Forum Discussion
MerryIT
Altocumulus
AltocumulusASM API v16 - get list of SignatureOverride
Hello,
My client would like a scheduled report on all the signatures used as exceptions in the policy items (let's say in parameters and URL object).
I've figured that the info can be retrieved through API : https:///mgmt/tm/asm/policies//parameters/
I could have this kind of output where parameter1 has 2 signatures overrides, and parameter2 doesn't have any
{
"maximumLength": 200,
"stagedSinceDatetime": "2024-10-16T13:33:54Z",
"hostNameRepresentation": "domain-name",
"dataType": "uri",
"createdBy": "GUI",
"sensitiveParameter": false,
"parameterLocation": "any",
"valueType": "user-input",
"kind": "tm:asm:policies:parameters:parameterstate",
"selfLink": "https://localhost/mgmt/tm/asm/policies/gK_P0j6j8NT8wUz2pORRRQ/parameters/SZehdfNxQfRzSeE_d2V5eA?ver=16.1.5",
"inClassification": false,
"urlReference": {
"link": "https://localhost/mgmt/tm/asm/policies/gK_P0j6j8NT8wUz2pORRRQ/urls/OXujEJOZ7V0nU7Mgu2-Bzg?ver=16.1.5",
"protocol": "https",
"name": "/random-uri/path/",
"method": "*",
"type": "explicit"
},
"checkMinValueLength": false,
"isCookie": false,
"mandatory": false,
"id": "SZehdfNxQfRzSeE_d2V5eA",
"allowEmptyValue": false,
"checkMaxValueLength": true,
"name": "parameter1",
"lastUpdateMicros": 1.729085634e+15,
"isReferenced": false,
"isHeader": false,
"attackSignaturesCheck": true,
"level": "url",
"allowRepeatedParameterName": true,
"signatureOverrides": [{
"signatureReference": {
"link": "https://localhost/mgmt/tm/asm/signatures/gJ3lZomuuxyJqa2InBac1w?ver=16.1.5",
"isUserDefined": false,
"name": "Unix/Linux \"date\" execution attempt (Parameter)",
"signatureId": 200003085
},
"enabled": false
}, {
"signatureReference": {
"link": "https://localhost/mgmt/tm/asm/signatures/YqXJ-_VkhoSiQ49IuaFmUA?ver=16.1.5",
"isUserDefined": false,
"name": "Unix/Linux \"time\" execution attempt (Parameter)",
"signatureId": 200003155
},
"enabled": false
}
],
"type": "explicit",
"performStaging": false
}
{
"isBase64": false,
"maximumLength": 120,
"stagedSinceDatetime": "2024-11-20T09:17:03Z",
"dataType": "alpha-numeric",
"createdBy": "GUI",
"sensitiveParameter": false,
"parameterLocation": "any",
"valueType": "user-input",
"kind": "tm:asm:policies:parameters:parameterstate",
"selfLink": "https://localhost/mgmt/tm/asm/policies/gK_P0j6j8NT8wUz2pORRRQ/parameters/iKZNHNqAGGVo_-csIuNBwQ?ver=16.1.5",
"inClassification": false,
"checkMinValueLength": false,
"isCookie": false,
"mandatory": false,
"metacharsOnParameterValueCheck": true,
"id": "iKZNHNqAGGVo_-csIuNBwQ",
"allowEmptyValue": false,
"checkMaxValueLength": true,
"valueMetacharOverrides": [],
"name": "parameter2",
"lastUpdateMicros": 1.732094223e+15,
"isReferenced": false,
"isHeader": false,
"parameterEnumValues": [],
"attackSignaturesCheck": true,
"level": "global",
"allowRepeatedParameterName": false,
"signatureOverrides": [],
"type": "explicit",
"performStaging": true,
"enableRegularExpression": false
}
I would like to filter the query and only have the parameters with a non-empty list of SignatureOverride. I learnt that F5 API is relying on OData and that we can borrow some of its functions. I also need to consider that SignatureOverride field is an array.
I tried this:
- $filter=signatureOverrides/any(s: s ne null) => but the any function doesn't seem to be available
and I also tried this:
- $filter=signatureOverrides/$count ne 0 => same, the count command is not available either
how can I work with OData filter on the signatureOverrides field ?
No RepliesBe the first to reply