Forum Discussion
AltostratusEnabling alarm and block of IP Intelligence through CLI and curl
Is there an API for IP Intelligence enabling and disabling as well as for enabling alerting and/or blocking of items within the IP Intelligence feature in ASM. I am wanting to run a curl command like I do for IP Whitelisting and stuff to make a mass update of all ASM policies to enable IP Intelligence on all of them in one go. Please advise.
3 Replies
SamCoCirrus
I think you can do it through the REST API call to this URL :
https://x.x.x.x/mgmt/tm/asm/XXXXX/disallowed-geolocations
This article should help you :
https://support.f5.com/csp/article/K03519157
Cheers,
Sam
- Ismael_Goncalves
Employee
Hi,
You could use the following iControl REST endpoint:
/mgmt/tm/asm/policies/<pol-id>/ip-intelligence
Here is an example that patches a policy to enable Block and Alarm for Spam Sources category:
curl -k -u admin:xxxxxx -X PATCH https://bigip-host.net/mgmt/tm/asm/policies/3_4-X7IjK43HRjUS7xZnyA/ip-intelligence -H "Content-Type: application/json" -d '{ "ipIntelligenceCategories": [ { "block": true, "alarm": true, "category": "Spam Sources" }], "enabled":true}'
Alternatively, you could use a Parent Policy and control the settings to children policies via 'IP Addresses and Geolocations' inheretance setting.
Alok_KumarThank you. I'm going to try it.
