api_key como query parameter4YyKytOuFA6jwaGET /api/network_firewall/acls?api_key=4YyKytOuFA6jwa
Parâmetros úteis:
filter=exact:state:installed — só entries ativassort=desc:order — ordenar por order (posição no filtro)limit=N / offset=N — paginaçãofilter=exact:mitigation_id:101 — por mitigação específica# Todas as entries instaladas
curl -sk "https://10.110.17.114/api/network_firewall/acls?api_key=4YyKytOuFA6jwa&filter=exact:state:installed&sort=desc:order&limit=10"
# Maior order em uso (próximo slot livre)
curl -sk "https://10.110.17.114/api/network_firewall/acls?api_key=4YyKytOuFA6jwa&filter=exact:state:installed&sort=desc:order&limit=1" \
| python3 -c "import sys,json; d=json.load(sys.stdin); print(d['entities'][0]['order'] + 1)"
GET /api/network_firewall/acls/{id}?api_key=4YyKytOuFA6jwa
GET /api/network_firewall/acls/routers?api_key=4YyKytOuFA6jwa
{
"id": 34724,
"name": "drop_invalid_tcp_flags_1",
"mitigation_id": 90,
"acl_type": "mitigation", // mitigation|flowspec|dms_ace
"state": "installed",
"action": "drop", // drop|accept|rate_limit
"order": 1950, // posição/prioridade no filtro Nokia
"match_protocol": 6,
"match_tcp_syn": true,
"match_tcp_urg": true,
"match_dst_cidrs": ["186.195.252.0/24"],
"match_dst_cidr_count": 4,
"router_states": {"installed": 1}
}
Campo order: prioridade interna do Deepfield. Max atual: 11201 (821 entries instaladas).
NÃO corresponde diretamente ao número de entry no Nokia filter 1000.
POST /api/query?api_key=4YyKytOuFA6jwa
Content-Type: application/json
{
"database": "acl_stats",
"dimensions": ["acl_id", "acl_type", "acl_action"],
"measures": ["bits", "packets"]
}
Endpoints disponíveis:
GET /api/defender/protected-objects # listar todos
POST /api/defender/protected-objects # criar
PATCH /api/defender/protected-objects/{id} # atualizar parcial
PUT /api/defender/protected-objects/{id} # atualizar total
DELETE /api/defender/protected-objects/{id} # remover
POST /api/defender/protected-objects/bulk/import # bulk create
PATCH /api/defender/protected-objects/bulk/update # bulk update
POST /api/defender/protected-objects/bulk/delete # bulk delete
Documentação interativa com schema completo:
https://10.110.17.114/api/docs
Permissão necessária: dfp.defender.protectedobjects.configure
deepfield-mitigation-v4) via NETCONFdeepfield-parent-v4) em offset 10