": 123
      }
    },
    "P2": {
      "data": {
        "interface_status": "up",
        "mac": "d2:ee:e8:af:c3:ce",
        "virt_interface": "eth1"
      }
    }
  },
  "WEB": {
    "DNS": {
      "dns_primary": null,
      "dns_secondary": null,
      "dns_tertiary": null
    }
  }
}

Example 3 - Request: Get WCG network information not formatted:

GET /api/app/v1/net/wcg HTTP/1.1
Accept: text/html

Example 3 - Response: Get WCG network information not formatted:

HTTP/1.1 200 OK
Content-Type: application/json

{
 "WCG": {
    "DNS": {
      "dns_primary": "8.8.8.8",
      "dns_secondary": null,
      "dns_tertiary": "8.8.4.4"
    },
    "GATEWAY": {
      "ipv4": {
        "gateway": "10.206.7.254",
        "interface": "eth1"
      },
      "ipv6": {
        "gateway": "2017::0002",
        "interface": "eth0"
      }
    },
    "eth0": {
      "data": {
        "interface_status": "up",
        "ip_address": null,
        "ipv4_config_source": "static",
        "ipv6_address": "2017::1235",
        "ipv6_status": "enabled",
        "mac": "00:50:56:a2:3f:4b",
        "netmask": null,
        "prefix": "64"
      },
      "phys_interfaces": [
        "P1"
      ]
    },
    "eth1": {
      "data": {
        "interface_status": "up",
        "ip_address": "10.206.6.69",
        "ipv4_config_source": "static",
        "mac": "00:50:56:a2:76:22",
        "netmask": "255.255.252.0"
      },
      "phys_interfaces": [
        "P2"
      ]
    }
  }
}

Example 4 - Request: Get WCG network information formatted:

GET /api/app/v1/net/wcg HTTP/1.1
Accept: text/html

Example 4 - Response: Get WCG network information formatted:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "DNS": {
    "dns_primary": null,
    "dns_secondary": null,
    "dns_tertiary": null
  },
  "P1": {
    "data": {
      "mac": "be:b4:f1:2a:95:bd",
      "virt_interface": "eth0",
      "vlan_id": 123
    }
  },
  "P2": {
    "data": {
      "interface_status": "up",
      "mac": "d2:ee:e8:af:c3:ce",
      "virt_interface": "eth1"
    }
  }
}

Example 5 - Request: No information for module:

GET /api/app/v1/net/na HTTP/1.1
Accept: text/html

Example 5 - Response: No information for module:

HTTP/1.1 424 FAILED DEPENDENCY
Content-Type: application/json

{
  "Reason": "No network information on na",
  "Status": "Failure"
}
PUT /api/app/v1/net/(module)/(interface)/(state)

Brings specified interface up or down. Can be used on any interface.

New in version 1.0.

Parameters:
  • module (required) – Module to set interface state on
  • interface (required) – Interface to act upon (eth1)
  • status (required) – (up, down)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Bring down WCG eth1:

PUT /api/app/v1/net/wcg/eth1/down HTTP/1.1
Accept: text/html

Example 1 - Response: Disable WCG eth1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Bringing up an already up interface/Bringing down an already down interface:

PUT /api/app/v1/net/wcg/eth1/up HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid IP Address:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Interface is already up",
  "Status": "Failure"
}
DELETE /api/app/v1/net/(module)/(interface)/ipv4

Delete IPv4 network configuration.

New in version 1.0.

Parameters:
  • module (required) – Module to delete information on
  • interface (required) – Inteface to delete the information on
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Delete WCG eth0 IPv4 information:

DELETE /api/app/v1/net/wcg/eth0/ipv4 HTTP/1.1
Accept: text/html

Example 1 - Response: Delete WCG eth0 IPv4 information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: No IPv4 address associated with interface:

DELETE /api/app/v1/net/wcg/eth0/ipv4 HTTP/1.1
Accept: text/html

Example 2 - Response: No IPv4 associated with interface:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "There is no IP address associated with this interface to delete."
  "Status": "Failure"
}

Example 3 - Request: Invalid interface:

DELETE /api/app/v1/net/wcg/eth2/ipv4 HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid interface:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid interface supplied"
  "Status": "Failure"
}
PUT /api/app/v1/net/(module)/(interface)/ipv4
PUT /api/app/v1/net/(interface)/ipv4

Sets IPv4 network configuration.

New in version 1.0.

Parameters:
  • module (optional) – Module to set information on. If omitted it will set on the appliance
Query Parameters:
 
  • ip_address (optional) – IPv4 address of the specified interface
  • netmask (optional) – Netmask of the specified interface
  • gateway (optional) – Gateway address of the specified interface
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set appliance eth0:

PUT /api/app/v1/net/eth0/ipv4?ip_address=192.168.0.3&netmask=255.255.252.0&gateway=192.168.0.1 HTTP/1.1
Accept: text/html

Example 1 - Response: Set appliance eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set module (esg) eth0:

PUT /api/app/v1/net/esg/eth0/ipv4?ip_address=192.168.0.3&netmask=255.255.252.0&gateway=192.168.0.1 HTTP/1.1
Accept: text/html

Example 2 - Response: Set module (esg) eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Incorrect IPv4 address:

PUT /api/app/v1/net/eth0/ipv4?ip_address=192.168.0.300&netmask=255.255.252.0&gateway=192.168.0.1 HTTP/1.1
Accept: text/html

Example 3 - Response: Incorrect IPv4 address:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid IP address supplied"
  "Status": "Failure"
}
DELETE /api/app/v1/net/(module)/(interface)/ipv6

Delete ipv6 network configuration.

New in version 1.0.

Parameters:
  • module (required) – Module to delete information on
  • interface (required) – Inteface to delete the information on
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Delete WCG eth0 IPv6 information:

DELETE /api/app/v1/net/wcg/eth0/ipv6 HTTP/1.1
Accept: text/html

Example 1 - Response: Delete WCG eth0 IPv6 information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: No IPv6 address associated with interface:

DELETE /api/app/v1/net/wcg/eth0/ipv6 HTTP/1.1
Accept: text/html

Example 2 - Response: No IPv6 address associated with interface:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "There is no IP address associated with this interface to delete."
  "Status": "Failure"
}

Example 3 - Request: Invalid interface:

DELETE /api/app/v1/net/wcg/eth2/ipv6 HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid interface:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid interface supplied"
  "Status": "Failure"
}
PUT /api/app/v1/net/(module)/(interface)/ipv6
PUT /api/app/v1/net/(interface)/ipv6

Set IPv6 network configuration.

New in version 1.0.

Parameters:
  • module (optional) – Module to set information on. If omitted it will set on the appliance
  • interface (optional) – Interface to set IPv6 on
Query Parameters:
 
  • ipv6_address (optional) – IPv6 address of the specified interface
  • prefix (optional) – Prefix Length
  • ipv6_gateway (optional) – IPv6 Gateway address of the specified interface
  • ipv6_status (optional) – Status of IPv6. (enabled, disabled). Required if status is disabled, optional if status is enabled
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set appliance eth0:

PUT /api/app/v1/net/eth0/ipv6?ipv6_address=2017::0001&ipv6_status=enabled&prefix=64&ipv6_gateway=2017::1234 HTTP/1.1
Accept: text/html

Example 1 - Response: Set appliance eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set module (wcg) eth0:

PUT /api/app/v1/net/wcg/eth0/ipv6?ipv6_address=2017::0001&ipv6_status=enabled&prefix=64&ipv6_gateway=2017::1234 HTTP/1.1
Accept: text/html

Example 2 - Response: Set module (wcg) eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Incorrect IPv6 address:

PUT /api/app/v1/net/wcg/eth0/ipv6?ipv6_address=201G::0001&ipv6_status=enabled&prefix=64&ipv6_gateway=2017::1234 HTTP/1.1
Accept: text/html

Example 3 - Response: Set appliance eth0:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid IP address supplied"
  "Status": "Failure"
}
DELETE /api/app/v1/net/(module)/(interface)/vlan
DELETE /api/app/v1/net/(interface)/vlan

Remove VLAN configuration on an interface.

New in version 1.0.

Note

This feature is only available on a V-Series

Note

Changing the VLAN id on the C interface may affect your access to the API

Note

eth0 and eth1 are the P1/E1 and P2/E2 respectively, depending on module

Parameters:
  • interface (required) – Interface to set the vlan on
  • module (optional) – Module to set the vlan on. If ommitted then set on appliance
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Delete VLAN on WCG eth0 interface:

DELETE /api/app/v1/net/wcg/eth0/vlan HTTP/1.1
Accept: text/html

Example 1 - Response: Delete VLAN on WCG eth0 interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Delete VLAN on V-Series:

DELETE /api/app/v1/net/wcg/eth0/vlan HTTP/1.1
Accept: text/html

Example 2 - Response: Delete VLAN on V-Series:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "This feature is only available on X Series hardware.",
  "Status": "Failure"
}

Example 3 - Request: Delete already configured vlan:

DELETE /api/app/v1/net/wcg/eth0/vlan HTTP/1.1
Accept: text/html

Example 3 - Response: Delete already configured vlan:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "No vlan configured",
  "Status": "Failure"
}
PUT /api/app/v1/net/(module)/(interface)/vlan
PUT /api/app/v1/net/(interface)/vlan

Configures VLAN settings

New in version 1.0.

Note

This feature is only available on a X-Series in 8.3, 8.4

Note

Changing the VLAN id on the C interface may affect your access to the API

Note

eth0 and eth1 are the P1/E1 and P2/E2 respectively, depending on module

Parameters:
  • interface (required) – Interface to set the vlan on
  • module (optional) – Module to set the vlan on. If ommitted then set on appliance
Query Parameters:
 
  • vlan_id (required) – vlan id to set
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set VLAN on WCG eth0 interface:

PUT /api/app/v1/net/wcg/eth0/vlan?vlan_id=123 HTTP/1.1
Accept: text/html

Example 1 - Response: Set VLAN on WCG eth0 interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set VLAN on V-Series:

PUT /api/app/v1/net/wcg/eth0/vlan?vlan_id=123 HTTP/1.1
Accept: text/html

Example 2 - Response: Set VLAN on V-Series:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "This feature is only available on X Series hardware.",
  "Status": "Failure"
}

Example 3 - Request: Set invalid VLAN:

PUT /api/app/v1/net/wcg/eth0/vlan?vlan_id=123456 HTTP/1.1
Accept: text/html

Example 3 - Response: Set invalid VLAN:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid vlan id, must be between 2-4094",
  "Status": "Failure"
}
DELETE /api/app/v1/net/(module)/(phys_interface)

Removes the specified interface dedication from the specified module.

New in version 1.0.

Parameters:
  • module (required) – Module to remove the interface dedication from
  • phys_interface (required) – Physical interface to remove dedication from
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Detach E1 from WCG:

DELETE /api/app/v1/net/wcg/e1 HTTP/1.1
Accept: text/html

Example 1 - Response: Detach E1 from WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Detach an nonattached interface from WCG:

DELETE /api/app/v1/net/wcg/e1 HTTP/1.1
Accept: text/html

Example 2 - Response: Detach an nonattached interface from WCG:

HTTP/1.1 422 UNPROCESSABLE ENTITY
Content-Type: application/json

{
  "Reason": "E1 is not dedicated to wcg.",
  "Status": "Failure"
}
POST /api/app/v1/net/(module)/(phys_interface)/(virt_interface)
POST /api/app/v1/net/(module)/(phys_interface)

Dedicates the specified interface to the specified module.

New in version 1.0.

Parameters:
  • module (required) – Module to dedicate the interface to
  • phys_interface (required) – Physical interface to dedicate
  • virt_interface (optional) – Virtual interface to attach the physical interface to
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Attach E1 to WCG:

POST /api/app/v1/net/wcg/e1 HTTP/1.1
Accept: text/html

Example 1 - Response: Attach E1 to WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "virt_interface": "wcg.aux0"
}

Example 2 - Request: Attach E1 to WCG Aux1 interface:

POST /api/app/v1/net/wcg/e1/aux1 HTTP/1.1
Accept: text/html

Example 2 - Response: Attach E1 to WCG Aux1 interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "virt_interface": "wcg.aux1"
}

Example 3 - Request: Interface not available:

POST /api/app/v1/net/wcg/wcg.eth1 HTTP/1.1
Accept: text/html

Example 3 - Response: Interface not available:

HTTP/1.1 422 BAD UNPROCESSABLE ENTITY
Content-Type: application/json

{
  "Reason": "WCG.ETH0 interface is not available.",
  "Status": "Failure"
}
GET /api/app/v1/net/(module)/dedicated

Show the interfaces that are dedicated to the specified module.

New in version 1.0.

Parameters:
  • module (required) – Module to get the information on
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get dedicated interfaces on WCG:

GET /api/app/v1/net/wcg/dedicated HTTP/1.1
Accept: text/html

Example 1 - Response: Get dedicated interfaces on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Result": {
    "wcg.aux1": "E1"
  }
}

Example 2 - Request: No dedicated interfaces on WCG:

GET /api/app/v1/net/wcg/dedicated HTTP/1.1
Accept: text/html

Example 2 - Response: No dedicated interfaces on WCG:

HTTP/1.1 424 FAILED DEPENDENCY
Content-Type: application/json

{
  "Reason": "There are no mapped interfaces.",
  "Status": "Failure"
}
PUT /api/app/v1/net/(module)/dns
PUT /api/app/v1/net/dns

Set the primary, secondary, tertiary dns servers.

New in version 1.0.

Parameters:
  • module (required) – Module to set DNS on. If ommitted set on appliance
Query Parameters:
 
  • dns_primary (optional) – Primary DNS server
  • dns_secondary (optional) – Secondary DNS server
  • dns_tertiary (optional) – Tertiary DNS server
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set DNS server on appliance:

PUT /api/app/v1/net/dns?dns_primary=8.8.8.8&dns_secondary=8.8.4.4&dns_tertiary=8.8.2.2 HTTP/1.1
Accept: text/html

Example 1 - Response: Set DNS server on appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set DNS server on module:

PUT /api/app/v1/net/wcg/dns?dns_primary=8.8.8.8&dns_secondary=8.8.4.4&dns_tertiary=8.8.2.2 HTTP/1.1
Accept: text/html

Example 2 - Response: Set DNS server on module:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Invalid IP address:

PUT /api/app/v1/net/dns?dns_primary=8.8.8.500 HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid IP address:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid IPv4 address supplied"
  "Status": "Failure"
}
DELETE /api/app/v1/net/(module)/dns/(dns_server)
DELETE /api/app/v1/net/dns/(dns_server)

Delete the primary, secondary, tertiary dns servers.

