AFA REST web services

This section describes the AlgoSec Firewall Analyzer REST web services APIs.

Note: To view vulnerability data in AFA device reports, you must either have vulnerability scanners configured in AppViz, or import your vulnerability data manually.

For more details, see Manage vulnerability assessment scanners and Import vulnerability data.

Base URL

There are two types of base URLs and corresponding authentication method:

  • The base URL for most requests is:

    https:://<algosec_server>/afa/api/v1

    where <algosec_server> is the AFA server URL. Most of these APIs are shown in swagger.

    Authentication is through a cookie session. For example:

    curl --cookie "PHPSESSID=g4mgnv4cno9ivt7rclmhmejj27" https://<IP:Port>/afa/api/v1/security_zones/get_profiles_list

    For the value of the PHPSESSID parameter in the request cookie, use the sessionID value received in the login response. See Log in to ASMS .

  • The base URL for the remaining requests is:

    https://<algosec_server>/fa/server

    where <algosec_server> is the AFA server URL. These APIs are not shown in swagger.

    Authentication is through a URL parameter (except for Log in to ASMS ). For example:

    curl -H "Accept:application/json" -k " https://192.168.3.76/fa/server/rules/read?session=c69bcc3e6832149642b32e6f269c82c0&entity=admin

    For the value of the session parameter in the request, use the sessionID value received in the login response. See Log in to ASMS .

Note: For each request, the documentation specifies the base URL and authentication method.

Swagger

The AlgoSec Firewall Analyzer RESTful API includes Swagger support, enabling you to execute simplified API request calls and access full lists of request parameters.

To access Swagger API documentation:

  1. In the toolbar, click your username and click API Documentation.
  2. From the dropdown at the top-right, select one of the following definition options:

    AlgoSec_Firewall_Analyzer

    Controls most central AFA API requests, such as object or device requests

    --Vulnerabilities

    Controls AFA API requests related to vulnerabilites.

     

    --Policy_Optimization Controls AFA APIs related to network rules.
    --Issues_Center Controls AFA APIs related to the ASMS Issues Center
    --Map Control AFA APIs related to the ASMS network map.

Syntax rules

Keep in mind the following syntax rules as you work with the APIs

  • Comma separated multiple items in lists: Lists can be identified by square brackets []. Each item in lists that are comma-separated need to be enclosed in quotes (" "). For example,

    "service": [

    "http","https"

    ]

    Note: In the example above, "service": ["http,https"] is incorrect syntax.

AFA REST API reference

The following table lists the REST APIs supported for AFA. For more details, see EntitiesResponse type and AFA search rule fields.

Login and logout

Log in to ASMS

Log out of ASMS

Analysis and reports

Start an analysis

Retrieve an analysis status

Retrieve a baseline compliance report

Running the Query Troubleshooting Tool

Get all reports

Retrieve last completed report of specified devices

Object and device data

Get a list of network objects

Retrieve network objects and IPs

Retrieve network objects in device

Get network objects by Device

Retrieve service objects

Retrieve parent device

Retrieve service objects

Retrieve interfaces

Identify missing routers

Merge routers

Get details for a specified device

Add/Edit a device

View device parameter templates

Delete a device

Get a list of devices

Get device info about managed devices

Get zones data from a device

Get a list of parents for specified list of child devices

Export list of device changes to XLS file

Bulk update keys of AWS cloud accounts

Get devices routing information

Retrieve a mapping between FQDNs and network objects

Retrieve Network Objects Containing All FQDNs

Retrieve matching network objects by original or canonized name

Risks

Retrieve a risk profile list

Run a Risk Check

Import risk profile from spreadsheet

Update Risk Definitions

Risk Profiles Get a list of user defined risk profiles

Download Risk Profile File

Get Risk Profile Data

Rule data

Retrieves all the rules in a device's or group's policy

Get risky rules

Rules hit count

Add to or edit a rule's documentation

Get a rule's documentation data

Get a list of redundant special case rules

Rules Advanced Search - full

Security zones

Retrieve security zones

Assign zone types to interfaces

User data

Retrieve user data

Retrieve role data

Notification Center Manage AFA notifications

Relocating devices

Relocate devices between nodes

Check device relocation progress

Cancel device relocation

Enable processes after relocation

Traffic Simulation

Traffic Simulation Query

Trusted Traffic

Add a new trusted traffic request

Delete trusted traffic data

Edit trusted traffic data

Export trusted traffic to a CSV or JSON file

Get trusted traffic data

Import trusted traffic rule from XLS

Trust an existing rule

Policy Optimization

Get a list of consolidated rules

Get a list of covered rules

Export covered rules to a CSV

Get a list of disabled rules

Get a list of redundant special case rules

Get a list of unused rules

Get a list of rules without logging

Get a list of unattached objects

Get a list of rules with empty comments

Get a list of permissive rules

URL Categories Get the list of all URL Categories

Create/add URL Categories

Delete URL categories

Remove URL(s) from a specified URL Category

Get the URL(s) of a specified URL Category

Get the IPs of a specified URL

Rename a specified URL Category

Add IPs to URL

Add URLs to a specified URL Category

Edit the URL of a specified URL Category