Traffic simulation query

Performs a batch traffic simulation query on a single device or groups of devices.

Required permissions

To perform this request, you must have access to all the firewalls that are relevant for your query results path. Queries will fail if the query goes through a non-permitted device.

Users with permissions to view an entire group can run queries on the group. If you do not have permission to view a group of devices, or the ALL_FIREWALLS group, we recommend that you perform single-device queries on the devices you have permissions to view.

Resource Name: /api/v1/query/

Request Method: POST

Request URL Parameters:

Element

Type

Description
QueryInput

Mandatory

List of QueryRequestData objects

Lists one or more queries to perform.

See QueryRequestData Type table below.

QueryTarget
Mandatory

String

Name of a device or group the query will run on. If empty, the query runs on the entire network and all permitted devices for the user.

QueryRequestData Type:

Element Type Description
Source
Mandatory 		List of strings Source(s) for the query. Multiple values are separated by commas (,).
Destination
Mandatory 		List of strings Destination(s) for the query. Multiple values are separated by commas (,).
Service
Mandatory 		List of strings Service(s) for the query. Multiple values are separated by commas (,).
User
Optional 		List of strings User(s) who created the rule. Multiple values are separated by commas (,).
Application
Optional 		List of strings Application(s) for the rule. Multiple values are separated by commas (,).

Response:

A queryResponse JSON that includes a list of QueryData objects:

Element Type Description

QueryDescription

Mandatory

String Description of query.
QueryHTMLPathMandatory String URL to the results in the UI.

FIPResult

Mandatory

String

One of the following:

  • Unreachable
  • SameZone
  • Routed
  • PartiallyRouted
  • NotExecuted
  • Unknown

QueryResult

Mandatory

String

One of the following:

  • allowed
  • blocked
  • partially allowed
  • not routed

QueryItem

Mandatory

QueryValueResults

List of query value results.

See QueryValueResults type below.

QueryValueResults:

Element Type Description

Device

Mandatory

List of DeviceResult objects List of device results. See DeviceResult type below.

DeviceResult:

Element Type Description

IsAllowed

Mandatory

String

Status information and the number of rules that support it.

For example: Allowed (x1), Blocked (x4), Partially allowed (x4).

DeviceName

Mandatory

String Display name of the device.

Rules

Mandatory

List of QueryRules objects

List of rules.

See QueryRules type below.

QueryRules:

Element Type Description

Rule

Optional

String

Internal AlgoSec Rule ID.

To retrieve the rule ID, call one of the rule APIs, such as get_rules_by_device or search_rules.

Service

Optional

String List of services.

Source

Optional

String List of sources.

Source_Nat

Optional

String List of NAT sources.

Destination

Optional

String List of destinations.

Destination_Nat

Optional

String List of NAT destinations.

Install

Optional

String List of installs.

Action

Optional

String Action.

ACL

Optional

String ACL

Request example 1 

curl -X POST "https://localhost/afa/api/v1/query" -H "accept: */*"  -H "Content-Type: application/json" 
-d "{ "queryInput": [ { "application": [ "string" ], "businessApplicationsData": [ { "businessApplicationFlowId": 0, "businessApplicationId": 0, "businessApplicationName": "string" } ], "defaultValue": [ "string" ], "destination": [ "string" ], "service": [ "string" ], "source": [ "string" ], "user": [ "string" ] } ], "queryTarget": "string"}

Request example 2 

curl -X POST "https://localhost/afa/api/v1/query" -H "accept: */*"  -H "Content-Type: application/json" 
-d "{"queryInput":[{"source":["source1, source2"],"destination":["destination1"],"service":["service1"],"user":["any"],"application":["any"]}],"queryTarget": "ALL_FIREWALLS"}"

Request example 3 

curl -X POST "https://localhost/afa/api/v1/query" -H "accept: */*"  -H "Content-Type: application/json" 
-d "{"queryInput":[{"source":["source1"],"destination":["destination1"],"service":["any"],"user":["any"],"application":["any"]}],"queryTarget": "ALL_FIREWALLS"}"