New in version 1.0.

Parameters:
  • module (required) – Module to delete DNS on. If ommitted delte on appliance
Query Parameters:
 
  • dns_server (optional) – DNS server to delete. Options(dns2, dns3)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Delete DNS server on appliance:

DELETE /api/app/v1/net/dns?dns_server=dns2 HTTP/1.1
Accept: text/html

Example 1 - Response: Delete DNS server on appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Delete DNS server on module:

DELETE /api/app/v1/net/wcg/dns?dns_server=dns2 HTTP/1.1
Accept: text/html

Example 2 - Response: Delete DNS server on module:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/net/(module)/mac
GET /api/app/v1/net/mac

Gets MAC addresses for interfaces in a specified module or appliance.

New in version 1.0.

Parameters:
  • module (optional) – Module of which to get the MAC address. If ommitted defaults to appliance
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get WCG MAC address:

GET /api/app/v1/net/wcg/mac HTTP/1.1
Accept: text/html

Example 1 - Response: Get WCG MAC address:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "aux0": "2e:7c:7f:3f:ce:be",
  "aux1": "42:e5:c4:7f:65:92",
  "eth0": "be:b4:f1:2a:95:bd",
  "eth1": "d2:ee:e8:af:c3:ce"
}
GET /api/app/v1/net/(module)/port
GET /api/app/v1/net/port

Get port information on a module or the appliance.

New in version 1.0.

Parameters:
  • module (optional) – Module to view port information. If ommitted it shows appliance information.
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Show all port information:

GET /api/app/v1/net/port HTTP/1.1
Accept: text/html

Example 1 - Response: Show all port information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "WCG": {
    "TCP": [
      "8888"
    ]
  }
}

Example 2 - Request: Show WCG port information:

GET /api/app/v1/net/wcg/port HTTP/1.1
Accept: text/html

Example 2 - Response: Show WCG port information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "PROXY": {
    "TCP": [
      "8888"
    ]
  }
}
DELETE /api/app/v1/net/(module)/port/(protocol)/(port_num)

Closes a UDP or TCP port for specified module.

New in version 1.0.

Parameters:
  • module (required) – Module to close the port on
  • protocol (required) – Protocol of the port. Options (tcp, udp)
  • port_num (required) – Port number
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Close TCP Port 8888 on WCG:

DELETE /api/app/v1/net/wcg/port/tcp/8888 HTTP/1.1
Accept: text/html

Example 1 - Response: Close TCP Port 8888 on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Close a port that is already closed:

DELETE /api/app/v1/net/wcg/port/tcp/8888 HTTP/1.1
Accept: text/html

Example 2 - Response: Close a port that is already closed:

HTTP/1.1 424 FAILED DEPENDENCY
Content-Type: application/json

{
  "Reason": "Port has not been opened by user",
  "Status": "Failure"
}
PUT /api/app/v1/net/(module)/port/(protocol)/(port_num)

Open a UDP or TCP port for specified module.

New in version 1.0.

Warning

This does no validation of currently open ports. If you forward 443 to a container it will break the API

Parameters:
  • module (required) – Module to open the port on
  • protocol (required) – Protocol of the port. Options(tcp, udp)
  • port_num (required) – Port number
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Open TCP Port 8888 on WCG:

PUT /api/app/v1/net/wcg/port/tcp/8888 HTTP/1.1
Accept: text/html

Example 1 - Response: Open TCP Port 8888 on WCG:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Open a port that is already open:

PUT /api/app/v1/net/wcg/port/tcp/8888 HTTP/1.1
Accept: text/html

Example 2 - Response: Open a port that is already open:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Port is already open",
  "Status": "Failure"
}
POST /api/app/v1/net/bond/(p_interface)/(e_interface)

Bonds interfaces together.

New in version 1.0.

Parameters:
  • p_interface (required) – P interface to bond. Options (p1, p2)
  • e_interface (required) – E interface to bond. Options (e1, e2)
Query Parameters:
 
  • bond_mode (optional) – Bond mode for the interfaces. Options (active-backup, balance-rr)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Bond interfaces:

POST /api/app/v1/net/bond/p1/e1?bond_mode=active-backup HTTP/1.1
Accept: text/html

Example 1 - Response: Bond interfaces:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/net/bond/(p_interface)/(e_interface)

Unbond interfaces.

New in version 1.0.

Parameters:
  • p_interface (required) – P interface to unbond. Options (p1, p2)
  • e_interface (required) – E interface to unbond. Options (e1, e2)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Bond interfaces:

GET /api/app/v1/net/bond/p1/e1 HTTP/1.1
Accept: text/html

Example 1 - Response: Bond interfaces:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/net/bond/exists

Get the list of bonds that exist.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get possible bonds:

GET /api/app/v1/net/bond/exists HTTP/1.1
Accept: text/html

Example 1 - Response: Get possible bonds:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "bond_list": [
    [
      "P1",
      "E1"
    ],
    [
      "P2",
      "E2"
    ]
  ]
}

Example 2 - Request: No bonds exist:

GET /api/app/v1/net/bond/exists HTTP/1.1
Accept: text/html

Example 2 - Response: No bonds exist:

HTTP/1.1 422 FAILED DEPENDENCY
Content-Type: application/json

{
  "Reason": "There are no bonded interfaces.",
  "Status": "Failure"
}

Example 3 - Request: Get current bonds on an appliance that doesn’t allow bonds:

GET /api/app/v1/net/wcg/dedicated HTTP/1.1
Accept: text/html

Example 3 - Response: Get current bonds on an applaince that doesn’t allow bonds:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "This feature is only available on V10K/V20K hardware.",
  "Status": "Failure"
}
GET /api/app/v1/net/bond/possible

Get the list of possible bonds.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get possible bonds:

GET /api/app/v1/net/bond/possible HTTP/1.1
Accept: text/html

Example 1 - Response: Get possible bonds:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "bond_list": [
    [
      "P1",
      "E1"
    ],
    [
      "P2",
      "E2"
    ]
  ]
}

Example 2 - Request: Get possible bonds on an appliance that doesn’t allow bonds:

GET /api/app/v1/net/wcg/dedicated HTTP/1.1
Accept: text/html

Example 2 - Response: Get possible bonds on an applaince that doesn’t allow bonds:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "This feature is only available on V10K/V20K hardware.",
  "Status": "Failure"
}
DELETE /api/app/v1/net/dhcp/(module)/(interface)
DELETE /api/app/v1/net/dhcp/(interface)

Remove IPv4 address set with DHCP from interface

New in version 1.0.

Parameters:
  • interface (required) – The name of the interface within the host to uncongifure.
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Remove wcg eth0 IPv4 configuration:

DELETE /api/app/v1/net/dhcp/wcg/eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: remove wcg eth0 IPv4 network configuration set with DHCP:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/net/dhcp/(module)/(interface)
PUT /api/app/v1/net/dhcp/(interface)

Enables interface’s IPv4 address to be set with DHCP

New in version 1.0.

Parameters:
  • interface (required) – The name of the interface within the host to congifure.
Query Parameters:
 
  • allow_gateway (optional) – Whether or not to attempt to dynamically configure the gateway on this interface.
  • allow_dns (optional) – Whether or not to attempt to dynamically configure the DNS servers.
  • allow_ntp (optional) – Whether or not to attempt to dynamically configure the NTP servers.
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set wcg eth0:

PUT /api/app/v1/net/dhcp/wcg/eth0?allow_gateway=True&allow_dns=True&allow_ntp=True HTTP/1.1
Accept: text/html

Example 1 - Response: Set wcg eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/net/dhcp/(module)/(interface)
GET /api/app/v1/net/dhcp/(interface)

Get the DHCP lease information for an interface

New in version 1.0.

Parameters:
  • interface (required) – The name of the interface within the host about which to get lease information .
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Get DHCP lease information for wcg eth0:

GET /api/app/v1/net/dhcp/wcg/eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Get DHCP lease information for wcg eth0:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "dhcp-lease-time": "600",
  "dhcp-message-type": "5",
  "dhcp-server-identifier": "10.206.6.239",
  "domain-name": "dev.forcepoint.com",
  "domain-name-servers": "10.51.80.10,10.51.80.11,8.8.8.8",
  "expire": "2017/08/30 15:51:26 UTC",
  "fixed-address": "10.206.6.91",
  "interface": "eth0",
  "ntp-servers": "216.239.35.4",
  "rebind": "2017/08/30 15:50:11 UTC",
  "renew": "2017/08/30 15:45:25 UTC",
  "routers": "10.206.7.254",
  "subnet-mask": "255.255.252.0"
}
PUT /api/app/v1/net/dhcp/module_hooks

Run module hooks that DHCP was unable to run onboot.

New in version 1.0.

Response Headers:
 
Status Codes:
  • 200 OK – Success - ran module hooks successfully
Accepted Authorization:
 

skey

**Example 1 - Request: Run module hooks that DHCP was unable to run onboot:

PUT /api/app/v1/net/dhcp/module_hooks HTTP/1.1
Accept: text/html

**Example 1 - Run module hooks that DHCP was unable to run onboot:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/net/diagnostic_ports

Close diagnostic ports

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Close diagnostic ports:

DELETE /api/app/v1/net/diagnostic_ports HTTP/1.1
Accept: text/html

Example 1 - Response: Close diagnostic ports:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Close already closed diagnostic ports:

DELETE /api/app/v1/net/diagnostic_ports HTTP/1.1
Accept: text/html

Example 2 - Response: Close already closed diagnostic ports:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Diagnostic ports are already disabled",
  "Status": "Failure"
}
PUT /api/app/v1/net/diagnostic_ports

Open diagnostic ports.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Open diagnostic ports:

PUT /api/app/v1/net/diagnostic_ports HTTP/1.1
Accept: text/html

Example 1 - Response: Open diagnostic ports:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Open already opened diagnostic ports:

PUT /api/app/v1/net/diagnostic_ports HTTP/1.1
Accept: text/html

Example 2 - Response: Open already opened diagnostic ports:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Diagnostic ports are already enabled",
  "Status": "Failure"
}
GET /api/app/v1/net/diagnostic_ports

Show diagnostic ports status

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get diagnostic ports status:

GET /api/app/v1/net/diagnostic_ports HTTP/1.1
Accept: text/html

Example 1 - Response: Get diagnostic ports status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "disabled"
}
GET /api/app/v1/net/info/(interface)

Returns the speed and connection status of a physical NIC.

New in version 1.0.

Parameters:
  • interface (required) – Interface to retrieve info about
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get P1 interface status/speed:

GET /api/app/v1/net/info/p1 HTTP/1.1
Accept: text/html

Example 1 - Response: Get P1 interface status/speed:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "isup": "True",
  "speed": "10000"
}

Example 2 - Request: Get invalid interface status/speed:

GET /api/app/v1/net/info/p4 HTTP/1.1
Accept: text/html

Example 1 - Response: Get invalid interface status/speed:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "Invalid interface supplied.",
  "Status": "Failure"
}
GET /api/app/v1/net/interface

Returns undedicated/free physical interfaces.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get undedicated interfaces:

GET /api/app/v1/net/interface HTTP/1.1
Accept: text/html

Example 1 - Response: Get undedicated interfaces:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "interfaces": [
    "E2"
  ]
}
GET /api/app/v1/net/interface/physical/(interface)

Translates a physical interface (ex: P1) to the virtual interface(s) equivalent (ex: wcg.eth0).

New in version 1.0.

Parameters:
  • interface (required) – Physical interface to translate
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Translate P1 to virtual interface:

GET /api/app/v1/net/interface/physical/p1 HTTP/1.1
Accept: text/html

Example 1 - Response: Translate P1 to virtual interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "virt_interfaces": [
    "wcg.eth0"
  ]
}

Example 2 - Request: Attempt to translate invalid interface:

GET /api/app/v1/net/interface/physical/p3 HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to translate invalid interface:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Reason": "This is not a valid interface.",
  "Status": "Failure"
}
GET /api/app/v1/net/interface/virtual/(module)/(interface)

Translates a virtual interface (ex: wcg.eth0) to the physical interface(s) equivalent (ex: P1).

New in version 1.0.

Parameters:
  • interface (required) – Virtual inteface to translate
  • module (required) – Module the interface is attached to
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Translate wcg eth0 to physical:

GET /api/app/v1/net/interface/virtual/wcg/eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Translate wcg eth0 to physical:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "phys_interfaces": [
    "P1"
  ]
}

Example 2 - Request: Translate nonexistent interface to physical:

GET /api/app/v1/net/interface/virtual/wcg/eth2 HTTP/1.1
Accept: text/html

Example 2 - Response: Translate nonexistent interface to physical:

HTTP/1.1 424 FAILED DEPENDENCY
Content-Type: application/json

{
  "Reason": "There are no physical interfaces associated with module proxy",
  "Status": "Failure"
}
GET /api/app/v1/net/mgmt

Returns the IP address for the management interface (C).

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get management interface(C) IP:

GET /api/app/v1/net/mgmt HTTP/1.1
Accept: text/html

Example 1 - Response: Get management interface(C) IP:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "ip": "10.206.6.67"
}
POST /api/app/v1/net/route

Add static IPv4 route.

New in version 1.0.

Query Parameters:
 
  • dest (required) – Destination IP address (or subnet) in IPv4 format
  • mask (required) – Netmask in IPv4 format
  • gateway (required) – Gateway (next hop) in IPv4 format
  • interface (required) – Interface name (eth0, eth1, aux0, aux1)
  • module (optional) – Module the interface belongs to. If omitted route will be set on the appliance
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set route on the appliance:

POST /api/app/v1/net/route?dest=30.10.0.0&mask=255.255.255.0&gateway=192.168.0.1&interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Set route on the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set route on WCG P1:

POST /api/app/v1/net/route?dest=30.10.0.0&mask=255.255.255.0&gateway=192.168.0.1&interface=eth0&module=wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Set route on WCG P1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Invalid gateway for the interface:

POST /api/app/v1/net/route?dest=30.10.0.0&mask=255.255.255.0&gateway=192.168.0.7&interface=eth0 HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid gateway for the interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Invalid gateway '10.206.22.254'",
  "Status": "Failure"
}
DELETE /api/app/v1/net/route

Delete single static IPv4 route.

