@robinmordasiewicz/f5xc-terraform-mcp 2.3.0 → 2.4.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (572) hide show
  1. package/README.md +98 -15
  2. package/dist/docs/data-sources/addon_subscription.md +51 -0
  3. package/dist/docs/data-sources/address_allocator.md +51 -0
  4. package/dist/docs/data-sources/advertise_policy.md +51 -0
  5. package/dist/docs/data-sources/alert_policy.md +51 -0
  6. package/dist/docs/data-sources/alert_receiver.md +62 -0
  7. package/dist/docs/data-sources/allowed_tenant.md +51 -0
  8. package/dist/docs/data-sources/api_crawler.md +51 -0
  9. package/dist/docs/data-sources/api_credential.md +51 -0
  10. package/dist/docs/data-sources/api_definition.md +51 -0
  11. package/dist/docs/data-sources/api_discovery.md +51 -0
  12. package/dist/docs/data-sources/api_testing.md +51 -0
  13. package/dist/docs/data-sources/apm.md +51 -0
  14. package/dist/docs/data-sources/app_api_group.md +51 -0
  15. package/dist/docs/data-sources/app_firewall.md +62 -0
  16. package/dist/docs/data-sources/app_setting.md +51 -0
  17. package/dist/docs/data-sources/app_type.md +51 -0
  18. package/dist/docs/data-sources/authentication.md +51 -0
  19. package/dist/docs/data-sources/aws_tgw_site.md +51 -0
  20. package/dist/docs/data-sources/aws_vpc_site.md +68 -0
  21. package/dist/docs/data-sources/azure_vnet_site.md +68 -0
  22. package/dist/docs/data-sources/bgp.md +51 -0
  23. package/dist/docs/data-sources/bgp_asn_set.md +51 -0
  24. package/dist/docs/data-sources/bgp_routing_policy.md +51 -0
  25. package/dist/docs/data-sources/bigip_irule.md +51 -0
  26. package/dist/docs/data-sources/bot_defense_app_infrastructure.md +51 -0
  27. package/dist/docs/data-sources/cdn_cache_rule.md +51 -0
  28. package/dist/docs/data-sources/cdn_loadbalancer.md +51 -0
  29. package/dist/docs/data-sources/certificate.md +66 -0
  30. package/dist/docs/data-sources/certificate_chain.md +51 -0
  31. package/dist/docs/data-sources/child_tenant.md +51 -0
  32. package/dist/docs/data-sources/child_tenant_manager.md +51 -0
  33. package/dist/docs/data-sources/cloud_connect.md +51 -0
  34. package/dist/docs/data-sources/cloud_credentials.md +62 -0
  35. package/dist/docs/data-sources/cloud_elastic_ip.md +51 -0
  36. package/dist/docs/data-sources/cloud_link.md +51 -0
  37. package/dist/docs/data-sources/cluster.md +51 -0
  38. package/dist/docs/data-sources/cminstance.md +51 -0
  39. package/dist/docs/data-sources/code_base_integration.md +51 -0
  40. package/dist/docs/data-sources/contact.md +51 -0
  41. package/dist/docs/data-sources/container_registry.md +51 -0
  42. package/dist/docs/data-sources/crl.md +51 -0
  43. package/dist/docs/data-sources/customer_support.md +51 -0
  44. package/dist/docs/data-sources/data_group.md +51 -0
  45. package/dist/docs/data-sources/data_type.md +51 -0
  46. package/dist/docs/data-sources/dc_cluster_group.md +51 -0
  47. package/dist/docs/data-sources/discovery.md +51 -0
  48. package/dist/docs/data-sources/dns_compliance_checks.md +51 -0
  49. package/dist/docs/data-sources/dns_domain.md +51 -0
  50. package/dist/docs/data-sources/dns_lb_health_check.md +51 -0
  51. package/dist/docs/data-sources/dns_lb_pool.md +51 -0
  52. package/dist/docs/data-sources/dns_load_balancer.md +51 -0
  53. package/dist/docs/data-sources/dns_zone.md +62 -0
  54. package/dist/docs/data-sources/endpoint.md +51 -0
  55. package/dist/docs/data-sources/enhanced_firewall_policy.md +51 -0
  56. package/dist/docs/data-sources/external_connector.md +51 -0
  57. package/dist/docs/data-sources/fast_acl.md +51 -0
  58. package/dist/docs/data-sources/fast_acl_rule.md +51 -0
  59. package/dist/docs/data-sources/filter_set.md +51 -0
  60. package/dist/docs/data-sources/fleet.md +51 -0
  61. package/dist/docs/data-sources/forward_proxy_policy.md +51 -0
  62. package/dist/docs/data-sources/forwarding_class.md +51 -0
  63. package/dist/docs/data-sources/gcp_vpc_site.md +68 -0
  64. package/dist/docs/data-sources/geo_location_set.md +51 -0
  65. package/dist/docs/data-sources/global_log_receiver.md +51 -0
  66. package/dist/docs/data-sources/healthcheck.md +62 -0
  67. package/dist/docs/data-sources/http_loadbalancer.md +60 -0
  68. package/dist/docs/data-sources/ike1.md +51 -0
  69. package/dist/docs/data-sources/ike2.md +51 -0
  70. package/dist/docs/data-sources/ike_phase1_profile.md +51 -0
  71. package/dist/docs/data-sources/ike_phase2_profile.md +51 -0
  72. package/dist/docs/data-sources/infraprotect_asn.md +51 -0
  73. package/dist/docs/data-sources/infraprotect_asn_prefix.md +51 -0
  74. package/dist/docs/data-sources/infraprotect_deny_list_rule.md +51 -0
  75. package/dist/docs/data-sources/infraprotect_firewall_rule.md +51 -0
  76. package/dist/docs/data-sources/infraprotect_firewall_rule_group.md +51 -0
  77. package/dist/docs/data-sources/infraprotect_internet_prefix_advertisement.md +51 -0
  78. package/dist/docs/data-sources/infraprotect_tunnel.md +51 -0
  79. package/dist/docs/data-sources/ip_prefix_set.md +51 -0
  80. package/dist/docs/data-sources/irule.md +51 -0
  81. package/dist/docs/data-sources/k8s_cluster.md +51 -0
  82. package/dist/docs/data-sources/k8s_cluster_role.md +51 -0
  83. package/dist/docs/data-sources/k8s_cluster_role_binding.md +51 -0
  84. package/dist/docs/data-sources/k8s_pod_security_admission.md +51 -0
  85. package/dist/docs/data-sources/k8s_pod_security_policy.md +51 -0
  86. package/dist/docs/data-sources/log_receiver.md +62 -0
  87. package/dist/docs/data-sources/malicious_user_mitigation.md +51 -0
  88. package/dist/docs/data-sources/managed_tenant.md +51 -0
  89. package/dist/docs/data-sources/namespace.md +58 -0
  90. package/dist/docs/data-sources/nat_policy.md +51 -0
  91. package/dist/docs/data-sources/network_connector.md +51 -0
  92. package/dist/docs/data-sources/network_firewall.md +51 -0
  93. package/dist/docs/data-sources/network_interface.md +51 -0
  94. package/dist/docs/data-sources/network_policy.md +51 -0
  95. package/dist/docs/data-sources/network_policy_rule.md +51 -0
  96. package/dist/docs/data-sources/network_policy_view.md +51 -0
  97. package/dist/docs/data-sources/nfv_service.md +51 -0
  98. package/dist/docs/data-sources/oidc_provider.md +51 -0
  99. package/dist/docs/data-sources/origin_pool.md +65 -0
  100. package/dist/docs/data-sources/policer.md +51 -0
  101. package/dist/docs/data-sources/policy_based_routing.md +51 -0
  102. package/dist/docs/data-sources/protocol_inspection.md +51 -0
  103. package/dist/docs/data-sources/protocol_policer.md +51 -0
  104. package/dist/docs/data-sources/proxy.md +51 -0
  105. package/dist/docs/data-sources/quota.md +51 -0
  106. package/dist/docs/data-sources/rate_limiter.md +64 -0
  107. package/dist/docs/data-sources/rate_limiter_policy.md +51 -0
  108. package/dist/docs/data-sources/registration.md +51 -0
  109. package/dist/docs/data-sources/report_config.md +51 -0
  110. package/dist/docs/data-sources/role.md +51 -0
  111. package/dist/docs/data-sources/route.md +51 -0
  112. package/dist/docs/data-sources/secret_management_access.md +51 -0
  113. package/dist/docs/data-sources/secret_policy.md +51 -0
  114. package/dist/docs/data-sources/secret_policy_rule.md +51 -0
  115. package/dist/docs/data-sources/securemesh_site.md +51 -0
  116. package/dist/docs/data-sources/securemesh_site_v2.md +51 -0
  117. package/dist/docs/data-sources/segment.md +51 -0
  118. package/dist/docs/data-sources/sensitive_data_policy.md +51 -0
  119. package/dist/docs/data-sources/service_policy.md +64 -0
  120. package/dist/docs/data-sources/service_policy_rule.md +51 -0
  121. package/dist/docs/data-sources/site_mesh_group.md +51 -0
  122. package/dist/docs/data-sources/srv6_network_slice.md +51 -0
  123. package/dist/docs/data-sources/subnet.md +51 -0
  124. package/dist/docs/data-sources/tcp_loadbalancer.md +51 -0
  125. package/dist/docs/data-sources/tenant_configuration.md +51 -0
  126. package/dist/docs/data-sources/tenant_profile.md +51 -0
  127. package/dist/docs/data-sources/ticket_tracking_system.md +51 -0
  128. package/dist/docs/data-sources/token.md +51 -0
  129. package/dist/docs/data-sources/tpm_api_key.md +51 -0
  130. package/dist/docs/data-sources/tpm_category.md +51 -0
  131. package/dist/docs/data-sources/tpm_manager.md +51 -0
  132. package/dist/docs/data-sources/trusted_ca_list.md +51 -0
  133. package/dist/docs/data-sources/tunnel.md +51 -0
  134. package/dist/docs/data-sources/udp_loadbalancer.md +51 -0
  135. package/dist/docs/data-sources/usb_policy.md +51 -0
  136. package/dist/docs/data-sources/user_identification.md +51 -0
  137. package/dist/docs/data-sources/virtual_host.md +51 -0
  138. package/dist/docs/data-sources/virtual_k8s.md +51 -0
  139. package/dist/docs/data-sources/virtual_network.md +51 -0
  140. package/dist/docs/data-sources/virtual_site.md +68 -0
  141. package/dist/docs/data-sources/voltshare_admin_policy.md +51 -0
  142. package/dist/docs/data-sources/voltstack_site.md +51 -0
  143. package/dist/docs/data-sources/waf_exclusion_policy.md +51 -0
  144. package/dist/docs/data-sources/workload.md +51 -0
  145. package/dist/docs/data-sources/workload_flavor.md +51 -0
  146. package/dist/docs/functions/blindfold.md +133 -0
  147. package/dist/docs/functions/blindfold_file.md +154 -0
  148. package/dist/docs/guides/authentication.md +389 -0
  149. package/dist/docs/guides/blindfold.md +509 -0
  150. package/dist/docs/guides/http-loadbalancer.md +274 -0
  151. package/dist/docs/resources/addon_subscription.md +136 -0
  152. package/dist/docs/resources/address_allocator.md +106 -0
  153. package/dist/docs/resources/advertise_policy.md +318 -0
  154. package/dist/docs/resources/alert_policy.md +242 -0
  155. package/dist/docs/resources/alert_receiver.md +394 -0
  156. package/dist/docs/resources/allowed_tenant.md +104 -0
  157. package/dist/docs/resources/api_crawler.md +142 -0
  158. package/dist/docs/resources/api_credential.md +101 -0
  159. package/dist/docs/resources/api_definition.md +127 -0
  160. package/dist/docs/resources/api_discovery.md +100 -0
  161. package/dist/docs/resources/api_testing.md +273 -0
  162. package/dist/docs/resources/apm.md +946 -0
  163. package/dist/docs/resources/app_api_group.md +161 -0
  164. package/dist/docs/resources/app_firewall.md +282 -0
  165. package/dist/docs/resources/app_setting.md +228 -0
  166. package/dist/docs/resources/app_type.md +124 -0
  167. package/dist/docs/resources/authentication.md +228 -0
  168. package/dist/docs/resources/aws_tgw_site.md +948 -0
  169. package/dist/docs/resources/aws_vpc_site.md +1262 -0
  170. package/dist/docs/resources/azure_vnet_site.md +2316 -0
  171. package/dist/docs/resources/bgp.md +341 -0
  172. package/dist/docs/resources/bgp_asn_set.md +86 -0
  173. package/dist/docs/resources/bgp_routing_policy.md +166 -0
  174. package/dist/docs/resources/bigip_irule.md +90 -0
  175. package/dist/docs/resources/bot_defense_app_infrastructure.md +166 -0
  176. package/dist/docs/resources/cdn_cache_rule.md +278 -0
  177. package/dist/docs/resources/cdn_loadbalancer.md +3800 -0
  178. package/dist/docs/resources/certificate.md +146 -0
  179. package/dist/docs/resources/certificate_chain.md +86 -0
  180. package/dist/docs/resources/child_tenant.md +166 -0
  181. package/dist/docs/resources/child_tenant_manager.md +130 -0
  182. package/dist/docs/resources/cloud_connect.md +260 -0
  183. package/dist/docs/resources/cloud_credentials.md +264 -0
  184. package/dist/docs/resources/cloud_elastic_ip.md +108 -0
  185. package/dist/docs/resources/cloud_link.md +252 -0
  186. package/dist/docs/resources/cluster.md +408 -0
  187. package/dist/docs/resources/cminstance.md +166 -0
  188. package/dist/docs/resources/code_base_integration.md +360 -0
  189. package/dist/docs/resources/contact.md +104 -0
  190. package/dist/docs/resources/container_registry.md +132 -0
  191. package/dist/docs/resources/crl.md +106 -0
  192. package/dist/docs/resources/customer_support.md +170 -0
  193. package/dist/docs/resources/data_group.md +121 -0
  194. package/dist/docs/resources/data_type.md +188 -0
  195. package/dist/docs/resources/dc_cluster_group.md +108 -0
  196. package/dist/docs/resources/discovery.md +443 -0
  197. package/dist/docs/resources/dns_compliance_checks.md +90 -0
  198. package/dist/docs/resources/dns_domain.md +94 -0
  199. package/dist/docs/resources/dns_lb_health_check.md +166 -0
  200. package/dist/docs/resources/dns_lb_pool.md +233 -0
  201. package/dist/docs/resources/dns_load_balancer.md +254 -0
  202. package/dist/docs/resources/dns_zone.md +135 -0
  203. package/dist/docs/resources/endpoint.md +234 -0
  204. package/dist/docs/resources/enhanced_firewall_policy.md +327 -0
  205. package/dist/docs/resources/external_connector.md +246 -0
  206. package/dist/docs/resources/fast_acl.md +376 -0
  207. package/dist/docs/resources/fast_acl_rule.md +192 -0
  208. package/dist/docs/resources/filter_set.md +142 -0
  209. package/dist/docs/resources/fleet.md +1267 -0
  210. package/dist/docs/resources/forward_proxy_policy.md +408 -0
  211. package/dist/docs/resources/forwarding_class.md +133 -0
  212. package/dist/docs/resources/gcp_vpc_site.md +1170 -0
  213. package/dist/docs/resources/geo_location_set.md +97 -0
  214. package/dist/docs/resources/global_log_receiver.md +1085 -0
  215. package/dist/docs/resources/healthcheck.md +148 -0
  216. package/dist/docs/resources/http_loadbalancer.md +7118 -0
  217. package/dist/docs/resources/ike1.md +133 -0
  218. package/dist/docs/resources/ike2.md +127 -0
  219. package/dist/docs/resources/ike_phase1_profile.md +141 -0
  220. package/dist/docs/resources/ike_phase2_profile.md +131 -0
  221. package/dist/docs/resources/infraprotect_asn.md +100 -0
  222. package/dist/docs/resources/infraprotect_asn_prefix.md +104 -0
  223. package/dist/docs/resources/infraprotect_deny_list_rule.md +108 -0
  224. package/dist/docs/resources/infraprotect_firewall_rule.md +205 -0
  225. package/dist/docs/resources/infraprotect_firewall_rule_group.md +86 -0
  226. package/dist/docs/resources/infraprotect_internet_prefix_advertisement.md +108 -0
  227. package/dist/docs/resources/infraprotect_tunnel.md +228 -0
  228. package/dist/docs/resources/ip_prefix_set.md +97 -0
  229. package/dist/docs/resources/irule.md +88 -0
  230. package/dist/docs/resources/k8s_cluster.md +291 -0
  231. package/dist/docs/resources/k8s_cluster_role.md +143 -0
  232. package/dist/docs/resources/k8s_cluster_role_binding.md +130 -0
  233. package/dist/docs/resources/k8s_pod_security_admission.md +116 -0
  234. package/dist/docs/resources/k8s_pod_security_policy.md +258 -0
  235. package/dist/docs/resources/log_receiver.md +183 -0
  236. package/dist/docs/resources/malicious_user_mitigation.md +132 -0
  237. package/dist/docs/resources/managed_tenant.md +116 -0
  238. package/dist/docs/resources/namespace.md +87 -0
  239. package/dist/docs/resources/nat_policy.md +408 -0
  240. package/dist/docs/resources/network_connector.md +252 -0
  241. package/dist/docs/resources/network_firewall.md +178 -0
  242. package/dist/docs/resources/network_interface.md +439 -0
  243. package/dist/docs/resources/network_policy.md +347 -0
  244. package/dist/docs/resources/network_policy_rule.md +157 -0
  245. package/dist/docs/resources/network_policy_view.md +330 -0
  246. package/dist/docs/resources/nfv_service.md +992 -0
  247. package/dist/docs/resources/oidc_provider.md +208 -0
  248. package/dist/docs/resources/origin_pool.md +801 -0
  249. package/dist/docs/resources/policer.md +97 -0
  250. package/dist/docs/resources/policy_based_routing.md +330 -0
  251. package/dist/docs/resources/protocol_inspection.md +130 -0
  252. package/dist/docs/resources/protocol_policer.md +146 -0
  253. package/dist/docs/resources/proxy.md +1181 -0
  254. package/dist/docs/resources/quota.md +104 -0
  255. package/dist/docs/resources/rate_limiter.md +155 -0
  256. package/dist/docs/resources/rate_limiter_policy.md +296 -0
  257. package/dist/docs/resources/registration.md +406 -0
  258. package/dist/docs/resources/report_config.md +160 -0
  259. package/dist/docs/resources/role.md +100 -0
  260. package/dist/docs/resources/route.md +724 -0
  261. package/dist/docs/resources/secret_management_access.md +498 -0
  262. package/dist/docs/resources/secret_policy.md +157 -0
  263. package/dist/docs/resources/secret_policy_rule.md +115 -0
  264. package/dist/docs/resources/securemesh_site.md +940 -0
  265. package/dist/docs/resources/securemesh_site_v2.md +2942 -0
  266. package/dist/docs/resources/segment.md +97 -0
  267. package/dist/docs/resources/sensitive_data_policy.md +116 -0
  268. package/dist/docs/resources/service_policy.md +795 -0
  269. package/dist/docs/resources/service_policy_rule.md +609 -0
  270. package/dist/docs/resources/site_mesh_group.md +163 -0
  271. package/dist/docs/resources/srv6_network_slice.md +92 -0
  272. package/dist/docs/resources/subnet.md +155 -0
  273. package/dist/docs/resources/tcp_loadbalancer.md +671 -0
  274. package/dist/docs/resources/tenant_configuration.md +136 -0
  275. package/dist/docs/resources/tenant_profile.md +156 -0
  276. package/dist/docs/resources/ticket_tracking_system.md +112 -0
  277. package/dist/docs/resources/token.md +87 -0
  278. package/dist/docs/resources/tpm_api_key.md +108 -0
  279. package/dist/docs/resources/tpm_category.md +108 -0
  280. package/dist/docs/resources/tpm_manager.md +84 -0
  281. package/dist/docs/resources/trusted_ca_list.md +89 -0
  282. package/dist/docs/resources/tunnel.md +250 -0
  283. package/dist/docs/resources/udp_loadbalancer.md +336 -0
  284. package/dist/docs/resources/usb_policy.md +108 -0
  285. package/dist/docs/resources/user_identification.md +126 -0
  286. package/dist/docs/resources/virtual_host.md +934 -0
  287. package/dist/docs/resources/virtual_k8s.md +132 -0
  288. package/dist/docs/resources/virtual_network.md +149 -0
  289. package/dist/docs/resources/virtual_site.md +102 -0
  290. package/dist/docs/resources/voltshare_admin_policy.md +196 -0
  291. package/dist/docs/resources/voltstack_site.md +2259 -0
  292. package/dist/docs/resources/waf_exclusion_policy.md +182 -0
  293. package/dist/docs/resources/workload.md +6021 -0
  294. package/dist/docs/resources/workload_flavor.md +90 -0
  295. package/dist/docs/specifications/api/docs-cloud-f5-com.0000.public.ves.io.schema.ai_assistant.ves-swagger.json +1 -0
  296. package/dist/docs/specifications/api/docs-cloud-f5-com.0001.public.ves.io.schema.api_sec.api_crawler.ves-swagger.json +1 -0
  297. package/dist/docs/specifications/api/docs-cloud-f5-com.0002.public.ves.io.schema.views.api_definition.ves-swagger.json +1 -0
  298. package/dist/docs/specifications/api/docs-cloud-f5-com.0003.public.ves.io.schema.api_sec.api_discovery.ves-swagger.json +1 -0
  299. package/dist/docs/specifications/api/docs-cloud-f5-com.0004.public.ves.io.schema.api_group.ves-swagger.json +1 -0
  300. package/dist/docs/specifications/api/docs-cloud-f5-com.0005.public.ves.io.schema.api_group_element.ves-swagger.json +1 -0
  301. package/dist/docs/specifications/api/docs-cloud-f5-com.0006.public.ves.io.schema.api_sec.api_testing.ves-swagger.json +1 -0
  302. package/dist/docs/specifications/api/docs-cloud-f5-com.0007.public.ves.io.schema.api_credential.ves-swagger.json +1 -0
  303. package/dist/docs/specifications/api/docs-cloud-f5-com.0008.public.ves.io.schema.pbac.addon_service.ves-swagger.json +1 -0
  304. package/dist/docs/specifications/api/docs-cloud-f5-com.0009.public.ves.io.schema.pbac.addon_subscription.ves-swagger.json +1 -0
  305. package/dist/docs/specifications/api/docs-cloud-f5-com.0010.public.ves.io.schema.address_allocator.ves-swagger.json +1 -0
  306. package/dist/docs/specifications/api/docs-cloud-f5-com.0011.public.ves.io.schema.advertise_policy.ves-swagger.json +1 -0
  307. package/dist/docs/specifications/api/docs-cloud-f5-com.0012.public.ves.io.schema.alert_policy.ves-swagger.json +1 -0
  308. package/dist/docs/specifications/api/docs-cloud-f5-com.0013.public.ves.io.schema.alert_receiver.ves-swagger.json +1 -0
  309. package/dist/docs/specifications/api/docs-cloud-f5-com.0014.public.ves.io.schema.alert.ves-swagger.json +1 -0
  310. package/dist/docs/specifications/api/docs-cloud-f5-com.0015.public.ves.io.schema.tenant_management.allowed_tenant.ves-swagger.json +1 -0
  311. package/dist/docs/specifications/api/docs-cloud-f5-com.0016.public.ves.io.schema.views.app_api_group.ves-swagger.json +1 -0
  312. package/dist/docs/specifications/api/docs-cloud-f5-com.0017.public.ves.io.schema.app_setting.ves-swagger.json +1 -0
  313. package/dist/docs/specifications/api/docs-cloud-f5-com.0018.public.ves.io.schema.app_type.ves-swagger.json +1 -0
  314. package/dist/docs/specifications/api/docs-cloud-f5-com.0019.public.ves.io.schema.app_firewall.ves-swagger.json +1 -0
  315. package/dist/docs/specifications/api/docs-cloud-f5-com.0020.public.ves.io.schema.app_security.ves-swagger.json +1 -0
  316. package/dist/docs/specifications/api/docs-cloud-f5-com.0021.public.ves.io.schema.api_sec.rule_suggestion.ves-swagger.json +1 -0
  317. package/dist/docs/specifications/api/docs-cloud-f5-com.0022.public.ves.io.schema.shape.device_id.ves-swagger.json +1 -0
  318. package/dist/docs/specifications/api/docs-cloud-f5-com.0023.public.ves.io.schema.authentication.ves-swagger.json +1 -0
  319. package/dist/docs/specifications/api/docs-cloud-f5-com.0024.public.ves.io.schema.ai_data.bfdp.ves-swagger.json +1 -0
  320. package/dist/docs/specifications/api/docs-cloud-f5-com.0025.public.ves.io.schema.ai_data.bfdp.subscription.ves-swagger.json +1 -0
  321. package/dist/docs/specifications/api/docs-cloud-f5-com.0026.public.ves.io.schema.bgp.ves-swagger.json +1 -0
  322. package/dist/docs/specifications/api/docs-cloud-f5-com.0027.public.ves.io.schema.bgp_asn_set.ves-swagger.json +1 -0
  323. package/dist/docs/specifications/api/docs-cloud-f5-com.0028.public.ves.io.schema.operate.bgp.ves-swagger.json +1 -0
  324. package/dist/docs/specifications/api/docs-cloud-f5-com.0029.public.ves.io.schema.bgp_routing_policy.ves-swagger.json +1 -0
  325. package/dist/docs/specifications/api/docs-cloud-f5-com.0030.public.ves.io.schema.bigip.apm.ves-swagger.json +1 -0
  326. package/dist/docs/specifications/api/docs-cloud-f5-com.0031.public.ves.io.schema.bigip_irule.ves-swagger.json +1 -0
  327. package/dist/docs/specifications/api/docs-cloud-f5-com.0032.public.ves.io.schema.views.bigip_virtual_server.ves-swagger.json +1 -0
  328. package/dist/docs/specifications/api/docs-cloud-f5-com.0033.public.ves.io.schema.shape.brmalerts.alert_gen_policy.ves-swagger.json +1 -0
  329. package/dist/docs/specifications/api/docs-cloud-f5-com.0034.public.ves.io.schema.shape.brmalerts.alert_template.ves-swagger.json +1 -0
  330. package/dist/docs/specifications/api/docs-cloud-f5-com.0035.public.ves.io.schema.views.bot_defense_app_infrastructure.ves-swagger.json +1 -0
  331. package/dist/docs/specifications/api/docs-cloud-f5-com.0036.public.ves.io.schema.shape.bot_defense.threat_intelligence.bot_detection_rule.ves-swagger.json +1 -0
  332. package/dist/docs/specifications/api/docs-cloud-f5-com.0037.public.ves.io.schema.shape.bot_defense.threat_intelligence.bot_detection_update.ves-swagger.json +1 -0
  333. package/dist/docs/specifications/api/docs-cloud-f5-com.0038.public.ves.io.schema.shape.bot_defense.bot_endpoint_policy.ves-swagger.json +1 -0
  334. package/dist/docs/specifications/api/docs-cloud-f5-com.0039.public.ves.io.schema.shape.bot_defense.bot_infrastructure.ves-swagger.json +1 -0
  335. package/dist/docs/specifications/api/docs-cloud-f5-com.0040.public.ves.io.schema.shape.bot_defense.bot_allowlist_policy.ves-swagger.json +1 -0
  336. package/dist/docs/specifications/api/docs-cloud-f5-com.0041.public.ves.io.schema.shape.bot_defense.bot_network_policy.ves-swagger.json +1 -0
  337. package/dist/docs/specifications/api/docs-cloud-f5-com.0042.public.ves.io.schema.views.cdn_loadbalancer.ves-swagger.json +1 -0
  338. package/dist/docs/specifications/api/docs-cloud-f5-com.0043.public.ves.io.schema.cdn_cache_rule.ves-swagger.json +1 -0
  339. package/dist/docs/specifications/api/docs-cloud-f5-com.0044.public.ves.io.schema.crl.ves-swagger.json +1 -0
  340. package/dist/docs/specifications/api/docs-cloud-f5-com.0045.public.ves.io.schema.operate.crl.ves-swagger.json +1 -0
  341. package/dist/docs/specifications/api/docs-cloud-f5-com.0046.public.ves.io.schema.pbac.catalog.ves-swagger.json +1 -0
  342. package/dist/docs/specifications/api/docs-cloud-f5-com.0047.public.ves.io.schema.cminstance.ves-swagger.json +1 -0
  343. package/dist/docs/specifications/api/docs-cloud-f5-com.0048.public.ves.io.schema.certificate.ves-swagger.json +1 -0
  344. package/dist/docs/specifications/api/docs-cloud-f5-com.0049.public.ves.io.schema.certificate_chain.ves-swagger.json +1 -0
  345. package/dist/docs/specifications/api/docs-cloud-f5-com.0050.public.ves.io.schema.certified_hardware.ves-swagger.json +1 -0
  346. package/dist/docs/specifications/api/docs-cloud-f5-com.0051.public.ves.io.schema.tenant_management.child_tenant.ves-swagger.json +1 -0
  347. package/dist/docs/specifications/api/docs-cloud-f5-com.0052.public.ves.io.schema.tenant_management.child_tenant_manager.ves-swagger.json +1 -0
  348. package/dist/docs/specifications/api/docs-cloud-f5-com.0053.public.ves.io.schema.shape.client_side_defense.ves-swagger.json +1 -0
  349. package/dist/docs/specifications/api/docs-cloud-f5-com.0054.public.ves.io.schema.shape.client_side_defense.allowed_domain.ves-swagger.json +1 -0
  350. package/dist/docs/specifications/api/docs-cloud-f5-com.0055.public.ves.io.schema.shape.client_side_defense.protected_domain.ves-swagger.json +1 -0
  351. package/dist/docs/specifications/api/docs-cloud-f5-com.0056.public.ves.io.schema.shape.client_side_defense.mitigated_domain.ves-swagger.json +1 -0
  352. package/dist/docs/specifications/api/docs-cloud-f5-com.0057.public.ves.io.schema.shape.client_side_defense.subscription.ves-swagger.json +1 -0
  353. package/dist/docs/specifications/api/docs-cloud-f5-com.0058.public.ves.io.schema.cloud_connect.ves-swagger.json +1 -0
  354. package/dist/docs/specifications/api/docs-cloud-f5-com.0059.public.ves.io.schema.cloud_credentials.ves-swagger.json +1 -0
  355. package/dist/docs/specifications/api/docs-cloud-f5-com.0060.public.ves.io.schema.cloud_elastic_ip.ves-swagger.json +1 -0
  356. package/dist/docs/specifications/api/docs-cloud-f5-com.0061.public.ves.io.schema.cloud_region.ves-swagger.json +1 -0
  357. package/dist/docs/specifications/api/docs-cloud-f5-com.0062.public.ves.io.schema.cloud_link.ves-swagger.json +1 -0
  358. package/dist/docs/specifications/api/docs-cloud-f5-com.0063.public.ves.io.schema.cluster.ves-swagger.json +1 -0
  359. package/dist/docs/specifications/api/docs-cloud-f5-com.0064.public.ves.io.schema.api_sec.code_base_integration.ves-swagger.json +1 -0
  360. package/dist/docs/specifications/api/docs-cloud-f5-com.0065.public.ves.io.schema.views.aws_tgw_site.ves-swagger.json +1 -0
  361. package/dist/docs/specifications/api/docs-cloud-f5-com.0066.public.ves.io.schema.views.aws_vpc_site.ves-swagger.json +1 -0
  362. package/dist/docs/specifications/api/docs-cloud-f5-com.0067.public.ves.io.schema.views.voltstack_site.ves-swagger.json +1 -0
  363. package/dist/docs/specifications/api/docs-cloud-f5-com.0068.public.ves.io.schema.views.azure_vnet_site.ves-swagger.json +1 -0
  364. package/dist/docs/specifications/api/docs-cloud-f5-com.0069.public.ves.io.schema.dns_compliance_checks.ves-swagger.json +1 -0
  365. package/dist/docs/specifications/api/docs-cloud-f5-com.0071.public.ves.io.schema.views.forward_proxy_policy.ves-swagger.json +1 -0
  366. package/dist/docs/specifications/api/docs-cloud-f5-com.0072.public.ves.io.schema.views.gcp_vpc_site.ves-swagger.json +1 -0
  367. package/dist/docs/specifications/api/docs-cloud-f5-com.0073.public.ves.io.schema.views.http_loadbalancer.ves-swagger.json +1 -0
  368. package/dist/docs/specifications/api/docs-cloud-f5-com.0074.public.ves.io.schema.views.network_policy_view.ves-swagger.json +1 -0
  369. package/dist/docs/specifications/api/docs-cloud-f5-com.0075.public.ves.io.schema.protocol_inspection.ves-swagger.json +1 -0
  370. package/dist/docs/specifications/api/docs-cloud-f5-com.0076.public.ves.io.schema.views.securemesh_site.ves-swagger.json +1 -0
  371. package/dist/docs/specifications/api/docs-cloud-f5-com.0077.public.ves.io.schema.views.securemesh_site_v2.ves-swagger.json +1 -0
  372. package/dist/docs/specifications/api/docs-cloud-f5-com.0078.public.ves.io.schema.views.tcp_loadbalancer.ves-swagger.json +1 -0
  373. package/dist/docs/specifications/api/docs-cloud-f5-com.0079.public.ves.io.schema.views.udp_loadbalancer.ves-swagger.json +1 -0
  374. package/dist/docs/specifications/api/docs-cloud-f5-com.0080.public.ves.io.schema.bigcne.irule.ves-swagger.json +1 -0
  375. package/dist/docs/specifications/api/docs-cloud-f5-com.0081.public.ves.io.schema.graph.connectivity.ves-swagger.json +1 -0
  376. package/dist/docs/specifications/api/docs-cloud-f5-com.0082.public.ves.io.schema.contact.ves-swagger.json +1 -0
  377. package/dist/docs/specifications/api/docs-cloud-f5-com.0083.public.ves.io.schema.container_registry.ves-swagger.json +1 -0
  378. package/dist/docs/specifications/api/docs-cloud-f5-com.0084.public.ves.io.schema.customer_support.ves-swagger.json +1 -0
  379. package/dist/docs/specifications/api/docs-cloud-f5-com.0085.public.ves.io.schema.dc_cluster_group.ves-swagger.json +1 -0
  380. package/dist/docs/specifications/api/docs-cloud-f5-com.0086.public.ves.io.schema.dns_domain.ves-swagger.json +1 -0
  381. package/dist/docs/specifications/api/docs-cloud-f5-com.0087.public.ves.io.schema.dns_load_balancer.ves-swagger.json +1 -0
  382. package/dist/docs/specifications/api/docs-cloud-f5-com.0088.public.ves.io.schema.dns_lb_health_check.ves-swagger.json +1 -0
  383. package/dist/docs/specifications/api/docs-cloud-f5-com.0089.public.ves.io.schema.dns_lb_pool.ves-swagger.json +1 -0
  384. package/dist/docs/specifications/api/docs-cloud-f5-com.0090.public.ves.io.schema.observability.synthetic_monitor.v1_dns_monitor.ves-swagger.json +1 -0
  385. package/dist/docs/specifications/api/docs-cloud-f5-com.0091.public.ves.io.schema.dns_zone.ves-swagger.json +1 -0
  386. package/dist/docs/specifications/api/docs-cloud-f5-com.0092.public.ves.io.schema.shape.data_delivery.receiver.ves-swagger.json +1 -0
  387. package/dist/docs/specifications/api/docs-cloud-f5-com.0093.public.ves.io.schema.shape.data_delivery.ves-swagger.json +1 -0
  388. package/dist/docs/specifications/api/docs-cloud-f5-com.0094.public.ves.io.schema.bigcne.data_group.ves-swagger.json +1 -0
  389. package/dist/docs/specifications/api/docs-cloud-f5-com.0095.public.ves.io.schema.shape.data_delivery.subscription.ves-swagger.json +1 -0
  390. package/dist/docs/specifications/api/docs-cloud-f5-com.0096.public.ves.io.schema.data_type.ves-swagger.json +1 -0
  391. package/dist/docs/specifications/api/docs-cloud-f5-com.0097.public.ves.io.schema.operate.debug.ves-swagger.json +1 -0
  392. package/dist/docs/specifications/api/docs-cloud-f5-com.0098.public.ves.io.schema.operate.dhcp.ves-swagger.json +1 -0
  393. package/dist/docs/specifications/api/docs-cloud-f5-com.0100.public.ves.io.schema.discovered_service.ves-swagger.json +1 -0
  394. package/dist/docs/specifications/api/docs-cloud-f5-com.0101.public.ves.io.schema.discovery.ves-swagger.json +1 -0
  395. package/dist/docs/specifications/api/docs-cloud-f5-com.0102.public.ves.io.schema.endpoint.ves-swagger.json +1 -0
  396. package/dist/docs/specifications/api/docs-cloud-f5-com.0103.public.ves.io.schema.enhanced_firewall_policy.ves-swagger.json +1 -0
  397. package/dist/docs/specifications/api/docs-cloud-f5-com.0104.public.ves.io.schema.views.external_connector.ves-swagger.json +1 -0
  398. package/dist/docs/specifications/api/docs-cloud-f5-com.0105.public.ves.io.schema.dns_zone.rrset.ves-swagger.json +1 -0
  399. package/dist/docs/specifications/api/docs-cloud-f5-com.0106.public.ves.io.schema.dns_zone.subscription.ves-swagger.json +1 -0
  400. package/dist/docs/specifications/api/docs-cloud-f5-com.0107.public.ves.io.schema.malware_protection.subscription.ves-swagger.json +1 -0
  401. package/dist/docs/specifications/api/docs-cloud-f5-com.0108.public.ves.io.schema.secret_management.ves-swagger.json +1 -0
  402. package/dist/docs/specifications/api/docs-cloud-f5-com.0109.public.ves.io.schema.voltshare.ves-swagger.json +1 -0
  403. package/dist/docs/specifications/api/docs-cloud-f5-com.0110.public.ves.io.schema.maintenance_status.ves-swagger.json +1 -0
  404. package/dist/docs/specifications/api/docs-cloud-f5-com.0111.public.ves.io.schema.fast_acl.ves-swagger.json +1 -0
  405. package/dist/docs/specifications/api/docs-cloud-f5-com.0112.public.ves.io.schema.fast_acl_rule.ves-swagger.json +1 -0
  406. package/dist/docs/specifications/api/docs-cloud-f5-com.0113.public.ves.io.schema.filter_set.ves-swagger.json +1 -0
  407. package/dist/docs/specifications/api/docs-cloud-f5-com.0114.public.ves.io.schema.fleet.ves-swagger.json +1 -0
  408. package/dist/docs/specifications/api/docs-cloud-f5-com.0115.public.ves.io.schema.flow_anomaly.ves-swagger.json +1 -0
  409. package/dist/docs/specifications/api/docs-cloud-f5-com.0116.public.ves.io.schema.operate.flow.ves-swagger.json +1 -0
  410. package/dist/docs/specifications/api/docs-cloud-f5-com.0117.public.ves.io.schema.flow.ves-swagger.json +1 -0
  411. package/dist/docs/specifications/api/docs-cloud-f5-com.0118.public.ves.io.schema.forwarding_class.ves-swagger.json +1 -0
  412. package/dist/docs/specifications/api/docs-cloud-f5-com.0119.public.ves.io.schema.data_privacy.geo_config.ves-swagger.json +1 -0
  413. package/dist/docs/specifications/api/docs-cloud-f5-com.0120.public.ves.io.schema.geo_location_set.ves-swagger.json +1 -0
  414. package/dist/docs/specifications/api/docs-cloud-f5-com.0121.public.ves.io.schema.gia.ves-swagger.json +1 -0
  415. package/dist/docs/specifications/api/docs-cloud-f5-com.0122.public.ves.io.schema.global_log_receiver.ves-swagger.json +1 -0
  416. package/dist/docs/specifications/api/docs-cloud-f5-com.0123.public.ves.io.schema.observability.synthetic_monitor.v1_http_monitor.ves-swagger.json +1 -0
  417. package/dist/docs/specifications/api/docs-cloud-f5-com.0124.public.ves.io.schema.healthcheck.ves-swagger.json +1 -0
  418. package/dist/docs/specifications/api/docs-cloud-f5-com.0125.public.ves.io.schema.ike1.ves-swagger.json +1 -0
  419. package/dist/docs/specifications/api/docs-cloud-f5-com.0126.public.ves.io.schema.views.ike_phase1_profile.ves-swagger.json +1 -0
  420. package/dist/docs/specifications/api/docs-cloud-f5-com.0127.public.ves.io.schema.ike2.ves-swagger.json +1 -0
  421. package/dist/docs/specifications/api/docs-cloud-f5-com.0128.public.ves.io.schema.views.ike_phase2_profile.ves-swagger.json +1 -0
  422. package/dist/docs/specifications/api/docs-cloud-f5-com.0129.public.ves.io.schema.ip_prefix_set.ves-swagger.json +1 -0
  423. package/dist/docs/specifications/api/docs-cloud-f5-com.0130.public.ves.io.schema.implicit_label.ves-swagger.json +1 -0
  424. package/dist/docs/specifications/api/docs-cloud-f5-com.0131.public.ves.io.schema.infraprotect.ves-swagger.json +1 -0
  425. package/dist/docs/specifications/api/docs-cloud-f5-com.0132.public.ves.io.schema.infraprotect_asn.ves-swagger.json +1 -0
  426. package/dist/docs/specifications/api/docs-cloud-f5-com.0133.public.ves.io.schema.infraprotect_asn_prefix.ves-swagger.json +1 -0
  427. package/dist/docs/specifications/api/docs-cloud-f5-com.0134.public.ves.io.schema.infraprotect_deny_list_rule.ves-swagger.json +1 -0