Response example 1 

{
				"queryResult": [
				{
				"fipResult": "string",
				"queryDescription": "string",
				"queryHTMLPath": "string",
				"queryItem": [
				{
				"deviceName": "string",
				"displayName": "string",
				"isAllowed": "string"
				}
				]
				}
				],
				"queryUIResult": "string"
			}

Response example 2 

{
				"queryUIResult": "https://localhost/fa/query/results/#/work/ALL_FIREWALLS_query-1604784315244/",
				"queryResult": [
				{
				"queryDescription": "source1, source2=>destination1:service1:any:any",
				"fipResult": "Routed",
				"finalResult": "Partially allowed",
				"queryHTMLPath": "https://localhost/fa/query/results/#/work/ALL_FIREWALLS_query-1604784315244/",
				"queryItem": [
				{
				"isAllowed": "Partially allowed (x1)",
				"deviceName": "device1",
				"displayName": "device1displayName",
				"rules": [
				{
				"ruleName": "154",
				"service": [
				"dns"
				],
				"source": [
				"udp",
				"tcp"
				],
				"destination": [
				"any"
				],
				"action": "permit",
				"rule_id": "from_dmz_to_untrust_name_154"
				}
				]
				}
				]
				}
				]
			}

Response example 3 

{
				"queryUIResult": "https://localhost/fa/query/results/#/work/ALL_FIREWALLS_query-1604783998596/",
				"queryResult": [
				{
				"queryDescription": "source1=>destination1:any:any:any",
				"fipResult": "Routed",
				"finalResult": "Partially allowed",
				"queryHTMLPath": "https://localhost/fa/query/results/#/work/ALL_FIREWALLS_query-1604783998596/",
				"queryItem": [
				{
				"isAllowed": "Partially allowed (x6)",
				"deviceName": "device2",
				"displayName": "device2displayName",
				"rules": [
				{
				"service": [
				"http",
				"https"
				],
				"source": [
				"source1",
				"source2"
				],
				"destination": [
				"Any"
				],
				"install": [
				"Any"
				],
				"action": "accept",
				"rule_id": "F96EF307-AD65-4B07-B5DE-4D96F3DD7B1B"
				},
				{
				"service": [
				"TCP"
				],
				"source": [
				"Any"
				],
				"destination": [
				"Any"
				],
				"install": [
				"Any"
				],
				"action": "accept",
				"rule_id": "FD742F4B-1204-457C-ABC1-A97FA02813CA"
				},
				{
				"service": [
				"ssh_version_2",
				"ssh"
				],
				"source": [
				"Any"
				],
				"destination": [
				"Any"
				],
				"install": [
				"Any"
				],
				"action": "accept",
				"rule_id": "7C5A6C8E-CDD4-4560-A8CE-6E2262BD7D18"
				},
				{
				"ruleName": "Dns requests",
				"service": [
				"dns"
				],
				"source": [
				"Any"
				],
				"destination": [
				"Any"
				],
				"install": [
				"Any"
				],
				"action": "accept",
				"rule_id": "90A452CC-EDED-4F39-91F3-65FF4EEDD8E9"
				},
				{
				"service": [
				"UDP",
				"ldap"
				],
				"source": [
				"Any"
				],
				"destination": [
				"Any"
				],
				"install": [
				"Any"
				],
				"action": "accept",
				"rule_id": "1CFBA5A8-1062-4748-A39E-F238C2111D8B"
				},
				{
				"service": [
				"UDP"
				],
				"source": [
				"Any"
				],
				"destination": [
				"Any"
				],
				"install": [
				"Any"
				],
				"action": "accept",
				"rule_id": "2A8FD64E-12B7-4059-9E5A-800E5DEC8F18"
				}
				]
				}
				]
				}
				]
			}