14-Mar-2022 10:26
I need to enable the check box of Alarm and Block on one of the IP Address and Geolocations rule named Access from Malicoous IP Address on a mass scale on more than 100 ASM policies. What API can I call with a curl command to do this ? Please help.
Thanks.
02-Nov-2023 12:36
Hello
Have you seen this article: Display and configure BIG-IP ASM security policy configuration using iControl Rest API (f5.com).
I posted some excerpts below this should get you started.
Locate the security policy element MD5 hash identifier
BIG-IP ASM security policy elements have a unique MD5 hash identifier. You must determine the MD5 hash identifier before you can make updates to the element using the iControl REST API. Include the hash value in the URI when you modify the policy elements. To determine the MD5 hash identifier, perform the following steps:
Impact of procedure: Performing the following procedure should not have a negative impact on your system.
curl -sku <username:password> https://<BIG-IP hostname or management IP address>/mgmt/tm/asm/policies/<policy MD5hash>/<policy element>?\$select=name,id | jq '.'
For example, the following command returns two parameters, example and __VIEWSTATE, and related MD5 hash identifiers (id) for host BIGIP.example.com:
curl -sku admin:admin https://BIGIP.example.com/mgmt/tm/asm/policies/2fFJIXo8nnfwGG9O78o3ig/parameters?\$select=name,id | jq .
{
"kind": "tm:asm:policies:parameters:parameterstate",
"selfLink": "https://localhost/mgmt/tm/asm/policies/2fFJIXo8nnfwGG9O78o3ig/parameters/_RVuQ8606O0J3uVOk6a5og?ver=16.0.1",
"name": "example",
"id": "_RVuQ8606O0J3uVOk6a5og"
},
{
"kind": "tm:asm:policies:parameters:parameterstate",
"selfLink": "https://localhost/mgmt/tm/asm/policies/2fFJIXo8nnfwGG9O78o3ig/parameters/UK1xSpsKgkiuR7B1N-qw4g?ver=16.0.1",
"name": "__VIEWSTATE",
"id": "UK1xSpsKgkiuR7B1N-qw4g"
}
Modify existing security policy configuration elements using iControl Rest API
Impact of procedure: F5 recommends that you test any security policy changes in an appropriate environment.
curl -sku <username:password> -X PATCH https://<BIG-IP hostname or management IP address>/mgmt/tm/asm/policies/<policy MD5hash>/<policy element>/<policy element MD5hash> -d '<configuration in JSON format>' | jq '.'
For example, the following command updates the parameter named example with the MD5 hash identifier _RVuQ8606O0J3uVOk6a5og for host BIGIP.example.com:
curl -sku admin:admin -X PATCH https://10.154.210.202/mgmt/tm/asm/policies/2fFJIXo8nnfwGG9O78o3ig/parameters/_RVuQ8606O0J3uVOk6a5og -d '{"performStaging":false}' | jq '.'
curl -sku <username>:<password> https://<BIG-IP hostname or management IP address>/mgmt/tm/asm/tasks/apply-policy -d '{"policyReference": {"link": "https://localhost/mgmt/tm/asm/policies/<MD5hash>"}}' | jq '.'
For example:
curl -sku admin:admin https://BIGIP.example.com/mgmt/tm/asm/tasks/apply-policy -d '{"policyReference": {"link": "https://localhost/mgmt/tm/asm/policies/2fFJIXo8nnfwGG9O78o3ig"}}' | jq '.'
curl -sku <username:password> https://<BIG-IP hostname or management IP address>/mgmt/tm/asm/tasks/apply-policy | jq '.'
For example:
curl -sku admin:admin https://BIGIP.example.com/mgmt/tm/asm/tasks/apply-policy | jq '.'