  428. package/dist/docs/specifications/api/docs-cloud-f5-com.0135.public.ves.io.schema.infraprotect_firewall_rule.ves-swagger.json +1 -0
  429. package/dist/docs/specifications/api/docs-cloud-f5-com.0136.public.ves.io.schema.infraprotect_firewall_rule_group.ves-swagger.json +1 -0
  430. package/dist/docs/specifications/api/docs-cloud-f5-com.0137.public.ves.io.schema.infraprotect_firewall_ruleset.ves-swagger.json +1 -0
  431. package/dist/docs/specifications/api/docs-cloud-f5-com.0138.public.ves.io.schema.infraprotect_information.ves-swagger.json +1 -0
  432. package/dist/docs/specifications/api/docs-cloud-f5-com.0139.public.ves.io.schema.infraprotect_internet_prefix_advertisement.ves-swagger.json +1 -0
  433. package/dist/docs/specifications/api/docs-cloud-f5-com.0140.public.ves.io.schema.usage.invoice.ves-swagger.json +1 -0
  434. package/dist/docs/specifications/api/docs-cloud-f5-com.0141.public.ves.io.schema.k8s_cluster.ves-swagger.json +1 -0
  435. package/dist/docs/specifications/api/docs-cloud-f5-com.0142.public.ves.io.schema.k8s_cluster_role.ves-swagger.json +1 -0
  436. package/dist/docs/specifications/api/docs-cloud-f5-com.0143.public.ves.io.schema.k8s_cluster_role_binding.ves-swagger.json +1 -0
  437. package/dist/docs/specifications/api/docs-cloud-f5-com.0144.public.ves.io.schema.k8s_pod_security_admission.ves-swagger.json +1 -0
  438. package/dist/docs/specifications/api/docs-cloud-f5-com.0145.public.ves.io.schema.k8s_pod_security_policy.ves-swagger.json +1 -0
  439. package/dist/docs/specifications/api/docs-cloud-f5-com.0146.public.ves.io.schema.known_label.ves-swagger.json +1 -0
  440. package/dist/docs/specifications/api/docs-cloud-f5-com.0147.public.ves.io.schema.known_label_key.ves-swagger.json +1 -0
  441. package/dist/docs/specifications/api/docs-cloud-f5-com.0148.public.ves.io.schema.data_privacy.lma_region.ves-swagger.json +1 -0
  442. package/dist/docs/specifications/api/docs-cloud-f5-com.0149.public.ves.io.schema.operate.lte.ves-swagger.json +1 -0
  443. package/dist/docs/specifications/api/docs-cloud-f5-com.0150.public.ves.io.schema.log_receiver.ves-swagger.json +1 -0
  444. package/dist/docs/specifications/api/docs-cloud-f5-com.0151.public.ves.io.schema.log.ves-swagger.json +1 -0
  445. package/dist/docs/specifications/api/docs-cloud-f5-com.0152.public.ves.io.schema.malicious_user_mitigation.ves-swagger.json +1 -0
  446. package/dist/docs/specifications/api/docs-cloud-f5-com.0153.public.ves.io.schema.tenant_management.managed_tenant.ves-swagger.json +1 -0
  447. package/dist/docs/specifications/api/docs-cloud-f5-com.0154.public.ves.io.schema.shape.mobile_app_shield.subscription.ves-swagger.json +1 -0
  448. package/dist/docs/specifications/api/docs-cloud-f5-com.0155.public.ves.io.schema.shape.mobile_integrator.subscription.ves-swagger.json +1 -0
  449. package/dist/docs/specifications/api/docs-cloud-f5-com.0156.public.ves.io.schema.shape.bot_defense.mobile_sdk.ves-swagger.json +1 -0
  450. package/dist/docs/specifications/api/docs-cloud-f5-com.0157.public.ves.io.schema.shape.bot_defense.mobile_base_config.ves-swagger.json +1 -0
  451. package/dist/docs/specifications/api/docs-cloud-f5-com.0158.public.ves.io.schema.module_management.ves-swagger.json +1 -0
  452. package/dist/docs/specifications/api/docs-cloud-f5-com.0159.public.ves.io.schema.nat_policy.ves-swagger.json +1 -0
  453. package/dist/docs/specifications/api/docs-cloud-f5-com.0160.public.ves.io.schema.nfv_service.ves-swagger.json +1 -0
  454. package/dist/docs/specifications/api/docs-cloud-f5-com.0161.public.ves.io.schema.nginx.one.nginx_csg.ves-swagger.json +1 -0
  455. package/dist/docs/specifications/api/docs-cloud-f5-com.0162.public.ves.io.schema.nginx.one.nginx_instance.ves-swagger.json +1 -0
  456. package/dist/docs/specifications/api/docs-cloud-f5-com.0163.public.ves.io.schema.nginx.one.nginx_server.ves-swagger.json +1 -0
  457. package/dist/docs/specifications/api/docs-cloud-f5-com.0164.public.ves.io.schema.nginx.one.subscription.ves-swagger.json +1 -0
  458. package/dist/docs/specifications/api/docs-cloud-f5-com.0165.public.ves.io.schema.nginx.one.nginx_service_discovery.ves-swagger.json +1 -0
  459. package/dist/docs/specifications/api/docs-cloud-f5-com.0166.public.ves.io.schema.namespace.ves-swagger.json +1 -0
  460. package/dist/docs/specifications/api/docs-cloud-f5-com.0167.public.ves.io.schema.namespace_role.ves-swagger.json +1 -0
  461. package/dist/docs/specifications/api/docs-cloud-f5-com.0168.public.ves.io.schema.pbac.navigation_tile.ves-swagger.json +1 -0
  462. package/dist/docs/specifications/api/docs-cloud-f5-com.0169.public.ves.io.schema.network_connector.ves-swagger.json +1 -0
  463. package/dist/docs/specifications/api/docs-cloud-f5-com.0170.public.ves.io.schema.network_firewall.ves-swagger.json +1 -0
  464. package/dist/docs/specifications/api/docs-cloud-f5-com.0171.public.ves.io.schema.network_interface.ves-swagger.json +1 -0
  465. package/dist/docs/specifications/api/docs-cloud-f5-com.0172.public.ves.io.schema.network_policy.ves-swagger.json +1 -0
  466. package/dist/docs/specifications/api/docs-cloud-f5-com.0173.public.ves.io.schema.network_policy_rule.ves-swagger.json +1 -0
  467. package/dist/docs/specifications/api/docs-cloud-f5-com.0174.public.ves.io.schema.network_policy_set.ves-swagger.json +1 -0
  468. package/dist/docs/specifications/api/docs-cloud-f5-com.0175.public.ves.io.schema.observability.subscription.ves-swagger.json +1 -0
  469. package/dist/docs/specifications/api/docs-cloud-f5-com.0176.public.ves.io.schema.marketplace.aws_account.ves-swagger.json +1 -0
  470. package/dist/docs/specifications/api/docs-cloud-f5-com.0177.public.ves.io.schema.views.origin_pool.ves-swagger.json +1 -0
  471. package/dist/docs/specifications/api/docs-cloud-f5-com.0178.public.ves.io.schema.billing.payment_method.ves-swagger.json +1 -0
  472. package/dist/docs/specifications/api/docs-cloud-f5-com.0179.public.ves.io.schema.operate.ping.ves-swagger.json +1 -0
  473. package/dist/docs/specifications/api/docs-cloud-f5-com.0180.public.ves.io.schema.pbac.plan.ves-swagger.json +1 -0
  474. package/dist/docs/specifications/api/docs-cloud-f5-com.0181.public.ves.io.schema.billing.plan_transition.ves-swagger.json +1 -0
  475. package/dist/docs/specifications/api/docs-cloud-f5-com.0182.public.ves.io.schema.policer.ves-swagger.json +1 -0
  476. package/dist/docs/specifications/api/docs-cloud-f5-com.0183.public.ves.io.schema.views.policy_based_routing.ves-swagger.json +1 -0
  477. package/dist/docs/specifications/api/docs-cloud-f5-com.0184.public.ves.io.schema.shape.bot_defense.protected_application.ves-swagger.json +1 -0
  478. package/dist/docs/specifications/api/docs-cloud-f5-com.0185.public.ves.io.schema.protocol_policer.ves-swagger.json +1 -0
  479. package/dist/docs/specifications/api/docs-cloud-f5-com.0186.public.ves.io.schema.views.proxy.ves-swagger.json +1 -0
  480. package/dist/docs/specifications/api/docs-cloud-f5-com.0187.public.ves.io.schema.public_ip.ves-swagger.json +1 -0
  481. package/dist/docs/specifications/api/docs-cloud-f5-com.0188.public.ves.io.schema.quota.ves-swagger.json +1 -0
  482. package/dist/docs/specifications/api/docs-cloud-f5-com.0189.public.ves.io.schema.rbac_policy.ves-swagger.json +1 -0
  483. package/dist/docs/specifications/api/docs-cloud-f5-com.0190.public.ves.io.schema.rate_limiter.ves-swagger.json +1 -0
  484. package/dist/docs/specifications/api/docs-cloud-f5-com.0191.public.ves.io.schema.views.rate_limiter_policy.ves-swagger.json +1 -0
  485. package/dist/docs/specifications/api/docs-cloud-f5-com.0192.public.ves.io.schema.registration.ves-swagger.json +1 -0
  486. package/dist/docs/specifications/api/docs-cloud-f5-com.0193.public.ves.io.schema.report.ves-swagger.json +1 -0
  487. package/dist/docs/specifications/api/docs-cloud-f5-com.0194.public.ves.io.schema.report_config.ves-swagger.json +1 -0
  488. package/dist/docs/specifications/api/docs-cloud-f5-com.0195.public.ves.io.schema.role.ves-swagger.json +1 -0
  489. package/dist/docs/specifications/api/docs-cloud-f5-com.0196.public.ves.io.schema.trusted_ca_list.ves-swagger.json +1 -0
  490. package/dist/docs/specifications/api/docs-cloud-f5-com.0197.public.ves.io.schema.route.ves-swagger.json +1 -0
  491. package/dist/docs/specifications/api/docs-cloud-f5-com.0198.public.ves.io.schema.operate.route.ves-swagger.json +1 -0
  492. package/dist/docs/specifications/api/docs-cloud-f5-com.0199.public.ves.io.schema.srv6_network_slice.ves-swagger.json +1 -0
  493. package/dist/docs/specifications/api/docs-cloud-f5-com.0200.public.ves.io.schema.oidc_provider.ves-swagger.json +1 -0
  494. package/dist/docs/specifications/api/docs-cloud-f5-com.0201.public.ves.io.schema.secret_management_access.ves-swagger.json +1 -0
  495. package/dist/docs/specifications/api/docs-cloud-f5-com.0202.public.ves.io.schema.secret_policy.ves-swagger.json +1 -0
  496. package/dist/docs/specifications/api/docs-cloud-f5-com.0203.public.ves.io.schema.secret_policy_rule.ves-swagger.json +1 -0
  497. package/dist/docs/specifications/api/docs-cloud-f5-com.0204.public.ves.io.schema.segment.ves-swagger.json +1 -0
  498. package/dist/docs/specifications/api/docs-cloud-f5-com.0205.public.ves.io.schema.segment_connection.ves-swagger.json +1 -0
  499. package/dist/docs/specifications/api/docs-cloud-f5-com.0206.public.ves.io.schema.sensitive_data_policy.ves-swagger.json +1 -0
  500. package/dist/docs/specifications/api/docs-cloud-f5-com.0207.public.ves.io.schema.graph.service.ves-swagger.json +1 -0
  501. package/dist/docs/specifications/api/docs-cloud-f5-com.0208.public.ves.io.schema.service_policy.ves-swagger.json +1 -0
  502. package/dist/docs/specifications/api/docs-cloud-f5-com.0209.public.ves.io.schema.service_policy_rule.ves-swagger.json +1 -0
  503. package/dist/docs/specifications/api/docs-cloud-f5-com.0210.public.ves.io.schema.service_policy_set.ves-swagger.json +1 -0
  504. package/dist/docs/specifications/api/docs-cloud-f5-com.0211.public.ves.io.schema.shape_bot_defense_instance.ves-swagger.json +1 -0
  505. package/dist/docs/specifications/api/docs-cloud-f5-com.0212.public.ves.io.schema.shape.bot_defense.reporting.ves-swagger.json +1 -0
  506. package/dist/docs/specifications/api/docs-cloud-f5-com.0213.public.ves.io.schema.shape.bot_defense.subscription.ves-swagger.json +1 -0
  507. package/dist/docs/specifications/api/docs-cloud-f5-com.0214.public.ves.io.schema.shape.recognize.ves-swagger.json +1 -0
  508. package/dist/docs/specifications/api/docs-cloud-f5-com.0215.public.ves.io.schema.shape.safeap.ves-swagger.json +1 -0
  509. package/dist/docs/specifications/api/docs-cloud-f5-com.0216.public.ves.io.schema.shape.safe.ves-swagger.json +1 -0
  510. package/dist/docs/specifications/api/docs-cloud-f5-com.0217.public.ves.io.schema.signup.ves-swagger.json +1 -0
  511. package/dist/docs/specifications/api/docs-cloud-f5-com.0218.public.ves.io.schema.site.ves-swagger.json +1 -0
  512. package/dist/docs/specifications/api/docs-cloud-f5-com.0219.public.ves.io.schema.graph.site.ves-swagger.json +1 -0
  513. package/dist/docs/specifications/api/docs-cloud-f5-com.0220.public.ves.io.schema.site_mesh_group.ves-swagger.json +1 -0
  514. package/dist/docs/specifications/api/docs-cloud-f5-com.0221.public.ves.io.schema.status_at_site.ves-swagger.json +1 -0
  515. package/dist/docs/specifications/api/docs-cloud-f5-com.0222.public.ves.io.schema.stored_object.ves-swagger.json +1 -0
  516. package/dist/docs/specifications/api/docs-cloud-f5-com.0223.public.ves.io.schema.subnet.ves-swagger.json +1 -0
  517. package/dist/docs/specifications/api/docs-cloud-f5-com.0224.public.ves.io.schema.usage.subscription.ves-swagger.json +1 -0
  518. package/dist/docs/specifications/api/docs-cloud-f5-com.0225.public.ves.io.schema.subscription.ves-swagger.json +1 -0
  519. package/dist/docs/specifications/api/docs-cloud-f5-com.0226.public.ves.io.schema.observability.synthetic_monitor.ves-swagger.json +1 -0
  520. package/dist/docs/specifications/api/docs-cloud-f5-com.0227.public.ves.io.schema.scim.ves-swagger.json +1 -0
  521. package/dist/docs/specifications/api/docs-cloud-f5-com.0228.public.ves.io.schema.tpm_api_key.ves-swagger.json +1 -0
  522. package/dist/docs/specifications/api/docs-cloud-f5-com.0229.public.ves.io.schema.tpm_category.ves-swagger.json +1 -0
  523. package/dist/docs/specifications/api/docs-cloud-f5-com.0230.public.ves.io.schema.tpm_manager.ves-swagger.json +1 -0
  524. package/dist/docs/specifications/api/docs-cloud-f5-com.0231.public.ves.io.schema.tpm_provision.ves-swagger.json +1 -0
  525. package/dist/docs/specifications/api/docs-cloud-f5-com.0232.public.ves.io.schema.operate.tcpdump.ves-swagger.json +1 -0
  526. package/dist/docs/specifications/api/docs-cloud-f5-com.0233.public.ves.io.schema.tenant.ves-swagger.json +1 -0
  527. package/dist/docs/specifications/api/docs-cloud-f5-com.0234.public.ves.io.schema.views.tenant_configuration.ves-swagger.json +1 -0
  528. package/dist/docs/specifications/api/docs-cloud-f5-com.0235.public.ves.io.schema.tenant_management.ves-swagger.json +1 -0
  529. package/dist/docs/specifications/api/docs-cloud-f5-com.0236.public.ves.io.schema.tenant_management.tenant_profile.ves-swagger.json +1 -0
  530. package/dist/docs/specifications/api/docs-cloud-f5-com.0237.public.ves.io.schema.views.third_party_application.ves-swagger.json +1 -0
  531. package/dist/docs/specifications/api/docs-cloud-f5-com.0238.public.ves.io.schema.ticket_management.ticket_tracking_system.ves-swagger.json +1 -0
  532. package/dist/docs/specifications/api/docs-cloud-f5-com.0239.public.ves.io.schema.token.ves-swagger.json +1 -0
  533. package/dist/docs/specifications/api/docs-cloud-f5-com.0240.public.ves.io.schema.topology.ves-swagger.json +1 -0
  534. package/dist/docs/specifications/api/docs-cloud-f5-com.0241.public.ves.io.schema.operate.traceroute.ves-swagger.json +1 -0
  535. package/dist/docs/specifications/api/docs-cloud-f5-com.0242.public.ves.io.schema.tunnel.ves-swagger.json +1 -0
  536. package/dist/docs/specifications/api/docs-cloud-f5-com.0243.public.ves.io.schema.infraprotect_tunnel.ves-swagger.json +1 -0
  537. package/dist/docs/specifications/api/docs-cloud-f5-com.0244.public.ves.io.schema.operate.usb.ves-swagger.json +1 -0
  538. package/dist/docs/specifications/api/docs-cloud-f5-com.0245.public.ves.io.schema.usb_policy.ves-swagger.json +1 -0
  539. package/dist/docs/specifications/api/docs-cloud-f5-com.0246.public.ves.io.schema.ui.static_component.ves-swagger.json +1 -0
  540. package/dist/docs/specifications/api/docs-cloud-f5-com.0247.public.ves.io.schema.upgrade_status.ves-swagger.json +1 -0
  541. package/dist/docs/specifications/api/docs-cloud-f5-com.0248.public.ves.io.schema.virtual_appliance.ves-swagger.json +1 -0
  542. package/dist/docs/specifications/api/docs-cloud-f5-com.0249.public.ves.io.schema.usage.ves-swagger.json +1 -0
  543. package/dist/docs/specifications/api/docs-cloud-f5-com.0250.public.ves.io.schema.usage.plan.ves-swagger.json +1 -0
  544. package/dist/docs/specifications/api/docs-cloud-f5-com.0251.public.ves.io.schema.user.ves-swagger.json +1 -0
  545. package/dist/docs/specifications/api/docs-cloud-f5-com.0252.public.ves.io.schema.user_group.ves-swagger.json +1 -0
  546. package/dist/docs/specifications/api/docs-cloud-f5-com.0253.public.ves.io.schema.user_identification.ves-swagger.json +1 -0
  547. package/dist/docs/specifications/api/docs-cloud-f5-com.0254.public.ves.io.schema.user.setting.ves-swagger.json +1 -0
  548. package/dist/docs/specifications/api/docs-cloud-f5-com.0255.public.ves.io.schema.views.view_internal.ves-swagger.json +1 -0
  549. package/dist/docs/specifications/api/docs-cloud-f5-com.0256.public.ves.io.schema.views.terraform_parameters.ves-swagger.json +1 -0
  550. package/dist/docs/specifications/api/docs-cloud-f5-com.0257.public.ves.io.schema.virtual_host.ves-swagger.json +1 -0
  551. package/dist/docs/specifications/api/docs-cloud-f5-com.0258.public.ves.io.schema.virtual_k8s.ves-swagger.json +1 -0
  552. package/dist/docs/specifications/api/docs-cloud-f5-com.0259.public.ves.io.schema.virtual_network.ves-swagger.json +1 -0
  553. package/dist/docs/specifications/api/docs-cloud-f5-com.0260.public.ves.io.schema.virtual_site.ves-swagger.json +1 -0
  554. package/dist/docs/specifications/api/docs-cloud-f5-com.0261.public.ves.io.schema.voltshare_admin_policy.ves-swagger.json +1 -0
  555. package/dist/docs/specifications/api/docs-cloud-f5-com.0262.public.ves.io.schema.waf.ves-swagger.json +1 -0
  556. package/dist/docs/specifications/api/docs-cloud-f5-com.0263.public.ves.io.schema.waf_exclusion_policy.ves-swagger.json +1 -0
  557. package/dist/docs/specifications/api/docs-cloud-f5-com.0264.public.ves.io.schema.waf_signatures_changelog.ves-swagger.json +1 -0
  558. package/dist/docs/specifications/api/docs-cloud-f5-com.0265.public.ves.io.schema.operate.wifi.ves-swagger.json +1 -0
  559. package/dist/docs/specifications/api/docs-cloud-f5-com.0266.public.ves.io.schema.was.user_token.ves-swagger.json +1 -0
  560. package/dist/docs/specifications/api/docs-cloud-f5-com.0267.public.ves.io.schema.views.workload.ves-swagger.json +1 -0
  561. package/dist/docs/specifications/api/docs-cloud-f5-com.0268.public.ves.io.schema.workload_flavor.ves-swagger.json +1 -0
  562. package/dist/docs/specifications/api/docs-cloud-f5-com.0269.public.ves.io.schema.marketplace.xc_saas.ves-swagger.json +1 -0
  563. package/dist/docs/specifications/api/docs-cloud-f5-com.0270.public.ves.io.schema.graph.l3l4.ves-swagger.json +1 -0
  564. package/dist/index.js +21 -21
  565. package/dist/index.js.map +1 -1
  566. package/dist/services/api-specs.d.ts.map +1 -1
  567. package/dist/services/api-specs.js +15 -3
  568. package/dist/services/api-specs.js.map +1 -1
  569. package/dist/services/documentation.d.ts.map +1 -1
  570. package/dist/services/documentation.js +25 -9
  571. package/dist/services/documentation.js.map +1 -1
  572. package/package.json +6 -3
package/dist/docs/specifications/api/docs-cloud-f5-com.0020.public.ves.io.schema.app_security.ves-swagger.json ADDED
@@ -0,0 +1 @@
1
+ {"openapi":"3.0.0","info":{"title":"F5 Distributed Cloud Services API for ves.io.schema.app_security","description":"API to create API endpoint protection rule suggestion from App Security Monitoring pages","version":""},"paths":{"/api/data/namespaces/system/app_security/all_ns_events":{"post":{"summary":"Security Events Query All Namespaces","description":"Get security events for the given namespace.\nFor `system` namespace, all security events for the tenant matching the query specified\nin the request will be returned in the response. User may query security events that matches various\nfields such as `vh_name`, `sec_event_type`, `src_site`, `city`, `country`.\nThis API is specific to system namespace","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsQueryAllNamespaces","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityEventsResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"requestBody":{"$ref":"#/components/requestBodies/app_securitySecurityEventsRequest"},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-securityeventsqueryallnamespaces"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsQueryAllNamespaces"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/data/namespaces/system/app_security/all_ns_events/aggregation":{"post":{"summary":"Security Events Aggregation Query All Namespaces","description":"Get summary/aggregation data for security events in the given namespace.\nFor `system` namespace, all security events for the tenant matching the query specified\nin the request will be considered for aggregation. User may query security events that matches various\nfields such as `vh_name`, `sec_event_type`, `src_site`, `city`, `country`.","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsAggregationQueryAllNamespaces","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityEventsAggregationResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"requestBody":{"$ref":"#/components/requestBodies/app_securitySecurityEventsAggregationRequest"},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-securityeventsaggregationqueryallnamespaces"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsAggregationQueryAllNamespaces"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/data/namespaces/system/app_security/all_ns_search/loadbalancers":{"post":{"summary":"Search load balancers All Namespaces","description":"Get list of virtual hosts matching label filter","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SearchLoadBalancersAllNamespaces","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySearchLoadBalancersResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"requestBody":{"$ref":"#/components/requestBodies/app_securitySearchLoadBalancersRequest"},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-searchloadbalancersallnamespaces"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SearchLoadBalancersAllNamespaces"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/data/namespaces/{namespace}/app_security/events":{"post":{"summary":"Security Events Query","description":"Get security events for the given namespace.\nFor `system` namespace, all security events for the tenant matching the query specified\nin the request will be returned in the response. User may query security events that matches various\nfields such as `vh_name`, `sec_event_type`, `src_site`, `city`, `country`.","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsQuery","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityEventsResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nfetch security events for a given namespace\nx-example: \"bloggin-app-namespace-1\"","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/app_securitySecurityEventsRequest"},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-securityeventsquery"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsQuery"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/data/namespaces/{namespace}/app_security/events/aggregation":{"post":{"summary":"Security Events Aggregation Query","description":"Get summary/aggregation data for security events in the given namespace.\nFor `system` namespace, all security events for the tenant matching the query specified\nin the request will be considered for aggregation. User may query security events that matches various\nfields such as `vh_name`, `sec_event_type`, `src_site`, `city`, `country`.","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsAggregationQuery","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityEventsAggregationResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nfetch security events for a given namespace\nx-example: \"bloggin-app-namespace-1\"","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/app_securitySecurityEventsAggregationRequest"},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-securityeventsaggregationquery"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsAggregationQuery"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/data/namespaces/{namespace}/app_security/events/scroll":{"get":{"summary":"Security Event Scroll Query","description":"Scroll request is used to fetch large number of security events in multiple batches with each SecurityEventResponse\ncontaining no more than 500 messages. To scroll through more than 500 or all messages, one can use the\nSecurityEventScrollRequest. Use the scroll_id returned in the SecurityEventResponse to fetch the next batch of security events\nand one can continue this process till the scroll_id returned is \"\" which indicates no more events to scroll.","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsScrollQuery","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityEventsResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"bloggin-app-namespace-1\"\nfetch the WAF security events scoped by namespace","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"scroll_id","description":"x-example: \"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ==\"\nLong Base-64 encoded string which can be used to retrieve next batch of security events.","in":"query","required":false,"x-displayname":"Scroll ID","schema":{"type":"string"}}],"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-securityeventsscrollquery"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsScrollQuery"},"post":{"summary":"Security Event Scroll Query","description":"Scroll request is used to fetch large number of security events in multiple batches with each SecurityEventResponse\ncontaining no more than 500 messages. To scroll through more than 500 or all messages, one can use the\nSecurityEventScrollRequest. Use the scroll_id returned in the SecurityEventResponse to fetch the next batch of security events\nand one can continue this process till the scroll_id returned is \"\" which indicates no more events to scroll.","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsScrollQuery","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityEventsResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"bloggin-app-namespace-1\"\nfetch the WAF security events scoped by namespace","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityEventsScrollRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-securityeventsscrollquery"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsScrollQuery"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/data/namespaces/{namespace}/app_security/incidents":{"post":{"summary":"Security Incidents Query","description":"Get security incidents for the given namespace.\nFor `system` namespace, all security incidents for the tenant matching the query specified\nin the request will be returned in the response. User may query security incidents that matches various\nfields such as `vh_name`, `intent`, `city`, `country`.","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityIncidentsQuery","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityIncidentsResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"bloggin-app-namespace-1\"\nFetch security incidents for a given namespace","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityIncidentsRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-securityincidentsquery"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityIncidentsQuery"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/data/namespaces/{namespace}/app_security/incidents/aggregation":{"post":{"summary":"Security Incidents Aggregation Query","description":"Get summary/aggregation data for security incidents in the given namespace.\nFor `system` namespace, all security incidents for the tenant matching the query specified in the request will be\nconsidered for aggregation. User may query security events that matches various fields such as `vh_name`,\n`intent`, `city`, `country`.","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityIncidentsAggregationQuery","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityIncidentsAggregationResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"bloggin-app-namespace-1\"\nFetch security incidents for a given namespace","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityIncidentsAggregationRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-securityincidentsaggregationquery"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityIncidentsAggregationQuery"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/data/namespaces/{namespace}/app_security/incidents/scroll":{"get":{"summary":"Security Incidents Scroll Query","description":"Scroll request is used to fetch large number of security incidents in multiple batches with each SecurityIncidentsResponse\ncontaining no more than 500 messages. To scroll through more than 500 or all messages, one can use the\nSecurityIncidentsScrollRequest. Use the scroll_id returned in the SecurityIncidentsResponse to fetch the next batch\nof security incidents and one can continue this process till the scroll_id returned is \"\" which indicates no more\nevents to scroll.","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityIncidentsScrollQuery","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityIncidentsResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"bloggin-app-namespace-1\"\nFetch security incidents for a given namespace","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"scroll_id","description":"x-example: \"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ==\"\nLong Base-64 encoded string which can be used to retrieve next batch of security events.","in":"query","required":false,"x-displayname":"Scroll ID","schema":{"type":"string"}}],"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-securityincidentsscrollquery"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityIncidentsScrollQuery"},"post":{"summary":"Security Incidents Scroll Query","description":"Scroll request is used to fetch large number of security incidents in multiple batches with each SecurityIncidentsResponse\ncontaining no more than 500 messages. To scroll through more than 500 or all messages, one can use the\nSecurityIncidentsScrollRequest. Use the scroll_id returned in the SecurityIncidentsResponse to fetch the next batch\nof security incidents and one can continue this process till the scroll_id returned is \"\" which indicates no more\nevents to scroll.","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityIncidentsScrollQuery","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityIncidentsResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"bloggin-app-namespace-1\"\nFetch security incidents for a given namespace","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityIncidentsScrollRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-securityincidentsscrollquery"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityIncidentsScrollQuery"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/data/namespaces/{namespace}/app_security/metrics":{"post":{"summary":"Security Events Metrics","description":"Get the number of security events for a given namespace.\nSecurity events can be aggregated across multiple dimensions like VIRTUAL_HOST, SITE, SEC_EVENT_TYPE, etc.,","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsMetrics","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityEventsCountResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"bloggin-app-namespace-1\"\nnamespace is used to scope the security events for the given namespace.","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityEventsCountRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-securityeventsmetrics"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SecurityEventsMetrics"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/data/namespaces/{namespace}/app_security/search/loadbalancers":{"post":{"summary":"Search load balancers","description":"Get list of virtual hosts matching label filter","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SearchLoadBalancers","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySearchLoadBalancersResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"shared\"\nNamespace of the App type for current request","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/app_securitySearchLoadBalancersRequest"},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-searchloadbalancers"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SearchLoadBalancers"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/data/namespaces/{namespace}/app_security/suspicious_user_logs":{"post":{"summary":"Suspicious User Logs Query","description":"Get suspicious user logs for the given namespace.\nFor `system` namespace, all suspicious users logs for the tenant matching the query specified\nin the request will be returned in the response. User may query suspicious user logs that matches various\nfields such as `vh_name`, `user`, `site`, `city`, `country`.","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SuspiciousUserLogsQuery","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySuspiciousUserLogsResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nfetch suspicious user logs for a given namespace\nx-example: \"bloggin-app-namespace-1\"","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySuspiciousUserLogsRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-suspicioususerlogsquery"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SuspiciousUserLogsQuery"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/data/namespaces/{namespace}/app_security/suspicious_user_logs/aggregation":{"post":{"summary":"Suspicious User Logs Aggregation Query","description":"Get summary/aggregation data for suspicious user logs in the given namespace.