/recastRiskRule
Methods
Gets the list of Recast Risk Rules across all reps, plugins, and orgs, unless filters are provided.
Fields Parameter
ExpandThe fields parameter should be specified along the query string, and it takes the syntax
?fields=<field>,...
Allowed Fields
*id
**repository
**organization
**user
**plugin
**newSeverity
**hostType
**hostValue
**port
**protocol
**order
**status
**expires
comments
createdTime
modifiedTime
Legend
* = always comes back
** = comes back if fields list not specified on GET all
Filters
ExpandrepositoryIDs=<number>,... DEFAULT 0 (i.e. all Repositories) pluginID=<number> | <string> "all" DEFAULT "all" (i.e. all Plugins) port=<number> | <string> "all" DEFAULT "all" (i.e. all Ports)
Session User is role "1" (administrator)
organizationIDs=<number>,... | <string> "all" DEFAULT "all" (i.e. all Organizations)
Session User is not role "1" (administrator)
organizationIDs=<number>,... | <string> "all" DEFAULT :sessionOrgID:
Example Response
Expand{
"type" : "regular",
"response" : [
{
"id" : "1",
"newSeverity" : "0",
"hostType" : "all",
"hostValue" : "",
"port" : "any",
"protocol" : "any",
"order" : "1",
"expires" : "-1",
"status" : "0",
"repository" : {
"id" : "18",
"name" : "New Rep 1",
"description" : "",
"type" : "Local",
"uuid" : "51C9083D-3AF6-4557-9492-7B25FCF6BAEB"
},
"organization" : {
"id" : "8",
"name" : "Org",
"description" : "Testing for Policies with New Schema",
"uuid" : "2E950182-08B6-4737-830B-4ACC8F6B92F9"
},
"user" : {
"id" : "1",
"username" : "head",
"firstname" : "Security Manager",
"lastname" : "",
"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"
},
"plugin" : {
"id" : "0",
"name" : "Open Port",
"description" : "",
"type" : "active"
}
}
],
"error_code" : 0,
"error_msg" : "",
"warnings" : [],
"timestamp" : 1410281615
}
Adds a Recast Risk Rule to one repository.
Request Parameters
Expand{
"repositories" : [
{
"id" : <number>
}...
],
"plugin" : {
"id" : <number>
},
"newSeverity" : {
"id" : <number> "0" (info) | "1" (low) | "2" (medium) | "3" (high) | "4" (critical)
},
"hostType" : <string> "all" | "asset" | "ip" | "uuid" | "hostUUID",
"port" : <number:1..65535> | <string> "any" DEFAULT "any",
"protocol" : <number:1..> | <string> "any" DEFAULT "any",
"comments" : <string> DEFAULT "",
"expires" : <number> (integer >= -1) DEFAULT -1 (not set),
...
}
hostType "asset"
The "hostValue" parameter should contain a usable, accessible Asset ID.
...
"hostValue" : {
"id" : <number>
}
...
hostType "ip"
The "hostValue" parameter should contain a newline-separated and/or comma-separated list of IPs.
... "hostValue" : <string> ...
hostType "uuid"
The "hostValue" parameter should contain a newline-separated and/or comma-separated list of UUIDs.
... "hostValue" : <string> ...
hostType "hostUUID"
The "hostValue" parameter should contain a newline-separated and/or comma-separated list of UUIDs.
... "hostValue" : <string> ...
Example Response
Expand{
"type" : "regular",
"response" : [
{
"id" : "1",
"newSeverity" : "0",
"hostType" : "all",
"hostValue" : "",
"port" : "any",
"protocol" : "any",
"comments" : "",
"order" : "1",
"status" : "0",
"expires" : "-1",
"createdTime" : "1410281580",
"modifiedTime" : "1410281580",
"repository" : {
"id" : "18",
"name" : "New Rep 1",
"description" : "",
"type" : "Local",
"uuid" : "51C9083D-3AF6-4557-9492-7B25FCF6BAEB"
},
"organization" : {
"id" : "8",
"name" : "Org",
"description" : "Testing for Policies with New Schema",
"uuid" : "2E950182-08B6-4737-830B-4ACC8F6B92F9"
},
"user" : {
"id" : "1",
"username" : "head",
"firstname" : "Security Manager",
"lastname" : "",
"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"
},
"plugin" : {
"id" : "0",
"name" : "Open Port",
"description" : "",
"type" : "active"
}
}
],
"error_code" : 0,
"error_msg" : "",
"warnings" : [],
"timestamp" : 1410281580
}
/recastRiskRule/{id}
Methods
Gets the Recast Risk Rule associated with {id}.
Fields Parameter
ExpandThe fields parameter should be specified along the query string, and it takes the syntax
?fields=<field>,...
Allowed Fields
*id
**repository
**organization
**user
**plugin
**newSeverity
**hostType
**hostValue
**port
**protocol
**order
**status
**expires
comments
createdTime
modifiedTime
Legend
* = always comes back
** = comes back if fields list not specified on GET all
Request Query Parameters
None
Example Response
Expand{
"type" : "regular",
"response" : {
"id" : "1",
"newSeverity" : "0",
"hostType" : "all",
"hostValue" : "",
"port" : "any",
"protocol" : "any",
"comments" : "",
"order" : "1",
"status" : "0",
"expires" : "-1",
"createdTime" : "1410281580",
"modifiedTime" : "1410281580",
"repository" : {
"id" : "18",
"name" : "New Rep 1",
"description" : "",
"type" : "Local",
"uuid" : "51C9083D-3AF6-4557-9492-7B25FCF6BAEB"
},
"organization" : {
"id" : "8",
"name" : "Org",
"description" : "Testing for Policies with New Schema",
"uuid" : "2E950182-08B6-4737-830B-4ACC8F6B92F9"
},
"user" : {
"id" : "1",
"username" : "head",
"firstname" : "Security Manager",
"lastname" : "",
"uuid" : "FF00F4D0-5B9F-4A26-998C-19430295284A"
},
"plugin" : {
"id" : "0",
"name" : "Open Port",
"description" : "",
"type" : "active"
}
},
"error_code" : 0,
"error_msg" : "",
"warnings" : [],
"timestamp" : 1410281625
}
Deletes the Recast Risk Rule associated with {id}, depending on access and permissions.
Request Parameters
None
Example Response
Expand{
"type" : "regular",
"response" : "",
"error_code" : 0,
"error_msg" : "",
"warnings" : [],
"timestamp" : 1403100582
}
Request Parameters
ExpandAllowed Fields
expires
Example Response
Expand{
"type" : "regular",
"response" : "",
"error_code" : 0,
"error_msg" : "",
"warnings" : [],
"timestamp" : 1403100582
}
/recastRiskRule/apply
Methods
Applies all rules for the given repository or all (id: 0)
Request Query Parameters
Expand {
"repository" : {
"id" : <number>
}
}
Example Response
Expand {
"type" : "regular",
"response" : "",
"error_code" : 0,
"error_msg" : "",
"warnings" : [],
"timestamp" : 1410279161
}