New in version 1.0.

Query Parameters:
 
  • dest (required) – Destination IP address(or subnet) in IPv4 format
  • mask (required) – Netmask in IPv4 format
  • gateway (required) – Gateway (next hop) in IPv4 format
  • interface (required) – Interface name. (eth0, eth1, aux0, aux1)
  • module (optional) – Module the interface belongs to. If ommitted route will be set on the appliance
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Delete route on the appliance:

DELETE /api/app/v1/net/route?dest=30.10.0.0&mask=255.255.255.0&gateway=192.168.0.1&interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Delete route on the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Delete route on WCG P1:

DELETE /api/app/v1/net/route?dest=30.10.0.0&mask=255.255.255.0&gateway=192.168.0.1&interface=eth0&module=wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Delete route on WCG P1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Invalid gateway for the interface:

DELETE /api/app/v1/net/route?dest=30.10.0.0&mask=255.255.255.0&gateway=192.168.0.7&interface=eth0 HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid gateway for the interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Invalid gateway '10.206.22.254'",
  "Status": "Failure"
}
POST /api/app/v1/net/route/component

Add single IPv4 component route.

New in version 1.0.

Query Parameters:
 
  • dest (required) – Destination IP address(or subnet) in IPv4 format
  • mask (required) – Netmask in IPv4 format
  • module (required) – Module to set the route on (only wcg and esg supported)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Add component route on WCG P1:

POST /api/app/v1/net/route/component?dest=40.10.0.0&mask=255.255.255.0&module=wcg HTTP/1.1
Accept: text/html

Example 1 - Response: Add component route on WCG P1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Invalid module:

POST /api/app/v1/net/route?dest=40.10.0.0&mask=255.255.255.0&module=abc HTTP/1.1
Accept: text/html

Example 2 - Response: Invalid module:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Invalid module: None",
  "Status": "Failure"
}
DELETE /api/app/v1/net/route/component

Delete single IPv4 component route.

New in version 1.0.

Query Parameters:
 
  • dest (required) – Destination IP address (or subnet) in IPv4 format
  • mask (required) – Netmask in IPv4 format
  • module (required) – Module to delete the route from (only wcg and esg supported)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Delete component route:

DELETE /api/app/v1/net/route/component?dest=40.10.0.0&mask=255.255.255.0&interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Delete component route:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Invalid module:

DELETE /api/app/v1/net/route?dest=40.10.0.0&mask=255.255.255.0&module=abc HTTP/1.1
Accept: text/html

Example 2 - Response: Invalid module:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Invalid module: None",
  "Status": "Failure"
}
PUT /api/app/v1/net/route/load

Load multiple IPv4 routes from filestore server.

New in version 1.0.

Query Parameters:
 
  • location (required) – Filestore alias the routes are saved too
  • file (required) – Route file on the filestore
  • action (required) – Add or Delete (del)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Add IPv4 routes from filestore:

PUT /api/app/v1/net/route/load?location=myfilestore&file=ipv4_rules.txt&action=add HTTP/1.1

Accept: text/html

Example 1 - Response: Add IPv4 routes from filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "Total added 1 routes. 0 failed."
}

Example 2 - Request: Delete IPv4 routes from filestore:

PUT /api/app/v1/net/route/load?location=myfilestore&file=ipv4_rules.txt&action=del HTTP/1.1

Accept: text/html

Example 2 - Response: Delete IPv4 routes from filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "Total deleted 1 routes. 0 failed."
}
PUT /api/app/v1/net/route/save

Save multiple IPv4 routes to filestore server.

New in version 1.0.

Query Parameters:
 
  • location (required) – Filestore alias name
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Save routes to a filestore:

PUT /api/app/v1/net/route/save?location=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Save routes to a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'Route_appliance_20170502102731.txt' has been saved to ftp://anonymous@10.206.6.131/."
}

Example 2 - Request: Invalid filestore:

PUT /api/app/v1/net/route/save?location=notmyfilestore HTTP/1.1
Accept: application/json

Example 2 - Response: Invalid filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Alias notmyfilestore does not exist.",
  "Status": "Failure"
}
POST /api/app/v1/net/route6

Add single static IPv6 route.

New in version 1.0.

Query Parameters:
 
  • dest (required) – Destination IP address (or subnet) in IPv6 format
  • prefixlen (required) – Prefix Length
  • gateway (required) – Gateway (next hop) in IPv6 format
  • interface (required) – Interface name. (eth0, eth1, aux0, aux1)
  • module (optional) – Module the interface belongs to. If ommitted route will be set on the appliance
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Add IPv6 route on the appliance:

POST /api/app/v1/net/route6?dest=2804:10:206:4::&prefix=62&gateway=2017::0010&interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Add IPv6 route on the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Add IPv6 route on WCG P1:

POST /api/app/v1/net/route6?dest=2804:10:206:4::&prefix=62&gateway=2017::0010&interface=eth0&module=wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Add IPv6 route on WCG P1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Invalid gateway for the interface:

POST /api/app/v1/net/route6?dest=2804:10:206:4::&prefix=62&gateway=2017::001R&interface=eth0&module=wcg HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid gateway for the interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Invalid gateway '2017::001R'",
  "Status": "Failure"
}
DELETE /api/app/v1/net/route6

Delete single static IPv6 route.

New in version 1.0.

Query Parameters:
 
  • dest (required) – Destination IP address(or subnet) in IPv6 format
  • prefixlen (required) – IPv6 Prefix Length
  • gateway (required) – Gateway (next hop) in IPv6 format
  • interface (required) – Interface name. (eth0, eth1, aux0, aux1)
  • module (optional) – Module the interface belongs to. If ommitted route will be set on the appliance
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Delete IPv6 route on the appliance:

DELETE /api/app/v1/net/route?dest=2804:10:206:4::&prefix=62&gateway=2017::0010&interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Delete IPv6 route on the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Delete IPv6 route on WCG P1:

DELETE /api/app/v1/net/route?dest=2804:10:206:4::&prefix=62&gateway=2017::001&interface=eth0&module=wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Delete IPv6 route on WCG P1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Invalid gateway for the interface:

DELETE /api/app/v1/net/route?dest=2804:10:206:4::&prefix=62&gateway=2017::001R&interface=eth0&module=wcg HTTP/1.1
Accept: text/html

Example 3 - Response: Invalid gateway for the interface:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Invalid gateway '2017::001R'",
  "Status": "Failure"
}
PUT /api/app/v1/net/route6/load

Load multiple IPv6 routes from filestore server.

New in version 1.0.

Query Parameters:
 
  • location (required) – Filestore alias the routes are saved too
  • file (required) – Route file on the filestore
  • action (required) – Add or Delete (del)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Add IPv6 routes from filestore:

PUT /api/app/v1/net/route6/load?location=myfilestore&file=ipv6_rules.txt&action=add HTTP/1.1

Accept: text/html

Example 1 - Response: Add IPv6 routes from filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "Total added 1 routes. 0 failed."
}

Example 2 - Request: Delete IPv6 routes from filestore:

PUT /api/app/v1/net/route6/load?location=myfilestore&file=ipv6_rules.txt&action=del HTTP/1.1

Accept: text/html

Example 2 - Response: Delete IPv6 routes from filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "Total deleted 1 routes. 0 failed."
}
PUT /api/app/v1/net/route6/save

Save multiple IPv6 routes to filestore server.

New in version 1.0.

Query Parameters:
 
  • location (required) – Filestore alias name
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Save IPv6 routes to a filestore:

PUT /api/app/v1/net/route6/save?location=myfilestore HTTP/1.1
Accept: text/html

Example 1 - Response: Save IPv6 routes to a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'Route6_mason67_20170502104420.txt' has been saved to ftp://anonymous@10.206.6.131/."
}

Example 2 - Request: Invalid filestore:

PUT /api/app/v1/net/route6/save?location=notmyfilestore HTTP/1.1
Accept: text/html

Example 2 - Response: Invalid filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Alias notmyfilestore does not exist.",
  "Status": "Failure"
}
GET /api/app/v1/net/route6_list

Get static IPv6 route list.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get IPv6 routes:

GET /api/app/v1/net/route6_list HTTP/1.1
Accept: text/html

Example 1 - Response: Get IPv6 routes:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "route_list": [
    {
      "dest": "2804:10:206:4::",
      "gateway": "2017::0002",
      "interface": "c",
      "module": "app",
      "prefix": "64",
      "valid": "Y"
    }
  ]
}
GET /api/app/v1/net/route_list

Get static IPv4 route.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get IPv4 routes:

GET /api/app/v1/net/route_list HTTP/1.1
Accept: text/html

Example 1 - Response: Get IPv4 routes:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "route_list": [
    {
      "dest": "30.10.0.0",
      "gateway": "10.206.7.254",
      "interface": "c",
      "mask": "255.255.0.0",
      "valid": "Y"
    }
  ]
}
GET /api/app/v1/net/route_list/component

Get Ipv4 component route list.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get IPv4 component routes:

GET /api/app/v1/net/route_list/component HTTP/1.1
Accept: text/html

Example 1 - Response: Get IPv4 component routes:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "route_list": [
    {
      "dest": "40.10.0.0",
      "mask": "255.255.0.0",
      "module": "proxy",
      "valid": "Y"
    }
  ]
}
GET /api/app/v1/net/routes

Download routes from filestore.

New in version 1.0.

Note

This API call doesn’t use basic auth. Use the login API from the Authentication module to get a token.

Query Parameters:
 
  • location (required) – Filestore alias the routes are saved too
  • type (required) – Type of route to download. ipv4 or ipv6
  • token (required) – Authentication Token
Response Headers:
 
Status Codes:

Example 1 - Request: Download IPv4 routes:

GET /api/app/v1/net/route?location=myfilestore&type=ipv4&token=<AUTH_TOKEN> HTTP/1.1
Accept: text/html

Example 1 - Response: Download IPv4 routes:

HTTP/1.1 200 OK
Content-Type: text/plain

<ROUTES_FILE_CONTENT>
POST /api/app/v1/net/routes

Upload multiple routes (IPv4 or IPv6) from web browser.

New in version 1.0.

Note

This API call uses form data. Craft your requests accordingly.

Note

This API call doesn’t use basic auth. Use the login API from the Authentication module to get a token.

Query Parameters:
 
  • type (required) – Type of routes (IPv4 or IPv6)
  • file (required) – Route file on the filestore
  • action (required) – Add or Delete(del)
  • token (required) – Auth token
Response Headers:
 
Status Codes:

Example 1 - Request: Add IPv4 routes from file:

POST /api/app/v1/net/routes HTTP/1.1

--form 'file=@/root/routes4.txt' --form 'type=ipv4' --form 'action=add'
Accept: text/plain

Example 1 - Response: Add IPv4 routes from file:

HTTP/1.1 200 OK
Content-Type: text/html
<html><head>{"success" : true}</head></html>
GET /api/app/v1/net/status/(module)/(interface)

Returns physical interface status (enabled or disabled).

New in version 1.0.

Parameters:
  • module (required) – Module that contains the interface
  • interface (required) – Interface to check
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get interface status:

GET /api/app/v1/net/wcg/eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Get interface status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "status": "up"
}
GET /api/app/v1/net/virtual

Gets the virtual interface mapping for the appliance.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get virtual interface mapping V10K/V20K**:

GET /api/app/v1/net/virtual HTTP/1.1
Accept: text/html

Example 1 - Response: Get virtual interface mapping V10K/V20K**:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "virt_interfaces": {
    "esg.eth0": "br-e1",
    "esg.eth1": "br-e2",
    "esg.internal": "br-mgmt",
    "eth0": "br-main",
    "na.eth0": "br-n",
    "na.internal": "br-mgmt",
    "wcg.eth0": "br-p1",
    "wcg.eth1": "br-p2",
    "wcg.internal": "br-mgmt",
    "wse.internal": "br-mgmt"
  }
}
GET /api/app/v1/net/vswitch/priority

Retrieves Rapid Spanning Tree Protocol priority for the switch the physical interface is on.

New in version 1.0.

Note

This is only available on the X Series

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get RSTP priority:

GET /api/app/v1/net/vswitch/priority HTTP/1.1
Accept: text/html

Example 1 - Response: Get RSTP priority:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "rstp_priority": "61440"
}
PUT /api/app/v1/net/vswitch/priority/(priority)

Sets Rapid Spanning Tree Protocol priority.

New in version 1.0.

Note

This is only available on the X Series

Note

The default for the appliance is the lowest priority, 61440

Parameters:
  • priority (required) – RSTP priority of the bridge. Must be between 0 and 61440, and a multiple of 4096
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set RSTP priority:

PUT /api/app/v1/net/vswitch/priority/57344 HTTP/1.1
Accept: text/html

Example 1 - Response: Set RSTP priority:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/net/vswitch/status

Retrieves Rapid Spanning Tree Protocol status.

New in version 1.0.