\nFor `system` namespace, all suspicious user logs for the tenant matching the query specified\nin the request will be considered for aggregation. User may query suspicious user logs that matches various\nfields such as `vh_name`, `user`, `site`, `city`, `country`.","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SuspiciousUserLogsAggregationQuery","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySuspiciousUserLogsAggregationResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nfetch suspicious user logs for a given namespace\nx-example: \"bloggin-app-namespace-1\"","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySuspiciousUserLogsAggregationRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-suspicioususerlogsaggregationquery"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SuspiciousUserLogsAggregationQuery"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/data/namespaces/{namespace}/app_security/suspicious_user_logs/scroll":{"get":{"summary":"Suspicious User Logs Scroll Query","description":"Scroll request is used to fetch large number of suspicious user logs in multiple batches with each SuspiciousUserLogsResponse\ncontaining no more than 500 messages. To scroll through more than 500 or all messages, one can use the\nSuspiciousUserLogsScrollRequest. Use the scroll_id returned in the SuspiciousUserLogsResponse to fetch the next batch of logs \nand one can continue this process till the scroll_id returned is \"\" which indicates no more logs to scroll.","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SuspiciousUserLogsScrollQuery","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySuspiciousUserLogsResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"bloggin-app-namespace-1\"\nfetch the next batch of suspicious user logs scoped by namespace","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"scroll_id","description":"x-example: \"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ==\"\nLong Base-64 encoded string which can be used to retrieve next batch of security events.","in":"query","required":false,"x-displayname":"Scroll ID","schema":{"type":"string"}}],"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-suspicioususerlogsscrollquery"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SuspiciousUserLogsScrollQuery"},"post":{"summary":"Suspicious User Logs Scroll Query","description":"Scroll request is used to fetch large number of suspicious user logs in multiple batches with each SuspiciousUserLogsResponse\ncontaining no more than 500 messages. To scroll through more than 500 or all messages, one can use the\nSuspiciousUserLogsScrollRequest. Use the scroll_id returned in the SuspiciousUserLogsResponse to fetch the next batch of logs \nand one can continue this process till the scroll_id returned is \"\" which indicates no more logs to scroll.","operationId":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SuspiciousUserLogsScrollQuery","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySuspiciousUserLogsResponse"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"namespace\n\nx-example: \"bloggin-app-namespace-1\"\nfetch the next batch of suspicious user logs scoped by namespace","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySuspiciousUserLogsScrollRequest"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritymonitoringapi-suspicioususerlogsscrollquery"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityMonitoringAPI.SuspiciousUserLogsScrollQuery"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityMonitoringAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/config/namespaces/{namespace}/cdn_loadbalancers/{name}/block_client/suggestion":{"post":{"summary":"Suggest block client rule","description":"Suggest blocking SimpleClientSrcRule for a given IP/ASN","operationId":"ves.io.schema.app_security.AppSecurityClientRuleAPI.GetSuggestedBlockClientRuleForCDN","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedBlockClientRuleRsp"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"shared\"\nNamespace of the App type for current request","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"Name\n\nx-example: \"ves-io-frontend\"\nHTTP load balancer for which this WAF exclusion will be applied","in":"path","required":true,"x-displayname":"HTTP Load Balancer Name","schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/app_securityGetSuggestedBlockClientRuleReq"},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecurityclientruleapi-getsuggestedblockclientruleforcdn"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityClientRuleAPI.GetSuggestedBlockClientRuleForCDN"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityClientRuleAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/config/namespaces/{namespace}/cdn_loadbalancers/{name}/ddos_mitigation/suggestion":{"post":{"summary":"Suggest CDN DDoS Mitigation rule","description":"Suggest DDoSMitigatonRule to mitigate a given IP/ASN/Region/TLS","operationId":"ves.io.schema.app_security.AppSecurityClientRuleAPI.GetSuggestedDDoSMitigationRuleForCDN","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedDDoSMitigtionRuleRsp"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"shared\"\nNamespace of the App type for current request","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"Name\n\nx-example: \"ves-io-frontend\"\nload balancer for which this WAF exclusion will be applied","in":"path","required":true,"x-displayname":"Load Balancer Name","schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/app_securityGetSuggestedDDoSMitigtionRuleReq"},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecurityclientruleapi-getsuggestedddosmitigationruleforcdn"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityClientRuleAPI.GetSuggestedDDoSMitigationRuleForCDN"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityClientRuleAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/config/namespaces/{namespace}/cdn_loadbalancers/{name}/trust_client/suggestion":{"post":{"summary":"Suggest trust client rule","description":"Suggest SimpleClientSrcRule to trust a given IP/ASN","operationId":"ves.io.schema.app_security.AppSecurityClientRuleAPI.GetSuggestedTrustClientRuleForCDN","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedTrustClientRuleRsp"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"shared\"\nNamespace of the App type for current request","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"Name\n\nx-example: \"ves-io-frontend\"\nHTTP load balancer for which this client blocking rule will be applied","in":"path","required":true,"x-displayname":"HTTP Load Balancer Name","schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/app_securityGetSuggestedTrustClientRuleReq"},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecurityclientruleapi-getsuggestedtrustclientruleforcdn"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityClientRuleAPI.GetSuggestedTrustClientRuleForCDN"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityClientRuleAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/config/namespaces/{namespace}/cdn_loadbalancers/{name}/waf_exclusion/suggestion":{"post":{"summary":"Suggest WAF Exclusion Rule","description":"Suggest service policy rule to set up WAF exclusion for a given WAF security event","operationId":"ves.io.schema.app_security.AppSecurityWafExclusionAPI.GetSuggestedWAFExclusionRuleForCDN","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedWAFExclusionRuleRsp"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"shared\"\nNamespace of the App type for current request","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"Name\n\nx-example: \"ves-io-frontend\"\nHTTP load balancer for which this WAF exclusion will be applied","in":"path","required":true,"x-displayname":"HTTP Load Balancer Name","schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/app_securityGetSuggestedWAFExclusionRuleReq"},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritywafexclusionapi-getsuggestedwafexclusionruleforcdn"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityWafExclusionAPI.GetSuggestedWAFExclusionRuleForCDN"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityWafExclusionAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/config/namespaces/{namespace}/http_loadbalancers/{name}/api_endpoint_protection/suggestion":{"post":{"summary":"Suggest api endpoint protection rule","description":"Suggest API endpoint protection rule for a given path\nDEPRECATED. use api_sec.rule_suggestion.RuleSuggestionAPI.GetSuggestedAPIEndpointProtectionRule","operationId":"ves.io.schema.app_security.APIEndpointProtectionRuleSuggestionAPI.GetSuggestedAPIEndpointProtectionRule","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedAPIEndpointProtectionRuleRsp"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"shared\"\nNamespace of the App type for current request","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"Name\n\nx-example: \"ves-io-frontend\"\nHTTP load balancer for which this API endpoint protection rule applied","in":"path","required":true,"x-displayname":"HTTP Load Balancer Name","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedAPIEndpointProtectionRuleReq"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-apiendpointprotectionrulesuggestionapi-getsuggestedapiendpointprotectionrule"},"x-ves-deprecated":"Use GetSuggestedAPIEndpointProtectionRule in RuleSuggestionAPI","x-ves-proto-rpc":"ves.io.schema.app_security.APIEndpointProtectionRuleSuggestionAPI.GetSuggestedAPIEndpointProtectionRule"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.APIEndpointProtectionRuleSuggestionAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/config/namespaces/{namespace}/http_loadbalancers/{name}/block_client/suggestion":{"post":{"summary":"Suggest block client rule","description":"Suggest blocking SimpleClientSrcRule for a given IP/ASN","operationId":"ves.io.schema.app_security.AppSecurityClientRuleAPI.GetSuggestedBlockClientRule","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedBlockClientRuleRsp"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"shared\"\nNamespace of the App type for current request","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"Name\n\nx-example: \"ves-io-frontend\"\nHTTP load balancer for which this WAF exclusion will be applied","in":"path","required":true,"x-displayname":"HTTP Load Balancer Name","schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/app_securityGetSuggestedBlockClientRuleReq"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityClientRuleAPI.GetSuggestedBlockClientRule"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityClientRuleAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/config/namespaces/{namespace}/http_loadbalancers/{name}/data_exposure/suggestion":{"post":{"summary":"Suggest sensitive data rule","description":"Suggest sensitive data rule for a given path\nDEPRECATED. use api_sec.rule_suggestion.RuleSuggestionAPI.GetSuggestedSensitiveDataRule","operationId":"ves.io.schema.app_security.APISensitiveDataRuleSuggestionAPI.GetSuggestedSensitiveDataRule","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedSensitiveDataRuleRsp"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"shared\"\nNamespace of the App type for current request","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"Name\n\nx-example: \"ves-io-frontend\"\nHTTP load balancer for which this sensitive data rule applied","in":"path","required":true,"x-displayname":"HTTP Load Balancer Name","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedSensitiveDataRuleReq"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-apisensitivedatarulesuggestionapi-getsuggestedsensitivedatarule"},"x-ves-deprecated":"Use GetSuggestedSensitiveDataRule in RuleSuggestionAPI","x-ves-proto-rpc":"ves.io.schema.app_security.APISensitiveDataRuleSuggestionAPI.GetSuggestedSensitiveDataRule"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.APISensitiveDataRuleSuggestionAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/config/namespaces/{namespace}/http_loadbalancers/{name}/ddos_mitigation/suggestion":{"post":{"summary":"Suggest DDoS Mitigation rule","description":"Suggest DDoSMitigatonRule to mitigate a given IP/ASN/Region/TLS","operationId":"ves.io.schema.app_security.AppSecurityClientRuleAPI.GetSuggestedDDoSMitigationRule","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedDDoSMitigtionRuleRsp"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"shared\"\nNamespace of the App type for current request","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"Name\n\nx-example: \"ves-io-frontend\"\nload balancer for which this WAF exclusion will be applied","in":"path","required":true,"x-displayname":"Load Balancer Name","schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/app_securityGetSuggestedDDoSMitigtionRuleReq"},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecurityclientruleapi-getsuggestedddosmitigationrule"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityClientRuleAPI.GetSuggestedDDoSMitigationRule"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityClientRuleAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/config/namespaces/{namespace}/http_loadbalancers/{name}/oas_validation/suggestion":{"post":{"summary":"Suggest Open API specification validation rule","description":"Suggest Open API specification validation rule for a given path\nDEPRECATED. Use api_sec.rule_suggestion.RuleSuggestionAPI.GetSuggestedOasValidationRule","operationId":"ves.io.schema.app_security.OasValidationSuggestionAPI.GetSuggestedOasValidationRule","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedOasValidationRuleRsp"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"shared\"\nNamespace of the App type for current request","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"Name\n\nx-example: \"ves-io-frontend\"\nHTTP load balancer for which this Open API specification validation rule applied","in":"path","required":true,"x-displayname":"HTTP Load Balancer Name","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedOasValidationRuleReq"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-oasvalidationsuggestionapi-getsuggestedoasvalidationrule"},"x-ves-deprecated":"Use GetSuggestedOasValidationRule in RuleSuggestionAPI","x-ves-proto-rpc":"ves.io.schema.app_security.OasValidationSuggestionAPI.GetSuggestedOasValidationRule"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.OasValidationSuggestionAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/config/namespaces/{namespace}/http_loadbalancers/{name}/rate_limit/suggestion":{"post":{"summary":"Suggest rate limit rule","description":"Suggest rate limit rule for a given path\nDEPRECATED. use api_sec.rule_suggestion.RuleSuggestionAPI.GetSuggestedRateLimitRule","operationId":"ves.io.schema.app_security.APIRateLimitRuleSuggestionAPI.GetSuggestedRateLimitRule","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedRateLimitRuleRsp"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"shared\"\nNamespace of the App type for current request","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"Name\n\nx-example: \"ves-io-frontend\"\nHTTP load balancer for which this rate limit rule applied","in":"path","required":true,"x-displayname":"HTTP Load Balancer Name","schema":{"type":"string"}}],"requestBody":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedRateLimitRuleReq"}}},"required":true},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-apiratelimitrulesuggestionapi-getsuggestedratelimitrule"},"x-ves-deprecated":"Use GetSuggestedRateLimitRule in RuleSuggestionAPI","x-ves-proto-rpc":"ves.io.schema.app_security.APIRateLimitRuleSuggestionAPI.GetSuggestedRateLimitRule"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.APIRateLimitRuleSuggestionAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/config/namespaces/{namespace}/http_loadbalancers/{name}/trust_client/suggestion":{"post":{"summary":"Suggest trust client rule","description":"Suggest SimpleClientSrcRule to trust a given IP/ASN","operationId":"ves.io.schema.app_security.AppSecurityClientRuleAPI.GetSuggestedTrustClientRule","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedTrustClientRuleRsp"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"shared\"\nNamespace of the App type for current request","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"Name\n\nx-example: \"ves-io-frontend\"\nHTTP load balancer for which this client blocking rule will be applied","in":"path","required":true,"x-displayname":"HTTP Load Balancer Name","schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/app_securityGetSuggestedTrustClientRuleReq"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityClientRuleAPI.GetSuggestedTrustClientRule"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityClientRuleAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/config/namespaces/{namespace}/http_loadbalancers/{name}/waf_exclusion/suggestion":{"post":{"summary":"Suggest WAF Exclusion Rule","description":"Suggest service policy rule to set up WAF exclusion for a given WAF security event","operationId":"ves.io.schema.app_security.AppSecurityWafExclusionAPI.GetSuggestedWAFExclusionRule","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedWAFExclusionRuleRsp"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"namespace","description":"Namespace\n\nx-example: \"shared\"\nNamespace of the App type for current request","in":"path","required":true,"x-displayname":"Namespace","schema":{"type":"string"}},{"name":"name","description":"Name\n\nx-example: \"ves-io-frontend\"\nHTTP load balancer for which this WAF exclusion will be applied","in":"path","required":true,"x-displayname":"HTTP Load Balancer Name","schema":{"type":"string"}}],"requestBody":{"$ref":"#/components/requestBodies/app_securityGetSuggestedWAFExclusionRuleReq"},"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-appsecuritywafexclusionapi-getsuggestedwafexclusionrule"},"x-ves-proto-rpc":"ves.io.schema.app_security.AppSecurityWafExclusionAPI.GetSuggestedWAFExclusionRule"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.AppSecurityWafExclusionAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"},"/api/waf/threat_campaign/{id}":{"get":{"summary":"Get Threat Campaign by ID","description":"Get Threat Campaign by ID","operationId":"ves.io.schema.app_security.ThreatCampaignAPI.GetThreatCampaignById","responses":{"200":{"description":"A successful response.","content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityThreatCampaign"}}}},"401":{"description":"Returned when operation is not authorized","content":{"application/json":{"schema":{"format":"string"}}}},"403":{"description":"Returned when there is no permission to access resource","content":{"application/json":{"schema":{"format":"string"}}}},"404":{"description":"Returned when resource is not found","content":{"application/json":{"schema":{"format":"string"}}}},"409":{"description":"Returned when operation on resource is conflicting with current value","content":{"application/json":{"schema":{"format":"string"}}}},"429":{"description":"Returned when operation has been rejected as it is happening too frequently","content":{"application/json":{"schema":{"format":"string"}}}},"500":{"description":"Returned when server encountered an error in processing API","content":{"application/json":{"schema":{"format":"string"}}}},"503":{"description":"Returned when service is unavailable temporarily","content":{"application/json":{"schema":{"format":"string"}}}},"504":{"description":"Returned when server timed out processing request","content":{"application/json":{"schema":{"format":"string"}}}}},"parameters":[{"name":"id","description":"id\n\nx-example: \"cmp5641a5adbeabaf2708ce7663ad937df8\"\nx-required\nId with which the request will find entry.","in":"path","required":true,"x-displayname":"Threat Campaign ID","schema":{"type":"string"}}],"externalDocs":{"description":"Examples of this operation","url":"https://docs.cloud.f5.com/docs-v2/platform/reference/api-ref/ves-io-schema-app_security-threatcampaignapi-getthreatcampaignbyid"},"x-ves-proto-rpc":"ves.io.schema.app_security.ThreatCampaignAPI.GetThreatCampaignById"},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-service":"ves.io.schema.app_security.ThreatCampaignAPI","x-ves-proto-service-type":"CUSTOM_PUBLIC"}},"x-displayname":"Application Security Monitoring APIs","x-ves-proto-package":"ves.io.schema.app_security","components":{"requestBodies":{"app_securityGetSuggestedTrustClientRuleReq":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedTrustClientRuleReq"}}},"required":true},"app_securitySearchLoadBalancersRequest":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySearchLoadBalancersRequest"}}},"required":true},"app_securityGetSuggestedBlockClientRuleReq":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedBlockClientRuleReq"}}},"required":true},"app_securitySecurityEventsRequest":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityEventsRequest"}}},"required":true},"app_securitySecurityEventsAggregationRequest":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securitySecurityEventsAggregationRequest"}}},"required":true},"app_securityGetSuggestedDDoSMitigtionRuleReq":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedDDoSMitigtionRuleReq"}}},"required":true},"app_securityGetSuggestedWAFExclusionRuleReq":{"content":{"application/json":{"schema":{"$ref":"#/components/schemas/app_securityGetSuggestedWAFExclusionRuleReq"}}},"required":true}},"schemas":{"app_firewallAppFirewallViolationType":{"type":"string","description":"List of all supported Violation Types\n\nVIOL_NONE\nVIOL_FILETYPE\nVIOL_METHOD\nVIOL_MANDATORY_HEADER\nVIOL_HTTP_RESPONSE_STATUS\nVIOL_REQUEST_MAX_LENGTH\nVIOL_FILE_UPLOAD\nVIOL_FILE_UPLOAD_IN_BODY\nVIOL_XML_MALFORMED\nVIOL_JSON_MALFORMED\nVIOL_ASM_COOKIE_MODIFIED\nVIOL_HTTP_PROTOCOL_MULTIPLE_HOST_HEADERS\nVIOL_HTTP_PROTOCOL_BAD_HOST_HEADER_VALUE\nVIOL_HTTP_PROTOCOL_UNPARSABLE_REQUEST_CONTENT\nVIOL_HTTP_PROTOCOL_NULL_IN_REQUEST\nVIOL_HTTP_PROTOCOL_BAD_HTTP_VERSION\nVIOL_HTTP_PROTOCOL_CRLF_CHARACTERS_BEFORE_REQUEST_START\nVIOL_HTTP_PROTOCOL_NO_HOST_HEADER_IN_HTTP_1_1_REQUEST\nVIOL_HTTP_PROTOCOL_BAD_MULTIPART_PARAMETERS_PARSING\nVIOL_HTTP_PROTOCOL_SEVERAL_CONTENT_LENGTH_HEADERS\nVIOL_HTTP_PROTOCOL_CONTENT_LENGTH_SHOULD_BE_A_POSITIVE_NUMBER\nVIOL_EVASION_DIRECTORY_TRAVERSALS\nVIOL_MALFORMED_REQUEST\nVIOL_EVASION_MULTIPLE_DECODING\nVIOL_DATA_GUARD\nVIOL_EVASION_APACHE_WHITESPACE\nVIOL_COOKIE_MODIFIED\nVIOL_EVASION_IIS_UNICODE_CODEPOINTS\nVIOL_EVASION_IIS_BACKSLASHES\nVIOL_EVASION_PERCENT_U_DECODING\nVIOL_EVASION_BARE_BYTE_DECODING\nVIOL_EVASION_BAD_UNESCAPE\nVIOL_HTTP_PROTOCOL_BAD_MULTIPART_FORMDATA_REQUEST_PARSING\nVIOL_HTTP_PROTOCOL_BODY_IN_GET_OR_HEAD_REQUEST\nVIOL_HTTP_PROTOCOL_HIGH_ASCII_CHARACTERS_IN_HEADERS\nVIOL_ENCODING\nVIOL_COOKIE_MALFORMED\nVIOL_GRAPHQL_FORMAT\nVIOL_GRAPHQL_MALFORMED\nVIOL_GRAPHQL_INTROSPECTION_QUERY","title":"App Firewall Violation Type","enum":["VIOL_NONE","VIOL_FILETYPE","VIOL_METHOD","VIOL_MANDATORY_HEADER","VIOL_HTTP_RESPONSE_STATUS","VIOL_REQUEST_MAX_LENGTH","VIOL_FILE_UPLOAD","VIOL_FILE_UPLOAD_IN_BODY","VIOL_XML_MALFORMED","VIOL_JSON_MALFORMED","VIOL_ASM_COOKIE_MODIFIED","VIOL_HTTP_PROTOCOL_MULTIPLE_HOST_HEADERS","VIOL_HTTP_PROTOCOL_BAD_HOST_HEADER_VALUE","VIOL_HTTP_PROTOCOL_UNPARSABLE_REQUEST_CONTENT","VIOL_HTTP_PROTOCOL_NULL_IN_REQUEST","VIOL_HTTP_PROTOCOL_BAD_HTTP_VERSION","VIOL_HTTP_PROTOCOL_CRLF_CHARACTERS_BEFORE_REQUEST_START","VIOL_HTTP_PROTOCOL_NO_HOST_HEADER_IN_HTTP_1_1_REQUEST","VIOL_HTTP_PROTOCOL_BAD_MULTIPART_PARAMETERS_PARSING","VIOL_HTTP_PROTOCOL_SEVERAL_CONTENT_LENGTH_HEADERS","VIOL_HTTP_PROTOCOL_CONTENT_LENGTH_SHOULD_BE_A_POSITIVE_NUMBER","VIOL_EVASION_DIRECTORY_TRAVERSALS","VIOL_MALFORMED_REQUEST","VIOL_EVASION_MULTIPLE_DECODING","VIOL_DATA_GUARD","VIOL_EVASION_APACHE_WHITESPACE","VIOL_COOKIE_MODIFIED","VIOL_EVASION_IIS_UNICODE_CODEPOINTS","VIOL_EVASION_IIS_BACKSLASHES","VIOL_EVASION_PERCENT_U_DECODING","VIOL_EVASION_BARE_BYTE_DECODING","VIOL_EVASION_BAD_UNESCAPE","VIOL_HTTP_PROTOCOL_BAD_MULTIPART_FORMDATA_REQUEST_PARSING","VIOL_HTTP_PROTOCOL_BODY_IN_GET_OR_HEAD_REQUEST","VIOL_HTTP_PROTOCOL_HIGH_ASCII_CHARACTERS_IN_HEADERS","VIOL_ENCODING","VIOL_COOKIE_MALFORMED","VIOL_GRAPHQL_FORMAT","VIOL_GRAPHQL_MALFORMED","VIOL_GRAPHQL_INTROSPECTION_QUERY"],"default":"VIOL_NONE","x-displayname":"App Firewall Violation Type","x-ves-proto-enum":"ves.io.schema.app_firewall.AppFirewallViolationType"},"app_firewallAttackType":{"type":"string","description":"List of all Attack Types\n\nATTACK_TYPE_NONE\nATTACK_TYPE_NON_BROWSER_CLIENT\nATTACK_TYPE_OTHER_APPLICATION_ATTACKS\nATTACK_TYPE_TROJAN_BACKDOOR_SPYWARE\nATTACK_TYPE_DETECTION_EVASION\nATTACK_TYPE_VULNERABILITY_SCAN\nATTACK_TYPE_ABUSE_OF_FUNCTIONALITY\nATTACK_TYPE_AUTHENTICATION_AUTHORIZATION_ATTACKS\nATTACK_TYPE_BUFFER_OVERFLOW\nATTACK_TYPE_PREDICTABLE_RESOURCE_LOCATION\nATTACK_TYPE_INFORMATION_LEAKAGE\nATTACK_TYPE_DIRECTORY_INDEXING\nATTACK_TYPE_PATH_TRAVERSAL\nATTACK_TYPE_XPATH_INJECTION\nATTACK_TYPE_LDAP_INJECTION\nATTACK_TYPE_SERVER_SIDE_CODE_INJECTION\nATTACK_TYPE_COMMAND_EXECUTION\nATTACK_TYPE_SQL_INJECTION\nATTACK_TYPE_CROSS_SITE_SCRIPTING\nATTACK_TYPE_DENIAL_OF_SERVICE\nATTACK_TYPE_HTTP_PARSER_ATTACK\nATTACK_TYPE_SESSION_HIJACKING\nATTACK_TYPE_HTTP_RESPONSE_SPLITTING\nATTACK_TYPE_FORCEFUL_BROWSING\nATTACK_TYPE_REMOTE_FILE_INCLUDE\nATTACK_TYPE_MALICIOUS_FILE_UPLOAD\nATTACK_TYPE_GRAPHQL_PARSER_ATTACK","title":"AttackType","enum":["ATTACK_TYPE_NONE","ATTACK_TYPE_NON_BROWSER_CLIENT","ATTACK_TYPE_OTHER_APPLICATION_ATTACKS","ATTACK_TYPE_TROJAN_BACKDOOR_SPYWARE","ATTACK_TYPE_DETECTION_EVASION","ATTACK_TYPE_VULNERABILITY_SCAN","ATTACK_TYPE_ABUSE_OF_FUNCTIONALITY","ATTACK_TYPE_AUTHENTICATION_AUTHORIZATION_ATTACKS","ATTACK_TYPE_BUFFER_OVERFLOW","ATTACK_TYPE_PREDICTABLE_RESOURCE_LOCATION","ATTACK_TYPE_INFORMATION_LEAKAGE","ATTACK_TYPE_DIRECTORY_INDEXING","ATTACK_TYPE_PATH_TRAVERSAL","ATTACK_TYPE_XPATH_INJECTION","ATTACK_TYPE_LDAP_INJECTION","ATTACK_TYPE_SERVER_SIDE_CODE_INJECTION","ATTACK_TYPE_COMMAND_EXECUTION","ATTACK_TYPE_SQL_INJECTION","ATTACK_TYPE_CROSS_SITE_SCRIPTING","ATTACK_TYPE_DENIAL_OF_SERVICE","ATTACK_TYPE_HTTP_PARSER_ATTACK","ATTACK_TYPE_SESSION_HIJACKING","ATTACK_TYPE_HTTP_RESPONSE_SPLITTING","ATTACK_TYPE_FORCEFUL_BROWSING","ATTACK_TYPE_REMOTE_FILE_INCLUDE","ATTACK_TYPE_MALICIOUS_FILE_UPLOAD","ATTACK_TYPE_GRAPHQL_PARSER_ATTACK"],"default":"ATTACK_TYPE_NONE","x-displayname":"Attack Types","x-ves-proto-enum":"ves.io.schema.app_firewall.AttackType"},"app_securityApiEndpoint":{"type":"object","description":"API Endpoint indentified by collapsed_url and method","title":"API Endpoint","x-displayname":"API Endpoint","x-ves-proto-message":"ves.io.schema.app_security.ApiEndpoint","properties":{"collapsed_url":{"type":"string","description":" Collapsed URL is the path with identified DYN components\n\nExample: ` \"/abcd/DYN/xyz\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 256\n","title":"Collapsed URL","maxLength":256,"x-displayname":"Collapsed URL","x-ves-example":"/abcd/DYN/xyz","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"256"}},"method":{"type":"string","description":" HTTP method\n\nExample: ` GET`","title":"method","x-displayname":"Method"}}},"app_securityGetSuggestedAPIEndpointProtectionRuleReq":{"type":"object","description":"Get suggested API endpoint protection rule for a given path","title":"GetSuggestedAPIEndpointProtectionRuleReq","x-displayname":"Get Suggested API endpoint protection Rule Request","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedAPIEndpointProtectionRuleReq","properties":{"method":{"$ref":"#/components/schemas/schemaHttpMethod"},"name":{"type":"string","description":" HTTP load balancer for which this API endpoint protection rule applied\n\nExample: ` \"ves-io-frontend\"`","title":"Name","x-displayname":"HTTP Load Balancer Name","x-ves-example":"ves-io-frontend"},"namespace":{"type":"string","description":" Namespace of the App type for current request\n\nExample: ` \"shared\"`","title":"Namespace","x-displayname":"Namespace","x-ves-example":"shared"},"path":{"type":"string","description":" Path to apply the API endpoint protection to\n\nExample: ` \"/example\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_len: 1024\n ves.io.schema.rules.string.templated_http_path: true\n","title":"Path","maxLength":1024,"x-displayname":"Request Path","x-ves-example":"/example","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_len":"1024","ves.io.schema.rules.string.templated_http_path":"true"}}}},"app_securityGetSuggestedAPIEndpointProtectionRuleRsp":{"type":"object","description":"Get suggested API endpoint protection rule for a given path","title":"GetSuggestedAPIEndpointProtectionRuleRsp","x-displayname":"Get Suggested API endpoint protection Rule Response","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedAPIEndpointProtectionRuleRsp","properties":{"found_existing_rule":{"$ref":"#/components/schemas/schemaEmpty"},"rule":{"$ref":"#/components/schemas/common_wafAPIEndpointProtectionRule"}}},"app_securityGetSuggestedBlockClientRuleReq":{"type":"object","description":"Get suggested blocking SimpleClientSrcRule for a given IP/ASN","title":"GetSuggestedBlockClientRuleReq","x-displayname":"Get Suggested Block Client Rule Request","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedBlockClientRuleReq","properties":{"as_description":{"type":"string","description":" AS description\n\nExample: ` \"as-description\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 256\n","title":"Description","maxLength":256,"x-displayname":"AS Description","x-ves-example":"as-description","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"256"}},"as_number":{"type":"integer","description":" RFC 6793 defined 4-byte AS number\n\nExample: ` \"4683\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.uint32.gte: 0\n ves.io.schema.rules.uint32.lte: 401308\n","title":"as number","format":"int64","x-displayname":"AS Number","x-ves-example":"4683","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.uint32.gte":"0","ves.io.schema.rules.uint32.lte":"401308"}},"ip_prefix":{"type":"string","description":" IP prefix string.\n\nExample: ` \"192.168.20.0/24\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.ip_prefix: true\n","title":"ip prefix","x-displayname":"IP Prefix","x-ves-example":"192.168.20.0/24","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.ip_prefix":"true"}},"name":{"type":"string","description":" HTTP load balancer for which this WAF exclusion will be applied\n\nExample: ` \"ves-io-frontend\"`","title":"Name","x-displayname":"HTTP Load Balancer Name","x-ves-example":"ves-io-frontend"},"namespace":{"type":"string","description":" Namespace of the App type for current request\n\nExample: ` \"shared\"`","title":"Namespace","x-displayname":"Namespace","x-ves-example":"shared"},"user_id":{"type":"string","description":" User id of blocked client.\n\nExample: ` \"abc\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 256\n","title":"user id","maxLength":256,"x-displayname":"User Id","x-ves-example":"abc","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"256"}}}},"app_securityGetSuggestedBlockClientRuleRsp":{"type":"object","description":"Get suggested blocking SimpleClientSrcRule for a given IP/ASN","title":"GetSuggestedBlockClientRuleRsp","x-displayname":"Get Suggested Block Client Rule Response","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedBlockClientRuleRsp","properties":{"found_existing_rule":{"$ref":"#/components/schemas/schemaEmpty"},"name":{"type":"string","description":" HTTP load balancer for which this WAF exclusion will be applied\n\nExample: ` \"ves-io-frontend\"`","title":"Name","x-displayname":"HTTP Load Balancer Name","x-ves-example":"ves-io-frontend"},"rule":{"$ref":"#/components/schemas/common_wafSimpleClientSrcRule"}}},"app_securityGetSuggestedDDoSMitigtionRuleReq":{"type":"object","description":"Get suggested blocking DDoSMitigtionRule for a given IP/ASN/Country/TLS","title":"GetSuggestedDDoSMitigtionRuleReq","x-displayname":"Get Suggested DDoS Mitigtion Rule Request","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedDDoSMitigtionRuleReq","properties":{"asn_list":{"$ref":"#/components/schemas/policyAsnMatchList"},"country_list":{"type":"array","description":" Sources that are located in one of the countries in the given list\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 64\n ves.io.schema.rules.repeated.unique: true\n","title":"country_list","maxItems":64,"items":{"$ref":"#/components/schemas/policyCountryCode"},"x-displayname":"Country List","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"64","ves.io.schema.rules.repeated.unique":"true"}},"ip_prefix_list":{"$ref":"#/components/schemas/policyPrefixMatchList"},"ja4_tls_fingerprint_matcher":{"$ref":"#/components/schemas/policyJA4TlsFingerprintMatcherType"},"name":{"type":"string","description":" load balancer for which this WAF exclusion will be applied\n\nExample: ` \"ves-io-frontend\"`","title":"Name","x-displayname":"Load Balancer Name","x-ves-example":"ves-io-frontend"},"namespace":{"type":"string","description":" Namespace of the App type for current request\n\nExample: ` \"shared\"`","title":"Namespace","x-displayname":"Namespace","x-ves-example":"shared"},"tls_fingerprint_matcher":{"$ref":"#/components/schemas/policyTlsFingerprintMatcherType"}}},"app_securityGetSuggestedDDoSMitigtionRuleRsp":{"type":"object","description":"Get suggested DDoS Mitigtion Rule for a given IP/ASN/Country/TLS","title":"GetSuggestedDDoSMitigtionRuleRsp","x-displayname":"Get Suggested DDoS Mitigtion Rule Response","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedDDoSMitigtionRuleRsp","properties":{"found_existing_mitigation_rule":{"$ref":"#/components/schemas/schemaEmpty"},"mitigation_rule":{"$ref":"#/components/schemas/common_securityDDoSMitigationRule"},"mitigation_rule_name":{"type":"string","description":" HTTP load balancer for which this DDoS Mitigation Rule will be applied\n\nExample: ` \"ves-io-ddos-mitigation-rule\"`","title":"Name","x-displayname":"DDoS Mitigation Rule Name","x-ves-example":"ves-io-ddos-mitigation-rule"}}},"app_securityGetSuggestedOasValidationRuleReq":{"type":"object","description":"Get suggested Open API specification validation for a given path","title":"GetSuggestedOasValidationRuleReq","x-displayname":"Get Suggested Open API specification validation Rule Request","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedOasValidationRuleReq","properties":{"api_groups":{"type":"array","description":" List of API Groups the API Endpoint is a member of.\n\nExample: ` [\"group-1\", \"group-2\"]`","title":"API Groups membership","items":{"type":"string"},"x-displayname":"API Groups membership"},"method":{"$ref":"#/components/schemas/schemaHttpMethod"},"name":{"type":"string","description":" HTTP load balancer for which this Open API specification validation rule applied\n\nExample: ` \"ves-io-frontend\"`","title":"Name","x-displayname":"HTTP Load Balancer Name","x-ves-example":"ves-io-frontend"},"namespace":{"type":"string","description":" Namespace of the App type for current request\n\nExample: ` \"shared\"`","title":"Namespace","x-displayname":"Namespace","x-ves-example":"shared"},"path":{"type":"string","description":" Path to apply the Open API specification validation to\n\nExample: ` \"/example\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_len: 1024\n ves.io.schema.rules.string.templated_http_path: true\n","title":"Path","maxLength":1024,"x-displayname":"Request Path","x-ves-example":"/example","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_len":"1024","ves.io.schema.rules.string.templated_http_path":"true"}}}},"app_securityGetSuggestedOasValidationRuleRsp":{"type":"object","description":"Get suggested Open API specification validation for a given path","title":"GetSuggestedOasValidationRuleRsp","x-displayname":"Get Suggested Open API specification validation Rule Response","x-ves-oneof-field-api_validation_choice":"[\"all_endpoints_oas_validation\",\"custom_oas_validation\"]","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedOasValidationRuleRsp","properties":{"all_endpoints_oas_validation":{"$ref":"#/components/schemas/common_wafOpenApiValidationAllSpecEndpointsSettings"},"custom_oas_validation":{"$ref":"#/components/schemas/common_wafOpenApiValidationRule"},"found_existing_rule":{"$ref":"#/components/schemas/schemaEmpty"}}},"app_securityGetSuggestedRateLimitRuleReq":{"type":"object","description":"Get suggested rate limit rule for a given path","title":"GetSuggestedRateLimitRuleReq","x-displayname":"Get Suggested Rate Limit Rule Request","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedRateLimitRuleReq","properties":{"method":{"$ref":"#/components/schemas/schemaHttpMethod"},"name":{"type":"string","description":" HTTP load balancer for which this rate limit rule applied\n\nExample: ` \"ves-io-frontend\"`","title":"Name","x-displayname":"HTTP Load Balancer Name","x-ves-example":"ves-io-frontend"},"namespace":{"type":"string","description":" Namespace of the App type for current request\n\nExample: ` \"shared\"`","title":"Namespace","x-displayname":"Namespace","x-ves-example":"shared"},"path":{"type":"string","description":" Path to apply the rate limit to\n\nExample: ` \"/example\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_len: 1024\n ves.io.schema.rules.string.templated_http_path: true\n","title":"Path","maxLength":1024,"x-displayname":"Request Path","x-ves-example":"/example","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_len":"1024","ves.io.schema.rules.string.templated_http_path":"true"}}}},"app_securityGetSuggestedRateLimitRuleRsp":{"type":"object","description":"Get suggested rate limit rule for a given path","title":"GetSuggestedRateLimitRuleRsp","x-displayname":"Get Suggested Rate Limit Rule Response","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedRateLimitRuleRsp","properties":{"found_existing_rule":{"$ref":"#/components/schemas/schemaEmpty"},"rule":{"$ref":"#/components/schemas/common_wafApiEndpointRule"}}},"app_securityGetSuggestedSensitiveDataRuleReq":{"type":"object","description":"Get suggested sensitive data rule for a given path","title":"GetSuggestedSensitiveDataRuleReq","x-displayname":"Get Suggested Sensitive Data Rule Request","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedSensitiveDataRuleReq","properties":{"method":{"$ref":"#/components/schemas/schemaHttpMethod"},"name":{"type":"string","description":" HTTP load balancer for which this sensitive data rule applied\n\nExample: ` \"ves-io-frontend\"`","title":"Name","x-displayname":"HTTP Load Balancer Name","x-ves-example":"ves-io-frontend"},"namespace":{"type":"string","description":" Namespace of the App type for current request\n\nExample: ` \"shared\"`","title":"Namespace","x-displayname":"Namespace","x-ves-example":"shared"},"path":{"type":"string","description":" Path to apply the senstive data to\n\nExample: ` \"/example\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_len: 1024\n ves.io.schema.rules.string.templated_http_path: true\n","title":"Path","maxLength":1024,"x-displayname":"Request Path","x-ves-example":"/example","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_len":"1024","ves.io.schema.rules.string.templated_http_path":"true"}}}},"app_securityGetSuggestedSensitiveDataRuleRsp":{"type":"object","description":"Get suggested sensitive data rule for a given path","title":"GetSuggestedSensitiveDataRuleRsp","x-displayname":"Get Suggested Sensitive Data Rule Response","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedSensitiveDataRuleRsp","properties":{"found_existing_rule":{"$ref":"#/components/schemas/schemaEmpty"},"rule":{"$ref":"#/components/schemas/http_loadbalancerSensitiveDataTypes"}}},"app_securityGetSuggestedTrustClientRuleReq":{"type":"object","description":"Get suggested blocking SimpleClientSrcRule for a given IP/ASN","title":"GetSuggestedTrustClientRuleReq","x-displayname":"Get Suggested Trust Client Rule Request","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedTrustClientRuleReq","properties":{"as_description":{"type":"string","description":" AS description\n\nExample: ` \"as-description\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 256\n","title":"Description","maxLength":256,"x-displayname":"AS Description","x-ves-example":"as-description","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"256"}},"as_number":{"type":"integer","description":" RFC 6793 defined 4-byte AS number\n\nExample: ` \"4683\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.uint32.gte: 0\n ves.io.schema.rules.uint32.lte: 401308\n","title":"as number","format":"int64","x-displayname":"AS Number","x-ves-example":"4683","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.uint32.gte":"0","ves.io.schema.rules.uint32.lte":"401308"}},"ip_prefix":{"type":"string","description":" IP prefix string.