rules.yaml

openapi: 3.0.0

info:
    title: Path calculation results using TOS
    description: Path calculation results using TOS.
    version: 1.0.0

paths:
    /securetrack/api/rule_search.json:
        get:
            operationId: UnusedRules
            summary: Shows the count of unused rules per device.
            description: |
                Retrieve information of unused rules for all devices.
                #ExamplePrompts How many rules are unused?
                #ExamplePrompts Show how many rules are unused for the past 60 days?
            parameters:
                -   $ref: '#/components/parameters/searchText'
            responses:
                200:
                    description: List of devices with an unused rule count per device.
                    content:
                        application/json:
                            schema:
                                type: object
                                properties:
                                    device_list:
                                        type: object
                                        properties:
                                            device:
                                                type: array
                400:
                    description: Value is missing or not valid
    /securetrack/api/rule_search/{deviceId}.json:
        get:
            operationId: UnusedRulesPerDevice
            summary: Retrieve unused rules from a device based on the device id.
            description: |
                Retrieve information of unused rules for a device id.
                #ExamplePrompts How many unused rules for device id number 195?
                #ExamplePrompts Show how many rules are unused for the past 60 days for device id 1?
                #ExamplePrompts Does the device 195 have any rules with no hits in the past 90 days?
            parameters:
                -   in: path
                    name: deviceId
                    required: true
                    description: The device id to lookup for unused rules
                    schema:
                        type: integer
                -   $ref: '#/components/parameters/searchText'
                -   $ref: '#/components/parameters/start'
                -   $ref: '#/components/parameters/count'
            responses:
                200:
                    description: Return object of unused rules
                    content:
                        application/json:
                            schema:
                                type: object
                                properties:
                                    rules:
                                        type: object
                                        properties:
                                            count:
                                                type: integer
                                            total:
                                                type: integer
                                            rule:
                                                type: array
                404:
                    description: Value is missing or not valid
    /securetrack/api/rule_search.json?search_text=shadowed:true:
        get:
            operationId: ShadowedRules
            summary: Returns rules that are shadowed
            description: |
                Retrieve information of unused rules for a device id.
                #ExamplePrompts How many rules are shadowed?
                #ExamplePrompts List all devices with shadowed rules?
                #ExamplePrompts How many redundant rules are there?
            responses:
                200:
                    description: List of shadowed rules.
                400:
                    description: Value is missing or not valid
    /securetrack/api/rule_search/{deviceId}.json?search_text=shadowed:true:
        get:
            operationId: ShadowedRulesForDeviceId
            summary: Returns rules that are shadowed for a device id
            description: |
                Retrieve information of shadowed rules for a device id.
                #ExamplePrompts how many shadowed rules are there for device 187?
                #ExamplePrompts Are there shadowed rules for device 187?
            parameters:
                -   in: path
                    name: deviceId
                    required: true
                    description: The device id to lookup for shadowed rules
                    schema:
                        type: integer
            responses:
                200:
                    description: List of shadowed rules.
                400:
                    description: Value is missing or not valid
    /securetrack/api/rule_search.json?search_text=permissiveness.level:high:
        get:
            operationId: PermissivenessLevelHigh
            summary: Returns rules with the high permissiveness level indicating how much traffic is allowed by the rule.
            description: |
                Retrieve information of highly permissive rules.
                #ExamplePrompts Find all high permissive rules?
                #ExamplePrompts Are there any high permissive rules?
            responses:
                200:
                    description: List of high permissiveness level rules.
                400:
                    description: Value is missing or not valid
    /securetrack/api/rule_search/{deviceId}.json?search_text=permissiveness.level:high:
        get:
            operationId: PermissivenessLevelHighForDeviceId
            summary: Returns rules for a device id that have high permissiveness level
            description: |
                Retrieve information of highly permissive rules for device id.
                #ExamplePrompts What are the highly permissive rules for device id 195?
            parameters:
                -   in: path
                    name: deviceId
                    required: true
                    description: The device id to lookup for high permissiveness level rules
                    schema:
                        type: integer
            responses:
                200:
                    description: List of high permissiveness level rules.
                400:
                    description: Value is missing or not valid
