Provides details fpr a specific policy.
Parameter | Mandatory/Optional | Data Type | Description |
---|---|---|---|
policyId |
Mandatory | string |
Specify the ID of a specific policy for which you want to get details. |
API request
curl --location --request GET "<qualys_base_url>/csapi/v1.3/runtime/policies/5eba6fef2c79c40001e23488"
--header "Authorization: Bearer <token>"
Response
{
"id": "5eba6fef2c79c40001e23488",
"name": "My CRS Policy",
"created": "2020-05-12T09:44:15.315Z",
"updated": "2020-05-12T09:44:15.315Z",
"defaultNetworkAction": "ALLOW",
"defaultExecuteAction": "ALLOW",
"defaultFileAction": "ALLOW",
"rules": [
{
"id": "5fa25442e677eb00012916b7",
"name": "Static file modification deny",
"created": "2020-05-12T09:44:15.315Z",
"updated": "2020-05-12T09:44:15.315Z",
"inactive": false,
"ruleType": "WRITE",
"program": "*",
"action": "DENY",
"file": "/var/www/html/*",
"port": 0,
"ipAddress": "",
"syscall": "",
"arg1": "",
"arg2": "",
"arg3": ""
},
{
"id": "5fa2512de677eb00012916b5",
"name": "Deny_Hosts_Write_Attempt",
"created": "2020-05-12T09:44:15.315Z",
"updated": "2020-05-12T09:44:15.315Z",
"inactive": false,
"ruleType": "READ",
"program": "/bin/cat",
"action": "DENY",
"file": "/etc/hosts",
"port": 0,
"ipAddress": "",
"syscall": "",
"arg1": "",
"arg2": "",
"arg3": ""
},
{
"id": "5fa24e78e677eb00012916b3",
"name": "Deny_Outbound",
"created": "2020-05-12T09:44:15.315Z",
"updated": "2020-05-12T09:44:15.315Z",
"inactive": false,
"ruleType": "NETWORK_OUTBOUND",
"program": "*",
"action": "DENY",
"file": "",
"port": 22,
"ipAddress": "1.1.1.1",
"syscall": "",
"arg1": "",
"arg2": "",
"arg3": ""
},
{
"id": "5fa25442e677eb00012916bc",
"name": "Block_sshd_communication",
"created": "0001-01-01T00:00:00Z",
"updated": "0001-01-01T00:00:00Z",
"inactive": false,
"ruleType": "NETWORK_INBOUND",
"program": "*",
"action": "DENY",
"file": "",
"port": 22,
"ipAddress": "*",
"syscall": "",
"arg1": "",
"arg2": "",
"arg3": ""
}
],
"ignoredSyscalls": [
"sys_fork",
"sys_chroot"
],
"policyMode": "ACTIVE",
"description": "Deny access in /etc dir for important files"
}
Was this topic helpful?