\n\nExample: ` \"192.168.20.0/24\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.ip_prefix: true\n","title":"ip prefix","x-displayname":"IP Prefix","x-ves-example":"192.168.20.0/24","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.ip_prefix":"true"}},"ip_reputation":{"type":"boolean","description":" Indicates whether the security event is ip reputation\n\nExample: ` \"true\"`","title":"IP Reputation Security Event","format":"boolean","x-displayname":"IP Reputation Security Event","x-ves-example":"true"},"name":{"type":"string","description":" HTTP load balancer for which this client blocking rule will be applied\n\nExample: ` \"ves-io-frontend\"`","title":"Name","x-displayname":"HTTP Load Balancer Name","x-ves-example":"ves-io-frontend"},"namespace":{"type":"string","description":" Namespace of the App type for current request\n\nExample: ` \"shared\"`","title":"Namespace","x-displayname":"Namespace","x-ves-example":"shared"},"sec_event_name":{"type":"string","description":" The name of Security Event\n\nExample: ` \"Malicious User Mitigation\"`","title":"Security Event Name","x-displayname":"Security Event Name","x-ves-example":"Malicious User Mitigation"},"sec_event_types":{"type":"array","description":" List of Security Event types that should stop being generated for this client\n\nExample: ` \"[WAF_SEC_EVENT]\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 4\n ves.io.schema.rules.repeated.unique: true\n","title":"Security Event Types","maxItems":4,"items":{"$ref":"#/components/schemas/app_securitySecEventType"},"x-displayname":"Security Event Types","x-ves-example":"[WAF_SEC_EVENT]","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"4","ves.io.schema.rules.repeated.unique":"true"}},"threat_mesh":{"type":"boolean","description":" Indicates whether the security event is threat mesh\n\nExample: ` \"true\"`","title":"Threat Mesh Security Event","format":"boolean","x-displayname":"Threat Mesh Security Event","x-ves-example":"true"},"user_id":{"type":"string","description":" User id of trusted client.\n\nExample: ` \"abc\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 256\n","title":"user id","maxLength":256,"x-displayname":"User Id","x-ves-example":"abc","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"256"}}}},"app_securityGetSuggestedTrustClientRuleRsp":{"type":"object","description":"Get suggested SimpleClientSrcRule to trust a given IP/ASN","title":"GetSuggestedTrustClientRuleRsp","x-displayname":"Get Suggested Trust Client Rule Response","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedTrustClientRuleRsp","properties":{"found_existing_rule":{"$ref":"#/components/schemas/schemaEmpty"},"name":{"type":"string","description":" HTTP load balancer for which this client rule will be applied\n\nExample: ` \"ves-io-frontend\"`","title":"Name","x-displayname":"HTTP Load Balancer Name","x-ves-example":"ves-io-frontend"},"rule":{"$ref":"#/components/schemas/common_wafSimpleClientSrcRule"}}},"app_securityGetSuggestedWAFExclusionRuleReq":{"type":"object","description":"Get suggested service policy rule to set up WAF rule exclusion for a given WAF security event","title":"GetSuggestedWAFExclusionRuleReq","x-displayname":"Get Suggested WAF Exclusion Request","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedWAFExclusionRuleReq","properties":{"api_endpoint":{"$ref":"#/components/schemas/app_securityApiEndpoint"},"domain":{"type":"string","description":" domain\n\nExample: ` \"juiceshop.com\"`\n\nValidation Rules:\n ves.io.schema.rules.string.hostname: true\n ves.io.schema.rules.string.max_len: 256\n","title":"Domain","maxLength":256,"x-displayname":"Domain","x-ves-example":"juiceshop.com","x-ves-validation-rules":{"ves.io.schema.rules.string.hostname":"true","ves.io.schema.rules.string.max_len":"256"}},"exclude_bot_names":{"type":"array","description":" Bot name contexts to be excluded for this request\n\nExample: ` \"Hydra, Nikto\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 64\n ves.io.schema.rules.repeated.unique: true\n","title":"Exclude Bot Name Contexts","maxItems":64,"items":{"$ref":"#/components/schemas/policyBotNameContext"},"x-displayname":"Exclude Bot Name Contexts","x-ves-example":"Hydra, Nikto","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"64","ves.io.schema.rules.repeated.unique":"true"}},"exclude_signature_contexts":{"type":"array","description":" App Firewall signature contexts to be excluded for this request\n\nExample: ` \"[[10000001, 30000000]]\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 1024\n ves.io.schema.rules.repeated.unique: true\n","title":"Exclude Signature Contexts","maxItems":1024,"items":{"$ref":"#/components/schemas/policyAppFirewallSignatureContext"},"x-displayname":"Exclude App Firewall Signature Contexts","x-ves-example":"[[10000001, 30000000]]","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"1024","ves.io.schema.rules.repeated.unique":"true"}},"exclude_violation_contexts":{"type":"array","description":" App Firewall violation contexts to be excluded for this request\n\nExample: ` \"[[VIOL_MANDATORY_HEADER, VIOL_REQUEST_MAX_LENGTH]]\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 64\n ves.io.schema.rules.repeated.unique: true\n","title":"Exclude Violation Contexts","maxItems":64,"items":{"$ref":"#/components/schemas/policyAppFirewallViolationContext"},"x-displayname":"Exclude App Firewall Violation Contexts","x-ves-example":"[[VIOL_MANDATORY_HEADER, VIOL_REQUEST_MAX_LENGTH]]","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"64","ves.io.schema.rules.repeated.unique":"true"}},"name":{"type":"string","description":" HTTP load balancer for which this WAF exclusion will be applied\n\nExample: ` \"ves-io-frontend\"`","title":"Name","x-displayname":"HTTP Load Balancer Name","x-ves-example":"ves-io-frontend"},"namespace":{"type":"string","description":" Namespace of the App type for current request\n\nExample: ` \"shared\"`","title":"Namespace","x-displayname":"Namespace","x-ves-example":"shared"},"req_path":{"type":"string","description":" Request URL path\n\nExample: ` \"/abcd/2452422c/xyz\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 256\n","title":"Request Path","maxLength":256,"x-displayname":"Request Path","x-ves-example":"/abcd/2452422c/xyz","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"256"}},"route_uuid":{"type":"string","description":" Unique identifier for the request route\n\nExample: ` \"fc407065-7aa7-48a6-a3e7-c28108b29bcd\"`\n\nValidation Rules:\n ves.io.schema.rules.string.pattern: ^$|^[a-fA-F0-9]{8}-([a-fA-F0-9]{4}-){3}[a-fA-F0-9]{12}$\n","title":"Route UUID","x-displayname":"Route UUID","x-ves-example":"fc407065-7aa7-48a6-a3e7-c28108b29bcd","x-ves-validation-rules":{"ves.io.schema.rules.string.pattern":"^$|^[a-fA-F0-9]{8}-([a-fA-F0-9]{4}-){3}[a-fA-F0-9]{12}$"}}}},"app_securityGetSuggestedWAFExclusionRuleRsp":{"type":"object","description":"Get suggested service policy rule to set up WAF rule exclusion for a given WAF security event","title":"GetSuggestedWAFExclusionRuleRsp","x-displayname":"Get Suggested WAF Exclusion Response","x-ves-proto-message":"ves.io.schema.app_security.GetSuggestedWAFExclusionRuleRsp","properties":{"found_existing_rule":{"$ref":"#/components/schemas/schemaEmpty"},"name":{"type":"string","description":" HTTP load balancer for which this WAF exclusion will be applied\n\nExample: ` \"ves-io-frontend\"`","title":"Name","x-displayname":"HTTP Load Balancer Name","x-ves-example":"ves-io-frontend"},"waf_exclusion_policy":{"$ref":"#/components/schemas/schemaviewsObjectRefType"},"waf_exclusion_rule":{"$ref":"#/components/schemas/policySimpleWafExclusionRule"}}},"app_securityLoadbalancerData":{"type":"object","description":"List of virtual hosts in all the namespaces matching filter provided in the request.","title":"LoadbalancerData","x-displayname":"Load Balancer data","x-ves-proto-message":"ves.io.schema.app_security.LoadbalancerData","properties":{"name":{"type":"string","description":" HTTP load balancer name.\n\nExample: ` \"ves-io-frontend\"`","title":"Name","x-displayname":"HTTP Load Balancer Name","x-ves-example":"ves-io-frontend"},"namespace":{"type":"string","description":" Namespace of the virtual host.\n\nExample: ` \"bloggin-app-namespace-1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"bloggin-app-namespace-1"},"request_data":{"$ref":"#/components/schemas/app_securityRequestData"},"security_events_data":{"$ref":"#/components/schemas/app_securitySecurityEventsData"}}},"app_securityRequestData":{"type":"object","description":"Request Data","title":"RequestData","x-displayname":"Request Data","x-ves-proto-message":"ves.io.schema.app_security.RequestData","properties":{"count":{"type":"string","description":" the number of requests matching the filter for virtual host in the given namespace\n\nExample: ` 15`","format":"uint64","x-displayname":"Count"},"max_time":{"type":"string","description":" Maximum time at which request ID was found.\n\nExample: ` \"01-01-1970T00:00:00Z\"`","title":"Maximun Time","format":"date-time","x-displayname":"Maximum time","x-ves-example":"01-01-1970T00:00:00Z"},"min_time":{"type":"string","description":" Minimum time at which the request ID was found.\n\nExample: ` \"01-01-1970T00:00:00Z\"`","title":"Minimum Time","format":"date-time","x-displayname":"Minimum time","x-ves-example":"01-01-1970T00:00:00Z"}}},"app_securitySearchFilter":{"type":"object","description":"Metric label filter can be specified to query specific metrics based on label match","title":"Search Filter","x-displayname":"Search Filter","x-ves-proto-message":"ves.io.schema.app_security.SearchFilter","properties":{"label":{"$ref":"#/components/schemas/app_securitySearchLabel"},"op":{"$ref":"#/components/schemas/app_securitySearchLabelOperator"},"value":{"type":"array","description":" Value to be compared with\n\nExample: ` \"[\"blogging-app-namespace-1\", \"namespace-2\"]\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 5\n","title":"Value","maxItems":5,"items":{"type":"string"},"x-displayname":"Value","x-ves-example":"[\"blogging-app-namespace-1\", \"namespace-2\"]","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"5"}}}},"app_securitySearchLabel":{"type":"string","description":"List of Virtual Hosts will be returned matching the following labels.\n","title":"Search Label for VH list API","enum":["REQUEST_ID","SOURCE_IP"],"default":"REQUEST_ID","x-displayname":"Search Label for VH List API","x-ves-proto-enum":"ves.io.schema.app_security.SearchLabel"},"app_securitySearchLabelOperator":{"type":"string","description":"Search Label Operator\n\nx-example: \"field: [\"foo\", \"bar\"]\"","title":"Search Label Operator","enum":["IN","NOT_IN"],"default":"IN","x-displayname":"Search Label Operator","x-ves-proto-enum":"ves.io.schema.app_security.SearchLabelOperator"},"app_securitySearchLoadBalancersRequest":{"type":"object","description":"Get a list of virtual hosts in all the namespaces matching filter provided in the request. \nThe filter can be a) Request ID b) Source IP","title":"SearchLoadBalancersRequest","x-displayname":"Search Load Balancers Request","x-ves-proto-message":"ves.io.schema.app_security.SearchLoadBalancersRequest","properties":{"label_filter":{"type":"array","description":" List of label filter expressions of the form \"label\" `Op` \"value\".\n Response will only contain data that matches all the conditions specified in the `label_filter`.\n One or more of the following labels can be specified in the label_filter.\n `REQUEST_ID`, `SOURCE_IP``.\n\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 5\n","title":"Label Filter","maxItems":5,"items":{"$ref":"#/components/schemas/app_securitySearchFilter"},"x-displayname":"Label Filter","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"5"}},"namespace":{"type":"string","description":" Namespace of the App type for current request\n\nExample: ` \"shared\"`","title":"Namespace","x-displayname":"Namespace","x-ves-example":"shared"}}},"app_securitySearchLoadBalancersResponse":{"type":"object","description":"List of virtual hosts in all the namespaces matching filter provided in the request.","title":"SearchLoadBalancersResponse","x-displayname":"Search Load Balancers Response","x-ves-proto-message":"ves.io.schema.app_security.SearchLoadBalancersResponse","properties":{"loadbalancers":{"type":"array","description":" HTTP load balancer list for which the SearchFilter is applied.\n\nExample: ` \"[ves-io-frontend\", \"ns1\" , \"1\", \"0\"]\"`","title":"Loadbalancers","items":{"$ref":"#/components/schemas/app_securityLoadbalancerData"},"x-displayname":"HTTP Load Balancer List","x-ves-example":"[ves-io-frontend\", \"ns1\" , \"1\", \"0\"]"}}},"app_securitySecEventType":{"type":"string","description":"Security event can be one of the following types.\n","title":"Security Event Type","enum":["WAF_SEC_EVENT","L7_POLICY_SEC_EVENT","JS_CHALLENGE_SEC_EVENT","CAPTCHA_CHALLENGE_SEC_EVENT","MALICIOUS_USER_SEC_EVENT","SVC_POLICY_SEC_EVENT","BOT_DEFENSE_SEC_EVENT","API_SEC_EVENT","DDOS_SEC_EVENT","DOS_SEC_EVENT"],"default":"WAF_SEC_EVENT","x-displayname":"Security Event Type","x-ves-proto-enum":"ves.io.schema.app_security.SecEventType"},"app_securitySecurityEventsAggregationRequest":{"type":"object","description":"Request to get only aggregation data for security events","title":"Security Events Aggregation Request","x-displayname":"Security Events Aggregation Request","x-ves-proto-message":"ves.io.schema.app_security.SecurityEventsAggregationRequest","properties":{"aggs":{"type":"object","description":" Aggregations provide summary/analytics data over the security events response. If the number of security events that matched the query\n is large and cannot be returned in a single response message, user can get helpful insights/summary using aggregations.\n The aggregations are key'ed by user-defined aggregation name. The response will be key'ed with the same name.\n Optional","title":"aggregations","x-displayname":"Aggregations"},"end_time":{"type":"string","description":" fetch security events whose timestamp <= end_time\n format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the end_time will be evaluated to start_time+10m\n If start_time is not specified, then the end_time will be evaluated to <current time>\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"end time","x-displayname":"End Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}},"namespace":{"type":"string","description":" fetch security events for a given namespace\n\nExample: ` \"bloggin-app-namespace-1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"bloggin-app-namespace-1"},"query":{"type":"string","description":" query is used to specify the list of matchers\n syntax for query := {[<matcher>]}\n <matcher> := <field_name><operator>\"<value>\"\n <field_name> := string\n One or more of these fields in the security event may be specified in the query.\n vh_name - name of the virtual host\n src_site - source site\n city - name of the city\n country - country code\n <value> := string\n <operator> := [\"=\"|\"!=\"|\"=~\"|\"!~\"]\n = : equal to\n != : not equal to\n =~ : regex match\n !~ : not regex match\n When more than one matcher is specified in the query, then security events matching ALL the matchers will be returned in the response.\n Example: query={country=\"United States\", city=\"California\"} will return all security events originating from California, United States.\n\n Optional: If not specified, all the security events matching the given tenant and namespace will be returned in the response.\n\nExample: ` \"query={app_type=\"blogging_app\"}\"`","title":"query","x-displayname":"Query","x-ves-example":"query={app_type=\"blogging_app\"}"},"start_time":{"type":"string","description":" fetch security events whose timestamp >= start_time\n format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the start_time will be evaluated to end_time-10m\n If end_time is not specified, then the start_time will be evaluated to <current time>-10m\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"start time","x-displayname":"Start Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}}}},"app_securitySecurityEventsAggregationResponse":{"type":"object","description":"Response message for SecurityEventsAggregationRequest","title":"Security Events Aggregation Response","x-displayname":"Security Events Aggregation Response","x-ves-proto-message":"ves.io.schema.app_security.SecurityEventsAggregationResponse","properties":{"aggs":{"type":"object","description":" Aggregations provide summary/analytics data over the security events response. If the number of security events that matched the query\n is large and cannot be returned in a single response message, user can get helpful insights/summary using aggregations.\n The aggregation data is key'ed with the aggregation name specified in the request.","title":"aggregations","x-displayname":"Aggregations"},"total_hits":{"type":"string","description":" total number of security events that matched the query.\n\nExample: ` \"0\"`","title":"total hits","format":"uint64","x-displayname":"Total Hits","x-ves-example":"0"}}},"app_securitySecurityEventsCountRequest":{"type":"object","description":"Request to get number of security events for a given namespace.","title":"SecurityEventsCountRequest","x-displayname":"Security Events Count Request","x-ves-proto-message":"ves.io.schema.app_security.SecurityEventsCountRequest","properties":{"end_time":{"type":"string","description":" end time of metric collection from which data will be considered.\n Format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the end_time will be evaluated to start_time+10m\n If start_time is not specified, then the end_time will be evaluated to <current time>\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"End time","x-displayname":"End Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}},"group_by":{"type":"array","description":" Aggregate data by one or more labels listed here.\n `NAMESPACE`, `VIRTUAL_HOST`, `SRC_SITE`, `SRC_INSTANCE`, `SEC_EVENT_TYPE`.\n\n Optional: If not specified, then the security events are aggregated/grouped by `VIRTUAL_HOST`, `SEC_EVENT_TYPE`.","title":"Group by","items":{"$ref":"#/components/schemas/metricsSecurityMetricLabel"},"x-displayname":"Group By"},"label_filter":{"type":"array","description":" List of label filter expressions of the form \"label\" `Op` \"value\".\n Response will only contain data that matches all the conditions specified in the `label_filter`.\n One or more of the following labels can be specified in the label_filter.\n `VIRTUAL_HOST`, `SRC_SITE`, `SRC_INSTANCE`, `SEC_EVENT_TYPE`.\n\n Optional: If not specified, then the metrics will be filtered only based on the `namespace` in the request.","title":"Label Filter","items":{"$ref":"#/components/schemas/metricsSecurityMetricLabelFilter"},"x-displayname":"Label Filter"},"namespace":{"type":"string","description":" namespace is used to scope the security events for the given namespace.\n\nExample: ` \"bloggin-app-namespace-1\"`","title":"Namespace","x-displayname":"Namespace","x-ves-example":"bloggin-app-namespace-1"},"start_time":{"type":"string","description":" start time of metric collection from which data will be considered.\n Format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the start_time will be evaluated to end_time-10m\n If end_time is not specified, then the start_time will be evaluated to <current time>-10m\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"Start time","x-displayname":"Start Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}},"step":{"type":"string","description":" step is the resolution width, which determines the number of the data points [x-axis (time)] to be returned in the response.\n The timestamps in the response will be t1=start_time, t2=t1+step, ... tn=tn-1+step, where tn <= end_time.\n Format: [0-9][smhd], where s - seconds, m - minutes, h - hours, d - days\n\n Optional: If not specified, then step size is evaluated to <end_time - start_time>\n\nExample: ` \"15m\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_step: true\n","title":"Step","x-displayname":"Step","x-ves-example":"15m","x-ves-validation-rules":{"ves.io.schema.rules.string.query_step":"true"}}}},"app_securitySecurityEventsCountResponse":{"type":"object","description":"Number of security events for each unique combination of group_by labels in the SecurityEventsCountRequest.","title":"SecurityEventsCountResponse","x-displayname":"Security Events Count Response","x-ves-proto-message":"ves.io.schema.app_security.SecurityEventsCountResponse","properties":{"data":{"type":"array","description":" List of security events counter data","title":"Security events counter data","items":{"$ref":"#/components/schemas/metricsSecurityEventsCounter"},"x-displayname":"Security events counter data"},"step":{"type":"string","description":" Actual step size used in the response. It could be higher than the requested step due to metric rollups and the query duration.\n Format: [0-9][smhd], where s - seconds, m - minutes, h - hours, d - days\n\nExample: ` \"30m\"`\n\nValidation Rules:\n ves.io.schema.rules.string.time_interval: true\n","title":"step","x-displayname":"Step","x-ves-example":"30m","x-ves-validation-rules":{"ves.io.schema.rules.string.time_interval":"true"}}}},"app_securitySecurityEventsData":{"type":"object","description":"Security events data","title":"SecurityEventsData","x-displayname":"Security Events Data","x-ves-proto-message":"ves.io.schema.app_security.SecurityEventsData","properties":{"count":{"type":"string","description":" the number of security events for virtual host in the given namespace \n\nExample: ` 15`","format":"uint64","x-displayname":"Count"},"max_time":{"type":"string","description":" Maximum start time at which security event was found.\n\nExample: ` \"01-01-1970T00:00:00Z\"`","title":"Maximun Time","format":"date-time","x-displayname":"Maximum time","x-ves-example":"01-01-1970T00:00:00Z"},"min_time":{"type":"string","description":" Minimum time at which the secuirty event was found.\n\nExample: ` \"01-01-1970T00:00:00Z\"`","title":"Minimum Time","format":"date-time","x-displayname":"Minimum time","x-ves-example":"01-01-1970T00:00:00Z"}}},"app_securitySecurityEventsRequest":{"type":"object","description":"Request to fetch security events","title":"Security Events Request","x-displayname":"Security Events Request","x-ves-proto-message":"ves.io.schema.app_security.SecurityEventsRequest","properties":{"aggs":{"type":"object","description":" Aggregations provide summary/analytics data over the security events response. If the number of security events that matched the query\n is large and cannot be returned in a single response message, user can get helpful insights/summary using aggregations.\n The aggregations are key'ed by user-defined aggregation name. The response will be key'ed with the same name.\n Optional","title":"aggregations","x-displayname":"Aggregations"},"end_time":{"type":"string","description":" fetch security events whose timestamp <= end_time\n format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the end_time will be evaluated to start_time+10m\n If start_time is not specified, then the end_time will be evaluated to <current time>\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"end time","x-displayname":"End Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}},"limit":{"type":"integer","description":" limits the number of security events returned in the response\n Optional: If not specified, first or last 500 security events that matches the query (depending on the sort order) will be returned in the response.\n The maximum value for limit is 500.\n\nExample: ` \"100\"`","title":"limit","format":"int32","x-displayname":"Limit","x-ves-example":"100"},"namespace":{"type":"string","description":" fetch security events for a given namespace\n\nExample: ` \"bloggin-app-namespace-1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"bloggin-app-namespace-1"},"query":{"type":"string","description":" query is used to specify the list of matchers\n syntax for query := {[<matcher>]}\n <matcher> := <field_name><operator>\"<value>\"\n <field_name> := string\n One or more of these fields in the security event may be specified in the query.\n vh_name - name of the virtual host\n src_site - source site\n city - name of the city\n country - country code\n <value> := string\n <operator> := [\"=\"|\"!=\"|\"=~\"|\"!~\"]\n = : equal to\n != : not equal to\n =~ : regex match\n !~ : not regex match\n When more than one matcher is specified in the query, then security events matching ALL the matchers will be returned in the response.\n Example: query={country=\"United States\", city=\"California\"} will return all security events originating from California, United States.\n\n Optional: If not specified, all the security events matching the given tenant and namespace will be returned in the response.\n\nExample: ` \"query={app_type=\"blogging_app\"}\"`","title":"query","x-displayname":"Query","x-ves-example":"query={app_type=\"blogging_app\"}"},"scroll":{"type":"boolean","description":" Scroll is used to retrieve large number of security events (or all security events) that matches the query.\n If scroll is set to true, the scroll_id in the response can be used in the scroll API to fetch the next\n batch of security events until there are no more security events left to return. The number of messages in each batch is determined\n by the limit field.\n Note: Scroll is used for processing large amount of data and therefore is not intended for real time user request.\n Optional: default is false\n\nExample: ` \"true\"`","title":"scroll","format":"boolean","x-displayname":"Scroll","x-ves-example":"true"},"sort":{"$ref":"#/components/schemas/schemaSortOrder"},"sort_by":{"type":"string","description":" Optional: default is sort by last_event_time","title":"sort by","x-displayname":"Sort By"},"start_time":{"type":"string","description":" fetch security events whose timestamp >= start_time\n format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the start_time will be evaluated to end_time-10m\n If end_time is not specified, then the start_time will be evaluated to <current time>-10m\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"start time","x-displayname":"Start Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}}}},"app_securitySecurityEventsResponse":{"type":"object","description":"Response message for SecurityEventsRequest/SecurityEventsScrollRequest","title":"Security Events Response","x-displayname":"Security Events Response","x-ves-proto-message":"ves.io.schema.app_security.SecurityEventsResponse","properties":{"aggs":{"type":"object","description":" Aggregations provide summary/analytics data over the security events response. If the number of security events that matched the query\n is large and cannot be returned in a single response message, user can get helpful insights/summary using aggregations.","title":"aggregations","x-displayname":"Aggregations"},"events":{"type":"array","description":" list of security events that matched the query. Contains no more than 500 messages.\n\nExample: ` \"value\"`","title":"events","items":{"type":"string"},"x-displayname":"Events","x-ves-example":"value"},"scroll_id":{"type":"string","description":" Long Base-64 encoded string which can be used to retrieve the next batch of security events using the scroll request.\n Empty scroll_id indicates no more messages to scroll (EOF).\n Note: scroll_id is valid only for 2 minutes. i.e., If one intend to retrieve next batch of the result, then the\n scroll request should be sent within 2 minutes upon receiving the SecurityEventsResponse.\n\nExample: ` \"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ==\"`","title":"scroll id","x-displayname":"Scroll id","x-ves-example":"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ=="},"total_hits":{"type":"string","description":" total number of security events that matched the query.\n\nExample: ` \"0\"`","title":"total hits","format":"uint64","x-displayname":"Total Hits","x-ves-example":"0"}}},"app_securitySecurityEventsScrollRequest":{"type":"object","description":"Scroll request is used to fetch large number of security events in multiple batches with each SecurityEventsResponse\ncontaining no more than 500 messages. To scroll through more than 500 or all WAF security events, one can use the\nSecurityEventScrollRequest. Use the scroll_id returned in the SecurityEventsResponse to fetch the next batch of security events and\none can continue this process till the scroll_id returned is \"\" which indicates no more messages to scroll.","title":"Security Events Scroll Request","x-displayname":"Security Events Scroll Request","x-ves-proto-message":"ves.io.schema.app_security.SecurityEventsScrollRequest","properties":{"namespace":{"type":"string","description":" fetch the WAF security events scoped by namespace\n\nExample: ` \"bloggin-app-namespace-1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"bloggin-app-namespace-1"},"scroll_id":{"type":"string","description":" Long Base-64 encoded string which can be used to retrieve next batch of security events.\n\nExample: ` \"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ==\"`","title":"scroll id","x-displayname":"Scroll ID","x-ves-example":"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ=="}}},"app_securitySecurityIncidentsAggregationRequest":{"type":"object","description":"Request to get only aggregation data for security incidents","title":"Security Incidents Aggregation Request","x-displayname":"Security Incidents Aggregation Request","x-ves-proto-message":"ves.io.schema.app_security.SecurityIncidentsAggregationRequest","properties":{"aggs":{"type":"object","description":" Aggregations provide summary/analytics data over security incidents response. If the number of security incidents\n that matched the query is large and cannot be returned in a single response message, user can get helpful\n insights/summary using aggregations. The aggregations are key'ed by user-defined aggregation name.\n The response will be key'ed with the same name.\n Optional","title":"aggregations","x-displayname":"Aggregations"},"end_time":{"type":"string","description":" Fetch security incidents whose timestamp <= end_time\n format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the end_time will be evaluated to start_time+10m\n If start_time is not specified, then the end_time will be evaluated to <current time>\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"end time","x-displayname":"End Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}},"namespace":{"type":"string","description":" Fetch security incidents for a given namespace\n\nExample: ` \"bloggin-app-namespace-1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"bloggin-app-namespace-1"},"query":{"type":"string","description":" Query is used to specify the list of matchers\n syntax for query := {[<matcher>]}\n <matcher> := <field_name><operator>\"<value>\"\n <field_name> := string\n One or more of these fields in the security event may be specified in the query.\n vh_name - name of the virtual host\n src_site - source site\n city - name of the city\n country - country code\n <value> := string\n <operator> := [\"=\"|\"!=\"|\"=~\"|\"!~\"]\n = : equal to\n != : not equal to\n =~ : regex match\n !~ : not regex match\n When more than one matcher is specified in the query, then security incidents matching ALL the matchers will be\n returned in the response.\n Example: query={country=\"United States\", city=\"California\"} will return all security incidents originating from\n California, United States.\n\n Optional: If not specified, all security incidents matching the given tenant and namespace will be returned in\n the response.\n\nExample: ` \"query={app_type=\"blogging_app\"}\"`","title":"query","x-displayname":"Query","x-ves-example":"query={app_type=\"blogging_app\"}"},"start_time":{"type":"string","description":" Fetch security incidents whose timestamp >= start_time\n format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the start_time will be evaluated to end_time-10m\n If end_time is not specified, then the start_time will be evaluated to <current time>-10m\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"start time","x-displayname":"Start Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}}}},"app_securitySecurityIncidentsAggregationResponse":{"type":"object","description":"Response message for SecurityIncidentsAggregationRequest","title":"Security Incidents Aggregation Response","x-displayname":"Security Incidents Aggregation Response","x-ves-proto-message":"ves.io.schema.app_security.SecurityIncidentsAggregationResponse","properties":{"aggs":{"type":"object","description":" Aggregations provide summary/analytics data over the security incidents response. If the number of security incidents\n that matched the query is large and cannot be returned in a single response message, user can get helpful\n insights/summary using aggregations. The aggregation data is key'ed with the aggregation name specified in the request.","title":"aggregations","x-displayname":"Aggregations"},"total_hits":{"type":"string","description":" Total number of security incidents that matched the query.