Rules

List all audit rules

Request

Definition

GET /api/v1/audit/rules

Headers

• Authorization required

  Authentication token with privileges to view the resource.

  Bearer {token}

Query string parameters

Parameter	Type	Required	Description
paginate	boolean	No	If the result must be paginated.
page	integer	Yes if paginate is true	Page index.
page_size	integer	Yes if paginate is true	Number of items displayed per page.
rule_id	string	No	Filters operations whose rule_id matches the string entered.
rule_id_list	array<string>	No	Filters operations whose rule_id matches one of those in the list.
timestamp_start	integer	No	Filters operations performed after the date entered.
timestamp_end	integer	No	Filters operations performed before the date entered.
username	string	No	Filters the operations carried out by the user whose name matches the string entered.
username_list	array<string>	No	Filters the operations performed by the user whose name matches any of the list items.
action	string	No	Filters operations whose action performed matches the string entered.
action_list	array<string>	No	Filters the operations performed by the user whose action matches any of the list items.

Response

Status codes

Status code	Message
200	"List of audit rules"
403	"Forbidden"

Body

Attributes

• data.audit_rules.rule_id string

  Identification code of the rule concerned by the operation.

• data.audit_rules.action string

  Executed action.

• data.audit_rules.username string

  Username of the user who performed the operation.

• data.audit_rules.timestamp integer

  Date in which the operation has been performed in UNIX format (microseconds).

• data.audit_rules.enabled boolean

  Indicates if rule has been enabled.

• data.audit_rules.deleted boolean

  Indicates if rule has been deleted.

• data.audit_rules.loaded boolean

  Indicates if rule has been loaded on WAF.

• data.audit_rules.priority string

  Indicates the priority of execution of one rule over another.

• data.audit_rules.start_time integer

  Date on which the rule was enabled.

• data.audit_rules.duration integer

  Rule duration.

Example

{
"data": {
    "audit_rules": [
    {
        "action": "drop",
        "deleted": null,
        "duration": null,
        "enabled": null,
        "loaded": null,
        "priority": null,
        "rule_id": "00.x-2-x.xxxV+pwj.XxxxE6in",
        "start_time": null,
        "timestamp": 1651131896000000,
        "username": "user"
    }
    ]
},
"message": "List of audit rules",
"status": "ok"
}