Note

This is only available on the X Series

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get RSTP status:

GET /api/app/v1/net/vswitch/status HTTP/1.1
Accept: text/html

Example 1 - Response: Get RSTP status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "P1": {
    "state": "active"
  },
  "P2": {
    "state": "standby"
  }
}
GET /api/app/v1/polling/bandwidth

Get bandwidth stats for a module and appliance interfaces.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get appliance bandwidth stats:

GET /api/app/v1/polling/bandwidth HTTP/1.1
Accept: text/html

Example 1 - Response: Get appliance bandwidth stats:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Bonded Interfaces E2, P2": {
    "b_recv": "84325549",
    "b_sent": "2059375",
    "drop_in": "4325",
    "drop_out": "0",
    "err_in": "0",
    "err_out": "0",
    "in": "0.01",
    "mac_addr": "44:a8:42:48:2a:9c",
    "out": "0.00",
    "p_recv": "100979",
    "p_sent": "32028",
    "speed": "1000Mb/s",
    "status": "True"
  },
  "C": {
    "b_recv": "10550315",
    "b_sent": "9359403",
    "drop_in": "32",
    "drop_out": "0",
    "err_in": "0",
    "err_out": "0",
    "in": "0.02",
    "mac_addr": "2e:c7:08:36:99:8c",
    "out": "0.03",
    "p_recv": "76028",
    "p_sent": "65276",
    "speed": "0Mb/s",
    "status": "True"
  },
  "N": {
    "b_recv": "342",
    "b_sent": "2883142",
    "drop_in": "0",
    "drop_out": "0",
    "err_in": "0",
    "err_out": "0",
    "in": "0.00",
    "mac_addr": "96:08:83:f5:e6:15",
    "out": "0.01",
    "p_recv": "5",
    "p_sent": "37346",
    "speed": "10000Mb/s",
    "status": "True"
  },
  "P1": {
    "b_recv": "3114",
    "b_sent": "1397298",
    "drop_in": "0",
    "drop_out": "0",
    "err_in": "0",
    "err_out": "0",
    "in": "0.00",
    "mac_addr": "7e:ee:e7:70:e2:45",
    "out": "0.00",
    "p_recv": "35",
    "p_sent": "18096",
    "speed": "10000Mb/s",
    "status": "True"
  }
}
GET /api/app/v1/polling/cpu

Get CPU usage stats.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get CPU stats:

GET /api/app/v1/polling/cpu HTTP/1.1
Accept: text/html

Example 1 - Response: Get CPU stats:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "cpu_usage": [
    "Total=2.8%",
    "CPU-0=2.0%",
    "CPU-1=1.0%",
    "CPU-2=2.0%",
    "CPU-3=0.0%",
    "CPU-4=3.0%",
    "CPU-5=0.0%",
    "CPU-6=5.0%",
    "CPU-7=1.0%",
    "CPU-8=1.0%",
    "CPU-9=1.0%",
    "CPU-10=2.0%",
    "CPU-11=0.0%",
    "CPU-12=0.0%",
    "CPU-13=1.0%",
    "CPU-14=0.0%",
    "CPU-15=0.0%",
    "CPU-16=0.0%",
    "CPU-17=1.0%",
    "CPU-18=0.0%",
    "CPU-19=0.0%",
    "CPU-20=0.0%",
    "CPU-21=1.0%",
    "CPU-22=1.0%",
    "CPU-23=1.0%"
  ]
}
GET /api/app/v1/polling/disk

Get diskspace.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get diskspace:

GET /api/app/v1/polling/disk HTTP/1.1
Accept: text/html

Example 1 - Response: Get diskspace:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Fingerprinting": {
    "free": "16G",
    "rate": "0%",
    "total": "16G",
    "used": "0"
  },
  "Proxy Cache": {
    "free": "16G",
    "rate": "0%",
    "total": "16G",
    "used": "0"
  },
  "System": {
    "free": "92G",
    "rate": "21%",
    "total": "120G",
    "used": "24G"
  }
}
GET /api/app/v1/polling/diskio

Get diskio stats.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get diskio stats:

GET /api/app/v1/polling/diskio HTTP/1.1
Accept: text/html

Example 1 - Response: Get diskio stats:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "iops": {
    "Fingerprinting": "0io/s",
    "System": "326io/s"
  }
}
GET /api/app/v1/polling/mem

Get memory usage stats.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get memory usage stats:

GET /api/app/v1/polling/mem HTTP/1.1
Accept: text/html

Example 1 - Response: Get memory usage stats:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "MTOTAL": "12599218176",
  "MUSED": "5814579200",
  "MUSEDPRC": "46"
}
PUT /api/app/v1/schedule_upload_cleanup

Creates a cron job to cleanup any stranded uploads due to cancels.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Schedule upload cleanup:

PUT /api/app/v1/schedule_upload_cleanup HTTP/1.1
Accept: text/html

Example 1 - Response: Schedule upload cleanup:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/snmp/(s_type)/(status)

Enable/disable SNMP monitor or trap.

New in version 1.0.

Parameters:
  • s_type (required) – Type to act upon (monitor, trap)
  • status (required) – (enabled or disabled)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Enable SNMP monitoring:

PUT /api/app/v1/snmp/monitor/enabled HTTP/1.1
Accept: text/html

Example 1 - Response: Enable SNMP monitoring:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Disable SNMP monitoring:

PUT /api/app/v1/snmp/monitor/disabled HTTP/1.1
Accept: text/html

Example 2 - Response: Disable SNMP monitoring:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Enable SNMP traps:

PUT /api/app/v1/snmp/trap/enabled HTTP/1.1
Accept: text/html

Example 3 - Response: Enable SNMP traps:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 4 - Request: Enable SNMP monitor before configuring SNMP monitoring:

PUT /api/app/v1/snmp/monitor/enabled HTTP/1.1
Accept: text/html

Example 4 - Response: Enable SNMP monitor before configuring SNMP monitoring:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Required SNMP type not specified",
    "Status": "Failure"
}
PUT /api/app/v1/snmp/(snmp_mon_trap)

Set the SNMP configuration.

New in version 1.0.

Note

Some parameters are required for certain versions of SNMP or if you are configuring monitor vs. trap. To know which parameters are required per version consult with the SNMP documentation.

Parameters:
  • snmp_mon_trap (required) – Type to act upon (monitor, trap)
Query Parameters:
 
  • type – Type/version of SNMP to set (v1, v2c, v3)
  • community – Community name, length(4 < name < 64), no spaces allowed
  • ip – IP address of the server to send SNMP data to
  • ip – Port on the server to connect to
  • authentication – Authentication for the server
  • encrypt – Type of encryption to use ex: (None, des)
  • security_level – SNMP v3 security level
  • user – Username for authentication
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set basic SNMP v1:

PUT /api/app/v1/snmp/monitor\?type\=v1\&community\=mysnmp HTTP/1.1
Accept: text/html

Example 1 - Response: Set basic SNMP v1:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set SNMP v3 with authPriv security level:

PUT /api/app/v1/snmp/monitor?type=v3&username=tsnmpser&securitylevel=authPriv&encrypt=des&&encrypt_key=mypassword&authentication=md5&password=mypassword HTTP/1.1
Accept: text/html

Example 2 - Response: Set SNMP v3 with authPriv security level:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/snmp/events

Show SNMP trap event lists for appliance or module.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get SNMP event list:

GET /api/app/v1/snmp/events HTTP/1.1
Accept: text/html

Example 1 - Response: Get SNMP event list:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "app": [
      {
         "class": "System resource",
         "clear_capable": "yes",
         "description": "CPU usage",
         "enabled": "yes",
         "interval": "60",
         "name": "CPU usage",
         "oid": "cpuMaxUsageExceed",
         "subclass": "system",
         "threshold1": {
            "current": "90",
            "default": "90",
            "description": "Exceeds",
            "name": "extremum",
            "range": "95,90,80,70,60,50;;%",
            "settable": "yes"
         },
         "threshold2": {
            "current": "1",
            "default": "1",
            "description": "for",
            "name": "duration",
            "range": "1,2,5,10,15,20;; min",
            "settable": "yes"
         }
      }
    ]
}
PUT /api/app/v1/snmp/events/import
Apply SNMP trap events to snmpd server from filename.
The contents of the file at the supplied filename should contain full event JSON. If loading is successful its content will replace those of snmp_events.json.

Note

Currently a user has no method of manually loading SNMP events to this location. This is currently for upgrade only.

New in version 1.0.

Query Parameters:
 
  • filename (required) – Filename of the file containing snmp events.
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Import SNMP trap events from local file:

PUT /api/app/v1/snmp/events/import?filename=myevents.json HTTP/1.1
Accept: text/html

Example 1 - Response: Import SNMP trap events from local file:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/snmp/events/load

Load SNMP trap events from filestore server.

Note

The file must be yaml formatted.

New in version 1.0.

Query Parameters:
 
  • location (required) – Configured filestore alias
  • file (required) – File on the filestore containing SNMP events
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Load SNMP trap events from filestore:

PUT /api/app/v1/snmp/events/load?location=<ALIAS>&file=<FILENAME> HTTP/1.1
Accept: text/html

Example 1 - Response: Load SNMP trap events from filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/snmp/events/load_json

Load SNMP trap events from JSON parameter.

Note

Use primarily by FSAM

New in version 1.0.

JSON Parameters:
 
  • events_data (required) – SNMP events in JSON format
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Load SNMP trap events:

PUT /api/app/v1/snmp/events/load_json HTTP/1.1
Accept: application/json

Example 1 - Response: Load SNMP trap events:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/snmp/events/save

Save SNMP trap events to filestore server for editing or later use.

New in version 1.0.

Query Parameters:
 
  • location (required) – Configured filestore alias
  • default (required) – Save default traps (yes, no)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Save SNMP config to a filestore:

PUT /api/app/v1/snmp/events/save?location=<ALIAS>&default=yes HTTP/1.1
Accept: text/html

Example 1 - Response: Save SNMP config to a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'Trap_mason67_default.yml' has been saved to ftp://anonymous@10.206.6.131/."
}
PUT /api/app/v1/snmp/mib/save

Save SNMP trap events to filestore server.

New in version 1.0.

Query Parameters:
 
  • location (required) – Filestore alias
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Save SNMP MIB to filestore:

PUT /api/app/v1/snmp/mib/save?location=<ALIAS> HTTP/1.1
Accept: text/html

Example 1 - Response: Save SNMP MIB to filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Info": "'WBSN-APPLIANCE-MIB.txt' has been saved to ftp://filestore@192.168.1.100/."
}
GET /api/app/v1/snmp/monitor

Get SNMP monitor config.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get SNMP monitor config:

GET /api/app/v1/snmp/monitor HTTP/1.1
Accept: text/html

Example 1 - Response: Get SNMP monitor config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "authentication": "SHA",
  "community": "public",
  "encrypt": "AES",
  "encrypt_key": "************",
  "password": "********",
  "securitylevel": "authPriv",
  "status": "disabled",
  "type": "v3",
  "username": "snmpUser"
}

Example 2 - Request: Get SNMP monitor config before SNMP monitor configuration:

GET /api/app/v1/snmp/monitor HTTP/1.1
Accept: text/html

Example 2 - Response: Get SNMP monitor config before SNMP monitor configuration:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "status": "disabled"
}
GET /api/app/v1/snmp/trap

Get SNMP trap config.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get SNMP trap config:

GET /api/app/v1/snmp/trap HTTP/1.1
Accept: text/html

Example 1 - Response: Get SNMP trap config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "community": "pupblic",
  "ip_address": "10.206.6.89",
  "port": "162",
  "status": "enabled",
  "type": "v2c"
}

Example 2 - Request: Get SNMP trap config before SNMP trap configuration:

GET /api/app/v1/snmp/trap HTTP/1.1
Accept: text/html

Example 2 - Response: Get SNMP trap config before SNMP trap configuration:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "status": "disabled"
}
GET /api/app/v1/snmp/trap/backup

Send a backup trap to configured SNMP trap recipient.

Note

Use primarily by FSAM

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Send backup trap:

GET /api/app/v1/snmp/trap/backup HTTP/1.1
Accept: text/html

Example 1 - Response: Send backup trap:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/snmp/trap/test

Send a test trap to configured SNMP trap recipient.

New in version 1.0.

Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Send a test SNMP trap:

GET /api/app/v1/snmp/trap/test HTTP/1.1
Accept: text/html

Example 1 - Response: Send a test SNMP trap:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/snmp/trap/test_before_save

Send a test trap with data to validate SNMP trap server.

Note

Use primarily by FSAM

New in version 1.0.

Query Parameters:
 
  • ip_address (required) – IP address to SNMP trap server
  • port (required) – Port on the server to connect to
  • status (required) – SNMP status
  • type (required) – Type/version of SNMP to set (v1, v2c, v3)
  • community – Community name, length(4 < name < 64), no spaces allowed
  • securitylevel – SNMP v3 security level
  • username – Username for authentication
  • engine_id – SNMP engine id
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Send a test SNMP trap without configuring SNMP:

PUT /api/app/v1/snmp/trap/test_before_save?status=enabled&type=v1&community=public&ip_address=<IP>&port=162 HTTP/1.1
Accept: text/html

Example 1 - Response: Send a test SNMP trap without configuring SNMP:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/(module)
GET /api/app/v1/sys

Get information about appliance or a module.

New in version 1.0.

Warning

This call for modules is not available on appliance version 8.3.

Parameters:
  • module (optional) – Module to get information about (wcg, wse, na, esg).
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get appliance information:

GET /api/app/v1/sys HTTP/1.1
Accept: text/html

Example 1 - Response: Get appliance information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "appliance": {
    "NA": {
      "hostname": "mason67"
    },
    "WCG": {
      "hostname": "mason67-wcg"
    },
    "WSE": {
      "hostname": "mason67"
    },
    "appliance_version": "8.4.0",
    "hardware_platform": "Virtual",
    "hostname": "mason67",
    "mode": "Forcepoint Web Security",
    "policy_mode": "Filtering only (hosts only Filtering Service and Content Gateway)",
    "policy_source_ip": "10.206.6.68",
    "uptime": "5 days, 23 hours, 7 minutes"
  }
}

Example 2 - Request: Get proxy information:

GET /api/app/v1/sys/wcg HTTP/1.1
Accept: text/html

Example 2 - Response: Get proxy information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "wcg": {}
}
PUT /api/app/v1/sys/(module)/control/(command)
PUT /api/app/v1/sys/control/(command)

Service control for appliance and modules.

New in version 1.0.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe.

Parameters:
  • module (optional) – Module to execute service command on. If omitted the action is executed on the appliance.
  • command (required) – Command to perform. Options (start, stop, restart, shutdown, reboot).
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Restart network agent:

PUT /api/app/v1/sys/na/control/restart HTTP/1.1
Accept: text/html

Example 1 - Response: Restart network agent:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Response": "<NA RESPONSE>"
}

Example 2 - Request: Reboot appliance:

PUT /api/app/v1/sys//control/reboot HTTP/1.1
Accept: text/html

Example 2 - Response: Reboot appliance:

HTTP/1.1 404 Page Not Found
DELETE /api/app/v1/sys/(module)/disable

Disable specified module.

New in version 1.0.