\n\nExample: ` \"0\"`","title":"total hits","format":"uint64","x-displayname":"Total Hits","x-ves-example":"0"}}},"app_securitySecurityIncidentsRequest":{"type":"object","description":"Request to fetch security incidents","title":"Security Incidents Request","x-displayname":"Security Incidents Request","x-ves-proto-message":"ves.io.schema.app_security.SecurityIncidentsRequest","properties":{"aggs":{"type":"object","description":" Aggregations provide summary/analytics data over the security incidents response. If the number of security incidents\n that matched the query is large and cannot be returned in a single response message, user can get helpful\n insights/summary using aggregations. The aggregations are key'ed by user-defined aggregation name. The response\n will be key'ed with the same name.\n Optional","title":"aggregations","x-displayname":"Aggregations"},"end_time":{"type":"string","description":" Fetch security incidents whose timestamp <= end_time\n format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the end_time will be evaluated to start_time+10m\n If start_time is not specified, then the end_time will be evaluated to <current time>\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"end time","x-displayname":"End Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}},"limit":{"type":"integer","description":" Limits the number of security incidents returned in the response\n Optional: If not specified, first or last 500 security events that matches the query (depending on the sort order) will be returned in the response.\n The maximum value for limit is 500.\n\nExample: ` \"100\"`","title":"limit","format":"int32","x-displayname":"Limit","x-ves-example":"100"},"namespace":{"type":"string","description":" Fetch security incidents for a given namespace\n\nExample: ` \"bloggin-app-namespace-1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"bloggin-app-namespace-1"},"query":{"type":"string","description":" Query is used to specify the list of matchers\n syntax for query := {[<matcher>]}\n <matcher> := <field_name><operator>\"<value>\"\n <field_name> := string\n One or more of these fields in the security incident may be specified in the query.\n vh_name - name of the virtual host\n src_site - source site\n city - name of the city\n country - country code\n <value> := string\n <operator> := [\"=\"|\"!=\"|\"=~\"|\"!~\"]\n = : equal to\n != : not equal to\n =~ : regex match\n !~ : not regex match\n When more than one matcher is specified in the query, then security incidents matching ALL the matchers will be returned in the response.\n Example: query={country=\"United States\", city=\"California\"} will return all security events originating from California, United States.\n\n Optional: If not specified, all the security events matching the given tenant and namespace will be returned in the response.\n\nExample: ` \"query={app_type=\"blogging_app\"}\"`","title":"query","x-displayname":"Query","x-ves-example":"query={app_type=\"blogging_app\"}"},"scroll":{"type":"boolean","description":" Scroll is used to retrieve large number of security incidents (or all security incidents) that matches the query.\n If scroll is set to true, the scroll_id in the response can be used in the scroll API to fetch the next\n batch of security events until there are no more security events left to return. The number of messages in each\n batch is determined by the limit field.\n Note: Scroll is used for processing large amount of data and therefore is not intended for real time user request.\n Optional: default is false\n\nExample: ` \"true\"`","title":"scroll","format":"boolean","x-displayname":"Scroll","x-ves-example":"true"},"sort":{"$ref":"#/components/schemas/schemaSortOrder"},"sort_by":{"type":"string","description":" Optional: default is sort by last_event_time","title":"sort by","x-displayname":"Sort By"},"start_time":{"type":"string","description":" Fetch security incidents whose timestamp >= start_time\n format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the start_time will be evaluated to end_time-10m\n If end_time is not specified, then the start_time will be evaluated to <current time>-10m\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"start time","x-displayname":"Start Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}}}},"app_securitySecurityIncidentsResponse":{"type":"object","description":"Response message for SecurityIncidentsRequest/SecurityIncidentsScrollRequest","title":"Security Incidents Response","x-displayname":"Security Incidents Response","x-ves-proto-message":"ves.io.schema.app_security.SecurityIncidentsResponse","properties":{"aggs":{"type":"object","description":" Aggregations provide summary/analytics data over the security incidents response. If the number of security incidents\n that matched the query is large and cannot be returned in a single response message, user can get helpful\n insights/summary using aggregations.","title":"aggregations","x-displayname":"Aggregations"},"incidents":{"type":"array","description":" list of security incidents that matched the query. Contains no more than 500 messages.\n\nExample: ` \"value\"`","title":"incidents","items":{"type":"string"},"x-displayname":"Incidents","x-ves-example":"value"},"scroll_id":{"type":"string","description":" Long Base-64 encoded string which can be used to retrieve the next batch of security incidents using the scroll\n request.\n Empty scroll_id indicates no more messages to scroll (EOF).\n Note: scroll_id is valid only for 2 minutes. i.e., If one intend to retrieve next batch of the result, then the\n scroll request should be sent within 2 minutes upon receiving the SecurityIncidentsResponse.\n\nExample: ` \"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ==\"`","title":"scroll id","x-displayname":"Scroll id","x-ves-example":"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ=="},"total_hits":{"type":"string","description":" total number of security events that matched the query.\n\nExample: ` \"0\"`","title":"total hits","format":"uint64","x-displayname":"Total Hits","x-ves-example":"0"}}},"app_securitySecurityIncidentsScrollRequest":{"type":"object","description":"Scroll request is used to fetch large number of security incidents in multiple batches with each SecurityIncidentsResponse\ncontaining no more than 500 messages. To scroll through more than 500 or all security incidents, one can use the\nSecurityIncidentsScrollRequest. Use the scroll_id returned in the SecurityIncidentsResponse to fetch the next batch\nof security events and one can continue this process till the scroll_id returned is \"\" which indicates no more\nmessages to scroll.","title":"Security Incidents Scroll Request","x-displayname":"Security Incidents Scroll Request","x-ves-proto-message":"ves.io.schema.app_security.SecurityIncidentsScrollRequest","properties":{"namespace":{"type":"string","description":" Fetch security incidents for a given namespace\n\nExample: ` \"bloggin-app-namespace-1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"bloggin-app-namespace-1"},"scroll_id":{"type":"string","description":" Long Base-64 encoded string which can be used to retrieve next batch of security events.\n\nExample: ` \"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ==\"`","title":"scroll id","x-displayname":"Scroll ID","x-ves-example":"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ=="}}},"app_securitySuspiciousUserLogsAggregationRequest":{"type":"object","description":"Request to get only aggregation data for suspicious user logs","title":"Suspicious User Logs Aggregation Request","x-displayname":"Suspicious User Logs Aggregation Request","x-ves-proto-message":"ves.io.schema.app_security.SuspiciousUserLogsAggregationRequest","properties":{"aggs":{"type":"object","description":" Aggregations provide summary/analytics data over the suspicious user logs response. If the number of logs that matched the query\n is large and cannot be returned in a single response message, user can get helpful insights/summary using aggregations.\n The aggregations are key'ed by user-defined aggregation name. The response will be key'ed with the same name.\n Optional","title":"aggregations","x-displayname":"Aggregations"},"end_time":{"type":"string","description":" fetch suspicious user logs whose timestamp <= end_time\n format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the end_time will be evaluated to start_time+10m\n If start_time is not specified, then the end_time will be evaluated to <current time>\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"end time","x-displayname":"End Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}},"namespace":{"type":"string","description":" fetch suspicious user logs for a given namespace\n\nExample: ` \"bloggin-app-namespace-1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"bloggin-app-namespace-1"},"query":{"type":"string","description":" query is used to specify the list of matchers\n syntax for query := {[<matcher>]}\n <matcher> := <field_name><operator>\"<value>\"\n <field_name> := string\n One or more of these fields in the suspicious user logs may be specified in the query.\n vh_name - name of the virtual host\n user - user id\n site - source site\n city - name of the city\n country - country code\n <value> := string\n <operator> := [\"=\"|\"!=\"|\"=~\"|\"!~\"]\n = : equal to\n != : not equal to\n =~ : regex match\n !~ : not regex match\n When more than one matcher is specified in the query, then suspicious user logs matching ALL the matchers will be returned in the response.\n\n Optional: If not specified, all the suspicious user logs matching the given tenant and namespace will be returned in the response.\n\nExample: ` \"query={vh_name=\"vh-1\", site=\"ce-01\"}\"`","title":"query","x-displayname":"Query","x-ves-example":"query={vh_name=\"vh-1\", site=\"ce-01\"}"},"start_time":{"type":"string","description":" fetch suspicious user logs whose timestamp >= start_time\n format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the start_time will be evaluated to end_time-10m\n If end_time is not specified, then the start_time will be evaluated to <current time>-10m\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"start time","x-displayname":"Start Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}}}},"app_securitySuspiciousUserLogsAggregationResponse":{"type":"object","description":"Response message for SuspiciousUserLogsAggregationRequest","title":"Suspicious User Logs Aggregation Response","x-displayname":"Suspicious User Logs Aggregation Response","x-ves-proto-message":"ves.io.schema.app_security.SuspiciousUserLogsAggregationResponse","properties":{"aggs":{"type":"object","description":" Aggregations provide summary/analytics data over the suspicious user logs response. If the number of logs that matched the query\n is large and cannot be returned in a single response message, user can get helpful insights/summary using aggregations.\n The aggregation data is key'ed with the aggregation name specified in the request.","title":"aggregations","x-displayname":"Aggregations"},"total_hits":{"type":"string","description":" total number of suspicious user logs that matched the query.\n\nExample: ` \"1400\"`","title":"total hits","format":"uint64","x-displayname":"Total Hits","x-ves-example":"1400"}}},"app_securitySuspiciousUserLogsRequest":{"type":"object","description":"Request to fetch suspicious user logs","title":"Suspicious User Logs Request","x-displayname":"Suspicious User Logs Request","x-ves-proto-message":"ves.io.schema.app_security.SuspiciousUserLogsRequest","properties":{"aggs":{"type":"object","description":" Aggregations provide summary/analytics data over the suspicious user logs response. If the number of logs that matched the query\n is large and cannot be returned in a single response message, user can get helpful insights/summary using aggregations.\n The aggregations are key'ed by user-defined aggregation name. The response will be key'ed with the same name.\n Optional","title":"aggregations","x-displayname":"Aggregations"},"end_time":{"type":"string","description":" fetch suspicious user logs whose timestamp <= end_time\n format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the end_time will be evaluated to start_time+10m\n If start_time is not specified, then the end_time will be evaluated to <current time>\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"end time","x-displayname":"End Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}},"limit":{"type":"integer","description":" limits the number of logs returned in the response\n Optional: If not specified, first or last 500 logs that matches the query (depending on the sort order) will be returned in the response.\n The maximum value for limit is 500.\n\nExample: ` \"100\"`","title":"limit","format":"int32","x-displayname":"Limit","x-ves-example":"100"},"namespace":{"type":"string","description":" fetch suspicious user logs for a given namespace\n\nExample: ` \"bloggin-app-namespace-1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"bloggin-app-namespace-1"},"query":{"type":"string","description":" query is used to specify the list of matchers\n syntax for query := {[<matcher>]}\n <matcher> := <field_name><operator>\"<value>\"\n <field_name> := string\n One or more of these fields in the suspicious user logs may be specified in the query.\n vh_name - name of the virtual host\n user - user id\n site - source site\n city - name of the city\n country - country code\n <value> := string\n <operator> := [\"=\"|\"!=\"|\"=~\"|\"!~\"]\n = : equal to\n != : not equal to\n =~ : regex match\n !~ : not regex match\n When more than one matcher is specified in the query, then suspicious user logs matching ALL the matchers will be returned in the response.\n\n Optional: If not specified, all the suspicious user logs matching the given tenant and namespace will be returned in the response.\n\nExample: ` \"query={vh_name=\"vh-1\", site=\"ce-01\"}\"`","title":"query","x-displayname":"Query","x-ves-example":"query={vh_name=\"vh-1\", site=\"ce-01\"}"},"scroll":{"type":"boolean","description":" Scroll is used to retrieve large number of logs (or all logs) that matches the query.\n If scroll is set to true, the scroll_id in the response can be used in the scroll API to fetch the next\n batch of logs until there are no logs left to return. The number of logs in each batch is determined\n by the limit field.\n Note: Scroll is used for processing large amount of data and therefore is not intended for real time user request.\n Optional: default is false\n\nExample: ` \"true\"`","title":"scroll","format":"boolean","x-displayname":"Scroll","x-ves-example":"true"},"sort":{"$ref":"#/components/schemas/schemaSortOrder"},"sort_by":{"type":"string","description":" Optional: default is sort by last_event_time","title":"sort by","x-displayname":"Sort By"},"start_time":{"type":"string","description":" fetch suspicious user logs whose timestamp >= start_time\n format: unix_timestamp|rfc 3339\n\n Optional: If not specified, then the start_time will be evaluated to end_time-10m\n If end_time is not specified, then the start_time will be evaluated to <current time>-10m\n\nExample: ` \"1570007981\"`\n\nValidation Rules:\n ves.io.schema.rules.string.query_time: true\n","title":"start time","x-displayname":"Start Time","x-ves-example":"1570007981","x-ves-validation-rules":{"ves.io.schema.rules.string.query_time":"true"}}}},"app_securitySuspiciousUserLogsResponse":{"type":"object","description":"Response message for Suspicious User Logs Request","title":"Suspicious User Logs Response","x-displayname":"Suspicious User Logs Response","x-ves-proto-message":"ves.io.schema.app_security.SuspiciousUserLogsResponse","properties":{"aggs":{"type":"object","description":" Aggregations provide summary/analytics data over the security events response. If the number of security events that matched the query\n is large and cannot be returned in a single response message, user can get helpful insights/summary using aggregations.","title":"aggregations","x-displayname":"Aggregations"},"logs":{"type":"array","description":" list of log messages that matched the query. Contains no more than 500 messages.\n\nExample: ` \"value\"`","title":"events","items":{"type":"string"},"x-displayname":"Events","x-ves-example":"value"},"scroll_id":{"type":"string","description":" Long Base-64 encoded string which can be used to retrieve the next batch of suspicous user logs using the scroll request.\n Empty scroll_id indicates no more messages to scroll (EOF).\n Note: scroll_id is valid only for 2 minutes. i.e., If one intend to retrieve next batch of the result, then the\n scroll request should be sent within 2 minutes upon receiving the SuspiciousUserLogsResponse.\n\nExample: ` \"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ==\"`","title":"scroll id","x-displayname":"Scroll id","x-ves-example":"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ=="},"total_hits":{"type":"string","description":" total number of logs that matched the query.\n\nExample: ` \"100\"`","title":"total hits","format":"uint64","x-displayname":"Total Hits","x-ves-example":"100"}}},"app_securitySuspiciousUserLogsScrollRequest":{"type":"object","description":"Scroll request is used to fetch large number of suspicious user logs in multiple batches with each SuspiciousUserLogsResponse\ncontaining no more than 500 messages. To scroll through more than 500 or all messages, one can use the\nSuspiciousUserLogsScrollRequest. Use the scroll_id returned in the SuspiciousUserLogsResponse to fetch the next batch of logs \nand one can continue this process till the scroll_id returned is \"\" which indicates no more logs to scroll.","title":"Suspicious User Logs Scroll Request","x-displayname":"Suspicious User Logs Scroll Request","x-ves-proto-message":"ves.io.schema.app_security.SuspiciousUserLogsScrollRequest","properties":{"namespace":{"type":"string","description":" fetch the next batch of suspicious user logs scoped by namespace\n\nExample: ` \"bloggin-app-namespace-1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"bloggin-app-namespace-1"},"scroll_id":{"type":"string","description":" Long Base-64 encoded string which can be used to retrieve next batch of security events.\n\nExample: ` \"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ==\"`","title":"scroll id","x-displayname":"Scroll ID","x-ves-example":"DXF1ZXJ5QW5kRmV0Y2gBAAAAAAAAAD4WYm9laVYtZndUQlNsdDcwakFMNjU1QQ=="}}},"app_securityThreatCampaign":{"type":"object","description":"Threat Campaign object representing the created threat campaign.","title":"Threat Campaign","x-displayname":"Threat Campaign","x-ves-proto-message":"ves.io.schema.app_security.ThreatCampaign","properties":{"attack_type":{"type":"string","description":" The Threat Campaign Attack Type\n\nExample: ` \"Server Side Code Injection\"`","title":"attack_type","x-displayname":"Attack Type","x-ves-example":"Server Side Code Injection"},"description":{"type":"string","description":" The Threat Campaign Description\n\nExample: ` \"This campaign aims to identify Drupal web servers vulnerable to Drupalgeddon2 RCE vulnerability (CVE-2018-7600). The threat actor instructs the server to download and execute a cryptocurrency miner. The same threat actor was previously detected exploiting Drupal REST Module RCE vulnerability (CVE-2019-6340).\"`","title":"description","x-displayname":"Description","x-ves-example":"This campaign aims to identify Drupal web servers vulnerable to Drupalgeddon2 RCE vulnerability (CVE-2018-7600). The threat actor instructs the server to download and execute a cryptocurrency miner. The same threat actor was previously detected exploiting Drupal REST Module RCE vulnerability (CVE-2019-6340)."},"id":{"type":"string","description":" The Threat Campaign ID\n\nExample: ` \"cmp5641a5adbeabaf2708ce7663ad937df8\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"id","x-displayname":"ID","x-ves-example":"cmp5641a5adbeabaf2708ce7663ad937df8","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}},"intent":{"type":"string","description":" The Threat Campaign Intent\n\nExample: ` \"Malware Spreading - Crypto Currency Miner\"`","title":"intent","x-displayname":"Intent","x-ves-example":"Malware Spreading - Crypto Currency Miner"},"last_update":{"type":"string","description":" The Threat Campaign last update time\n\nExample: ` \"2022/11/29 20:19:17\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"last_update","x-displayname":"Last Update","x-ves-example":"2022/11/29 20:19:17","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}},"malwares":{"type":"array","description":" The Threat Campaign Malwares\n\nExample: ` \"['Cryptocurrency Miner']\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"malwares","items":{"type":"string"},"x-displayname":"Malwares","x-ves-example":"['Cryptocurrency Miner']","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}},"name":{"type":"string","description":" The Threat Campaign Name\n\nExample: ` \"Drupal 'Drupalgeddon2' RCE - exec48ne\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"name","x-displayname":"Name","x-ves-example":"Drupal 'Drupalgeddon2' RCE - exec48ne","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}},"references":{"type":"array","description":" The Threat Campaign References\n\nExample: ` \"['CVE-2018-7600']\"`","title":"references","items":{"type":"string"},"x-displayname":"References","x-ves-example":"['CVE-2018-7600']"},"risk":{"type":"string","description":" The Threat Campaign Risk\n\nExample: ` \"High\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"risk","x-displayname":"Risk","x-ves-example":"High","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}},"systems":{"type":"array","description":" The Threat Campaign Systems\n\nExample: ` \"['PHP', 'Unix/Linux']\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"systems","items":{"type":"string"},"x-displayname":"Systems","x-ves-example":"['PHP', 'Unix/Linux']","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}}}},"app_securityincidentsAggregationRequest":{"type":"object","description":"x-displayName: \"Aggregation Request\"\nAggregation request to provide analytics data over the log response","title":"Aggregation Request","properties":{"cardinality_aggregation":{"$ref":"#/components/schemas/app_securityincidentsCardinalityAggregation"},"date_aggregation":{"$ref":"#/components/schemas/app_securityincidentsDateAggregation"},"field_aggregation":{"$ref":"#/components/schemas/app_securityincidentsFieldAggregation"},"metrics_aggregation":{"$ref":"#/components/schemas/app_securityincidentsMetricsAggregation"},"multi_field_aggregation":{"$ref":"#/components/schemas/app_securityincidentsMultiFieldAggregation"}}},"app_securityincidentsCardinalityAggregation":{"type":"object","description":"x-displayName: \"Cardinality Aggregation\"\nGet approximate count of distinct values for the field in the incident.","title":"Cardinality Aggregation","properties":{"field":{"$ref":"#/components/schemas/app_securityincidentsKeyField"}}},"app_securityincidentsDateAggregation":{"type":"object","description":"x-displayName: \"Date Aggregation\"\nAggregate incidents based on timestamp in the log","title":"Date Aggregation","properties":{"step":{"type":"string","description":"x-displayName: \"Step\"\nx-required\nx-example: \"5m\"\n\nstep is the resolution width, which determines the number of the data points [x-axis (time)] to be returned in the response.\nThe timestamps in the response will be t1=start_time, t2=t1+step, ... tn=tn-1+step, where tn <= end_time.\nFormat: [0-9][smhd], where s - seconds, m - minutes, h - hours, d - days","title":"step"},"sub_aggs":{"type":"object","description":"x-displayName: \"Sub Aggregation\"\nThis option provides sub-aggregation for each date bucket","title":"sub aggregation"}}},"app_securityincidentsDateSubAggregation":{"type":"object","description":"x-displayName: \"Date SubAggregation\"\nAggregate security events based on one of the sub aggregation types","title":"Date SubAggregation","properties":{"field_aggregation":{"$ref":"#/components/schemas/app_securityincidentsFieldAggregation"},"multi_field_aggregation":{"$ref":"#/components/schemas/app_securityincidentsMultiFieldAggregation"}}},"app_securityincidentsFieldAggregation":{"type":"object","description":"x-displayName: \"Field Aggregation\"\nAggregate incidents based on the key fields in the security event.","title":"Field Aggregation","properties":{"field":{"$ref":"#/components/schemas/app_securityincidentsKeyField"},"metrics_aggregation":{"$ref":"#/components/schemas/app_securityincidentsMetricsAggregation"},"sub_aggs":{"type":"object","description":"x-displayName: \"Sub Aggregation\"\nThis option provides sub-aggregation for each field aggregation bucket.","title":"sub aggregation"},"topk":{"type":"integer","description":"x-displayName: \"TopK\"\nx-example: \"10\"\n\nNumber of top field values to be returned in the response.","title":"topk","format":"int64"}}},"app_securityincidentsFieldSubAggregation":{"type":"object","description":"x-displayName: \"Field SubAggregation\"\nAggregate security events in each field bucket based on one of the sub aggregation types","title":"Field SubAggregation","properties":{"cardinality_aggregation":{"$ref":"#/components/schemas/app_securityincidentsCardinalityAggregation"}}},"app_securityincidentsKeyField":{"type":"string","description":"x-displayName: \"Key Field\"\nSecurity events can be aggregated based on these fields.\n\n - CITY: x-displayName: \"City\"\n - COUNTRY: x-displayName: \"Country\"\n - ASN: x-displayName: \"ASN\"\n - INCIDENT_TYPE: x-displayName: \"Incident Type\"\n - INTENT: x-displayName: \"Intent\"\n - VH_NAME: x-displayName: \"Virtual Host Name\"\n - USER_ID: x-displayName: \"User ID\"\n - SRC_IP: x-displayName: \"Source IP\"\n - TLS_FINGERPRINT: x-displayName: \"JA3 TLS Fingerprint\"\n - LAST_STATUS: x-displayName: \"Last Status\"\n - INCIDENT_ID: x-displayName: \"Incident ID\"","title":"Key Field","enum":["CITY","COUNTRY","ASN","INCIDENT_TYPE","INTENT","VH_NAME","USER_ID","SRC_IP","TLS_FINGERPRINT","LAST_STATUS","INCIDENT_ID"],"default":"CITY"},"app_securityincidentsMetricField":{"type":"string","description":"x-displayName: \"Metric Field\"\nMetrics can be computed based on these fields.\n\n - EVENTS: x-displayName: \"Events\"","title":"Metric Field","enum":["EVENTS"],"default":"EVENTS"},"app_securityincidentsMetricsAggregation":{"type":"object","description":"x-displayName: \"Metrics Aggregation\"\nComputes metrics based on values for the field in the incident.","title":"Metrics Aggregation","properties":{"percentile":{"$ref":"#/components/schemas/app_securityincidentsPercentileAggregation"}}},"app_securityincidentsMultiFieldAggregation":{"type":"object","description":"x-displayName: \"Multi-Field Aggregation\"\nAggregate incidents based on the multiple fields in the incident.","title":"Multi-Field Aggregation","properties":{"field":{"$ref":"#/components/schemas/app_securityincidentsMultiKeyField"},"metrics_aggregation":{"$ref":"#/components/schemas/app_securityincidentsMetricsAggregation"},"sub_aggs":{"type":"object","description":"x-displayName: \"Sub Aggregation\"\nThis option provides sub-aggregation for each field aggregation bucket.","title":"sub aggregation"},"topk":{"type":"integer","description":"x-displayName: \"TopK\"\nx-example: \"10\"\n\nNumber of top field values to be returned in the response.","title":"topk","format":"int64"}}},"app_securityincidentsMultiFieldSubAggregation":{"type":"object","description":"x-displayName: \"Multi Field SubAggregation\"\nAggregate security events in each MultiTerms bucket based on one of the sub aggregation types","title":"Multi Field SubAggregation","properties":{"cardinality_aggregation":{"$ref":"#/components/schemas/app_securityincidentsCardinalityAggregation"}}},"app_securityincidentsMultiKeyField":{"type":"string","description":"x-displayName: \"Multi-Key Field\"\nSecurity events can be aggregated based on these multiple key fields\n\n - SRC_IP_TLS_FINGERPRINT: x-displayName: \"Source IP, JA3 TLS Fingerprint\"\nAggregated by (KeyField.SRC_IP, KeyField.TLS_FINGERPRINT)","title":"Multi-Key Field","enum":["SRC_IP_TLS_FINGERPRINT"],"default":"SRC_IP_TLS_FINGERPRINT"},"app_securityincidentsPercentileAggregation":{"type":"object","description":"x-displayName: \"Percentile Aggregation\"\nCalculates percentile over numeric values for a field.","title":"Percentile Aggregation","properties":{"field":{"$ref":"#/components/schemas/app_securityincidentsMetricField"},"percent":{"type":"number","description":"x-displayName: \"Percent\"\nx-example: \"[99.0]\"\nx-required\n\nPercentile for which value is calculated.","title":"percent","format":"double"}}},"app_securitysuspicious_user_logAggregationRequest":{"type":"object","description":"x-displayName: \"Aggregation Request\"\nAggregation request to provide analytics data over the log response","title":"Aggregation Request","properties":{"avg_aggregation":{"$ref":"#/components/schemas/suspicious_user_logAvgAggregation"},"cardinality_aggregation":{"$ref":"#/components/schemas/app_securitysuspicious_user_logCardinalityAggregation"},"date_aggregation":{"$ref":"#/components/schemas/app_securitysuspicious_user_logDateAggregation"},"field_aggregation":{"$ref":"#/components/schemas/app_securitysuspicious_user_logFieldAggregation"},"max_aggregation":{"$ref":"#/components/schemas/suspicious_user_logMaxAggregation"},"metrics_aggregation":{"$ref":"#/components/schemas/app_securitysuspicious_user_logMetricsAggregation"},"min_aggregation":{"$ref":"#/components/schemas/suspicious_user_logMinAggregation"}}},"app_securitysuspicious_user_logCardinalityAggregation":{"type":"object","description":"x-displayName: \"Cardinality Aggregation\"\nGet approximate count of distinct values for the field in the suspicious user log.","title":"Cardinality Aggregation","properties":{"field":{"$ref":"#/components/schemas/app_securitysuspicious_user_logKeyField"}}},"app_securitysuspicious_user_logDateAggregation":{"type":"object","description":"x-displayName: \"Date Aggregation\"\nAggregate suspicious user logs based on timestamp in the log","title":"Date Aggregation","properties":{"step":{"type":"string","description":"x-displayName: \"Step\"\nx-required\nx-example: \"5m\"\n\nstep is the resolution width, which determines the number of the data points [x-axis (time)] to be returned in the response.\nThe timestamps in the response will be t1=start_time, t2=t1+step, ... tn=tn-1+step, where tn <= end_time.\nFormat: [0-9][smhd], where s - seconds, m - minutes, h - hours, d - days","title":"step"}}},"app_securitysuspicious_user_logFieldAggregation":{"type":"object","description":"x-displayName: \"Field Aggregation\"\nAggregate incidents based on the key fields in the suspicious user log.","title":"Field Aggregation","properties":{"field":{"$ref":"#/components/schemas/app_securitysuspicious_user_logKeyField"},"metrics_aggregation":{"$ref":"#/components/schemas/app_securitysuspicious_user_logMetricsAggregation"},"sub_aggs":{"type":"object","description":"x-displayName: \"Sub Aggregation\"\nThis option provides sub-aggregation for each field aggregation bucket.","title":"sub aggregation"},"topk":{"type":"integer","description":"x-displayName: \"TopK\"\nx-example: \"10\"\n\nNumber of top field values to be returned in the response.","title":"topk","format":"int64"}}},"app_securitysuspicious_user_logFieldSubAggregation":{"type":"object","description":"x-displayName: \"Field SubAggregation\"\nAggregate security events in each field bucket based on one of the sub aggregation types","title":"Field SubAggregation","properties":{"cardinality_aggregation":{"$ref":"#/components/schemas/app_securitysuspicious_user_logCardinalityAggregation"}}},"app_securitysuspicious_user_logKeyField":{"type":"string","description":"x-displayName: \"Key Field\"\nSecurity events can be aggregated based on these fields.\n\n - CITY: x-displayName: \"City\"\n - COUNTRY: x-displayName: \"Country\"\n - ASN: x-displayName: \"ASN\"\n - USER: x-displayName: \"User\"\n - THREAT_LEVEL: x-displayName: \"Threat Level\"\n - VH_NAME: x-displayName: \"Virtual Host Name\"\n - SRC_IP: x-displayName: \"Source IP\"\n - SUSPICION_LOG_TYPE: x-displayName: \"Suspicion Log Type\"","title":"Key Field","enum":["CITY","COUNTRY","ASN","USER","THREAT_LEVEL","VH_NAME","SRC_IP","SUSPICION_LOG_TYPE"],"default":"CITY"},"app_securitysuspicious_user_logMetricsAggregation":{"type":"object","description":"x-displayName: \"Metrics Aggregation\"\nComputes metrics based on values for the field in the suspicious user log.","title":"Metrics Aggregation","properties":{"percentile":{"$ref":"#/components/schemas/app_securitysuspicious_user_logPercentileAggregation"}}},"app_securitysuspicious_user_logPercentileAggregation":{"type":"object","description":"x-displayName: \"Percentile Aggregation\"\nCalculates percentile over numeric values for a field.","title":"Percentile Aggregation","properties":{"field":{"$ref":"#/components/schemas/suspicious_user_logNumKeyField"},"percent":{"type":"number","description":"x-displayName: \"Percent\"\nx-example: \"[99.0]\"\nx-required\n\nPercentile for which value is calculated.","title":"percent","format":"double"}}},"common_securityDDoSClientSource":{"type":"object","description":"DDoS Mitigation sources to be blocked","title":"DDoSClientSource","x-displayname":"DDoS Client Source Choice","x-ves-displayorder":"1,3,5,6","x-ves-proto-message":"ves.io.schema.views.common_security.DDoSClientSource","properties":{"asn_list":{"$ref":"#/components/schemas/policyAsnMatchList"},"country_list":{"type":"array","description":" Sources that are located in one of the countries in the given list\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.enum.defined_only: true\n ves.io.schema.rules.repeated.items.enum.not_in: [0]\n ves.io.schema.rules.repeated.max_items: 64\n ves.io.schema.rules.repeated.unique: true\n","title":"country_list","maxItems":64,"items":{"$ref":"#/components/schemas/policyCountryCode"},"x-displayname":"Country List","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.enum.defined_only":"true","ves.io.schema.rules.repeated.items.enum.not_in":"[0]","ves.io.schema.rules.repeated.max_items":"64","ves.io.schema.rules.repeated.unique":"true"}},"ja4_tls_fingerprint_matcher":{"$ref":"#/components/schemas/policyJA4TlsFingerprintMatcherType"},"tls_fingerprint_matcher":{"$ref":"#/components/schemas/policyTlsFingerprintMatcherType"}}},"common_securityDDoSMitigationRule":{"type":"object","description":"DDoS Mitigation Rule specifies the sources to be blocked","title":"DDoSMitigationRule","x-displayname":"DDoS Mitigation Rule","x-ves-displayorder":"1,2,7,10","x-ves-oneof-field-mitigation_action":"[\"block\"]","x-ves-oneof-field-mitigation_choice":"[\"ddos_client_source\",\"ip_prefix_list\"]","x-ves-proto-message":"ves.io.schema.views.common_security.DDoSMitigationRule","properties":{"block":{"$ref":"#/components/schemas/schemaEmpty"},"ddos_client_source":{"$ref":"#/components/schemas/common_securityDDoSClientSource"},"expiration_timestamp":{"type":"string","description":" The expiration_timestamp is the RFC 3339 format timestamp at which the containing rule is considered to be logically expired. The rule continues to exist in\n the configuration but is not applied anymore.