    /securetrack/api/rule_search.json?search_text=permissiveness.level:medium:
        get:
            operationId: PermissivenessLevelMedium
            summary: Returns rules with the medium permissiveness level indicating how much traffic is allowed by the rule.
            description: |
                Retrieve information of medium permissive rules.
                #ExamplePrompts Find all medium permissive rules?
                #ExamplePrompts Are there any medium permissive rules?
            responses:
                200:
                    description: List of medium permissiveness level rules.
                400:
                    description: Value is missing or not valid
    /securetrack/api/rule_search/{deviceId}.json?search_text=permissiveness.level:medium:
        get:
            operationId: PermissivenessLevelMediumForDeviceId
            summary: Returns rules for a device id that have medium permissiveness level
            description: |
                Retrieve information of medium permissive rules for device id.
                #ExamplePrompts What are the medium permissive rules for device id 195?
            parameters:
                -   in: path
                    name: deviceId
                    required: true
                    description: The device id to lookup for medium permissiveness level rules
                    schema:
                        type: integer
            responses:
                200:
                    description: List of medium permissiveness level rules.
                400:
                    description: Value is missing or not valid
    /securetrack/api/rule_search.json?search_text=permissiveness.level:low:
        get:
            operationId: PermissivenessLevelLow
            summary: Returns rules with the low permissiveness level indicating how much traffic is allowed by the rule.
            description: |
                Retrieve information of low permissive rules.
                #ExamplePrompts Find all low permissive rules?
                #ExamplePrompts Are there any low permissive rules?
            responses:
                200:
                    description: List of low permissiveness level rules.
                400:
                    description: Value is missing or not valid
    /securetrack/api/rule_search/{deviceId}.json?search_text=permissiveness.level:low:
        get:
            operationId: PermissivenessLevelLowForDeviceId
            summary: Returns rules for a device id that have low permissiveness level
            description: |
                Retrieve information of low permissive rules for device id.
                #ExamplePrompts What are the low permissive rules for device id 195?
            parameters:
                -   in: path
                    name: deviceId
                    required: true
                    description: The device id to lookup for low permissiveness level rules
                    schema:
                        type: integer
            responses:
                200:
                    description: List of low permissiveness level rules.
                400:
                    description: Value is missing or not valid
    /securetrack/api/rule_search.json?search_text=violations.isempty:false:
        get:
            operationId: Violations
            summary: Search for rules that have violations. It retrieves a list of rules where the violations field is not empty, indicating that these rules have been flagged for one or more issues.
            description: |
                Retrieve information of violating rules.
                #ExamplePrompts Find all violating rules?
                #ExamplePrompts Find rules with violations?
            responses:
                200:
                    description: List of high permissiveness level rules.
                400:
                    description: Value is missing or not valid
    /securetrack/api/rule_search/{deviceId}.json?search_text=violations.isempty:false:
        get:
            operationId: ViolationsForDeviceId
            summary: Used to search for rules with violations on a specific device. By specifying the deviceId, it retrieves a list of rules associated with that device where the violations field is not empty
            description: |
                Retrieve information of violating rules on a specific device.
                #ExamplePrompts From device 157, which rules violate security policies?
            parameters:
                -   in: path
                    name: deviceId
                    required: true
                    description: The device id to lookup for rules with violations
                    schema:
                        type: integer
            responses:
                200:
                    description: List of high permissiveness level rules.
                400:
                    description: Value is missing or not valid

components:
    parameters:
        searchText:
            in: query
            name: search_text
            required: true
            description: 'Query to search for rules. Example: "lasthitgreater:30 rule.isdisabled:false action:allow"'
            schema:
                type: string
                default: 'lasthitgreater:30 rule.isdisabled:false action:allow'
                enum:
                    - 'lasthitgreater:7 rule.isdisabled:false action:allow'
                    - 'lasthitgreater:14 rule.isdisabled:false action:allow'
                    - 'lasthitgreater:30 rule.isdisabled:false action:allow'
                    - 'lasthitgreater:60 rule.isdisabled:false action:allow'
                    - 'lasthitgreater:100 rule.isdisabled:false action:allow'
                    - 'lasthitgreater:365 rule.isdisabled:false action:allow'
            allowEmptyValue: false
            allowReserved: true
            style: form
            example: 'lasthitgreater:30 rule.isdisabled:false action:allow'
        start:
            in: query
            name: start
            required: true
            schema:
                type: integer
                default: 0
                minimum: 0
        count:
            in: query
            name: count
            required: true
            schema:
                type: integer
                default: 3
                minimum: 3
                maximum: 10