Parameters:
  • module (required) – Module to disable
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Disable proxy:

DELETE /api/app/v1/sys/wcg/disable HTTP/1.1
Accept: text/html

Example 1 - Response: Disable proxy:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/sys/(module)/enable

Enables specified module.

New in version 1.0.

Parameters:
  • module (required) – Module to enable
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Enable proxy:

PUT /api/app/v1/sys/wcg/enable HTTP/1.1
Accept: text/html

Example 1 - Response: Enable proxy:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/(module)/status

Get the status of services in the specified module.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get proxy status:

GET /api/app/v1/sys/wcg/status HTTP/1.1
Accept: text/html

Example 1 - Response: Get proxy status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Analytics Server": "Stopped",
  "Content Cop": "Running",
  "Content Gateway": "Running",
  "Content Gateway Manager": "Running",
  "Endpoint Authentication Server": "Running"
}
GET /api/app/v1/sys/(module)/version

Shows the version of the module.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get proxy version:

GET /api/app/v1/sys/wcg/version HTTP/1.1
Accept: text/html

Example 1 - Response: Get proxy version:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "version": "8.4.0"
}
PUT /api/app/v1/sys/access

Enable or disable SSH access.

New in version 1.0.

Query Parameters:
 
  • enabled (required) – (true, false)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Enable SSH:

PUT /api/app/v1/sys/access?enabled=True HTTP/1.1
Accept: text/html

Example 1 - Response: Enable SSH:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "enabled": true
}

Example 1 - Request: Disable SSH:

PUT /api/app/v1/sys/access?enabled=False HTTP/1.1
Accept: application/json

Example 1 - Response: Disable SSH:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "enabled": false
}
GET /api/app/v1/sys/access

Get the configured SSH status.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get SSH status:

GET /api/app/v1/sys/access HTTP/1.1
Accept: text/html

Example 1 - Response: Get SSH status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "enabled": "True"
}
GET /api/app/v1/sys/account/(user)

Access account information.

Note

Data varies by user

New in version 1.0.

Parameters:
  • user (required) – User name to get information on (tech-support, email, audit)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get disabled tech-support user information:

GET /api/app/v1/sys/account/tech-support HTTP/1.1
Accept: text/html

Example 1 - Response: Get disabled tech-support user information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "hostname": "mason67"
}

Example 2 - Request: Get enabled tech-support user information:

GET /api/app/v1/sys/account/tech-support HTTP/1.1
Accept: text/html

Example 2 - Response: Get enabled tech-support user information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "account": "tech-support",
  "hostname": "mason67",
  "passcode": "<PASSCODE>",
  "timeout": "240"
}
PUT /api/app/v1/sys/account/(user)

Modify account properties.

New in version 1.0.

Parameters:
  • user (requred) – User to modify (tech-support, email, audit)
Query Parameters:
 
  • password (optional) – New password
  • enabled (optional) – (True, False)
  • email (optional) – Email address (only available for email user)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Enable audit user:

PUT /api/app/v1/sys/account/audit?enabled=True HTTP/1.1
Accept: text/html

Example 1 - Response: Enable audit user:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Success": "Password was updated, audit"
}

Example 2 - Request: Set appliance email:

PUT /api/app/v1/sys/account/email?email=<EMAIL_ADDR> HTTP/1.1
Accept: text/html

Example 2 - Response: Set appliance email:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Success": "Appliance email updated"
}

Example 3 - Request: Enable tech-support user:

PUT /api/app/v1/sys/account/tech-support?enabled=True HTTP/1.1
Accept: text/html

Example 3 - Response: Enable tech-support user:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "account": "tech-support",
  "passcode": "<PASSCODE>",
  "timeout": "240"
}
GET /api/app/v1/sys/account/(user)/history

Get account history for a user.

Note

Currenly only available for tech-support user.

New in version 1.0.

Parameters:
  • user (required) – User name to get information on (tech-support)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get tech-support user history:

GET /api/app/v1/sys/account/tech-support/history HTTP/1.1
Accept: text/html

Example 1 - Response: Get tech-support user history:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "history": []
}
PUT /api/app/v1/sys/account/admin

Update admin password.

New in version 1.0.

Query Parameters:
 
  • password (required) – New password
Response Headers:
 
Status Codes:
Accepted Authorization:
 

super-admin

Example 1 - Request: Set admin password:

PUT /api/app/v1/sys/account/admin?password=<PASSWORD> HTTP/1.1
Accept: text/html

Example 1 - Response: Set admin password:

HTTP/1.1 200 OK
Content-Type: application/json

{
 "Success": "Password was updated, admin"
}
PUT /api/app/v1/sys/account/admin/forgotpwd

Initialize password recovery. You will either be provided a code to contact tech support, or, if you have an SMTP server setup you will be emailed your password.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Password recovery for admin user with no SMTP server configured:

PUT /api/app/v1/sys/account/admin/forgotpwd HTTP/1.1
Accept: text/html

Example 1 - Response: Password recovery for admin user with no SMTP server configured:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Result": "There is no SMTP host configured and/or there is no email address configured. $To reset your password, please contact Technical Support and provide this security code: MU3H9M4S$"
}
DELETE /api/app/v1/sys/account/email

Delete appliance email setting.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Delete email setting:

DELETE /api/app/v1/sys/account/email HTTP/1.1
Accept: text/html

Example 1 - Response: Delete email setting:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/sys/account/smtp

Delete SMTP configuration.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Delete SMTP configuration:

DELETE /api/app/v1/sys/account/smtp HTTP/1.1
Accept: application/json

Example 1 - Response: Delete SMTP configuration:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/sys/account/smtp

Sets SMTP configuration.

New in version 1.0.

Query Parameters:
 
  • host (required) – Hostname or IP address of SMTP server
  • port (optional) – Port for SMTP server. Defaults to 25
  • user (optional) – User to authenticate with against the SMTP server
  • password (optional) – Password for user
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Setup SMTP configurtion:

PUT /api/app/v1/sys/account/smtp?host=10.206.12.219&port=25&user=<USER>&password=<PASSWORD>"HTTP/1.1
Accept: text/html

Example 1 - Response: Setup SMTP configuration:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/account/smtp

Shows SMTP configuration

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Show SMTP configuration:

GET /api/app/v1/sys/account/smtp HTTP/1.1
Accept: text/html

Example 1 - Response: Show SMTP configuration:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "auth": true,
  "host": "10.206.12.219",
  "mailaddr": "user100@gperkins.net",
  "password": "****",
  "port": 25,
  "user": "User100@esgregression.org"
}
PUT /api/app/v1/sys/cert/(cert_type)/url_add

Add user certificate (stored on filestore) to the appliance. The user must exist on the system before adding the certificate.

New in version 1.0.

Parameters:
  • username (required) – Username of single user to view the certificates of.
  • name (required) – Name of the certificate as it is on the filestore.
  • url (required) – URL to retrieve cert file from
  • new_name (optional) – Name to save the certificate as on the appliance. If omitted it will use the name parameter.

Note

Duplicate certificate names are not permitted.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

super-admin

Example 1 - Request: Add a new certificate to the appliance:

PUT /api/app/v1/sys/cert/ca/url_add?url=ftp://ftpk:Firewall1@10.206.6.196/ca.cert.pem&name=ca_cert HTTP/1.1
Accept: text/html

Example 1 - Response: Add a new certificate to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Attempt to add a certificate not located on the filestore:

PUT /api/app/v1/sys/cert/ca/url_add?url=ftp://ftpk:Firewall1@10.206.6.16/c.cert.pem&name=ca_cert HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to add a certificate not located on the URL:

HTTP/1.1 404 NOT FOUND
Content-Type: application/json

{
  "Reason": "Certificate c.cert.pem was not found or unable to be retrieved from filestore ftp://10.206.6.196/././c.cert.pem.",
  "Status": "Failure"
}

Example 3 - Request: Attempt to add a duplicate cert:

PUT /api/app/v1/sys/cert/ca/url_add?url=ftp://ftpk:Firewall1@10.206.6.196/ca.cert.pem&name=ca_cert HTTP/1.1
Accept: text/html

Example 3 - Response: Attempt to add a duplicate cert:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Certificate already exists with name ca.cert.pem.",
  "Status": "Failure"
}
PUT /api/app/v1/sys/cert/ca_add

Add ca certificate (stored on filestore) to the appliance.

New in version 1.0.

Parameters:
  • name (required) – Name of the certificate as it is on the filestore.
  • alias (required) – Alias for the filestore.
  • new_name (optional) – Name to save the certificate as on the appliance. If omitted it will use the name parameter.

Note

Duplicate certificate names are not permitted.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

super-admin

Example 1 - Request: Add a new certificate to the appliance:

PUT /api/app/v1/sys/cert/ca_add?alias=myfilestore&name=cert.crt&new_name=new.crt HTTP/1.1
Accept: text/html

Example 1 - Response: Add a new certificate to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Attempt to add a certificate not located on the filestore:

PUT /api/app/v1/sys/cert/ca_add?alias=myfilestore&name=missing.crt HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to add a certificate not located on the filestore:

HTTP/1.1 404 NOT FOUND
Content-Type: application/json

{
  "Reason": "Certificate missing.crt was not found or unable to be retrieved from filestore myfilestore.",
  "Status": "Failure"
}

Example 3 - Request: Attempt to add a duplicate cert:

PUT /api/app/v1/sys/cert/ca_add?alias=myfilestore&name=dupe.crt HTTP/1.1
Accept: text/html

Example 3 - Response: Attempt to add a duplicate cert:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Certificate already exists with name dupe.crt.",
  "Status": "Failure"
}
GET /api/app/v1/sys/cert/ca_list

List all root and intermediate certificates.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

super-admin

Example 1 - Request: View all ca certificates:

GET /api/app/v1/sys/cert/ca_list HTTP/1.1
Accept: text/html

Example 1 - Response: View all ca certificates:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "certificates": [
    {
      "cert_fingerprint": "DC:9D:EA:72:3F:BA:E5:99:14:1E:74:DC:8E:B9:FD:9B:81:E1:8A:FA",
      "cert_name": "cert1.crt",
    },
    {
      "cert_fingerprint": "08:5A:CF:0F:7E:31:C7:60:82:78:06:3A:7F:D2:26:36:57:F2:5F:C8",
      "cert_name": "cert2.crt",
    }
  ]
}
DELETE /api/app/v1/sys/cert/ca_remove

Remove ca certificate.

New in version 1.0.

Parameters:
  • name (required) – Name of the certificate to remove.
Response Headers:
 
Status Codes:
Accepted Authorization:
 

super-admin

Example 1 - Request: Remove a ca certificate:

DELETE /api/app/v1/sys/cert/ca_remove?name=cert.crt HTTP/1.1
Accept: text/html

Example 1 - Response: Remove a ca certificate:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Attempt to remove a non-existent certificate:

DELETE /api/app/v1/sys/cert/ca_remove?name=fake.crt HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to remove a non-existent certificate:

HTTP/1.1 404 NOT FOUND
Content-Type: application/json

{
  "Reason": "Certificate does not exist.",
  "Status": "Failure"
}
PUT /api/app/v1/sys/cert/user_add

Add user certificate (stored on filestore) to the appliance. The user must exist on the system before adding the certificate.

New in version 1.0.

Parameters:
  • username (required) – Username of single user to view the certificates of.
  • name (required) – Name of the certificate as it is on the filestore.
  • alias (required) – Alias for the filestore.
  • new_name (optional) – Name to save the certificate as on the appliance. If omitted it will use the name parameter.

Note

Duplicate certificate names are not permitted.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

super-admin

Example 1 - Request: Add a new certificate to the appliance:

PUT /api/app/v1/sys/cert/user_add?alias=myfilestore&name=cert.crt&username=hhill&new_name=new.crt HTTP/1.1
Accept: text/html

Example 1 - Response: Add a new certificate to the appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Attempt to add a certificate not located on the filestore:

PUT /api/app/v1/sys/cert/user_add?alias=myfilestore&name=missing.crt&username=hhill HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to add a certificate not located on the filestore:

HTTP/1.1 404 NOT FOUND
Content-Type: application/json

{
  "Reason": "Certificate missing.crt was not found or unable to be retrieved from filestore myfilestore.",
  "Status": "Failure"
}

Example 3 - Request: Attempt to add a duplicate cert:

PUT /api/app/v1/sys/cert/user_add?alias=myfilestore&name=dupe.crt&username=hhill HTTP/1.1
Accept: text/html

Example 3 - Response: Attempt to add a duplicate cert:

HTTP/1.1 409 CONFLICT
Content-Type: application/json

{
  "Reason": "Certificate already exists with name dupe.crt.",
  "Status": "Failure"
}
GET /api/app/v1/sys/cert/user_list

List all certificates or a specific user’s certificates.

New in version 1.0.

Parameters:
  • username (optional) – Username of single user to view the certificates of.
Response Headers:
 
Status Codes:
Accepted Authorization:
 

super-admin

Example 1 - Request: View all certificates:

GET /api/app/v1/sys/cert/user_list HTTP/1.1
Accept: text/html

Example 1 - Response: View all certificates:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "certificates": [
    {
      "cert_fingerprint": "DC:9D:EA:72:3F:BA:E5:99:14:1E:74:DC:8E:B9:FD:9B:81:E1:8A:FA",
      "cert_name": "ale.crt",
      "user_name": "ale"
    },
    {
      "cert_fingerprint": "08:5A:CF:0F:7E:31:C7:60:82:78:06:3A:7F:D2:26:36:57:F2:5F:C8",
      "cert_name": "mason.crt",
      "user_name": "megger"
    }
  ]
}

Example 2 - Request: View a single user’s certificates:

GET /api/app/v1/sys/cert/user_list?username=megger HTTP/1.1
Accept: text/html

Example 2 - Response: View a single user’s certificates:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "certificates": [
    {
      "cert_fingerprint": "08:5A:CF:0F:7E:31:C7:60:82:78:06:3A:7F:D2:26:36:57:F2:5F:C8",
      "cert_name": "mason.crt",
      "user_name": "megger"
    }
  ]
}
DELETE /api/app/v1/sys/cert/user_remove

Remove user certificate.

New in version 1.0.