\n\nExample: ` \"2019-12-31:44:34.171543432Z\"`\n\nValidation Rules:\n ves.io.schema.rules.timestamp.within.seconds: 31536000\n","title":"expiration timestamp","format":"date-time","x-displayname":"Expiration Timestamp","x-ves-example":"2019-12-31:44:34.171543432Z","x-ves-validation-rules":{"ves.io.schema.rules.timestamp.within.seconds":"31536000"}},"ip_prefix_list":{"$ref":"#/components/schemas/policyPrefixMatchList"},"metadata":{"$ref":"#/components/schemas/schemaMessageMetaType"}}},"common_wafAPIEndpointProtectionRule":{"type":"object","description":"API Protection Rule for a specific endpoint","title":"API Endpoint Protection Rule","x-displayname":"API Endpoint Protection Rule","x-ves-oneof-field-domain_choice":"[\"any_domain\",\"specific_domain\"]","x-ves-proto-message":"ves.io.schema.views.common_waf.APIEndpointProtectionRule","properties":{"action":{"$ref":"#/components/schemas/common_wafAPIProtectionRuleAction"},"any_domain":{"$ref":"#/components/schemas/schemaEmpty"},"api_endpoint_method":{"$ref":"#/components/schemas/policyHttpMethodMatcherType"},"api_endpoint_path":{"type":"string","description":" The endpoint (path) of the request.\n\nExample: ` \"/endpoint1\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_len: 1024\n ves.io.schema.rules.string.templated_http_path: true\n","title":"api endpoint path","maxLength":1024,"x-displayname":"API Endpoint","x-ves-example":"/endpoint1","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_len":"1024","ves.io.schema.rules.string.templated_http_path":"true"}},"client_matcher":{"$ref":"#/components/schemas/policyClientMatcher"},"metadata":{"$ref":"#/components/schemas/schemaMessageMetaType"},"request_matcher":{"$ref":"#/components/schemas/policyRequestMatcher"},"specific_domain":{"type":"string","description":"Exclusive with [any_domain]\n The rule will apply for a specific domain.\n For example: api.example.com\n\nExample: ` \"api.example.com\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 128\n ves.io.schema.rules.string.vh_domain: true\n","title":"domain","maxLength":128,"x-displayname":"Specific Domain","x-ves-example":"api.example.com","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"128","ves.io.schema.rules.string.vh_domain":"true"}}}},"common_wafAPIProtectionRuleAction":{"type":"object","description":"The action to take if the input request matches the rule.","title":"API Protection Rule Action","x-displayname":"API Protection Rule Action","x-ves-oneof-field-action":"[\"allow\",\"deny\"]","x-ves-proto-message":"ves.io.schema.views.common_waf.APIProtectionRuleAction","properties":{"allow":{"$ref":"#/components/schemas/schemaEmpty"},"deny":{"$ref":"#/components/schemas/schemaEmpty"}}},"common_wafApiEndpointDetails":{"type":"object","description":"This defines api endpoint","title":"ApiEndpointDetails","x-displayname":"API Endpoint","x-ves-proto-message":"ves.io.schema.views.common_waf.ApiEndpointDetails","properties":{"methods":{"type":"array","description":" Methods to be matched\n\nExample: ` \"GET\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.enum.defined_only: true\n ves.io.schema.rules.repeated.max_items: 16\n ves.io.schema.rules.repeated.unique: true\n","title":"Methods","maxItems":16,"items":{"$ref":"#/components/schemas/schemaHttpMethod"},"x-displayname":"Methods","x-ves-example":"GET","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.enum.defined_only":"true","ves.io.schema.rules.repeated.max_items":"16","ves.io.schema.rules.repeated.unique":"true"}},"path":{"type":"string","description":" Path to be matched\n\nExample: ` \"/api/v1/login\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_len: 1024\n ves.io.schema.rules.string.templated_http_path: true\n","title":"Path","maxLength":1024,"x-displayname":"Path","x-ves-example":"/api/v1/login","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_len":"1024","ves.io.schema.rules.string.templated_http_path":"true"}}}},"common_wafApiEndpointRule":{"type":"object","title":"ApiEndpointRule","x-displayname":"ApiEndpointRule","x-ves-oneof-field-domain_choice":"[\"any_domain\",\"specific_domain\"]","x-ves-oneof-field-rate_limiter_choice":"[\"inline_rate_limiter\",\"ref_rate_limiter\"]","x-ves-proto-message":"ves.io.schema.views.common_waf.ApiEndpointRule","properties":{"any_domain":{"$ref":"#/components/schemas/schemaEmpty"},"api_endpoint_method":{"$ref":"#/components/schemas/policyHttpMethodMatcherType"},"api_endpoint_path":{"type":"string","description":" The endpoint (path) of the request.\n\nExample: ` \"value\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_len: 1024\n ves.io.schema.rules.string.templated_http_path: true\n","title":"api endpoint path","maxLength":1024,"x-displayname":"API Endpoint","x-ves-example":"value","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_len":"1024","ves.io.schema.rules.string.templated_http_path":"true"}},"client_matcher":{"$ref":"#/components/schemas/policyClientMatcher"},"inline_rate_limiter":{"$ref":"#/components/schemas/common_wafInlineRateLimiter"},"ref_rate_limiter":{"$ref":"#/components/schemas/schemaviewsObjectRefType"},"request_matcher":{"$ref":"#/components/schemas/policyRequestMatcher"},"specific_domain":{"type":"string","description":"Exclusive with [any_domain]\n The rule will apply for a specific domain.\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 128\n ves.io.schema.rules.string.vh_domain: true\n","title":"domain","maxLength":128,"x-displayname":"Specific Domain","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"128","ves.io.schema.rules.string.vh_domain":"true"}}}},"common_wafClientSrcRuleAction":{"type":"string","description":"Action that should be taken when client identifier matches the rule\n","title":"action","enum":["SKIP_PROCESSING_WAF","SKIP_PROCESSING_BOT","SKIP_PROCESSING_MUM","SKIP_PROCESSING_IP_REPUTATION","SKIP_PROCESSING_API_PROTECTION","SKIP_PROCESSING_OAS_VALIDATION","SKIP_PROCESSING_DDOS_PROTECTION","SKIP_PROCESSING_THREAT_MESH","SKIP_PROCESSING_MALWARE_PROTECTION"],"default":"SKIP_PROCESSING_WAF","x-displayname":"Action","x-ves-proto-enum":"ves.io.schema.views.common_waf.ClientSrcRuleAction"},"common_wafCustomFallThroughMode":{"type":"object","description":"Define the fall through settings","title":"Custom Fall Through Mode","x-displayname":"Custom Fall Through Mode","x-ves-proto-message":"ves.io.schema.views.common_waf.CustomFallThroughMode","properties":{"open_api_validation_rules":{"type":"array","description":"\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.max_items: 15\n ves.io.schema.rules.repeated.unique_metadata_name: true\n","title":"Custom Fall Through Rule List","maxItems":15,"items":{"$ref":"#/components/schemas/common_wafFallThroughRule"},"x-displayname":"Custom Fall Through Rule List","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.max_items":"15","ves.io.schema.rules.repeated.unique_metadata_name":"true"}}}},"common_wafFallThroughRule":{"type":"object","description":"Fall Through Rule for a specific endpoint, base-path, or API group","title":"Fall Through Rule","x-displayname":"Fall Through Rule","x-ves-oneof-field-action_choice":"[\"action_block\",\"action_report\",\"action_skip\"]","x-ves-oneof-field-condition_type_choice":"[\"api_endpoint\",\"api_group\",\"base_path\"]","x-ves-proto-message":"ves.io.schema.views.common_waf.FallThroughRule","properties":{"action_block":{"$ref":"#/components/schemas/schemaEmpty"},"action_report":{"$ref":"#/components/schemas/schemaEmpty"},"action_skip":{"$ref":"#/components/schemas/schemaEmpty"},"api_endpoint":{"$ref":"#/components/schemas/common_wafApiEndpointDetails"},"api_group":{"type":"string","description":"Exclusive with [api_endpoint base_path]\n The API group which this validation applies to\n\nExample: ` \"oas-all-operations\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 128\n","title":"api_group","maxLength":128,"x-displayname":"API Group","x-ves-example":"oas-all-operations","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"128"}},"base_path":{"type":"string","description":"Exclusive with [api_endpoint api_group]\n The base path which this validation applies to\n\nExample: ` \"/api/v1\"`\n\nValidation Rules:\n ves.io.schema.rules.string.http_path: true\n ves.io.schema.rules.string.max_len: 128\n","title":"base path","maxLength":128,"x-displayname":"Base Path","x-ves-example":"/api/v1","x-ves-validation-rules":{"ves.io.schema.rules.string.http_path":"true","ves.io.schema.rules.string.max_len":"128"}},"metadata":{"$ref":"#/components/schemas/schemaMessageMetaType"}}},"common_wafHttpHeaderMatcherList":{"type":"object","description":"Request header name and value pairs","title":"HTTP Header","x-displayname":"HTTP Header","x-ves-proto-message":"ves.io.schema.views.common_waf.HttpHeaderMatcherList","properties":{"headers":{"type":"array","description":" List of HTTP header name and value pairs\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.max_items: 16\n","title":"headers","maxItems":16,"items":{"$ref":"#/components/schemas/ioschemaHeaderMatcherType"},"x-displayname":"HTTP Headers","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.max_items":"16"}}}},"common_wafInlineRateLimiter":{"type":"object","title":"InlineRateLimiter","x-displayname":"InlineRateLimiter","x-ves-oneof-field-count_by_choice":"[\"ref_user_id\",\"use_http_lb_user_id\"]","x-ves-proto-message":"ves.io.schema.views.common_waf.InlineRateLimiter","properties":{"ref_user_id":{"$ref":"#/components/schemas/schemaviewsObjectRefType"},"threshold":{"type":"integer","description":" The total number of allowed requests for 1 unit (e.g. SECOND/MINUTE/HOUR etc.) of the specified period.\n\nExample: ` \"1\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.uint32.gt: 0\n ves.io.schema.rules.uint32.lte: 8192\n","title":"threshold","format":"int64","x-displayname":"Threshold","x-ves-example":"1","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.uint32.gt":"0","ves.io.schema.rules.uint32.lte":"8192"}},"unit":{"$ref":"#/components/schemas/rate_limiterRateLimitPeriodUnit"},"use_http_lb_user_id":{"$ref":"#/components/schemas/schemaEmpty"}}},"common_wafOpenApiFallThroughMode":{"type":"object","description":"x-required\nDetermine what to do with unprotected endpoints (not in the OpenAPI specification file (a.k.a. swagger) or doesn't have a specific rule in custom rules)","title":"Fall Through Mode","x-displayname":"Fall Through Mode","x-ves-oneof-field-fall_through_mode_choice":"[\"fall_through_mode_allow\",\"fall_through_mode_custom\"]","x-ves-proto-message":"ves.io.schema.views.common_waf.OpenApiFallThroughMode","properties":{"fall_through_mode_allow":{"$ref":"#/components/schemas/schemaEmpty"},"fall_through_mode_custom":{"$ref":"#/components/schemas/common_wafCustomFallThroughMode"}}},"common_wafOpenApiValidationAllSpecEndpointsSettings":{"type":"object","description":"Settings for API Inventory validation","title":"OpenAPI Validation API Inventory Settings","x-displayname":"API Inventory","x-ves-oneof-field-oversized_body_choice":"[]","x-ves-proto-message":"ves.io.schema.views.common_waf.OpenApiValidationAllSpecEndpointsSettings","properties":{"fall_through_mode":{"$ref":"#/components/schemas/common_wafOpenApiFallThroughMode"},"settings":{"$ref":"#/components/schemas/common_wafOpenApiValidationCommonSettings"},"validation_mode":{"$ref":"#/components/schemas/common_wafOpenApiValidationMode"}}},"common_wafOpenApiValidationCommonSettings":{"type":"object","description":"OpenAPI specification validation settings relevant for \"API Inventory\" enforcement and for \"Custom list\" enforcement","title":"OpenAPI specification validation common settings","x-displayname":"Common Settings","x-ves-oneof-field-fail_configuration":"[]","x-ves-oneof-field-oversized_body_choice":"[\"oversized_body_fail_validation\",\"oversized_body_skip_validation\"]","x-ves-oneof-field-property_validation_settings_choice":"[\"property_validation_settings_custom\",\"property_validation_settings_default\"]","x-ves-proto-message":"ves.io.schema.views.common_waf.OpenApiValidationCommonSettings","properties":{"oversized_body_fail_validation":{"$ref":"#/components/schemas/schemaEmpty"},"oversized_body_skip_validation":{"$ref":"#/components/schemas/schemaEmpty"},"property_validation_settings_custom":{"$ref":"#/components/schemas/common_wafValidationPropertySetting"},"property_validation_settings_default":{"$ref":"#/components/schemas/schemaEmpty"}}},"common_wafOpenApiValidationMode":{"type":"object","description":"x-required\nValidation mode of OpenAPI specification.\n When a validation mismatch occurs on a request to one of the endpoints listed on the OpenAPI specification file (a.k.a. swagger)","title":"Validation Mode","x-displayname":"Validation Mode","x-ves-oneof-field-response_validation_mode_choice":"[\"response_validation_mode_active\",\"skip_response_validation\"]","x-ves-oneof-field-validation_mode_choice":"[\"skip_validation\",\"validation_mode_active\"]","x-ves-proto-message":"ves.io.schema.views.common_waf.OpenApiValidationMode","properties":{"response_validation_mode_active":{"$ref":"#/components/schemas/common_wafOpenApiValidationModeActiveResponse"},"skip_response_validation":{"$ref":"#/components/schemas/schemaEmpty"},"skip_validation":{"$ref":"#/components/schemas/schemaEmpty"},"validation_mode_active":{"$ref":"#/components/schemas/common_wafOpenApiValidationModeActive"}}},"common_wafOpenApiValidationModeActive":{"type":"object","description":"Validation mode properties of request","title":"Open API Validation Mode Active For Request","x-displayname":"Open API Validation Mode Active","x-ves-oneof-field-validation_enforcement_type":"[\"enforcement_block\",\"enforcement_report\"]","x-ves-proto-message":"ves.io.schema.views.common_waf.OpenApiValidationModeActive","properties":{"enforcement_block":{"$ref":"#/components/schemas/schemaEmpty"},"enforcement_report":{"$ref":"#/components/schemas/schemaEmpty"},"request_validation_properties":{"type":"array","description":" List of properties of the request to validate according to the OpenAPI specification file (a.k.a. swagger)\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.items.enum.defined_only: true\n ves.io.schema.rules.repeated.items.enum.not_in: [7]\n ves.io.schema.rules.repeated.min_items: 1\n ves.io.schema.rules.repeated.unique: true\n","title":"Request Validation Properties","minItems":1,"items":{"$ref":"#/components/schemas/schemaOpenApiValidationProperties"},"x-displayname":"Request Validation Properties","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.items.enum.defined_only":"true","ves.io.schema.rules.repeated.items.enum.not_in":"[7]","ves.io.schema.rules.repeated.min_items":"1","ves.io.schema.rules.repeated.unique":"true"}}}},"common_wafOpenApiValidationModeActiveResponse":{"type":"object","description":"Validation mode properties of response","title":"Open API Validation Mode Active For Response","x-displayname":"Open API Validation Mode Active","x-ves-oneof-field-validation_enforcement_type":"[\"enforcement_block\",\"enforcement_report\"]","x-ves-proto-message":"ves.io.schema.views.common_waf.OpenApiValidationModeActiveResponse","properties":{"enforcement_block":{"$ref":"#/components/schemas/schemaEmpty"},"enforcement_report":{"$ref":"#/components/schemas/schemaEmpty"},"response_validation_properties":{"type":"array","description":" List of properties of the response to validate according to the OpenAPI specification file (a.k.a. swagger)\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.items.enum.defined_only: true\n ves.io.schema.rules.repeated.items.enum.in: [2,4,5,7]\n ves.io.schema.rules.repeated.min_items: 1\n ves.io.schema.rules.repeated.unique: true\n","title":"Response Validation Properties","minItems":1,"items":{"$ref":"#/components/schemas/schemaOpenApiValidationProperties"},"x-displayname":"Response Validation Properties","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.items.enum.defined_only":"true","ves.io.schema.rules.repeated.items.enum.in":"[2,4,5,7]","ves.io.schema.rules.repeated.min_items":"1","ves.io.schema.rules.repeated.unique":"true"}}}},"common_wafOpenApiValidationRule":{"type":"object","description":"OpenAPI Validation Rule for a specific endpoint, base-path, or API group","title":"OpenAPI Validation Rule","x-displayname":"OpenAPI Validation Rule","x-ves-oneof-field-condition_type_choice":"[\"api_endpoint\",\"api_group\",\"base_path\"]","x-ves-oneof-field-domain_choice":"[\"any_domain\",\"specific_domain\"]","x-ves-proto-message":"ves.io.schema.views.common_waf.OpenApiValidationRule","properties":{"any_domain":{"$ref":"#/components/schemas/schemaEmpty"},"api_endpoint":{"$ref":"#/components/schemas/common_wafApiEndpointDetails"},"api_group":{"type":"string","description":"Exclusive with [api_endpoint base_path]\n The API group which this validation applies to\n\nExample: ` \"oas-all-operations\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 128\n","title":"api_group","maxLength":128,"x-displayname":"API Group","x-ves-example":"oas-all-operations","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"128"}},"base_path":{"type":"string","description":"Exclusive with [api_endpoint api_group]\n The base path which this validation applies to\n\nExample: ` \"/api/v1\"`\n\nValidation Rules:\n ves.io.schema.rules.string.http_path: true\n ves.io.schema.rules.string.max_len: 128\n","title":"base path","maxLength":128,"x-displayname":"Base Path","x-ves-example":"/api/v1","x-ves-validation-rules":{"ves.io.schema.rules.string.http_path":"true","ves.io.schema.rules.string.max_len":"128"}},"metadata":{"$ref":"#/components/schemas/schemaMessageMetaType"},"specific_domain":{"type":"string","description":"Exclusive with [any_domain]\n The rule will apply for a specific domain.\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 128\n ves.io.schema.rules.string.vh_domain: true\n","title":"domain","maxLength":128,"x-displayname":"Specific Domain","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"128","ves.io.schema.rules.string.vh_domain":"true"}},"validation_mode":{"$ref":"#/components/schemas/common_wafOpenApiValidationMode"}}},"common_wafSimpleClientSrcRule":{"type":"object","description":"Simple client source rule specifies the sources to be blocked or trusted (skip WAF)","title":"SimpleClientSrcRule","x-displayname":"Client Rule","x-ves-oneof-field-action_choice":"[\"bot_skip_processing\",\"skip_processing\",\"waf_skip_processing\"]","x-ves-oneof-field-client_source_choice":"[\"as_number\",\"http_header\",\"ip_prefix\",\"ipv6_prefix\",\"user_identifier\"]","x-ves-proto-message":"ves.io.schema.views.common_waf.SimpleClientSrcRule","properties":{"actions":{"type":"array","description":" Actions that should be taken when client identifier matches the rule\n\nValidation Rules:\n ves.io.schema.rules.enum.defined_only: true\n ves.io.schema.rules.repeated.max_items: 10\n ves.io.schema.rules.repeated.unique: true\n","title":"actions","maxItems":10,"items":{"$ref":"#/components/schemas/common_wafClientSrcRuleAction"},"x-displayname":"Actions","x-ves-validation-rules":{"ves.io.schema.rules.enum.defined_only":"true","ves.io.schema.rules.repeated.max_items":"10","ves.io.schema.rules.repeated.unique":"true"}},"as_number":{"type":"integer","description":"Exclusive with [http_header ip_prefix ipv6_prefix user_identifier]\n RFC 6793 defined 4-byte AS number\n\nExample: ` \"4683\"`\n\nValidation Rules:\n ves.io.schema.rules.uint32.gte: 1\n ves.io.schema.rules.uint32.lte: 401308\n","title":"as number","format":"int64","x-displayname":"AS Number","x-ves-example":"4683","x-ves-validation-rules":{"ves.io.schema.rules.uint32.gte":"1","ves.io.schema.rules.uint32.lte":"401308"}},"bot_skip_processing":{"$ref":"#/components/schemas/schemaEmpty"},"expiration_timestamp":{"type":"string","description":" The expiration_timestamp is the RFC 3339 format timestamp at which the containing rule is considered to be logically expired. The rule continues to exist in\n the configuration but is not applied anymore.\n\nExample: ` \"2019-12-31:44:34.171543432Z\"`\n\nValidation Rules:\n ves.io.schema.rules.timestamp.within.seconds: 31536000\n","title":"expiration timestamp","format":"date-time","x-displayname":"Expiration Timestamp","x-ves-example":"2019-12-31:44:34.171543432Z","x-ves-validation-rules":{"ves.io.schema.rules.timestamp.within.seconds":"31536000"}},"http_header":{"$ref":"#/components/schemas/common_wafHttpHeaderMatcherList"},"ip_prefix":{"type":"string","description":"Exclusive with [as_number http_header ipv6_prefix user_identifier]\n IPv4 prefix string.\n\nExample: ` \"192.168.20.0/24\"`\n\nValidation Rules:\n ves.io.schema.rules.string.ipv4_prefix: true\n","title":"ip prefix","x-displayname":"IPv4 Prefix","x-ves-example":"192.168.20.0/24","x-ves-validation-rules":{"ves.io.schema.rules.string.ipv4_prefix":"true"}},"ipv6_prefix":{"type":"string","description":"Exclusive with [as_number http_header ip_prefix user_identifier]\n IPv6 prefix string.\n\nExample: ` \"2001::1/64\"`\n\nValidation Rules:\n ves.io.schema.rules.string.ipv6_prefix: true\n","title":"ipv6 prefix","x-displayname":"IPv6 Prefix","x-ves-example":"2001::1/64","x-ves-validation-rules":{"ves.io.schema.rules.string.ipv6_prefix":"true"}},"metadata":{"$ref":"#/components/schemas/schemaMessageMetaType"},"skip_processing":{"$ref":"#/components/schemas/schemaEmpty"},"user_identifier":{"type":"string","description":"Exclusive with [as_number http_header ip_prefix ipv6_prefix]\n Identify user based on user identifier. User identifier value needs to be copied from security event.\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 256\n","title":"user identifier","maxLength":256,"x-displayname":"User Identifier","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"256"}},"waf_skip_processing":{"$ref":"#/components/schemas/schemaEmpty"}}},"common_wafValidationPropertySetting":{"type":"object","description":"Custom property validation settings","title":"Validation Property settings","x-displayname":"Validation Property Settings","x-ves-proto-message":"ves.io.schema.views.common_waf.ValidationPropertySetting","properties":{"queryParameters":{"$ref":"#/components/schemas/common_wafValidationSettingForQueryParameters"}}},"common_wafValidationSettingForHeaders":{"type":"object","description":"x-displayName: \"Validation Settings For Headers\"\nCustom settings for headers validation","title":"Validation Settings For Headers","properties":{"allow_additional_headers":{"$ref":"#/components/schemas/schemaEmpty"},"disallow_additional_headers":{"$ref":"#/components/schemas/schemaEmpty"}}},"common_wafValidationSettingForQueryParameters":{"type":"object","description":"Custom settings for query parameters validation","title":"Validation Settings For Query Parameters","x-displayname":"Validation Settings For Query Parameters","x-ves-oneof-field-additional_parameters_choice":"[\"allow_additional_parameters\",\"disallow_additional_parameters\"]","x-ves-proto-message":"ves.io.schema.views.common_waf.ValidationSettingForQueryParameters","properties":{"allow_additional_parameters":{"$ref":"#/components/schemas/schemaEmpty"},"disallow_additional_parameters":{"$ref":"#/components/schemas/schemaEmpty"}}},"http_loadbalancerBodySectionMaskingOptions":{"type":"object","description":"Options for HTTP Body Masking","title":"Body Section Masking Options","x-displayname":"Body Section Masking Options","x-ves-proto-message":"ves.io.schema.views.http_loadbalancer.BodySectionMaskingOptions","properties":{"fields":{"type":"array","description":" List of JSON Path field values. Use square brackets with an underscore [_] to indicate array elements (e.g., person.emails[_]). To reference JSON keys that contain spaces, enclose the entire path in double quotes. For example: \"person.first name\".\n\nExample: ` \"['user.email', 'credit_card']\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.items.string.json_path: true\n ves.io.schema.rules.repeated.items.string.max_bytes: 256\n ves.io.schema.rules.repeated.items.string.min_bytes: 1\n ves.io.schema.rules.repeated.items.string.not_empty: true\n ves.io.schema.rules.repeated.max_items: 16\n ves.io.schema.rules.repeated.min_items: 1\n ves.io.schema.rules.repeated.unique: true\n","title":"Field Values","minItems":1,"maxItems":16,"items":{"type":"string","minLength":1,"maxLength":256},"x-displayname":"Values","x-ves-example":"['user.email', 'credit_card']","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.items.string.json_path":"true","ves.io.schema.rules.repeated.items.string.max_bytes":"256","ves.io.schema.rules.repeated.items.string.min_bytes":"1","ves.io.schema.rules.repeated.items.string.not_empty":"true","ves.io.schema.rules.repeated.max_items":"16","ves.io.schema.rules.repeated.min_items":"1","ves.io.schema.rules.repeated.unique":"true"}}}},"http_loadbalancerSensitiveDataTypes":{"type":"object","description":"Settings to mask sensitive data in request/response payload","title":"Sensitive Data Types","x-displayname":"Sensitive Data Types","x-ves-oneof-field-masking_mode_choice":"[\"mask\",\"report\"]","x-ves-oneof-field-type_condition_type_choice":"[\"api_endpoint\"]","x-ves-proto-message":"ves.io.schema.views.http_loadbalancer.SensitiveDataTypes","properties":{"api_endpoint":{"$ref":"#/components/schemas/common_wafApiEndpointDetails"},"body":{"$ref":"#/components/schemas/http_loadbalancerBodySectionMaskingOptions"},"mask":{"$ref":"#/components/schemas/schemaEmpty"},"report":{"$ref":"#/components/schemas/schemaEmpty"}}},"ioschemaHeaderMatcherType":{"type":"object","description":"Header match is done using the name of the header and its value.\nThe value match is done using one of the following\n regex match on value\n exact match of value\n presence of header\n\nHeader Match can also be inverse of above, which be used to check\n missing header or\n non-matching value","title":"HeaderMatcherType","x-displayname":"Header to Match","x-ves-oneof-field-value_match":"[\"exact\",\"presence\",\"regex\"]","x-ves-proto-message":"ves.io.schema.HeaderMatcherType","properties":{"exact":{"type":"string","description":"Exclusive with [presence regex]\n Header value to match exactly\n\nExample: ` \"application/json\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_bytes: 256\n ves.io.schema.rules.string.not_empty: true\n","title":"exact","maxLength":256,"x-displayname":"Exact","x-ves-example":"application/json","x-ves-validation-rules":{"ves.io.schema.rules.string.max_bytes":"256","ves.io.schema.rules.string.not_empty":"true"}},"invert_match":{"type":"boolean","description":" Invert the result of the match to detect missing header or non-matching value","title":"invert_match","format":"boolean","x-displayname":"NOT of match"},"name":{"type":"string","description":" Name of the header\n\nExample: ` \"Content-Type\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.http_header_field: true\n ves.io.schema.rules.string.max_bytes: 256\n ves.io.schema.rules.string.min_bytes: 1\n","title":"name","minLength":1,"maxLength":256,"x-displayname":"Name","x-ves-example":"Content-Type","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.http_header_field":"true","ves.io.schema.rules.string.max_bytes":"256","ves.io.schema.rules.string.min_bytes":"1"}},"presence":{"type":"boolean","description":"Exclusive with [exact regex]\n If true, check for presence of header","title":"presence","format":"boolean","x-displayname":"Presence"},"regex":{"type":"string","description":"Exclusive with [exact presence]\n Regex match of the header value in re2 format\n\nValidation Rules:\n ves.io.schema.rules.string.max_bytes: 256\n ves.io.schema.rules.string.not_empty: true\n ves.io.schema.rules.string.regex: true\n","title":"regex","maxLength":256,"x-displayname":"Regex","x-ves-validation-rules":{"ves.io.schema.rules.string.max_bytes":"256","ves.io.schema.rules.string.not_empty":"true","ves.io.schema.rules.string.regex":"true"}}}},"ioschemaObjectRefType":{"type":"object","description":"This type establishes a 'direct reference' from one object(the referrer) to another(the referred).\nSuch a reference is in form of tenant/namespace/name for public API and Uid for private API\nThis type of reference is called direct because the relation is explicit and concrete (as opposed\nto selector reference which builds a group based on labels of selectee objects)","title":"ObjectRefType","x-displayname":"Object reference","x-ves-proto-message":"ves.io.schema.ObjectRefType","properties":{"kind":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then kind will hold the referred object's kind (e.g. \"route\")\n\nExample: ` \"virtual_site\"`","title":"kind","x-displayname":"Kind","x-ves-example":"virtual_site"},"name":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then name will hold the referred object's(e.g. route's) name.\n\nExample: ` \"contactus-route\"`","title":"name","x-displayname":"Name","x-ves-example":"contactus-route"},"namespace":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then namespace will hold the referred object's(e.g. route's) namespace.\n\nExample: ` \"ns1\"`","title":"namespace","x-displayname":"Namespace","x-ves-example":"ns1"},"tenant":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then tenant will hold the referred object's(e.g. route's) tenant.\n\nExample: ` \"acmecorp\"`","title":"tenant","x-displayname":"Tenant","x-ves-example":"acmecorp"},"uid":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then uid will hold the referred object's(e.g. route's) uid.\n\nExample: ` \"d15f1fad-4d37-48c0-8706-df1824d76d31\"`","title":"uid","x-displayname":"UID","x-ves-example":"d15f1fad-4d37-48c0-8706-df1824d76d31"}}},"logAvgAggregationData":{"type":"object","description":"x-displayName: \"Avg Aggregation Data\"\nAverage Aggregation data","title":"AvgAggregationData","properties":{"value":{"type":"number","description":"x-displayName: \"Value\"\nx-example: 985.0\n\nvalue corresponding to the average value of field","title":"value","format":"double"}}},"logCardinalityAggregationData":{"type":"object","description":"x-displayName: \"Cardinality Aggregation Data\"\nApproximate count of distinct values of the log field specified in the request.","title":"CardinalityAggregationData","properties":{"count":{"type":"string","description":"x-displayName: \"Count\"\nx-example: 100\nCount of distinct values of a log field","title":"count","format":"uint64"},"trend_value":{"$ref":"#/components/schemas/schemaTrendValue"}}},"logDateAggregationBucket":{"type":"object","description":"x-displayName: \"Date Aggregation Bucket\"\nDate histogram bucket containing the timestamp and the number of logs in that bucket.","title":"DateAggregationBucket","properties":{"count":{"type":"string","description":"x-displayName: \"Count\"\nx-example: 45\n\nnumber of logs in this bucket","title":"count","format":"uint64"},"sub_aggs":{"type":"object","description":"x-displayName: \"Sub Aggregation\"\nSub aggregation data for the date bucket","title":"sub aggregation"},"time":{"type":"string","description":"x-displayName: \"Time\"\nx-example: 1578710280000\n\nunix timestamp","title":"time","format":"uint64"},"trend_value":{"$ref":"#/components/schemas/schemaTrendValue"}}},"logDateAggregationData":{"type":"object","description":"x-displayName: \"Date Aggregation Data\"\nDate aggregation data","title":"DateAggregationData","properties":{"buckets":{"type":"array","description":"x-displayName: \"Buckets\"\nLists of buckets containing timestamp and the corresponding log count","title":"buckets","items":{"$ref":"#/components/schemas/logDateAggregationBucket"}},"step":{"type":"string","description":"x-displayName: \"Step\"\nx-example: \"30m\"\nActual step size in the response. It could be higher than the requested step depending on the query duration and/or the log rollups.