Parameters:
  • name (required) – Name of the certificate to remove.
Response Headers:
 
Status Codes:
Accepted Authorization:
 

super-admin

Example 1 - Request: Remove a user certificate:

DELETE /api/app/v1/sys/cert/user_remove?name=cert.crt HTTP/1.1
Accept: text/html

Example 1 - Response: Remove a user certificate:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Attempt to remove a non-existent certificate:

DELETE /api/app/v1/sys/cert/user_remove?name=fake.crt HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to remove a non-existent certificate:

HTTP/1.1 404 NOT FOUND
Content-Type: application/json

{
  "Reason": "Certificate does not exist.",
  "Status": "Failure"
}
GET /api/app/v1/sys/feedback

Get feedback setting.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get feedback setting:

GET /api/app/v1/sys/feedback HTTP/1.1
Accept: text/html

Example 1 - Response: Get feedback setting:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Feedback": true
}
PUT /api/app/v1/sys/gui_url

Updates the URL to be used for any future GUIs

New in version 1.0.

Query Parameters:
 
  • url (required) – URL to change to
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Change URL:

PUT /api/app/v1/sys/gui_url?url=<NEW_URL> HTTP/1.1
Accept: text/html

Example 1 - Response: Change URL:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/hardware

Get hardware information.

New in version 1.0.

Query Parameters:
 
  • request (optional) – A list of options to filter by. If omitted get all information. Filter options (UUID, name, hardware_model, nics, serial_number)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get hardware information:

GET /api/app/v1/sys/hardware HTTP/1.1
Accept: text/html

Example 1 - Response: Get hardware information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "ApplianceRole": "user",
  "ApplianceVersion": "8.3.0.1198",
  "BIOSInfo": {
    "Revision": "1.5",
    "Version": "1.5.4"
  },
  "CpuModel": "Intel(R) Xeon(R) CPU E5-2620 v3 @ 2.40GHz",
  "ProvisioningMode": "wse-contentgateway",
  "UUID": "4C4C4544-0044-3210-8037-B3C04F323832",
  "hardware_model": "PowerEdge R430",
  "name": "V10KG4",
  "nics": [
    "Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe",
    "Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe",
    "Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe",
    "Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe",
    "Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe",
    "Broadcom Corporation NetXtreme BCM5720 Gigabit Ethernet PCIe"
  ],
  "serial_number": "3D27282"
}
PUT /api/app/v1/sys/hostname

Set the hostname/description on the appliance. This will update the hostname in the containers.

New in version 1.0.

Query Parameters:
 
  • hostname (optional) – Hostname to change to
  • hostname_desc (optional) – Appliance description, limit 100 characters
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set appliance hostname:

GET /api/app/v1/sys/hostname?hostname=myhost HTTP/1.1
Accept: text/html

Example 1 - Response: Set appliance hostname:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set appliance hostname and description:

GET /api/app/v1/sys/hostname?hostname=myhost&hostname_desc=my_host HTTP/1.1
Accept: text/html

Example 2 - Response: Set appliance hostname and description:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/sys/hostname/(module)

Set a module’s hostname.

New in version 1.0.

Query Parameters:
 
  • hostname (required) – Hostname to change the module to
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Warning

This API can only be accessed from the internal endpoint within the appliance.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe.

Example 1 - Request: Set module hostname:

PUT /api/app/v1/sys/hostname/wcg?hostname=kittens HTTP/1.1
Accept: text/html

Example 1 - Response: Set module hostname:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Result": [
    {
      "wcg": true
    },
    {
      "appliance": "<SALT file.line DATA>"
    },
    true
  ]
}
GET /api/app/v1/sys/hostname/descr

Get host description

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get host description:

GET /api/app/v1/sys/feedback HTTP/1.1
Accept: text/html

Example 1 - Response: Get host description:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Feedback": true
}
GET /api/app/v1/sys/integration

Get web integration mode setting.

New in version 1.0.

Deprecated since version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Note

This is only available in Web Filtering and Security mode on a V5K or virtual appliance.

Example 1 - Request: Get integration mode:

GET /api/app/v1/sys/integration HTTP/1.1
Accept: text/html

Example 1 - Response: Get integration mode:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Integration": "WNA"
}

Example 2 - Request: Get integration mode on an invalid appliance:

GET /api/app/v1/sys/integration HTTP/1.1
Accept: text/html

Example 2 - Response: Get integration mode on an invalid appliance:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Integration": null
}
GET /api/app/v1/sys/mode

Get appliance security mode.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get security mode:

GET /api/app/v1/sys/mode HTTP/1.1
Accept: text/html

Example 1 - Response: Get security mode:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "mode": "wse-contentgateway"
}
PUT /api/app/v1/sys/mode/filter

Switches the policy mode to Filtering Only mode.

New in version 1.0.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe.

Query Parameters:
 
  • off_box_ip (required) – IPv4 address of the off box Policy Server
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Change to Filtering Only mode:

PUT /api/app/v1/sys/mode/filter?off_box_ip=10.206.6.68 HTTP/1.1
Accept: text/html

Example 1 - Response: Change to Filtering Only mode:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Result": "Successfully changed to filter mode."
}

Example 2 - Request: Attempt to change to an unreachable off box Policy Server:

PUT /api/app/v1/sys/mode/filter?off_box_ip=10.206.6.69 HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to change to an unreachable off box Policy Server:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Reason": "Change to filter mode FAILED. The Policy Server at 10.206.6.69 did not respond on port 55806.",
  "Status": "Failure"
}
PUT /api/app/v1/sys/mode/lite

Switches the policy mode to User Directory and Filtering Only mode.

New in version 1.0.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe.

Query Parameters:
 
  • off_box_ip (required) – IPv4 address of the off box Policy Broker
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Change to User Directory and Filtering mode:

PUT /api/app/v1/sys/mode/lite?off_box_ip=10.206.6.68 HTTP/1.1
Accept: text/html

Example 1 - Response: Change to User Directory and Filtering mode:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Result": "Successfully changed to full policy mode."
}

Example 2 - Request: Attempt to change to an unreachable off box Policy Broker:

PUT /api/app/v1/sys/mode/lite?off_box_ip=10.206.6.69 HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to change to an unreachable off box Policy Broker:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Reason": "Change to policy lite mode FAILED. The Policy Source at 10.206.6.69 did not respond on port 55806 and/or 55880.",
  "Status": "Failure"
}
PUT /api/app/v1/sys/mode/primary

Switches the policy mode to Full Policy mode.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Change to Full Policy mode:

PUT /api/app/v1/sys/mode/primary HTTP/1.1
Accept: text/html

Example 1 - Response: Change to Full Policy mode:

HTTP/1.1 200 OK
Content-Type: text/html

{
  "Result": "Successfully changed to full policy mode."
}
PUT /api/app/v1/sys/module/account

Change WCG admin password.

New in version 1.0.

Query Parameters:
 
  • password (required) – New WCG password
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Change WCG admin password:

PUT /api/app/v1/sys/module/account?password=<PASSWORD> HTTP/1.1
Accept: text/html

Example 1 - Response: Change WCG admin password:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Success": "Password was updated"
}
GET /api/app/v1/sys/modules

Get a list of available modules on the appliance and their current status.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get available modules:

GET /api/app/v1/sys/modules HTTP/1.1
Accept: text/html

Example 1 - Response: Get available modules:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "na": "RUNNING",
  "wcg": "RUNNING",
  "wse": "RUNNING"
}
GET /api/app/v1/sys/platform

Get hardware platform.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get platform:

GET /api/app/v1/sys/platform HTTP/1.1
Accept: text/html

Example 1 - Response: Get platform:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "platform": "V10KG4"
}
GET /api/app/v1/sys/platform_interfaces

Get available platform interfaces.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get platform interfaces:

GET /api/app/v1/sys/platform_interfaces HTTP/1.1
Accept: text/html

Example 1 - Response: Get platform interfaces:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "interfaces": [
    "C",
    "N",
    "P1",
    "P2",
    "E1",
    "E2"
  ]
}
GET /api/app/v1/sys/policy_server_mode

Get the web policy mode.

New in version 1.0.

Deprecated since version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get policy mode:

GET /api/app/v1/sys/policy_server_mode HTTP/1.1
Accept: text/html

Example 1 - Response: Get policy mode:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "policy_mode": "filter"
}
GET /api/app/v1/sys/proxy

Gets the proxy values in the config.

New in version 1.0.

Deprecated since version 1.0.

Warning

Not sure if this command actually does anything.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get host description:

GET /api/app/v1/sys/proxy HTTP/1.1
Accept: text/html

Example 1 - Response: Get host description:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "ip_address": "10.206.6.68",
  "port": "8081",
  "user": "kitten"
}
PUT /api/app/v1/sys/proxy

Set/unset the proxy values in the config.

New in version 1.0.

Deprecated since version 1.0.

Warning

Not sure if this command actually does anything.

Query Parameters:
 
  • ip_address (required) – IP address of the filestore
  • port (required) – Port to connect to the filestore
  • user (required) – User for the filestore
  • password (required) – Filestore user password
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set proxy config:

PUT /api/app/v1/sys/proxy?ip_address=10.206.6.68&port=8081&password=Firewall1=tx&user=kitten HTTP/1.1
Accept: text/html

Example 1 - Response: Set proxy config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Delete proxy config:

DELETE /api/app/v1/sys/proxy HTTP/1.1
Accept: text/html

Example 1 - Response: Delete proxy config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/sys/proxy

Set/unset the proxy values in the config.

New in version 1.0.

Deprecated since version 1.0.

Warning

Not sure if this command actually does anything.

Query Parameters:
 
  • ip_address (required) – IP address of the filestore
  • port (required) – Port to connect to the filestore
  • user (required) – User for the filestore
  • password (required) – Filestore user password
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set proxy config:

PUT /api/app/v1/sys/proxy?ip_address=10.206.6.68&port=8081&password=Firewall1=tx&user=kitten HTTP/1.1
Accept: text/html

Example 1 - Response: Set proxy config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Delete proxy config:

DELETE /api/app/v1/sys/proxy HTTP/1.1
Accept: text/html

Example 1 - Response: Delete proxy config:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/salt_status

Gives status on if the Salt master and minions are ready

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Salt status:

GET /api/app/v1/sys/salt_status HTTP/1.1
Accept: text/html

Example 1 - Response: Salt is ready:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "is_salt_ready": true
}

Example 2 - Request: Salt status:

GET /api/app/v1/sys/salt_status HTTP/1.1
Accept: text/html

Example 1 - Response: Salt is not ready:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "is_salt_ready": false
}
GET /api/app/v1/sys/status

Get the status of all services in all modules on the appliance.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get system status in Filtering Only mode:

GET /api/app/v1/sys/status HTTP/1.1
Accept: text/html

Example 1 - Response: Get system status in Filtering Only mode:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "NA": {
    "Control Service": "Running",
    "Network Agent": "Running"
  },
  "WCG": {
    "Analytics Server": "Stopped",
    "Content Cop": "Running",
    "Content Gateway": "Running",
    "Content Gateway Manager": "Running",
    "Endpoint Authentication Server": "Running"
  },
  "WSE": {
    "Cloud App Agent": "Running",
    "Control Service": "Running",
    "Filtering Service": "Running"
  }
}
PUT /api/app/v1/sys/sysctl/(param)

Set certain Linux sysctl variables.

New in version 1.0.

Parameters:
  • param (required) – Sysctl variable to cycle. Options (net.ipv4.tcp_timestamps, net.ipv4.tcp_window_scaling)
Query Parameters:
 
  • value (required) – Value to set the variable to
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Cycle sysctl variable:

PUT /api/app/v1/sys/sysctl/net.ipv4.tcp_timestamps?value=0 HTTP/1.1
Accept: text/html

Example 1 - Response: Cycle sysctl variable:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/sysctl/(param)

Get a sysctl value.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get sysctl value:

GET /api/app/v1/sys/sysctl/net.ipv4.ip_forward HTTP/1.1
Accept: text/html

Example 1 - Response: Get sysctl value:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Result": "1"
}
GET /api/app/v1/sys/time/clock

Get system clock time.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get system time:

GET /api/app/v1/sys/time/clock HTTP/1.1
Accept: text/html

Example 1 - Response: Get system time:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "clock": "2017-05-09  14:12:49"
}
PUT /api/app/v1/sys/time/clock

Manually set system clock time. You can configure time, date, or both.

New in version 1.0.

Query Parameters:
 
  • date (optional) – Format - yyyy/mm/dd
  • time (optional) – Format - hh:mm:ss
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set time:

PUT /api/app/v1/sys/time/clock?time=01:02:03 HTTP/1.1
Accept: text/html

Example 1 - Response: Set time:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set date:

PUT /api/app/v1/sys/time/clock?date=2017/05/10 HTTP/1.1
Accept: text/html

Example 2 - Response: Set date:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Incorrect date format:

PUT /api/app/v1/sys/time/clock?date=05/10/2017 HTTP/1.1
Accept: text/html

Example 2 - Response: Incorrect date format:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": [
    "Invalid date value. Format: yyyy/mm/dd"
  ],
  "Status": "Failure"
}
GET /api/app/v1/sys/time/ntp

Get system NTP information.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get NTP information:

GET /api/app/v1/sys/time/clock HTTP/1.1
Accept: text/html

Example 1 - Response: Get NTP information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "server": [
    "time1.google.com"
  ],
  "status": "on"
}
PUT /api/app/v1/sys/time/ntp

Set NTP on a system. You can also enable or disable NTP on a system.

New in version 1.0.

Note

NTP must be enabled to set NTP servers

Query Parameters:
 
  • status (optional) – Use to enable/disable NTP (on or off)
  • server (optional) – list of NTP servers, comma seperated
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Disable NTP:

PUT /api/app/v1/sys/time/ntp?status=off HTTP/1.1
Accept: text/html

Example 1 - Response: Disable NTP:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set NTP server when NTP is enabled:

PUT /api/app/v1/sys/time/ntp?server=time1.google.com%2Ctime2.google.com HTTP/1.1
Accept: text/html

Example 2 - Response: Set NTP server when NTP is enabled:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Set NTP server when NTP is disabled:

PUT /api/app/v1/sys/time/ntp?server=time1.google.com%2Ctime2.google.com HTTP/1.1
Accept: text/html

Example 3 - Response: Set NTP server when NTP is disabled:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "Could not save NTP server settings. The server parameter cannot be used when status is set to 'off'.",
  "Status": "Failure"
}
PUT /api/app/v1/sys/time/ntp/sync

Sync NTP

New in version 1.0.