\nFormat: [0-9][smhd], where s - seconds, m - minutes, h - hours, d - days","title":"step"}}},"logDateSubAggregationData":{"type":"object","description":"x-displayName: \"Date SubAggregation\"\n\nDate subaggregation data","title":"DateSubAggregationData","properties":{"field_aggregation":{"$ref":"#/components/schemas/logFieldAggregationData"},"multi_field_aggregation":{"$ref":"#/components/schemas/logMultiFieldAggregationData"}}},"logFieldAggregationBucket":{"type":"object","description":"x-displayName: \"Field Aggregation Bucket\"\nField aggregation bucket containing field value and the number of logs.","title":"FieldAggregationBucket","properties":{"count":{"type":"string","description":"x-displayName: \"Count\"\nx-example: 45\n\nnumber of logs in this bucket","title":"count","format":"uint64"},"key":{"type":"string","description":"x-displayName: \"Key\"\nx-example: \"US\"","title":"key"},"order_by":{"$ref":"#/components/schemas/logOrderByData"},"sub_aggs":{"type":"object","description":"x-displayName: \"Sub Aggregation\"\nSub aggregation data for the field aggregation bucket","title":"sub aggregation"},"trend_value":{"$ref":"#/components/schemas/schemaTrendValue"}}},"logFieldAggregationData":{"type":"object","description":"x-displayName: \"Field Aggregation Data\"\nField Aggregation data","title":"FieldAggregationData","properties":{"buckets":{"type":"array","description":"x-displayName: \"Buckets\"\nLists of buckets containing field value and the corresponding log count","title":"buckets","items":{"$ref":"#/components/schemas/logFieldAggregationBucket"}}}},"logFieldSubAggregationBucket":{"type":"object","description":"x-displayName: \"Field Sub Aggregation Bucket\"\nField sub aggregation bucket containing field values and the number of logs.","title":"FieldSubAggregationBucket","properties":{"count":{"type":"string","description":"x-displayName: \"Count\"\nx-example: 45\n\nnumber of logs in this bucket","title":"count","format":"uint64"},"key":{"type":"string","description":"x-displayName: \"Key\"\nKey contain the name/value pair that identifies the unique key fields\nx-example: \"HIT, MISS, REVALIDATED\"","title":"keys"},"order_by":{"$ref":"#/components/schemas/logOrderByData"}}},"logFieldSubAggregationData":{"type":"object","description":"x-displayName: \"Field SubAggregation\"\nField subaggregation data","title":"FieldSubAggregationData","properties":{"avg_aggregation":{"$ref":"#/components/schemas/logAvgAggregationData"},"buckets":{"type":"array","description":"x-displayName: \"Buckets\"\nLists of buckets containing field values and the corresponding log count","title":"buckets","items":{"$ref":"#/components/schemas/logFieldSubAggregationBucket"}},"cardinality_aggregation":{"$ref":"#/components/schemas/logCardinalityAggregationData"},"filter_aggregation":{"$ref":"#/components/schemas/logFilterAggregationData"},"max_aggregation":{"$ref":"#/components/schemas/logMaxAggregationData"},"min_aggregation":{"$ref":"#/components/schemas/logMinAggregationData"},"multi_filter_aggregation":{"$ref":"#/components/schemas/logMultiFilterAggregationData"}}},"logFieldSubFieldAggregationBucket":{"type":"object","description":"x-displayName: \"Field Sub Field Aggregation Bucket\"\nField sub aggregation bucket containing field values and the number of logs.","title":"FieldSubFieldAggregationBucket","properties":{"count":{"type":"string","description":"x-displayName: \"Count\"\nx-example: 45\n\nnumber of logs in this bucket","title":"count","format":"uint64"},"key":{"type":"string","description":"x-displayName: \"Key\"\nKey contain the name/value pair that identifies the unique key fields\nx-example: \"HIT, MISS, REVALIDATED\"","title":"keys"}}},"logFieldSubFieldAggregationData":{"type":"object","description":"x-displayName: \"Field Sub Field Aggregation Data\"\nField Aggregation data as Field Sub-aggregation","title":"FieldSubFieldAggregationData","properties":{"buckets":{"type":"array","description":"x-displayName: \"Buckets\"\nLists of buckets containing field value and the corresponding log count","title":"buckets","items":{"$ref":"#/components/schemas/logFieldSubFieldAggregationBucket"}}}},"logFilterAggregationData":{"type":"object","description":"x-displayName: \"Filter Aggregation Data\"\nFilter Aggregation Data","title":"FilterAggregationData","properties":{"count":{"type":"string","description":"x-displayName: \"Count\"\nx-example: 45\n\nnumber of logs in this bucket","title":"count","format":"uint64"},"sub_aggs":{"type":"object","description":"x-displayName: \"Sub Aggregation\"\nSub aggregation data for the filter aggregation","title":"sub aggregation"}}},"logFilterSubAggregationData":{"type":"object","description":"x-displayName: \"FilterSubAggregation\"\nFilter subaggregation data","title":"FilterSubAggregationData","properties":{"buckets":{"type":"array","description":"x-displayName: \"Buckets\"\nLists of buckets containing field value and the corresponding log count","title":"buckets","items":{"$ref":"#/components/schemas/logFilterSubFieldAggregationBucket"}}}},"logFilterSubFieldAggregationBucket":{"type":"object","description":"x-displayName: \"Filter Sub Field Aggregation Bucket\"\nField sub aggregation bucket containing field values and the number of logs.","title":"FilterSubFieldAggregationBucket","properties":{"count":{"type":"string","description":"x-displayName: \"Count\"\nx-example: 45\n\nnumber of logs in this bucket","title":"count","format":"uint64"},"key":{"type":"string","description":"x-displayName: \"Key\"\nKey contain the name/value pair that identifies the unique key fields\nx-example: \"HIT, MISS, REVALIDATED\"","title":"keys"},"sub_aggs":{"type":"object","description":"x-displayName: \"Sub Aggregation\"\nSub aggregation data for the filter aggregation","title":"sub aggregation"}}},"logLogAggregationData":{"type":"object","description":"x-displayName: \"Log Aggregation\"\nLog aggregation response data","title":"LogAggregationData","properties":{"avg_aggregation":{"$ref":"#/components/schemas/logAvgAggregationData"},"cardinality_aggregation":{"$ref":"#/components/schemas/logCardinalityAggregationData"},"date_aggregation":{"$ref":"#/components/schemas/logDateAggregationData"},"field_aggregation":{"$ref":"#/components/schemas/logFieldAggregationData"},"filter_aggregation":{"$ref":"#/components/schemas/logFilterAggregationData"},"max_aggregation":{"$ref":"#/components/schemas/logMaxAggregationData"},"metrics_aggregation":{"$ref":"#/components/schemas/logMetricsAggregationData"},"min_aggregation":{"$ref":"#/components/schemas/logMinAggregationData"},"multi_field_aggregation":{"$ref":"#/components/schemas/logMultiFieldAggregationData"},"multi_filter_aggregation":{"$ref":"#/components/schemas/logMultiFilterAggregationData"}}},"logMaxAggregationData":{"type":"object","description":"x-displayName: \"Max Aggregation Data\"\nMax Aggregation data","title":"MaxAggregationData","properties":{"value":{"type":"number","description":"x-displayName: \"Value\"\nx-example: 985.0\n\nvalue corresponding to the maximum value of field","title":"value","format":"double"}}},"logMetricsAggregationData":{"type":"object","description":"x-displayName: \"Metrics Aggregation\"\nMetrics aggregation data","title":"MetricsAggregationData","properties":{"percentile":{"$ref":"#/components/schemas/logPercentileAggregationData"}}},"logMinAggregationData":{"type":"object","description":"x-displayName: \"Min Aggregation Data\"\nMin Aggregation data","title":"MinAggregationData","properties":{"value":{"type":"number","description":"x-displayName: \"Value\"\nx-example: 985.0\n\nvalue corresponding to the minimum value of field","title":"value","format":"double"}}},"logMultiFieldAggregationBucket":{"type":"object","description":"x-displayName: \"Multi-Field Aggregation Bucket\"\nMulti-Field aggregation bucket containing field values and the number of logs.","title":"MultiFieldAggregationBucket","properties":{"count":{"type":"string","description":"x-displayName: \"Count\"\nx-example: 45\n\nnumber of logs in this bucket","title":"count","format":"uint64"},"keys":{"type":"object","description":"x-displayName: \"Keys\"\nKeys contain the name/value pair that identifies the unique combination of multiple key fields\nx-example: \"{\"SRC_IP\": \"10.10.10.1\", \"COUNTRY\": \"US\"}\"","title":"keys"},"order_by":{"$ref":"#/components/schemas/logOrderByData"},"sub_aggs":{"type":"object","description":"x-displayName: \"Sub Aggregation\"\nSub aggregation data for the multi field aggregation bucket","title":"sub aggregation"}}},"logMultiFieldAggregationData":{"type":"object","description":"x-displayName: \"Multi-Field Aggregation Data\"\nMulti-Field Aggregation data","title":"MultiFieldAggregationData","properties":{"buckets":{"type":"array","description":"x-displayName: \"Buckets\"\nLists of buckets containing field values and the corresponding log count","title":"buckets","items":{"$ref":"#/components/schemas/logMultiFieldAggregationBucket"}}}},"logMultiFieldSubAggregationData":{"type":"object","description":"x-displayName: \"Multi Field SubAggregation\"\nField subaggregation data","title":"MultiFieldSubAggregationData","properties":{"avg_aggregation":{"$ref":"#/components/schemas/logAvgAggregationData"},"cardinality_aggregation":{"$ref":"#/components/schemas/logCardinalityAggregationData"},"max_aggregation":{"$ref":"#/components/schemas/logMaxAggregationData"},"min_aggregation":{"$ref":"#/components/schemas/logMinAggregationData"},"top_hits_aggregation":{"$ref":"#/components/schemas/logTopHitsAggregationData"}}},"logMultiFilterAggregationData":{"type":"object","description":"x-displayName: \"Multi Filter Aggregation Data\"\nMulti Filter Aggregation data","title":"MultiFilterAggregationData","properties":{"count":{"type":"string","description":"x-displayName: \"Count\"\nx-example: 45\n\nnumber of logs in this bucket","title":"count","format":"uint64"}}},"logOrderByData":{"type":"object","description":"x-displayName: \"Order by Data\"\nOrder by data","title":"OrderByData","properties":{"metrics_aggregation":{"$ref":"#/components/schemas/logMetricsAggregationData"}}},"logPercentileAggregationData":{"type":"object","description":"x-displayName: \"Percentile Aggregation Data\"\nPercentile Aggregation data","title":"PercentileAggregationData","properties":{"key":{"type":"number","description":"x-displayName: \"Key\"\nx-example: 99.0","title":"key","format":"double"},"value":{"type":"number","description":"x-displayName: \"Value\"\nx-example: 985.0\n\nvalue corresponding to the key percent","title":"value","format":"double"}}},"logTopHitsAggregationData":{"type":"object","description":"x-displayName: \"TopHits Aggregation Data\"\nTop Hits Aggregation Data.","title":"TopHitsAggregationData","properties":{"count":{"type":"string","description":"x-displayName: \"Count\"\nx-example: 100\nCount of top hit values","title":"count","format":"uint64"},"documents":{"type":"array","description":"x-displayName: \"Documents\"\ndocument values","title":"documents","items":{"type":"string"}}}},"metricsSecurityEventsCounter":{"type":"object","description":"SecurityEventsCounter contains the timeseries data of security events counter.","title":"Security Events Counter","x-displayname":"Security Events Counter","x-ves-proto-message":"ves.io.schema.app_security.metrics.SecurityEventsCounter","properties":{"id":{"$ref":"#/components/schemas/metricsSecurityEventsId"},"metric":{"type":"array","description":" List of metric values","title":"Metric Values","items":{"$ref":"#/components/schemas/metricsSecurityMetricValue"},"x-displayname":"Metric Values"}}},"metricsSecurityEventsId":{"type":"object","description":"SecurityEventsId uniquely identifies an entry in the response for security events metrics query.\nsecurity events counter is aggregated based on the MetricLabel specified in the group_by field in the request.\nTherefore, only the fields that corresponds to the MetricLabel in the group_by will have non-empty\nvalue in the response.","title":"SecurityEventsId","x-displayname":"Security Events ID","x-ves-proto-message":"ves.io.schema.app_security.metrics.SecurityEventsId","properties":{"namespace":{"type":"string","description":" Namespace for which the security event was generated\n\nExample: ` \"blogging-app-namespace-1\"`","title":"Namespace","x-displayname":"Namespace","x-ves-example":"blogging-app-namespace-1"},"sec_event_type":{"type":"string","description":"\n\nExample: ` \"WAF\"`","title":"Security Event Type","x-displayname":"Security Event Type","x-ves-example":"WAF"},"src_instance":{"type":"string","description":"\n\nExample: ` \"IN\"`","title":"Source Instance","x-displayname":"Source Instance","x-ves-example":"IN"},"src_site":{"type":"string","description":"\n\nExample: ` \"greatblogs-ce\"`","title":"Source Site","x-displayname":"Source Site","x-ves-example":"greatblogs-ce"},"vh_name":{"type":"string","description":"\n\nExample: ` \"greatblogs-vhost\"`","title":"Virtual Host","x-displayname":"Virtual Host","x-ves-example":"greatblogs-vhost"}}},"metricsSecurityMetricLabel":{"type":"string","description":"Labels in the security events metrics.\n\nSecurity events metric can be sliced and diced based\non one or more labels listed below.\n","enum":["NAMESPACE","VH_NAME","SEC_EVENT_TYPE","SRC_SITE","SRC_INSTANCE"],"default":"NAMESPACE","x-displayname":"Security Events Metric Labels","x-ves-proto-enum":"ves.io.schema.app_security.metrics.SecurityMetricLabel"},"metricsSecurityMetricLabelFilter":{"type":"object","description":"Label based filtering for Security Events metrics.\n\nSecurity Events metrics are tagged with labels mentioned in MetricLabel.\nMetric label filter can be specified to query specific metrics based on label match","x-displayname":"Security Events Metric Label Filter","x-ves-proto-message":"ves.io.schema.app_security.metrics.SecurityMetricLabelFilter","properties":{"label":{"$ref":"#/components/schemas/metricsSecurityMetricLabel"},"op":{"$ref":"#/components/schemas/metricsSecurityMetricLabelOp"},"value":{"type":"string","description":" Value to be compared with\n\nExample: ` \"blogging-app-namespace-1\"`","title":"Value","x-displayname":"Value","x-ves-example":"blogging-app-namespace-1"}}},"metricsSecurityMetricLabelOp":{"type":"string","description":"The operator to use when querying Security Events metrics with labels.\n","title":"Security Events Metric Label Operator","enum":["EQ","NEQ"],"default":"EQ","x-displayname":"Security Events Metric Label Operator","x-ves-proto-enum":"ves.io.schema.app_security.metrics.SecurityMetricLabelOp"},"metricsSecurityMetricValue":{"type":"object","description":"Value returned for a Security Events Metrics query","title":"Metric Value","x-displayname":"Metric Value","x-ves-proto-message":"ves.io.schema.app_security.metrics.SecurityMetricValue","properties":{"timestamp":{"type":"number","description":" timestamp\n\nExample: ` \"1570007981\"`","title":"Timestamp","format":"double","x-displayname":"Timestamp","x-ves-example":"1570007981"},"value":{"type":"string","description":" value\n\nExample: ` \"15\"`","title":"Value","x-displayname":"Value","x-ves-example":"15"}}},"policyAppFirewallAttackTypeContext":{"type":"object","description":"App Firewall Attack Type context changes to be applied for this request","title":"App Firewall Attack Type Context","x-displayname":"App Firewall Attack Type Context","x-ves-proto-message":"ves.io.schema.policy.AppFirewallAttackTypeContext","properties":{"context":{"$ref":"#/components/schemas/policyDetectionContext"},"context_name":{"type":"string","description":" Relevant only for contexts: Header, Cookie and Parameter.\n Name of the Context that the WAF Exclusion Rules will check.\n Wildcard matching can be used by prefixing or suffixing the context name\n with an wildcard asterisk (*).\n\nExample: ` \"exampleuser-agent for Header\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 128\n","title":"Context Name","maxLength":128,"x-displayname":"Context Name","x-ves-example":"example: user-agent for Header","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"128"}},"exclude_attack_type":{"$ref":"#/components/schemas/app_firewallAttackType"}}},"policyAppFirewallDetectionControl":{"type":"object","description":"Define the list of Signature IDs, Violations, Attack Types and Bot Names that should be excluded from triggering on the defined match criteria.","title":"App Firewall Detection Control","x-displayname":"App Firewall Detection Control","x-ves-proto-message":"ves.io.schema.policy.AppFirewallDetectionControl","properties":{"exclude_attack_type_contexts":{"type":"array","description":" Attack Types to be excluded for the defined match criteria\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 64\n ves.io.schema.rules.repeated.unique: true\n","title":"Exclude Attack Types Contexts","maxItems":64,"items":{"$ref":"#/components/schemas/policyAppFirewallAttackTypeContext"},"x-displayname":"Attack Types","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"64","ves.io.schema.rules.repeated.unique":"true"}},"exclude_bot_name_contexts":{"type":"array","description":" Bot Names to be excluded for the defined match criteria\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 64\n ves.io.schema.rules.repeated.unique: true\n","title":"Exclude Bot Names Contexts","maxItems":64,"items":{"$ref":"#/components/schemas/policyBotNameContext"},"x-displayname":"Bot Names","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"64","ves.io.schema.rules.repeated.unique":"true"}},"exclude_signature_contexts":{"type":"array","description":" Signature IDs to be excluded for the defined match criteria\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 1024\n ves.io.schema.rules.repeated.unique: true\n","title":"Exclude Signature Contexts","maxItems":1024,"items":{"$ref":"#/components/schemas/policyAppFirewallSignatureContext"},"x-displayname":"Signature IDs","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"1024","ves.io.schema.rules.repeated.unique":"true"}},"exclude_violation_contexts":{"type":"array","description":" Violations to be excluded for the defined match criteria\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 64\n ves.io.schema.rules.repeated.unique: true\n","title":"Exclude Violation Contexts","maxItems":64,"items":{"$ref":"#/components/schemas/policyAppFirewallViolationContext"},"x-displayname":"Violations","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"64","ves.io.schema.rules.repeated.unique":"true"}}}},"policyAppFirewallSignatureContext":{"type":"object","description":"App Firewall signature context changes to be applied for this request","title":"App Firewall Signature Context","x-displayname":"App Firewall Signature Context","x-ves-proto-message":"ves.io.schema.policy.AppFirewallSignatureContext","properties":{"context":{"$ref":"#/components/schemas/policyDetectionContext"},"context_name":{"type":"string","description":" Relevant only for contexts: Header, Cookie and Parameter.\n Name of the Context that the WAF Exclusion Rules will check.\n Wildcard matching can be used by prefixing or suffixing the context name\n with an wildcard asterisk (*).\n\nExample: ` \"exampleuser-agent for Header\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 128\n","title":"Context Name","maxLength":128,"x-displayname":"Context Name","x-ves-example":"example: user-agent for Header","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"128"}},"signature_id":{"type":"integer","description":" The allowed values for signature id are 0 and in the range of 200000001-299999999.\n 0 implies that all signatures will be excluded for the specified context.\n\nExample: ` \"10000001\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.uint32.gte: 0\n ves.io.schema.rules.uint32.lte: 299999999\n","title":"SignatureID","format":"int64","x-displayname":"SignatureID","x-ves-example":"10000001","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.uint32.gte":"0","ves.io.schema.rules.uint32.lte":"299999999"}}}},"policyAppFirewallViolationContext":{"type":"object","description":"App Firewall violation context changes to be applied for this request","title":"App Firewall Violation Context","x-displayname":"App Firewall Violation Context","x-ves-proto-message":"ves.io.schema.policy.AppFirewallViolationContext","properties":{"context":{"$ref":"#/components/schemas/policyDetectionContext"},"context_name":{"type":"string","description":" Relevant only for contexts: Header, Cookie and Parameter.\n Name of the Context that the WAF Exclusion Rules will check.\n Wildcard matching can be used by prefixing or suffixing the context name\n with an wildcard asterisk (*).\n\nExample: ` \"exampleuser-agent for Header\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 128\n","title":"Context Name","maxLength":128,"x-displayname":"Context Name","x-ves-example":"example: user-agent for Header","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"128"}},"exclude_violation":{"$ref":"#/components/schemas/app_firewallAppFirewallViolationType"}}},"policyAsnMatchList":{"type":"object","description":"An unordered set of RFC 6793 defined 4-byte AS numbers that can be used to create allow or deny lists for use in network policy or service policy. It can be used to create the allow list only for DNS Load Balancer.","title":"Asn Match List","x-displayname":"ASN Match List","x-ves-proto-message":"ves.io.schema.policy.AsnMatchList","properties":{"as_numbers":{"type":"array","description":" An unordered set of RFC 6793 defined 4-byte AS numbers that can be used to create allow or deny lists for use in network policy or service policy. It can be used to create the allow list only for DNS Load Balancer.\n\nExample: ` \"[713, 7932, 847325, 4683, 15269, 1000001]\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.max_items: 16\n ves.io.schema.rules.repeated.min_items: 1\n ves.io.schema.rules.repeated.unique: true\n","title":"as numbers","minItems":1,"maxItems":16,"items":{"type":"integer","format":"int64"},"x-displayname":"AS Numbers","x-ves-example":"[713, 7932, 847325, 4683, 15269, 1000001]","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.max_items":"16","ves.io.schema.rules.repeated.min_items":"1","ves.io.schema.rules.repeated.unique":"true"}}}},"policyAsnMatcherType":{"type":"object","description":"Match any AS number contained in the list of bgp_asn_sets.","title":"asn matcher type","x-displayname":"ASN Matcher","x-ves-proto-message":"ves.io.schema.policy.AsnMatcherType","properties":{"asn_sets":{"type":"array","description":" A list of references to bgp_asn_set objects.\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.max_items: 4\n","title":"asn_sets","maxItems":4,"items":{"$ref":"#/components/schemas/ioschemaObjectRefType"},"x-displayname":"BGP ASN Sets","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.max_items":"4"}}}},"policyBotNameContext":{"type":"object","description":"Specifies bot to be excluded by its name.","title":"Bot Name Context","x-displayname":"Bot Name","x-ves-proto-message":"ves.io.schema.policy.BotNameContext","properties":{"bot_name":{"type":"string","description":"\nExample: ` \"Hydra\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n","title":"BotName","x-displayname":"Bot Name","x-ves-example":"Hydra","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true"}}}},"policyClientMatcher":{"type":"object","description":"Client conditions for matching a rule","title":"Client Matcher","x-displayname":"Client Matcher","x-ves-oneof-field-client_choice":"[\"any_client\",\"client_selector\",\"ip_threat_category_list\"]","x-ves-oneof-field-ip_asn_choice":"[\"any_ip\",\"asn_list\",\"asn_matcher\",\"ip_matcher\",\"ip_prefix_list\"]","x-ves-proto-message":"ves.io.schema.policy.ClientMatcher","properties":{"any_client":{"$ref":"#/components/schemas/schemaEmpty"},"any_ip":{"$ref":"#/components/schemas/schemaEmpty"},"asn_list":{"$ref":"#/components/schemas/policyAsnMatchList"},"asn_matcher":{"$ref":"#/components/schemas/policyAsnMatcherType"},"client_selector":{"$ref":"#/components/schemas/schemaLabelSelectorType"},"ip_matcher":{"$ref":"#/components/schemas/policyIpMatcherType"},"ip_prefix_list":{"$ref":"#/components/schemas/policyPrefixMatchList"},"ip_threat_category_list":{"$ref":"#/components/schemas/schemapolicyIPThreatCategoryListType"},"tls_fingerprint_matcher":{"$ref":"#/components/schemas/policyTlsFingerprintMatcherType"}}},"policyCookieMatcherType":{"type":"object","description":"A cookie matcher specifies the name of a single cookie and the criteria to match it. The input has a list of values for each\ncookie in the request.\nA cookie matcher can check for one of the following:\n* Presence or absence of the cookie\n* At least one of the values for the cookie in the request satisfies the MatcherType item","title":"CookieMatcherType","x-displayname":"Cookie Matcher","x-ves-displayorder":"1,6,4","x-ves-oneof-field-match":"[\"check_not_present\",\"check_present\",\"item\"]","x-ves-proto-message":"ves.io.schema.policy.CookieMatcherType","properties":{"check_not_present":{"$ref":"#/components/schemas/schemaEmpty"},"check_present":{"$ref":"#/components/schemas/schemaEmpty"},"invert_matcher":{"type":"boolean","description":" Invert Match of the expression defined","title":"invert_matcher","format":"boolean","x-displayname":"Invert Matcher"},"item":{"$ref":"#/components/schemas/policyMatcherType"},"name":{"type":"string","description":" A case-sensitive cookie name.\n\nExample: ` \"Session\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_bytes: 256\n","title":"name","maxLength":256,"x-displayname":"Cookie Name","x-ves-example":"Session","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_bytes":"256"}}}},"policyCountryCode":{"type":"string","description":"ISO 3166 Aplpha-2 country codes\n","title":"CountryCode","enum":["COUNTRY_NONE","COUNTRY_AD","COUNTRY_AE","COUNTRY_AF","COUNTRY_AG","COUNTRY_AI","COUNTRY_AL","COUNTRY_AM","COUNTRY_AN","COUNTRY_AO","COUNTRY_AQ","COUNTRY_AR","COUNTRY_AS","COUNTRY_AT","COUNTRY_AU","COUNTRY_AW","COUNTRY_AX","COUNTRY_AZ","COUNTRY_BA","COUNTRY_BB","COUNTRY_BD","COUNTRY_BE","COUNTRY_BF","COUNTRY_BG","COUNTRY_BH","COUNTRY_BI","COUNTRY_BJ","COUNTRY_BL","COUNTRY_BM","COUNTRY_BN","COUNTRY_BO","COUNTRY_BQ","COUNTRY_BR","COUNTRY_BS","COUNTRY_BT","COUNTRY_BV","COUNTRY_BW","COUNTRY_BY","COUNTRY_BZ","COUNTRY_CA","COUNTRY_CC","COUNTRY_CD","COUNTRY_CF","COUNTRY_CG","COUNTRY_CH","COUNTRY_CI","COUNTRY_CK","COUNTRY_CL","COUNTRY_CM","COUNTRY_CN","COUNTRY_CO","COUNTRY_CR","COUNTRY_CS","COUNTRY_CU","COUNTRY_CV","COUNTRY_CW","COUNTRY_CX","COUNTRY_CY","COUNTRY_CZ","COUNTRY_DE","COUNTRY_DJ","COUNTRY_DK","COUNTRY_DM","COUNTRY_DO","COUNTRY_DZ","COUNTRY_EC","COUNTRY_EE","COUNTRY_EG","COUNTRY_EH","COUNTRY_ER","COUNTRY_ES","COUNTRY_ET","COUNTRY_FI","COUNTRY_FJ","COUNTRY_FK","COUNTRY_FM","COUNTRY_FO","COUNTRY_FR","COUNTRY_GA","COUNTRY_GB","COUNTRY_GD","COUNTRY_GE","COUNTRY_GF","COUNTRY_GG","COUNTRY_GH","COUNTRY_GI","COUNTRY_GL","COUNTRY_GM","COUNTRY_GN","COUNTRY_GP","COUNTRY_GQ","COUNTRY_GR","COUNTRY_GS","COUNTRY_GT","COUNTRY_GU","COUNTRY_GW","COUNTRY_GY","COUNTRY_HK","COUNTRY_HM","COUNTRY_HN","COUNTRY_HR","COUNTRY_HT","COUNTRY_HU","COUNTRY_ID","COUNTRY_IE","COUNTRY_IL","COUNTRY_IM","COUNTRY_IN","COUNTRY_IO","COUNTRY_IQ","COUNTRY_IR","COUNTRY_IS","COUNTRY_IT","COUNTRY_JE","COUNTRY_JM","COUNTRY_JO","COUNTRY_JP","COUNTRY_KE","COUNTRY_KG","COUNTRY_KH","COUNTRY_KI","COUNTRY_KM","COUNTRY_KN","COUNTRY_KP","COUNTRY_KR","COUNTRY_KW","COUNTRY_KY","COUNTRY_KZ","COUNTRY_LA","COUNTRY_LB","COUNTRY_LC","COUNTRY_LI","COUNTRY_LK","COUNTRY_LR","COUNTRY_LS","COUNTRY_LT","COUNTRY_LU","COUNTRY_LV","COUNTRY_LY","COUNTRY_MA","COUNTRY_MC","COUNTRY_MD","COUNTRY_ME","COUNTRY_MF","COUNTRY_MG","COUNTRY_MH","COUNTRY_MK","COUNTRY_ML","COUNTRY_MM","COUNTRY_MN","COUNTRY_MO","COUNTRY_MP","COUNTRY_MQ","COUNTRY_MR","COUNTRY_MS","COUNTRY_MT","COUNTRY_MU","COUNTRY_MV","COUNTRY_MW","COUNTRY_MX","COUNTRY_MY","COUNTRY_MZ","COUNTRY_NA","COUNTRY_NC","COUNTRY_NE","COUNTRY_NF","COUNTRY_NG","COUNTRY_NI","COUNTRY_NL","COUNTRY_NO","COUNTRY_NP","COUNTRY_NR","COUNTRY_NU","COUNTRY_NZ","COUNTRY_OM","COUNTRY_PA","COUNTRY_PE","COUNTRY_PF","COUNTRY_PG","COUNTRY_PH","COUNTRY_PK","COUNTRY_PL","COUNTRY_PM","COUNTRY_PN","COUNTRY_PR","COUNTRY_PS","COUNTRY_PT","COUNTRY_PW","COUNTRY_PY","COUNTRY_QA","COUNTRY_RE","COUNTRY_RO","COUNTRY_RS","COUNTRY_RU","COUNTRY_RW","COUNTRY_SA","COUNTRY_SB","COUNTRY_SC","COUNTRY_SD","COUNTRY_SE","COUNTRY_SG","COUNTRY_SH","COUNTRY_SI","COUNTRY_SJ","COUNTRY_SK","COUNTRY_SL","COUNTRY_SM","COUNTRY_SN","COUNTRY_SO","COUNTRY_SR","COUNTRY_SS","COUNTRY_ST","COUNTRY_SV","COUNTRY_SX","COUNTRY_SY","COUNTRY_SZ","COUNTRY_TC","COUNTRY_TD","COUNTRY_TF","COUNTRY_TG","COUNTRY_TH","COUNTRY_TJ","COUNTRY_TK","COUNTRY_TL","COUNTRY_TM","COUNTRY_TN","COUNTRY_TO","COUNTRY_TR","COUNTRY_TT","COUNTRY_TV","COUNTRY_TW","COUNTRY_TZ","COUNTRY_UA","COUNTRY_UG","COUNTRY_UM","COUNTRY_US","COUNTRY_UY","COUNTRY_UZ","COUNTRY_VA","COUNTRY_VC","COUNTRY_VE","COUNTRY_VG","COUNTRY_VI","COUNTRY_VN","COUNTRY_VU","COUNTRY_WF","COUNTRY_WS","COUNTRY_XK","COUNTRY_XT","COUNTRY_YE","COUNTRY_YT","COUNTRY_ZA","COUNTRY_ZM","COUNTRY_ZW"],"default":"COUNTRY_NONE","x-displayname":"Country Code","x-ves-proto-enum":"ves.io.schema.policy.CountryCode"},"policyDetectionContext":{"type":"string","description":"The available contexts for Exclusion rules.\n\n - CONTEXT_ANY: CONTEXT_ANY\n\nDetection will be excluded for all contexts.\n - CONTEXT_BODY: CONTEXT_BODY\n\nDetection will be excluded for the request body.\n - CONTEXT_REQUEST: CONTEXT_REQUEST\n\nDetection will be excluded for the request.\n - CONTEXT_RESPONSE: CONTEXT_RESPONSE\n\n - CONTEXT_PARAMETER: CONTEXT_PARAMETER\n\nDetection will be excluded for the parameters. The parameter name is required in the Context name field. If the field is left empty, the detection will be excluded for all parameters.\n - CONTEXT_HEADER: CONTEXT_HEADER\n\nDetection will be excluded for the headers. The header name is required in the Context name field. If the field is left empty, the detection will be excluded for all headers.\n - CONTEXT_COOKIE: CONTEXT_COOKIE\n\nDetection will be excluded for the cookies. The cookie name is required in the Context name field. If the field is left empty, the detection will be excluded for all cookies.\n - CONTEXT_URL: CONTEXT_URL\n\nDetection will be excluded for the request URL.\n - CONTEXT_URI: CONTEXT_URI\n","title":"Detection Context","enum":["CONTEXT_ANY","CONTEXT_BODY","CONTEXT_REQUEST","CONTEXT_RESPONSE","CONTEXT_PARAMETER","CONTEXT_HEADER","CONTEXT_COOKIE","CONTEXT_URL","CONTEXT_URI"],"default":"CONTEXT_ANY","x-displayname":"WAF Exclusion Context Options","x-ves-proto-enum":"ves.io.schema.policy.DetectionContext"},"policyHttpMethodMatcherType":{"type":"object","description":"A http method matcher specifies a list of methods to match an input HTTP method. The match is considered successful if the input method is a member of the list.\nThe result of the match based on the method list is inverted if invert_matcher is true.","title":"HttpMethodMatcherType","x-displayname":"HTTP Method Matcher","x-ves-proto-message":"ves.io.schema.policy.HttpMethodMatcherType","properties":{"invert_matcher":{"type":"boolean","description":" Invert the match result.","title":"invert_matcher","format":"boolean","x-displayname":"Invert Method Matcher"},"methods":{"type":"array","description":" List of methods values to match against.\n\nExample: ` \"['GET', 'POST', 'DELETE']\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.enum.defined_only: true\n ves.io.schema.rules.repeated.max_items: 16\n ves.io.schema.rules.repeated.unique: true\n","title":"methods","maxItems":16,"items":{"$ref":"#/components/schemas/schemaHttpMethod"},"x-displayname":"Method List","x-ves-example":"['GET', 'POST', 'DELETE']","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.enum.defined_only":"true","ves.io.schema.rules.repeated.max_items":"16","ves.io.schema.rules.repeated.unique":"true"}}}},"policyIPThreatCategory":{"type":"string","description":"The IP threat categories to use when a policy based IP threat category is configured.\n\n - SPAM_SOURCES: SPAM_SOURCES\n\n - WINDOWS_EXPLOITS: WINDOWS_EXPLOITS\n\n - WEB_ATTACKS: WEB_ATTACKS\n\n - BOTNETS: BOTNETS\n\n - SCANNERS: SCANNERS\n\n - REPUTATION: REPUTATION\n\n - PHISHING: PHISHING\n\n - PROXY: PROXY\n\n - MOBILE_THREATS: MOBILE_THREATS\n\n - TOR_PROXY: TOR_PROXY\n\n - DENIAL_OF_SERVICE: DENIAL_OF_SERVICE\n\n - NETWORK: NETWORK\n","title":"IP Threat Category","enum":["SPAM_SOURCES","WINDOWS_EXPLOITS","WEB_ATTACKS","BOTNETS","SCANNERS","REPUTATION","PHISHING","PROXY","MOBILE_THREATS","TOR_PROXY","DENIAL_OF_SERVICE","NETWORK"],"default":"SPAM_SOURCES","x-displayname":"IP Threat Category","x-ves-proto-enum":"ves.io.schema.policy.IPThreatCategory"},"policyIpMatcherType":{"type":"object","description":"Match any ip prefix contained in the list of ip_prefix_sets.\nThe result of the match is inverted if invert_matcher is true.","title":"ip matcher type","x-displayname":"IP Prefix Matcher","x-ves-proto-message":"ves.io.schema.policy.IpMatcherType","properties":{"invert_matcher":{"type":"boolean","description":" Invert the match result.","title":"invert_matcher","format":"boolean","x-displayname":"Invert IP Matcher"},"prefix_sets":{"type":"array","description":" A list of references to ip_prefix_set objects.\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.max_items: 4\n","title":"prefix_sets","maxItems":4,"items":{"$ref":"#/components/schemas/ioschemaObjectRefType"},"x-displayname":"IP Prefix Sets","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.max_items":"4"}}}},"policyJA4TlsFingerprintMatcherType":{"type":"object","description":"An extended version of JA3 that includes additional fields for more comprehensive fingerprinting of\nSSL/TLS clients and potentially has a different structure and length.","title":"JA4TlsFingerprintMatcherType","x-displayname":"JA4 TLS Fingerprint Matcher","x-ves-proto-message":"ves.io.schema.policy.JA4TlsFingerprintMatcherType","properties":{"exact_values":{"type":"array","description":" A list of exact JA4 TLS fingerprint to match the input JA4 TLS fingerprint against\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.string.len: 36\n ves.io.schema.rules.repeated.max_items: 16\n ves.io.schema.rules.repeated.unique: true\n","title":"exact values","maxItems":16,"items":{"type":"string"},"x-displayname":"Exact Values","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.string.len":"36","ves.io.schema.rules.repeated.max_items":"16","ves.io.schema.rules.repeated.unique":"true"}}}},"policyJWTClaimMatcherType":{"type":"object","description":"A JWT claim matcher specifies the name of a single JWT claim and the criteria for the input request to match it.\nThe input has a list of actual values for each JWT claim name in the JWT payload.\nA JWT claim matcher can check for one of the following:\n* Presence or absence of the JWT Claim in the input\n* At least one of the values for the JWT Claim in the input satisfies the MatcherType item","title":"JWTClaimMatcherType","x-displayname":"JWT Claim Matcher","x-ves-displayorder":"1,2,6","x-ves-oneof-field-match":"[\"check_not_present\",\"check_present\",\"item\"]","x-ves-proto-message":"ves.io.schema.policy.JWTClaimMatcherType","properties":{"check_not_present":{"$ref":"#/components/schemas/schemaEmpty"},"check_present":{"$ref":"#/components/schemas/schemaEmpty"},"invert_matcher":{"type":"boolean","description":" Invert the match result.","title":"invert_matcher","format":"boolean","x-displayname":"Invert Matcher"},"item":{"$ref":"#/components/schemas/policyMatcherType"},"name":{"type":"string","description":" JWT claim name.\n\nExample: ` \"user_id\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_bytes: 256\n","title":"name","maxLength":256,"x-displayname":"JWT Claim Name","x-ves-example":"user_id","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_bytes":"256"}}}},"policyKnownTlsFingerprintClass":{"type":"string","description":"Specifies known TLS fingerprint classes\n\n - TLS_FINGERPRINT_NONE: TLS_FINGERPRINT_NONE\n\nNo TLS fingerprint\n - ANY_MALICIOUS_FINGERPRINT: ANY_MALICIOUS_FINGERPRINT\n\nTLS fingerprints known to be associated with malicious clients\n - ADWARE: ADWARE\n\nTLS fingerprints known to be associated with adware\n - ADWIND: ADWIND\n\nTLS fingerprints known to be associated with adwind\n - DRIDEX: DRIDEX\n\nTLS fingerprints known to be associated with dridex\n - GOOTKIT: GOOTKIT\n\nTLS fingerprints known to be associated with gootkit\n - GOZI: GOZI\n\nTLS fingerprints known to be associated with gozi\n - JBIFROST: JBIFROST\n\nTLS fingerprints known to be associated with jbifrost\n - QUAKBOT: QUAKBOT\n\nTLS fingerprints known to be associated with quakbot\n - RANSOMWARE: RANSOMWARE\n\nTLS fingerprints known to be associated with ransomware\n - TROLDESH: TROLDESH\n\nTLS fingerprints known to be associated with troldesh\n - TOFSEE: TOFSEE\n\nTLS fingerprints known to be associated with tofsee\n - TORRENTLOCKER: TORRENTLOCKER\n\nTLS fingerprints known to be associated with torrentlocker\n - TRICKBOT: TRICKBOT\n\nTLS fingerprints known to be associated with trickbot","title":"TLS known fingerprint class","enum":["TLS_FINGERPRINT_NONE","ANY_MALICIOUS_FINGERPRINT","ADWARE","ADWIND","DRIDEX","GOOTKIT","GOZI","JBIFROST","QUAKBOT","RANSOMWARE","TROLDESH","TOFSEE","TORRENTLOCKER","TRICKBOT"],"default":"TLS_FINGERPRINT_NONE","x-displayname":"TLS known fingerprint class","x-ves-proto-enum":"ves.io.schema.policy.KnownTlsFingerprintClass"},"policyMatcherType":{"type":"object","description":"A matcher specifies multiple criteria for matching an input string. The match is considered successful if any of the criteria are satisfied. The set\nof supported match criteria includes a list of exact values and a list of regular expressions.","title":"MatcherType","x-displayname":"Matcher","x-ves-proto-message":"ves.io.schema.policy.MatcherType","properties":{"exact_values":{"type":"array","description":" A list of exact values to match the input against.\n\nExample: ` \"['new york', 'london', 'sydney', 'tokyo', 'cairo']\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.string.max_bytes: 256\n ves.io.schema.rules.repeated.items.string.not_empty: true\n ves.io.schema.rules.repeated.max_items: 64\n ves.io.schema.rules.repeated.unique: true\n","title":"exact values","maxItems":64,"items":{"type":"string","maxLength":256},"x-displayname":"Exact Values","x-ves-example":"['new york', 'london', 'sydney', 'tokyo', 'cairo']","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.string.max_bytes":"256","ves.io.schema.rules.repeated.items.string.not_empty":"true","ves.io.schema.rules.repeated.max_items":"64","ves.io.schema.rules.repeated.unique":"true"}},"regex_values":{"type":"array","description":" A list of regular expressions to match the input against.\n\nExample: ` \"['^new .*$', 'san f.*', '.* del .*']\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.string.max_bytes: 256\n ves.io.schema.rules.repeated.items.string.not_empty: true\n ves.io.schema.rules.repeated.items.string.regex: true\n ves.io.schema.rules.repeated.max_items: 16\n ves.io.schema.rules.repeated.unique: true\n","title":"regex values","maxItems":16,"items":{"type":"string","maxLength":256},"x-displayname":"Regex Values","x-ves-example":"['^new .*$', 'san f.*', '.* del .*']","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.string.max_bytes":"256","ves.io.schema.rules.repeated.items.string.not_empty":"true","ves.io.schema.rules.repeated.items.string.regex":"true","ves.io.schema.rules.repeated.max_items":"16","ves.io.schema.rules.repeated.unique":"true"}},"transformers":{"type":"array","description":" An ordered list of transformers (starting from index 0) to be applied to the path before matching.