Note

NTP must be enabled to sync

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Sync NTP:

PUT /api/app/v1/sys/time/ntp/sync HTTP/1.1
Accept: text/html

Example 1 - Response: Sync NTP:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Attempt to Sync Disabled NTP:

PUT /api/app/v1/sys/time/ntp/sync HTTP/1.1
Accept: text/html

Example 2 - Response: Attempt to Sync Disabled NTP:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Reason": "The status of NTP service is off.",
  "Status": "Failure"
}
GET /api/app/v1/sys/time/timezone

Return system timezone.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get system timezone:

GET /api/app/v1/sys/time/clock HTTP/1.1
Accept: text/html

Example 1 - Response: Get system timezone:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "clock": "2017-05-09  14:12:49"
}
PUT /api/app/v1/sys/time/timezone

Set timezone

New in version 1.0.

Note

use the GET /api/app/v1/sys/time/timezone/list call to get a list of timezones

Query Parameters:
 
  • zone (optional) – Zone information
  • index (optional) – Index of timezone from timezone info
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Set system timezone to Central Time with zone parameter:

PUT /api/app/v1/sys/time/timezone?zone=Central%20Time HTTP/1.1
Accept: text/html

Example 1 - Response: Set system timezone to Central Time with zone parameter:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Set system timezone to Central Time with index parameter:

PUT /api/app/v1/sys/time/timezone?index=9 HTTP/1.1
Accept: text/html

Example 2 - Response: Set system timezone to Central Time with index parameter:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 3 - Request: Attempt to set system timezone to vague Central instead of Central Time:

PUT /api/app/v1/sys/time/timezone?zone=Central HTTP/1.1
Accept: text/html

Example 3 - Response: Attempt to set system timezone to vague Central instead of Central Time:

HTTP/1.1 400 BAD REQUEST
Content-Type: application/json

{
  "Data": [
    {
      "timezone": "America/Chicago",
      "zone": "(GMT-06:00) Central Time(US & Canada)",
      "zone_index": 9
    },
    {
      "timezone": "America/Swift_Current",
      "zone": "(GMT-06:00) Central America",
      "zone_index": 12
    },
    {
      "timezone": "Africa/Algiers",
      "zone": "(GMT+01:00) West Central Africa",
      "zone_index": 33
    }
  ],
  "Reason": "Found more then one timezone with 'Central'",
  "Status": "Failure"
}
GET /api/app/v1/sys/time/timezone/list

Return a list of all timezones and data.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get timezone data:

GET /api/app/v1/sys/time/clock HTTP/1.1
Accept: text/html

Example 1 - Response: Get timezone data (full response not shown):

HTTP/1.1 200 OK
Content-Type: application/json

{
  "timezone_list": [
    {
      "timezone": "Pacific/Fiji",
      "zone": "(GMT+12:00) Fiji, Kamchatka, Marshall Is.",
      "zone_index": 84
    },
    {
      "timezone": "Pacific/Kwajalein",
      "zone": "(GMT+12:00) Eniwetok, Kwajalein",
      "zone_index": 85
    },
    {
      "timezone": "Pacific/Enderbury",
      "zone": "(GMT+13:00) Nuku'alofa",
      "zone_index": 86
    }
  ]
}
PUT /api/app/v1/sys/unlock

Removes the lock file that is created during install

New in version 1.0.

Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get upgrade install status:

GET /api/app/v1/sys/unlock HTTP/1.1
Accept: text/html

Example 1 - Response: Get upgrade install status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
POST /api/app/v1/sys/user/authentication

Authenticate a user account by verifying that the account exists and the correct password is supplied.

New in version 1.0.

Form Parameters:
 
  • required username – The username of the account to authenticate
  • required password – Password of the user
Status Codes:

Example 1 - Request: Authenticate user:

POST /api/app/v1/sys/user/authenticate HTTP/1.1
Accept: application/x-www-form-urlencoded

username=user
password=pass

Example 1 - Response: Authenticate user:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": true
}
GET /api/app/v1/sys/user/authorization

Get user account authorization.

New in version 1.0.

Query Parameters:
 
  • username (required) – The username for the account to authorize
Status Codes:

Example 1 - Request: Get user authorization:

GET /api/app/v1/sys/user/authorization?username=megger HTTP/1.1
Accept: text/html

Example 1 - Response: Get user authorization:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "group": [
    "admin"
  ]
}
POST /api/app/v1/sys/user/create

Create a user account on the appliance.

New in version 1.0.

Query Parameters:
 
  • username (required) – The username for the account to create
  • level (required) – The account authorization level (admin, audit)
  • status (optional) – The account status (enabled, disabled), if omitted default to disabled
Status Codes:
Accepted Authorization:
 

super-admin

Example 1 - Request: Create user:

POST /api/app/v1/sys/user/create?username=user&auth_level=audit& status=enabled HTTP/1.1
Accept: text/html

Example 1 - Response: Create user:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
DELETE /api/app/v1/sys/user/delete

Delete a user account.

New in version 1.0.

Query Parameters:
 
  • username (required) – The username for the account to delete
  • force (optional) – set to ‘True’ to force deletion of user and any certificates
Status Codes:
Accepted Authorization:
 

super-admin

Example 1 - Request: Delete user:

DELETE /api/app/v1/sys/user/delete?username=myuser HTTP/1.1
Accept: application/json

Example 1 - Response: Delete user:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}

Example 2 - Request: Delete user with force=True so user and any associated certificates are deleted:

DELETE /api/app/v1/sys/user/delete?username=myuser&force=True HTTP/1.1
Accept: application/json

Example 1 - Response: Delete user with force=True so user and any associated certifcates are deleted:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/sys/user/get

Get user information.

New in version 1.0.

Query Parameters:
 
  • username (optional) – The username of the user to view information about, if omitted view all users
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Get all user information:

DELETE /api/app/v1/sys/user/get?username=myuser HTTP/1.1
Accept: application/json

Example 1 - Response: Get all user information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "users": [
    {
      "authz": [
        {
          "level": "admin",
          "location": "local",
          "status": "enabled"
        }
      ],
      "name": "megger",
      "passwordHash": "$6$CTIrtS73.94N2H6F$Y7hsf5zhDE1qxSNN8U0aAjJ4nx5fccWyPw89i6oex.eXz5dQRmb1gfUVZK7O4ZVGubZaJx772pJszPoeY.Urf/"
    }
  ]
}
PUT /api/app/v1/sys/user/set

Set user account attributes.

Note

Be sure to check appliance documentation for password complexity requirements.

New in version 1.0.

Query Parameters:
 
  • username (required) – The username for the account to modify
  • level (optional) – The account authorization level (admin, audit)
  • status (optional) – The account status (enabled, disabled)
  • password (optional) – The password for the account
Status Codes:
Accepted Authorization:
 

super-admin

Example 1 - Request: Set user attributes:

PUT /api/app/v1/sys/user/set?username=<USERNAME>&auth_level=admin&status=enabled&password=<PASSWORD>HTTP/1.1
Accept: text/html

Example 1 - Response: Set user attributes:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/tools/(module)/arp
GET /api/app/v1/tools/arp

Show the arp table on the appliance or module.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Show arp on the appliance:

GET /api/app/v1/tools/arp HTTP/1.1
Accept: text/html

Example 1 - Response: Show arp on the appliance:

HTTP/1.1 200 OK
Content-Type: text/html

Address                  HWtype  HWaddress           Flags Mask            Iface
wse                      ether   96:99:6d:d2:b4:31   C                     br-mgmt
10.206.6.60              ether   00:50:56:a2:0f:6c   C                     eth0
10.206.6.11              ether   00:50:56:a2:4d:85   C                     eth0
10.206.7.254             ether   00:10:f3:67:08:15   C                     eth0
na                       ether   c2:89:c6:be:5a:82   C                     br-mgmt
wcg                      ether   72:d7:e4:6c:eb:22   C                     br-mgmt
10.206.6.150             ether   00:50:56:a2:73:75   C                     eth0
GET /api/app/v1/tools/(module)/ethtool
GET /api/app/v1/tools/ethtool

Run ethtool command on appliance or a module.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Query Parameters:
 
  • interface (required) – Interface to run ethtool on
  • expression (optional) – Ethtool flag to execute
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run ethtool for eth0 on wcg:

GET /api/app/v1/tools/wcg/ethtool?interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Run ethtool for eth0 on wcg:

HTTP/1.1 200 OK
Content-Type: text/html

Settings for eth0:
        Supported ports: [ ]
        Supported link modes:   Not reported
        Supported pause frame use: No
        Supports auto-negotiation: No
        Advertised link modes:  Not reported
        Advertised pause frame use: No
        Advertised auto-negotiation: No
        Speed: 10000Mb/s
        Duplex: Full
        Port: Twisted Pair
        PHYAD: 0
        Transceiver: internal
        Auto-negotiation: off
        MDI-X: Unknown
        Link detected: yes
GET /api/app/v1/tools/(module)/ifconfig
GET /api/app/v1/tools/ifconfig

Run ifconfig command on the appliance or a module.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Query Parameters:
 
  • interface (optional) – Interface to run ifconfig on
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run ifconfig on C:

GET /api/app/v1/tools/arp HTTP/1.1
Accept: text/html

Example 1 - Response: Run ifconfig on C:

HTTP/1.1 200 OK
Content-Type: text/html

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.206.6.67  netmask 255.255.252.0  broadcast 10.206.7.255
        inet6 fe80::c4c8:2ff:fe9d:2ed8  prefixlen 64  scopeid 0x20<link>
        ether c6:c8:02:9d:2e:d8  txqueuelen 1000  (Ethernet)
        RX packets 86789  bytes 7061978 (6.7 MiB)
        RX errors 0  dropped 242  overruns 0  frame 0
        TX packets 712  bytes 124328 (121.4 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
GET /api/app/v1/tools/(module)/nc
GET /api/app/v1/tools/nc

Run netcat on Centos6 and tcping on Centos7.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Query Parameters:
 
  • dest (required) – Destination ip address to connect to
  • port (required) – Port to connect accross
  • protocol (required) – Protocol to connect on (tcp, udp)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Connect on port 80 to a server:

GET /api/app/v1/tools/nc?dest=10.206.6.60&protocol=tcp&port=80 HTTP/1.1
Accept: text/html

Example 1 - Response: Connect on port 80 to a server:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Connection to 10.206.6.60 80 port [tcp] succeeded!": "10.206.6.60"
}
GET /api/app/v1/tools/(module)/netstat
GET /api/app/v1/tools/netstat

Run netstat -an.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run netstat on the appliance:

GET /api/app/v1/tools/netstat HTTP/1.1
Accept: text/html

Example 1 - Response: Run netstat on the appliance:

HTTP/1.1 200 OK
Content-Type: text/html

NETSTAT OUTPUT
GET /api/app/v1/tools/(module)/nslookup
GET /api/app/v1/tools/nslookup

Run nslookup

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Query Parameters:
 
  • dns (optional) – DNS server to run the lookup against
  • host (required) – Host to perform the nslookup on
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run nslookup on www.google.com:

GET /api/app/v1/tools/nslookup?host=www.google.com HTTP/1.1
Accept: text/html

Example 1 - Response: Run nslookup on www.google.com:

HTTP/1.1 200 OK
Content-Type: text/html

Server:     10.51.80.10
Address:    10.51.80.10#53

Non-authoritative answer:
Name:   www.google.com
Address: 216.58.218.100

Example 2 - Request: Run nslookup on www.google.com on wcg:

GET /api/app/v1/tools/wcg/nslookup?host=www.google.com HTTP/1.1
Accept: text/html

Example 2 - Response: Run nslookup on www.google.com on wcg:

HTTP/1.1 200 OK
Content-Type: text/html

Server:     10.51.80.10
Address:    10.51.80.10#53

Non-authoritative answer:
Name:   www.google.com
Address: 216.58.218.100

Example 3 - Request: Run nslookup on www.google.com with specified DNS server:

GET /api/app/v1/tools/nslookup?host=www.google.com?dns=8.8.8.8 HTTP/1.1
Accept: text/html

Example 3 - Response: Run nslookup on www.google.com with specified DNS server:

HTTP/1.1 200 OK
Content-Type: text/html

Server:     10.51.80.11
Address:    10.51.80.11#53

Non-authoritative answer:
Name:   www.google.com
Address: 216.58.218.100
GET /api/app/v1/tools/(module)/ping
GET /api/app/v1/tools/ping

Run ping.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Query Parameters:
 
  • dest (required) – Destination to ping, can be ip or FQDN
  • interface (optional) – Interface to use in ping test
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Ping 8.8.8.8:

GET /api/app/v1/tools/ping?dest=8.8.8.8 HTTP/1.1
Accept: text/html

Example 1 - Response: Ping 8.8.8.8:

HTTP/1.1 200 OK
Content-Type: text/html

PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=2 ttl=45 time=14.2 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=45 time=13.7 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=45 time=13.7 ms
64 bytes from 8.8.8.8: icmp_seq=5 ttl=45 time=13.7 ms

--- 8.8.8.8 ping statistics ---
5 packets transmitted, 4 received, 20% packet loss, time 4067ms
rtt min/avg/max/mdev = 13.708/13.857/14.238/0.220 ms
GET /api/app/v1/tools/(module)/ping6
GET /api/app/v1/tools/ping6

Run ping6.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Query Parameters:
 
  • dest (required) – IPv6 address to ping
  • interface (optional) – Interface to use in ping test
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run ping6 on 2001:4860:b002::68:

GET /api/app/v1/tools/ping6?dest= HTTP/1.1
Accept: text/html

Example 1 - Response: Run ping6 on 2001:4860:b002::68:

HTTP/1.1 200 OK
Content-Type: text/html

PING 2001:4860:b002::68 56 data bytes
64 bytes from 2001:4860:b002::68: icmp_seq=0 ttl=59 time=58.4 ms
64 bytes from 2001:4860:b002::68: icmp_seq=1 ttl=59 time=56.4 ms
64 bytes from 2001:4860:b002::68: icmp_seq=2 ttl=59 time=62.1 ms
64 bytes from 2001:4860:b002::68: icmp_seq=3 ttl=59 time=56.8 ms
64 bytes from 2001:4860:b002::68: icmp_seq=4 ttl=59 time=56.5 ms
64 bytes from 2001:4860:b002::68: icmp_seq=5 ttl=59 time=59.5 ms

--- ipv6.google.com ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5002ms
rtt min/avg/max/mdev = 56.443/58.329/62.150/2.045 ms, pipe 2
GET /api/app/v1/tools/(module)/route
GET /api/app/v1/tools/route

Run route -n.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run route -n:

GET /api/app/v1/tools/netstat HTTP/1.1
Accept: text/html

Example 1 - Response: Run route -n:

HTTP/1.1 200 OK
Content-Type: text/html

route -n OUTPUT
GET /api/app/v1/tools/(module)/route6
GET /api/app/v1/tools/route6

This function shows the route table for IPv6 (route -A inet6 -n)

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run route6 -n:

GET /api/app/v1/tools/netstat HTTP/1.1
Accept: text/html

Example 1 - Response: Run route6 -n:

HTTP/1.1 200 OK
Content-Type: text/html

route6 -n OUTPUT
GET /api/app/v1/tools/(module)/top
GET /api/app/v1/tools/top

Run top -bn1.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run top on the appliance:

GET /api/app/v1/tools/top HTTP/1.1
Accept: text/html

Example 1 - Response: Run top on the appliance:

HTTP/1.1 200 OK
Content-Type: text/html

TOP OUTPUT
GET /api/app/v1/tools/(module)/traceroute
GET /api/app/v1/tools/traceroute

Run traceroute.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Query Parameters:
 
  • dest (required) – Final target of the traceroute
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run traceroute:

GET /api/app/v1/tools/traceroute?dest=10.206.6.60 HTTP/1.1
Accept: text/html

Example 1 - Response: Run traceroute:

HTTP/1.1 200 OK
Content-Type: text/html

traceroute to 10.206.6.60 (10.206.6.60), 30 hops max, 60 byte packets
 1  10.206.6.60 (10.206.6.60)  1.067 ms  1.170 ms  1.072 ms
GET /api/app/v1/tools/(module)/traceroute6
GET /api/app/v1/tools/traceroute6

Run traceroute6.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Query Parameters:
 
  • dest (required) – Final target of the traceroute
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run traceroute6:

GET /api/app/v1/tools/traceroute6?dest=2001:4860:4860::8888 HTTP/1.1
Accept: text/html

Example 1 - Response: Run traceroute6:

HTTP/1.1 200 OK
Content-Type: text/html

traceroute6 OUTPUT
GET /api/app/v1/tools/(module)/wget
GET /api/app/v1/tools/wget

Run wget.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Query Parameters:
 
  • host (required) – Host to perform the wget on
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run wget on www.google.com:

GET /api/app/v1/tools/wget?host=www.google.com HTTP/1.1
Accept: text/html

Example 1 - Response: Run wget on www.google.com:

HTTP/1.1 200 OK
Content-Type: application/json

{"Error": "STATUS MESSAGE, NOT REAL ERROR"}
GET /api/app/v1/tools/(module)/wget-proxy
GET /api/app/v1/tools/wget-proxy

Run wget -e use_proxy=yes. This function does wget -e use_proxy=yes -e http_proxy=<proxy_ip>:<port> <host>” Required args are the host address, proxy_ip address and port

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Query Parameters:
 
  • host (required) – Host to perform the wget on
  • proxy_ip (required) – IP address of the proxy
  • port (required) – Port to use on the proxy
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run wget on www.google.com through proxy:

GET /api/app/v1/tools/wget?host=www.google.com&proxy_ip=10.206.6.194&port=3128 HTTP/1.1
Accept: text/html

Example 1 - Response: Run wget on www.google.com through proxy:

HTTP/1.1 200 OK
Content-Type: application/json

{"Error": "STATUS MESSAGE, NOT REAL ERROR"}
GET /api/app/v1/tools/ntpq

Run ntpa -p.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run ntpa -p:

GET /api/app/v1/tools/ntpq HTTP/1.1
Accept: text/html

Example 1 - Response: Run ntpq -p:

HTTP/1.1 200 OK
Content-Type: text/html

ntpq -p OUTPUT
GET /api/app/v1/tools/ntpstat

Run ntpa -p.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Run ntpa -p:

GET /api/app/v1/tools/ntpstat HTTP/1.1
Accept: text/html

Example 1 - Response: Run ntpstat:

HTTP/1.1 200 OK
Content-Type: text/html

ntpstat OUTPUT
GET /api/app/v1/tools/tcpdump

Stream the output of tcpdump.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Parameters:
  • module (optional) – Module to perform the command from, if omitted perform the command on the appliance
Query Parameters:
 
  • timeout (required) – Timeout for the stream
  • inteface (optional) – Inteface to listen across
  • expression (optional) – Command line args, such as -v
  • file (optional) – Name of file to save tcpdump
  • location (optional) – Filestore alias to save the pcap file to
  • url (optional) – URL of the location in which to store the tcpdump output
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Stream tcpdump on eth0:

GET /api/app/v1/tools/tcpdump?timeout=30&interface=eth0 HTTP/1.1
Accept: text/html

Example 1 - Response: Stream tcpdump on eth0:

HTTP/1.1 200 OK
Content-Type: text/html

TCPDUMP OUTPUT

Example 2 - Request: Stream tcpdump on eth0 and store pcap on a filestore:

GET /api/app/v1/tools/tcpdump?timeout=20&interface=eth0&location=myfilestore&file=mason.pcap HTTP/1.1
Accept: text/html

Example 2 - Response: Stream tcpdump on eth0 and store pcap on a filestore:

HTTP/1.1 200 OK
Content-Type: application/json

{"Error": "STATUS MESSAGE, NOT REAL ERROR"}
GET /api/app/v1/tools/test_email

Send an email via SMTP to test settings.

Note

Must first configure SMTP settings.

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Send test email:

GET /api/app/v1/tools/test_email HTTP/1.1
Accept: text/html

Example 1 - Response: Send test email:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/upgrade

Get upgrade information for a specific upgrade file.

New in version 1.0.

Query Parameters:
 
  • file (required) – Filename of upgrade/hotfix to get info for
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get upgrade information:

GET /api/app/v1/upgrade/?file=App-Upgrade-8.5.0.iso HTTP/1.1
Accept: text/html

Example 1 - Response: Get upgrade information:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "call": "",
  "dep_app_vers": [
    "8.4.0"
  ],
  "dep_hotfixes": [],
  "dep_vers": [
    "8.4.0"
  ],
  "description": "TEST: Patch that upgrade the Appliance to version v8.5.0",
  "duration": "50 minutes",
  "filename": "App-Upgrade-8.5.0.iso",
  "license": "http://10.206.6.196/download/patches/license.txt",
  "logs": [],
  "md5": "d34fcc5cdb41763b9ad29506e4a526665f2a64be182165b83091dda2fbb65697",
  "method": "script",
  "module": "app",
  "reboot": true,
  "release_date": "",
  "release_note_url": "",
  "size": 3886022656,
  "snapshot": false,
  "snapshot_skip": [],
  "snapsphot_list": [],
  "status": "Downloaded, Ready to Install",
  "time": "1988-01-04 20:58:06",
  "title": "Patch to upgrade Appliance to version v8.5.0",
  "url": "http://10.206.22.199/download/patches/app/App-Upgrade-8.5.0.iso",
  "version": "8.5.0"
}
PUT /api/app/v1/upgrade/license

Mount the install ISO and return information and the license.

Warning

This API call should only be used by a custom application implementing appliance upgrade. Not to be used by the regular user.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Get upgrade license:

PUT /api/app/v1/upgrade/prep_install HTTP/1.1
Accept: text/html

Example 1 - Response: Get upgrade license:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "license": [
     "License strings"
  ]
}
PUT /api/app/v1/upgrade/prep_install

Prepare the appliance for upgrade.

Warning

This API call should only be used by a custom application implementing appliance upgrade. Not to be used by the regular user.

New in version 1.0.

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Prepare an appliance for upgrade:

PUT /api/app/v1/upgrade/prep_install HTTP/1.1
Accept: text/html

Example 1 - Response: Prepare an appliance for upgrade:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/wcg/content_line

Runs WCG’s content_line to configure variables.

Deprecated since version 1.0.

Note

The parameters match the usage of the command line content_line

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

Query Parameters:
 
  • r (required) – Read variable
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Read a variable:

GET /api/app/v1/wcg/content_line?r=proxy.config.diags.debug.enabled HTTP/1.1
Accept: text/html

Example 1 - Response: Read a variable:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "0"
}
PUT /api/app/v1/wcg/content_line

Runs WCG’s content_line to configure variables.

Deprecated since version 1.0.

Note

The paramaters match the useage of the command line content_line

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

Query Parameters:
 
  • s (optional) – Set variable (requires v option)
  • v (optional) – Set value (used with s option)
  • x (optional) – Reread config files (set to on to use)
  • y (optional) – Clear dynamic cert (set to on to use)
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Reread config file:

PUT /api/app/v1/wcg/content_line?x=on HTTP/1.1
Accept: text/html

Example 1 - Response: Reread config file:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/wcg/dpm_status

Get Decrypt Port Mirror status.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get DPM status:

PUT /api/app/v1/wcg/dpm_status HTTP/1.1
Accept: text/html

Example 1 - Response: Get DPM status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "dpm": {
    "proxy.config.ssl_decryption.custom_request_header": "",
    "proxy.config.ssl_decryption.mirror_enabled": 0,
    "proxy.config.ssl_decryption.mirror_interface": "NULL"
  }
}
GET /api/app/v1/wcg/policy_engine

Performs the following for WCG’s policy engine (status)

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Query Parameters:
 
  • status (optional) – Policy Engine status
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get Policy Engine status:

GET /api/app/v1/wcg/policy_engine?command=status HTTP/1.1
Accept: text/html

Example 1 - Response: Get Policy Engine status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "pewd (pid  660) is running..."
}
PUT /api/app/v1/wcg/policy_engine

Performs the following for WCG’s policy engine (start, stop, restart)

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Query Parameters:
 
  • start (optional) – Start Policy Engine
  • stop (optional) – Stop Policy Engine
  • restart (optional) – Restart Policy Engine
Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Restart Policy Engine:

PUT /api/app/v1/wcg/policy_engine?command=restart HTTP/1.1
Accept: text/html

Example 1 - Response: Restart Policy Engine:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
GET /api/app/v1/wcg/print_bypass

Prints WCG bypass list. This is a set of websites that bypass the Content Gateway processing.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

Response Headers:
 
Status Codes:

Example 1 - Request: Get bypass list:

PUT /api/app/v1/wcg/print_bypass HTTP/1.1
Accept: text/html

Example 1 - Response: Get bypass list:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "# Reading the bypass entries ... # There are 0 entries in the source bypass table # There are 0 entries in the destination bypass table # There are 0 entries in the and bypass table"
}
GET /api/app/v1/wcg/proxy_net_check

Proxy Net Check

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WCG container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Check Proxy Network:

PUT /api/app/v1/wcg/proxy_net_check HTTP/1.1
Accept: text/html

Example 1 - Response: Check Proxy Network:

Responses vary
PUT /api/app/v1/wcg/pwd_reset

Resets the Web Content Gateway user password and provides the temporary password.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Reset WCG user password:

PUT /api/app/v1/wcg/pwd_reset HTTP/1.1
Accept: application/json

Example 1 - Response: Reset WCG user password:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "password": "<TEMP_PASSWORD>"
}
GET /api/app/v1/wse/cache_user_names

Get current WISTP configuration settings.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get status:

GET /api/app/v1/wse/cache_user_names?command=status HTTP/1.1
Accept: application/json

Example 1 - Response: Get status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "CacheWISPUsers=off"
}
PUT /api/app/v1/wse/cache_user_names

Enable/disable caching of WISP users.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

resheader Content-Type:
 application/json
status 200:Success
status 401:Access Denied
Accepted Authorization:
 admin

Example 1 - Request: Enable caching:

PUT /api/app/v1/wse/cache_user_names?command=enable HTTP/1.1
Accept: application/json

Example 1 - Response: Enable caching:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}
PUT /api/app/v1/wse/do/(service)

Enable/disable WSE services. This currently only supports State Server or Directory Agent.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin

Example 1 - Request: Disable State Server:

GET /api/app/v1/wse/do/state_server?command=disable HTTP/1.1
Accept: application/json

Example 1 - Response: Disable State Server:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "Stopping Websense State Server ... Waiting for Websense State Server to terminate... Websense State Server stopped successfully."
}

Example 2 - Request: Enable Directory Agent:

GET /api/app/v1/wse/do/directory_agent?command=enable HTTP/1.1
Accept: application/json

Example 2 - Response: Enable Directory Agent:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "Starting Websense Directory Agent... Websense Directory Agent started successfully."
}
GET /api/app/v1/wse/policy_broker_token

Retrieves Policy Broker token.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Retrieve Policy Broker token:

GET /api/app/v1/wse/policy_broker_token HTTP/1.1
Accept: application/json

Example 1 - Response: Reset Policy Broker token:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "<POLICY_BROKER_TOKEN>"
}
GET /api/app/v1/wse/user_group_ip_precedence

Get current User Group IP Precedence configuration setting.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

Response Headers:
 
Status Codes:
Accepted Authorization:
 

admin, audit

Example 1 - Request: Get status:

GET /api/app/v1/wse/user_group_ip_precedence?command=status HTTP/1.1
Accept: application/json

Example 1 - Response: Get status:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "output": "UserGroupIpPrecedence=false"
}
PUT /api/app/v1/wse/user_group_ip_precedence

Enable/disable User Group IP Precedence in AD or get current configuration setting.

Deprecated since version 1.0.

Warning

This command is deprecated and will eventually be replaced with an API call provided by the WSE container

Warning

This command returns unescaped characters such as Unix new line character and octothorpe

resheader Content-Type:
 application/json
status 200:Success
status 401:Access Denied
Accepted Authorization:
 admin

Example 1 - Request: Enable User Group Precedence:

PUT /api/app/v1/wse/user_group_ip_precedence?command=enable HTTP/1.1
Accept: application/json

Example 1 - Response: Enable User Group Precedence:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "Status": "Success"
}