\n\nExample: ` \"[BASE64_DECODE, LOWER_CASE]`\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 9\n ves.io.schema.rules.repeated.unique: true\n","title":"transformers","maxItems":9,"items":{"$ref":"#/components/schemas/policyTransformer"},"x-displayname":"Transformers","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"9","ves.io.schema.rules.repeated.unique":"true"}}}},"policyPrefixMatchList":{"type":"object","description":"List of IP Prefix strings to match against.","title":"IP Prefix Match List","x-displayname":"IP Prefix Match List","x-ves-proto-message":"ves.io.schema.policy.PrefixMatchList","properties":{"invert_match":{"type":"boolean","description":" Invert the match result.","title":"invert_matcher","format":"boolean","x-displayname":"Invert Match Result"},"ip_prefixes":{"type":"array","description":" List of IPv4 prefix strings.\n\nExample: ` \"192.168.20.0/24\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.string.ipv4_prefix: true\n ves.io.schema.rules.repeated.items.string.not_empty: true\n ves.io.schema.rules.repeated.max_items: 128\n ves.io.schema.rules.repeated.unique: true\n","title":"ip prefixes","maxItems":128,"items":{"type":"string"},"x-displayname":"IPv4 Prefix List","x-ves-example":"192.168.20.0/24","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.string.ipv4_prefix":"true","ves.io.schema.rules.repeated.items.string.not_empty":"true","ves.io.schema.rules.repeated.max_items":"128","ves.io.schema.rules.repeated.unique":"true"}}}},"policyRequestMatcher":{"type":"object","description":"Request conditions for matching a rule","title":"Request Matcher","x-displayname":"Request Matcher","x-ves-proto-message":"ves.io.schema.policy.RequestMatcher","properties":{"cookie_matchers":{"type":"array","description":" A list of predicates for all cookies that need to be matched. The criteria for matching each cookie is described in individual instances\n of CookieMatcherType. The actual cookie values are extracted from the request API as a list of strings for each cookie name.\n Note that all specified cookie matcher predicates must evaluate to true.\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 16\n","title":"cookie matchers","maxItems":16,"items":{"$ref":"#/components/schemas/policyCookieMatcherType"},"x-displayname":"Cookie Matchers","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"16"}},"headers":{"type":"array","description":" A list of predicates for various HTTP headers that need to match. The criteria for matching each HTTP header are described in individual HeaderMatcherType\n instances. The actual HTTP header values are extracted from the request API as a list of strings for each HTTP header type.\n Note that all specified header predicates must evaluate to true.\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 16\n","title":"headers","maxItems":16,"items":{"$ref":"#/components/schemas/schemapolicyHeaderMatcherType"},"x-displayname":"HTTP Headers","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"16"}},"jwt_claims":{"type":"array","description":" A list of predicates for various JWT claims that need to match. The criteria for matching each JWT claim are described in individual JWTClaimMatcherType\n instances. The actual JWT claims values are extracted from the JWT payload as a list of strings.\n Note that all specified JWT claim predicates must evaluate to true.\n Note that this feature only works on LBs with JWT Validation feature enabled.\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 16\n","title":"JWT claims","maxItems":16,"items":{"$ref":"#/components/schemas/policyJWTClaimMatcherType"},"x-displayname":"JWT Claims","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"16"}},"query_params":{"type":"array","description":" A list of predicates for all query parameters that need to be matched. The criteria for matching each query parameter are described in individual instances\n of QueryParameterMatcherType. The actual query parameter values are extracted from the request API as a list of strings for each query parameter name.\n Note that all specified query parameter predicates must evaluate to true.\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 16\n","title":"query params","maxItems":16,"items":{"$ref":"#/components/schemas/schemapolicyQueryParameterMatcherType"},"x-displayname":"HTTP Query Parameters","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"16"}}}},"policySimpleWafExclusionRule":{"type":"object","description":"Simple WAF exclusion rule specifies a simple set of match conditions to be matched to skip a list of WAF detections","title":"SimpleWafExclusionRule","x-displayname":"WAF Exclusion Rule","x-ves-displayorder":"10,3,16,7,14,9","x-ves-oneof-field-domain_choice":"[\"any_domain\",\"exact_value\",\"suffix_value\"]","x-ves-oneof-field-path_choice":"[\"any_path\",\"path_prefix\",\"path_regex\"]","x-ves-oneof-field-waf_advanced_configuration":"[\"app_firewall_detection_control\",\"waf_skip_processing\"]","x-ves-proto-message":"ves.io.schema.policy.SimpleWafExclusionRule","properties":{"any_domain":{"$ref":"#/components/schemas/schemaEmpty"},"any_path":{"$ref":"#/components/schemas/schemaEmpty"},"app_firewall_detection_control":{"$ref":"#/components/schemas/policyAppFirewallDetectionControl"},"exact_value":{"type":"string","description":"Exclusive with [any_domain suffix_value]\n Exact domain name\n\nExample: ` \"abc.zyz.com\"`\n\nValidation Rules:\n ves.io.schema.rules.string.hostname: true\n ves.io.schema.rules.string.max_len: 256\n ves.io.schema.rules.string.min_len: 1\n","title":"exact value","minLength":1,"maxLength":256,"x-displayname":"Exact Value","x-ves-example":"abc.zyz.com","x-ves-validation-rules":{"ves.io.schema.rules.string.hostname":"true","ves.io.schema.rules.string.max_len":"256","ves.io.schema.rules.string.min_len":"1"}},"expiration_timestamp":{"type":"string","description":" The expiration_timestamp is the RFC 3339 format timestamp at which the containing rule is considered to be logically expired. The rule continues to exist in\n the configuration but is not applied anymore.\n\nExample: ` \"2019-12-31:44:34.171543432Z\"`","title":"expiration timestamp","format":"date-time","x-displayname":"Expiration Timestamp","x-ves-example":"2019-12-31:44:34.171543432Z"},"metadata":{"$ref":"#/components/schemas/schemaMessageMetaType"},"methods":{"type":"array","description":" methods to be matched\n\nExample: ` \"GET\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.enum.defined_only: true\n ves.io.schema.rules.repeated.max_items: 16\n ves.io.schema.rules.repeated.unique: true\n","title":"Methods","maxItems":16,"items":{"$ref":"#/components/schemas/schemaHttpMethod"},"x-displayname":"Methods","x-ves-example":"GET","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.enum.defined_only":"true","ves.io.schema.rules.repeated.max_items":"16","ves.io.schema.rules.repeated.unique":"true"}},"path_prefix":{"type":"string","description":"Exclusive with [any_path path_regex]\n Path prefix to match (e.g. the value / will match on all paths)\n\nExample: ` \"/register/\"`\n\nValidation Rules:\n ves.io.schema.rules.string.http_path: true\n ves.io.schema.rules.string.max_len: 256\n","title":"prefix","maxLength":256,"x-displayname":"Prefix","x-ves-example":"/register/","x-ves-validation-rules":{"ves.io.schema.rules.string.http_path":"true","ves.io.schema.rules.string.max_len":"256"}},"path_regex":{"type":"string","description":"Exclusive with [any_path path_prefix]\n Define the regex for the path. For example, the regex ^/.*$ will match on all paths\n\nExample: ` \"/blog_id/.*\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_bytes: 256\n ves.io.schema.rules.string.regex: true\n","title":"Path Regex","maxLength":256,"x-displayname":"Path Regex","x-ves-example":"/blog_id/.*","x-ves-validation-rules":{"ves.io.schema.rules.string.max_bytes":"256","ves.io.schema.rules.string.regex":"true"}},"suffix_value":{"type":"string","description":"Exclusive with [any_domain exact_value]\n Suffix of domain name e.g \"xyz.com\" will match \"*.xyz.com\" and \"xyz.com\"\n\nExample: ` \"xyz.com\"`\n\nValidation Rules:\n ves.io.schema.rules.string.hostname: true\n ves.io.schema.rules.string.max_len: 256\n ves.io.schema.rules.string.min_len: 1\n","title":"suffix value","minLength":1,"maxLength":256,"x-displayname":"Suffix Value","x-ves-example":"xyz.com","x-ves-validation-rules":{"ves.io.schema.rules.string.hostname":"true","ves.io.schema.rules.string.max_len":"256","ves.io.schema.rules.string.min_len":"1"}},"waf_skip_processing":{"$ref":"#/components/schemas/schemaEmpty"}}},"policyTlsFingerprintMatcherType":{"type":"object","description":"A TLS fingerprint matcher specifies multiple criteria for matching a TLS fingerprint. The set of supported positve match criteria includes a list of known\nclasses of TLS fingerprints and a list of exact values. The match is considered successful if either of these positive criteria are satisfied and the input\nfingerprint is not one of the excluded values.","title":"TlsFingerprintMatcherType","x-displayname":"TLS Fingerprint Matcher","x-ves-proto-message":"ves.io.schema.policy.TlsFingerprintMatcherType","properties":{"classes":{"type":"array","description":" A list of known classes of TLS fingerprints to match the input TLS JA3 fingerprint against.\n\nExample: ` \"['ADWARE', 'TRICKBOT']`\n\nValidation Rules:\n ves.io.schema.rules.repeated.max_items: 16\n ves.io.schema.rules.repeated.unique: true\n","title":"classes","maxItems":16,"items":{"$ref":"#/components/schemas/policyKnownTlsFingerprintClass"},"x-displayname":"TLS fingerprint classes","x-ves-validation-rules":{"ves.io.schema.rules.repeated.max_items":"16","ves.io.schema.rules.repeated.unique":"true"}},"exact_values":{"type":"array","description":" A list of exact TLS JA3 fingerprints to match the input TLS JA3 fingerprint against.\n\nExample: ` \"['ed6dfd54b01ebe31b7a65b88abfa7297', '16efcf0e00504ddfedde13bfea997952', 'de364c46b0dfc283b5e38c79ceae3f8f']\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.string.len: 32\n ves.io.schema.rules.repeated.max_items: 16\n ves.io.schema.rules.repeated.unique: true\n","title":"exact values","maxItems":16,"items":{"type":"string"},"x-displayname":"Exact Values","x-ves-example":"['ed6dfd54b01ebe31b7a65b88abfa7297', '16efcf0e00504ddfedde13bfea997952', 'de364c46b0dfc283b5e38c79ceae3f8f']","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.string.len":"32","ves.io.schema.rules.repeated.max_items":"16","ves.io.schema.rules.repeated.unique":"true"}},"excluded_values":{"type":"array","description":" A list of TLS JA3 fingerprints to be excluded when matching the input TLS JA3 fingerprint. This can be used to skip known false positives when using one\n or more known TLS fingerprint classes in the enclosing matcher.\n\nExample: ` \"['fb00055a1196aeea8d1bc609885ba953', 'b386946a5a44d1ddcc843bc75336dfce']\"`\n\nValidation Rules:\n ves.io.schema.rules.repeated.items.string.len: 32\n ves.io.schema.rules.repeated.max_items: 32\n ves.io.schema.rules.repeated.unique: true\n","title":"excluded values","maxItems":32,"items":{"type":"string"},"x-displayname":"Excluded Values","x-ves-example":"['fb00055a1196aeea8d1bc609885ba953', 'b386946a5a44d1ddcc843bc75336dfce']","x-ves-validation-rules":{"ves.io.schema.rules.repeated.items.string.len":"32","ves.io.schema.rules.repeated.max_items":"32","ves.io.schema.rules.repeated.unique":"true"}}}},"policyTransformer":{"type":"string","description":"Transformers to be applied on the part of the request before matching.\n\n - TRANSFORMER_NONE: transformer none\n\nNo transformers enabled\n - LOWER_CASE: lower case\n\nConvert string to lower case\n - UPPER_CASE: upper case\n\nConvert string to upper case\n - BASE64_DECODE: base64 decode\n\nDecode string assuming base64 encoding\n - NORMALIZE_PATH: normalize path\n\nNormalize URL path so that /a/b/../c will be transformed to /a/c\n - REMOVE_WHITESPACE: remove whitespace\n\nRemove whitespaces\n - URL_DECODE: URL decode\n\nDecode string assuming URL encoding as per rfc1738\n - TRIM_LEFT: trim left\n\nRemove whitespace from the left side of the input string\n - TRIM_RIGHT: trim right\n\nRemove whitespace from the right side of the input string\n - TRIM: trim\n\nRemove whitespace from the both sides of the input string","title":"Transformer","enum":["LOWER_CASE","UPPER_CASE","BASE64_DECODE","NORMALIZE_PATH","REMOVE_WHITESPACE","URL_DECODE","TRIM_LEFT","TRIM_RIGHT","TRIM"],"default":"TRANSFORMER_NONE","x-displayname":"Transformer","x-ves-proto-enum":"ves.io.schema.policy.Transformer"},"rate_limiterRateLimitPeriodUnit":{"type":"string","description":"Unit for the period per which the rate limit is applied.\n\n - SECOND: Second\n\nRate limit period unit is seconds\n - MINUTE: Minute\n\nRate limit period unit is minutes\n - HOUR: Hour\n\nRate limit period unit is hours\n - DAY: Day\n\nRate limit period unit is days","title":"RateLimitPeriodUnit","enum":["SECOND","MINUTE","HOUR"],"default":"SECOND","x-displayname":"Rate Limit Period Unit","x-ves-proto-enum":"ves.io.schema.rate_limiter.RateLimitPeriodUnit"},"schemaEmpty":{"type":"object","description":"This can be used for messages where no values are needed","title":"Empty","x-displayname":"Empty","x-ves-proto-message":"ves.io.schema.Empty"},"schemaHttpMethod":{"type":"string","description":"Specifies the HTTP method used to access a resource.\n\nAny HTTP Method","title":"HttpMethod","enum":["ANY","GET","HEAD","POST","PUT","DELETE","CONNECT","OPTIONS","TRACE","PATCH","COPY"],"default":"ANY","x-displayname":"HTTP Method","x-ves-proto-enum":"ves.io.schema.HttpMethod"},"schemaLabelSelectorType":{"type":"object","description":"This type can be used to establish a 'selector reference' from one object(called selector) to\na set of other objects(called selectees) based on the value of expresssions.\nA label selector is a label query over a set of resources. An empty label selector matches all objects.\nA null label selector matches no objects. Label selector is immutable.\nexpressions is a list of strings of label selection expression.\nEach string has \",\" separated values which are \"AND\" and all strings are logically \"OR\".\nBNF for expression string\n<selector-syntax> ::= <requirement> | <requirement> \",\" <selector-syntax>\n<requirement> ::= [!] KEY [ <set-based-restriction> | <exact-match-restriction> ]\n<set-based-restriction> ::= \"\" | <inclusion-exclusion> <value-set>\n<inclusion-exclusion> ::= <inclusion> | <exclusion>\n<exclusion> ::= \"notin\"\n<inclusion> ::= \"in\"\n<value-set> ::= \"(\" <values> \")\"\n<values> ::= VALUE | VALUE \",\" <values>\n<exact-match-restriction> ::= [\"=\"|\"==\"|\"!=\"] VALUE","title":"LabelSelectorType","x-displayname":"Label Selector","x-ves-proto-message":"ves.io.schema.LabelSelectorType","properties":{"expressions":{"type":"array","description":" expressions contains the kubernetes style label expression for selections.\n\nExample: ` \"region in (us-west1, us-west2),tier in (staging)\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.items.string.k8s_label_selector: true\n ves.io.schema.rules.repeated.items.string.max_len: 4096\n ves.io.schema.rules.repeated.items.string.min_len: 1\n ves.io.schema.rules.repeated.max_items: 1\n","title":"expressions","maxItems":1,"items":{"type":"string","minLength":1,"maxLength":4096},"x-displayname":"Selector Expression","x-ves-example":"region in (us-west1, us-west2),tier in (staging)","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.items.string.k8s_label_selector":"true","ves.io.schema.rules.repeated.items.string.max_len":"4096","ves.io.schema.rules.repeated.items.string.min_len":"1","ves.io.schema.rules.repeated.max_items":"1"}}}},"schemaMessageMetaType":{"type":"object","description":"MessageMetaType is metadata (common attributes) of a message that only certain messages\nhave. This information is propagated to the metadata of a child object that gets created\nfrom the containing message during view processing.\nThe information in this type can be specified by user during create and replace APIs.","title":"MessageMetaType","x-displayname":"Message Metadata","x-ves-proto-message":"ves.io.schema.MessageMetaType","properties":{"description":{"type":"string","description":" Human readable description.\n\nExample: ` \"Virtual Host for acmecorp website\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_len: 256\n","title":"description","maxLength":256,"x-displayname":"Description","x-ves-example":"Virtual Host for acmecorp website","x-ves-validation-rules":{"ves.io.schema.rules.string.max_len":"256"}},"name":{"type":"string","description":" This is the name of the message.\n The value of name has to follow DNS-1035 format.\n\nExample: ` \"acmecorp-web\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.min_len: 1\n ves.io.schema.rules.string.ves_object_name: true\n","title":"name","minLength":1,"x-displayname":"Name","x-ves-example":"acmecorp-web","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.min_len":"1","ves.io.schema.rules.string.ves_object_name":"true"}}}},"schemaOpenApiValidationProperties":{"type":"string","description":"List of required properties to validate against the OpenAPI spec\n\nValidate that all query parameters are according to the OpenAPI specification\nValidate that all path parameters are according to the OpenAPI specification\nValidate that the content type of the request is according to the OpenAPI specification\nValidate that all cookies are according to the OpenAPI specification\nValidate that all HTTP headers are according to the OpenAPI specification\nValidate that the body is according to the OpenAPI specification\nValidate that the security schema is according to the OpenAPI specification\nValidate that the response code is according to the OpenAPI specification","title":"OpenApiValidationProperties","enum":["PROPERTY_QUERY_PARAMETERS","PROPERTY_PATH_PARAMETERS","PROPERTY_CONTENT_TYPE","PROPERTY_COOKIE_PARAMETERS","PROPERTY_HTTP_HEADERS","PROPERTY_HTTP_BODY","PROPERTY_SECURITY_SCHEMA","PROPERTY_RESPONSE_CODE"],"default":"PROPERTY_QUERY_PARAMETERS","x-displayname":"OpenAPI Validation Properties","x-ves-proto-enum":"ves.io.schema.OpenApiValidationProperties"},"schemaSortOrder":{"type":"string","description":"Sort algorithm\n\nSort in descending order\nSort in ascending order","title":"SortOrder","enum":["DESCENDING","ASCENDING"],"default":"DESCENDING","x-displayname":"Sort Order","x-ves-proto-enum":"ves.io.schema.SortOrder"},"schemaTrendSentiment":{"type":"string","description":"x-displayName: \"Trend Sentiment\"\ntrend sentiment\n\n - TREND_SENTIMENT_NONE: x-displayName: \"None\"\n - TREND_SENTIMENT_POSITIVE: x-displayName: \"Positive\"\nIndicates trend sentiment is positive\n - TREND_SENTIMENT_NEGATIVE: x-displayName: \"Negative\"\nIndicates trend sentiment is negative.","title":"Trend Sentiment","enum":["TREND_SENTIMENT_NONE","TREND_SENTIMENT_POSITIVE","TREND_SENTIMENT_NEGATIVE"],"default":"TREND_SENTIMENT_NONE"},"schemaTrendValue":{"type":"object","description":"x-displayName: \"Trend Value\"\nTrend value contains trend value, trend sentiment and trend calculation description and window size.","title":"Trend Value","properties":{"description":{"type":"string","description":"x-displayName: \"Description\"\nx-example: \"Trend was calculated by comparing the avg of window size intervals of end-start Time and last window time interval\"\ndescription of the method used to calculate trend.","title":"Description"},"previous_value":{"type":"string","description":"x-displayName: \"Previous Value\"\nx-example: \"200.00\"","title":"Previous Value"},"sentiment":{"$ref":"#/components/schemas/schemaTrendSentiment"},"value":{"type":"string","description":"x-displayName: \"Value\"\nx-example: \"-15\"","title":"Value"}}},"schemaapp_securityAggregationRequest":{"type":"object","description":"x-displayName: \"Aggregation Request\"\nAggregation request to provide analytics data over the security events","title":"Aggregation Request","properties":{"cardinality_aggregation":{"$ref":"#/components/schemas/schemaapp_securityCardinalityAggregation"},"date_aggregation":{"$ref":"#/components/schemas/schemaapp_securityDateAggregation"},"field_aggregation":{"$ref":"#/components/schemas/schemaapp_securityFieldAggregation"},"is_trend_request":{"type":"boolean","description":"Trend value computation requested for the field present in aggregation.\n\nx-displayName: \"Trend calculation requested by the user\"\nx-example: \"true\"\nTrend value computation requested by the user\nOptional: default is false","format":"boolean"},"metrics_aggregation":{"$ref":"#/components/schemas/schemaapp_securityMetricsAggregation"},"multi_field_aggregation":{"$ref":"#/components/schemas/schemaapp_securityMultiFieldAggregation"}}},"schemaapp_securityCardinalityAggregation":{"type":"object","description":"x-displayName: \"Cardinality Aggregation\"\nGet approximate count of distinct values for the field in the security event.","title":"Cardinality Aggregation","properties":{"field":{"$ref":"#/components/schemas/schemaapp_securityKeyField"}}},"schemaapp_securityDateAggregation":{"type":"object","description":"x-displayName: \"Date Aggregation\"\nAggregate security events based on timestamp in the security event","title":"Date Aggregation","properties":{"step":{"type":"string","description":"x-displayName: \"Step\"\nx-required\nx-example: \"5m\"\n\nstep is the resolution width, which determines the number of the data points [x-axis (time)] to be returned in the response.\nThe timestamps in the response will be t1=start_time, t2=t1+step, ... tn=tn-1+step, where tn <= end_time.\nFormat: [0-9][smhd], where s - seconds, m - minutes, h - hours, d - days","title":"step"},"sub_aggs":{"type":"object","description":"x-displayName: \"Sub Aggregation\"\nThis option provides sub-aggregation for each date bucket","title":"sub aggregation"}}},"schemaapp_securityDateSubAggregation":{"type":"object","description":"x-displayName: \"Date SubAggregation\"\nAggregate security events based on one of the sub aggregation types","title":"Date SubAggregation","properties":{"field_aggregation":{"$ref":"#/components/schemas/schemaapp_securityFieldAggregation"},"multi_field_aggregation":{"$ref":"#/components/schemas/schemaapp_securityMultiFieldAggregation"}}},"schemaapp_securityFieldAggregation":{"type":"object","description":"x-displayName: \"Field Aggregation\"\nAggregate security events based on the key fields in the security event.","title":"Field Aggregation","properties":{"field":{"$ref":"#/components/schemas/schemaapp_securityKeyField"},"metrics_aggregation":{"$ref":"#/components/schemas/schemaapp_securityMetricsAggregation"},"sub_aggs":{"type":"object","description":"x-displayName: \"Sub Aggregation\"\nThis option provides sub-aggregation for each field aggregation bucket.","title":"sub aggregation"},"topk":{"type":"integer","description":"x-displayName: \"TopK\"\nx-example: \"10\"\n\nNumber of top field values to be returned in the response.","title":"topk","format":"int64"}}},"schemaapp_securityFieldSubAggregation":{"type":"object","description":"x-displayName: \"Field SubAggregation\"\nAggregate security events in each field bucket based on one of the sub aggregation types","title":"Field SubAggregation","properties":{"cardinality_aggregation":{"$ref":"#/components/schemas/schemaapp_securityCardinalityAggregation"}}},"schemaapp_securityKeyField":{"type":"string","description":"x-displayName: \"Key Field\"\nSecurity events can be aggregated based on these fields.\n\n - CITY: x-displayName: \"City\"\n - COUNTRY: x-displayName: \"Country\"\n - SEC_EVENT_TYPE: x-displayName: \"Security Event Type\"\n - SRC_SITE: x-displayName: \"Source Site\"\n - VH_NAME: x-displayName: \"Virtual Host Name\"\n - VH_TYPE: x-displayName: \"Virtual Host Type\"\n - USER: x-displayName: \"User\"\n - SUSPICIOUS_USER_COUNTRY: x-displayName: \"Suspicious User Country\"\nThis field is applicable only for DDoS security events, where a ddos event\nmay be detected based on requests originating from one or more countries.\n - SUSPICIOUS_USER_REGION: x-displayName: \"Suspicious User Region\"\nThis field is applicable only for DDoS security events, where a ddos event\nmay be detected based on requests originating from one or more regions.\n - SUSPICIOUS_USER_ASN: x-displayName: \"Suspicious User ASN\"\nThis field is applicable only for DDoS security events, where a ddos event\nmay be detected based on requests originating from one or more ASNs.\n - SUSPICIOUS_USER_SRC_IP: x-displayName: \"Suspicious User Source IP\"\nThis field is applicable only for DDoS security events, where a ddos event\nmay be detected based on requests originating from one or more source IP address.\n - SUSPICIOUS_USER_SRC_SITE: x-displayName: \"Suspicious User Source Site\"\nThis field is applicable only for DDoS security events, where a ddos event\nmay be detected based on requests originating from one or more sites.\n - SUSPICIOUS_USER_TLS_FINGERPRINT: x-displayName: \"Suspicious User JA3 TLS Fingerprint\"\nThis field is applicable only for DDoS security events, where a ddos event\nmay be detected based on requests originating with one or more JA3 TLS fingerprints.\n - VIOLATION: x-displayName: \"Violation\"\nMapped to violations.name\n - ATTACK_TYPE: x-displayName: \"Attack Type\"\nMapped to attack_types.name\n - SIGNATURE: x-displayName: \"Signature\"\nMapped to signatures.id_name\n - THREAT_CAMPAIGN: x-displayName: \"Threat Campaign\"\nMapped to threat_campaigns.id_name\n - URI: x-displayName: \"URI\"\nMapped to req_path\n - BOT_CLASSIFICATION: x-displayName: \"BOT Classification\"\nMapped to bot_info.classification\n - AUTOMATION_TYPE: x-displayName: \"BOT Defense Automation type\"\nMapped to bot_defense.automation_type\n - DOMAIN: x-displayName: \"DOMAIN\"\n - BOT_TYPE: x-displayName: \"BOT_TYPE\"\nMapped to bot_info.type\n - BOT_NAME: x-displayName: \"BOT_NAME\"\nMapped to bot_info.name\n - SRC_IP: x-displayName: \"SRC_IP\"\n - TLS_FINGERPRINT: x-displayName: \"JA3 TLS Fingerprint\"\n - ASN: x-displayName: \"ASN\"\n - API_EP: x-displayName: \"API_EP\"\nMapped to api_endpoint\n - BROWSER_TYPE: x-displayName: \"BROWSER_TYPE\"\n - DEVICE_TYPE: x-displayName: \"DEVICE_TYPE\"\n - METHOD: x-displayName: \"METHOD\"\n - RESP_CODE: x-displayName: \"RESP_CODE\"\nMapped to rsp_code\n - RESP_CODE_DETAILS: x-displayName: \"RESP_CODE_DETAILS\"\nMapped to rsp_code_details\n - SEC_EVENT_NAME: x-displayName: \"SEC_EVENT_NAME\"\n - WAF_MODE: x-displayName: \"WAF_MODE\"\n - SIGNATURE_NAME: x-displayName: \"SIGNATURE_NAME\"\nMapped to signatures.name\n - SIGNATURE_ID: x-displayName: \"SIGNATURE_ID\"\nMapped to signatures.id\n - SIGNATURE_STATE: x-displayName: \"SIGNATURE_STATE\"\nMapped to signatures.state\n - SIGNATURE_ACCURACY: x-displayName: \"SIGNATURE_ACCURACY\"\nMapped to signatures.accuracy\n - VIOLATION_STATE: x-displayName: \"VIOLATION_STATE\"\nMapped to violations.state\n - THREAT_CAMPAIGN_NAME: x-displayName: \"THREAT_CAMPAIGN_NAME\"\nMapped to threat_campaigns.name\n - THREAT_CAMPAIGN_ID: x-displayName: \"THREAT_CAMPAIGN_ID\"\nMapped to threat_campaigns.id\n - THREAT_CAMPAIGN_STATE: x-displayName: \"THREAT_CAMPAIGN_STATE\"\nMapped to threat_campaigns.state\n - VIOLATION_RATING: x-displayName: \"VIOLATION_RATING\"\n - SERVICE_POLICY: x-displayName: \"Service Policy\"\nMapped to policy_hits.policy_hits.policy\n - TLS_CIPHER_SUITE: x-displayName: \"TLS Cipher Suite\"\n - TLS_VERSION: x-displayName: \"TLS version\"\n - BOT_DEFENSE_INSIGHT: x-displayName: \"Bot Defense Insight\"\nMapped to bot_defense.insight\n - BOT_DEFENSE_RECOMMENDATION: x-displayName: \"Bot Defense Recommendation\"\nMapped to bot_defense.recommendation\n - BOT_ANOMALY: x-displayName: \"Bot Anomaly\"\nMapped to bot_info.anomaly\n - SERVICE_POLICY_RESULT: x-displayName: \"Service Policy Result\"\nMapped to policy_hits.policy_hits.result\n - SIGNATURE_CONTEXT: x-displayName: \"Signature Context\"\nMapped to signatures.context\n - ACTION: x-displayName: \"Action\"\n - NAMESPACE: x-displayName: \"Namespace\"\n - REQ_RISK: x-displayName: \"Request Risk\"\n - REQ_RISK_REASON: x-displayName: \"Request Risk Reason\"\n - JA4_TLS_FINGERPRINT: x-displayName: \"JA4 TLS Fingerprint\"\n - SUSPICIOUS_USER_JA4_TLS_FINGERPRINT: x-displayName: \"Suspicious User JA4 TLS Fingerprint\"\nThis field is applicable only for DDoS security events, where a ddos event\nmay be detected based on requests originating with one or more JA4 TLS fingerprints.\n - MALWARE_NAME: x-displayName: \"Malware Name\"\nMapped to malware_info.name\n - MALWARE_TYPE: x-displayName: \"Malware Type\"\nMapped to malware_info.type\n - MALWARE_SCAN_RESULT: x-displayName: \"Malware Scan Result\"\nMapped to malware_info.scan_result\n - MALWARE_RECOMMENDED_ACTION: x-displayName: \"Malware Recommended Action\"\nMapped to malware_info.recommended_action","title":"Key Field","enum":["CITY","COUNTRY","SEC_EVENT_TYPE","SRC_SITE","VH_NAME","VH_TYPE","USER","SUSPICIOUS_USER_COUNTRY","SUSPICIOUS_USER_REGION","SUSPICIOUS_USER_ASN","SUSPICIOUS_USER_SRC_IP","SUSPICIOUS_USER_SRC_SITE","SUSPICIOUS_USER_TLS_FINGERPRINT","VIOLATION","ATTACK_TYPE","SIGNATURE","THREAT_CAMPAIGN","URI","BOT_CLASSIFICATION","AUTOMATION_TYPE","DOMAIN","BOT_TYPE","BOT_NAME","SRC_IP","TLS_FINGERPRINT","ASN","API_EP","BROWSER_TYPE","DEVICE_TYPE","METHOD","RESP_CODE","RESP_CODE_DETAILS","SEC_EVENT_NAME","WAF_MODE","SIGNATURE_NAME","SIGNATURE_ID","SIGNATURE_STATE","SIGNATURE_ACCURACY","VIOLATION_STATE","THREAT_CAMPAIGN_NAME","THREAT_CAMPAIGN_ID","THREAT_CAMPAIGN_STATE","VIOLATION_RATING","SERVICE_POLICY","TLS_CIPHER_SUITE","TLS_VERSION","BOT_DEFENSE_INSIGHT","BOT_DEFENSE_RECOMMENDATION","BOT_ANOMALY","SERVICE_POLICY_RESULT","SIGNATURE_CONTEXT","ACTION","NAMESPACE","REQ_RISK","REQ_RISK_REASON","JA4_TLS_FINGERPRINT","SUSPICIOUS_USER_JA4_TLS_FINGERPRINT","MALWARE_NAME","MALWARE_TYPE","MALWARE_SCAN_RESULT","MALWARE_RECOMMENDED_ACTION"],"default":"CITY"},"schemaapp_securityMetricField":{"type":"string","description":"x-displayName: \"Metric Field\"\nMetrics can be computed based on these fields.\n\n - SUSPICION_SCORE: x-displayName: \"Suspicion Score\"","title":"Metric Field","enum":["SUSPICION_SCORE"],"default":"SUSPICION_SCORE"},"schemaapp_securityMetricsAggregation":{"type":"object","description":"x-displayName: \"Metrics Aggregation\"\nComputes metrics based on values for the field in the security event.","title":"Metrics Aggregation","properties":{"percentile":{"$ref":"#/components/schemas/schemaapp_securityPercentileAggregation"}}},"schemaapp_securityMultiFieldAggregation":{"type":"object","description":"x-displayName: \"Multi-Field Aggregation\"\nAggregate security events based on the multiple fields in the security event.","title":"Multi-Field Aggregation","properties":{"field":{"$ref":"#/components/schemas/schemaapp_securityMultiKeyField"},"metrics_aggregation":{"$ref":"#/components/schemas/schemaapp_securityMetricsAggregation"},"sub_aggs":{"type":"object","description":"x-displayName: \"Sub Aggregation\"\nThis option provides sub-aggregation for each field aggregation bucket.","title":"sub aggregation"},"topk":{"type":"integer","description":"x-displayName: \"TopK\"\nx-example: \"10\"\n\nNumber of top field values to be returned in the response.","title":"topk","format":"int64"}}},"schemaapp_securityMultiFieldSubAggregation":{"type":"object","description":"x-displayName: \"Multi Field SubAggregation\"\nAggregate security events in each MultiTerms bucket based on one of the sub aggregation types","title":"Multi Field SubAggregation","properties":{"cardinality_aggregation":{"$ref":"#/components/schemas/schemaapp_securityCardinalityAggregation"}}},"schemaapp_securityMultiKeyField":{"type":"string","description":"x-displayName: \"Multi-Key Field\"\nSecurity events can be aggregated based on these multiple key fields\n\n - ASN_COUNTRY: x-displayName: \"ASN, Country\"\nAggregated by (KeyField.ASN, KeyField.COUNTRY)\n - DOMAIN_METHOD_API_EP: x-displayName: \"Domain, Method, API Endpoint\"\nAggregated by (KeyField.DOMAIN, KeyField.Method, KeyField.APIEP)\n - SRC_IP_COUNTRY: x-displayName: \"Source IP, Country\"\nAggregated by (KeyField.SRC_IP, KeyField.COUNTRY)\n - TLS_FINGERPRINT_COUNTRY: x-displayName: \"TLS Fingerprint, Country\"\nAggregated by (KeyField.TLS_FINGERPRINT, KeyField.COUNTRY)\n - SEC_EVENT_TYPE_ACTION: x-displayName: \"SEC_EVENT_TYPE, ACTION\"\nAggregated by (KeyField.SEC_EVENT_TYPE, KeyField.ACTION)\n - DOMAIN_METHOD_REQ_PATH: x-displayName: \"Domain, Method, Request Path\"\nAggregated by (KeyField.DOMAIN, KeyField.Method, KeyField.REQ_PATH)\n - VH_NAME_SRC_IP_THREAT_CAMPAIGN: x-displayName: \"Virtual Host, Source IP, Threat Campaign\"\nAggregated by (KeyField.VH_NAME, KeyField.SRC_IP, KeyField.THREAT_CAMPAIGN_NAME, KeyField.THREAT_CAMPAIGN_ID)\n - VH_NAME_USER_THREAT_CAMPAIGN: x-displayName: \"Virtual Host, User, Threat Campaign\"\nAggregated by (KeyField.VH_NAME, KeyField.USER, KeyField.THREAT_CAMPAIGN_NAME, KeyField.THREAT_CAMPAIGN_ID)\n - VH_NAME_COUNTRY_THREAT_CAMPAIGN: x-displayName: \"Virtual Host, Country, Threat Campaign\"\nAggregated by (KeyField.VH_NAME, KeyField.COUNTRY, KeyField.THREAT_CAMPAIGN_NAME, KeyField.THREAT_CAMPAIGN_ID)\n - ACTION_THREAT_CAMPAIGN: x-displayName: \"Action, Threat Campaign\"\nAggregated by (KeyField.ACTION, KeyField.THREAT_CAMPAIGN_NAME, KeyField.THREAT_CAMPAIGN_ID)\n - USER_SRC_IP_COUNTRY_CITY_REGION_ASN: x-displayName: \"User, Source IP, Country, City, Region, ASN\"\nAggregated by (KeyField.USER, KeyField.SRC_IP, KeyField.COUNTRY, KeyField.CITY, KeyField.REGION, KeyField.ASN)\n - VH_NAME_NAMESPACE: x-displayName: \"VH Name, Namespace\"\nAggregated by (KeyField.VH_NAME, KeyField.NAMESPACE)\n - API_ENDPOINT_METHOD: x-displayName: \"api_endpoint, method\"\nAggregated by (KeyField.API_ENDPOINT, KeyField.METHOD)\n - JA4_TLS_FINGERPRINT_COUNTRY: x-displayName: \"JA4 TLS Fingerprint, Country\"\nAggregated by (KeyField.JA4_TLS_FINGERPRINT, KeyField.COUNTRY)","title":"Multi-Key Field","enum":["ASN_COUNTRY","DOMAIN_METHOD_API_EP","SRC_IP_COUNTRY","TLS_FINGERPRINT_COUNTRY","SEC_EVENT_TYPE_ACTION","DOMAIN_METHOD_REQ_PATH","VH_NAME_SRC_IP_THREAT_CAMPAIGN","VH_NAME_USER_THREAT_CAMPAIGN","VH_NAME_COUNTRY_THREAT_CAMPAIGN","ACTION_THREAT_CAMPAIGN","USER_SRC_IP_COUNTRY_CITY_REGION_ASN","VH_NAME_NAMESPACE","API_ENDPOINT_METHOD","JA4_TLS_FINGERPRINT_COUNTRY"],"default":"ASN_COUNTRY"},"schemaapp_securityPercentileAggregation":{"type":"object","description":"x-displayName: \"Percentile Aggregation\"\nCalculates percentile over numeric values for a field.","title":"Percentile Aggregation","properties":{"field":{"$ref":"#/components/schemas/schemaapp_securityMetricField"},"percent":{"type":"number","description":"x-displayName: \"Percent\"\nx-example: \"[99.0]\"\nx-required\n\nPercentile for which value is calculated.","title":"percent","format":"double"}}},"schemapolicyHeaderMatcherType":{"type":"object","description":"A header matcher specifies the name of a single HTTP header and the criteria for the input request to match it. The input has a list of actual values for each\nheader name in the original HTTP request.\nA header matcher can check for one of the following:\n* Presence or absence of the header in the input\n* At least one of the values for the header in the input satisfies the MatcherType item","title":"HeaderMatcherType","x-displayname":"Header Matcher","x-ves-displayorder":"1,6,4","x-ves-oneof-field-match":"[\"check_not_present\",\"check_present\",\"item\"]","x-ves-proto-message":"ves.io.schema.policy.HeaderMatcherType","properties":{"check_not_present":{"$ref":"#/components/schemas/schemaEmpty"},"check_present":{"$ref":"#/components/schemas/schemaEmpty"},"invert_matcher":{"type":"boolean","description":" Invert the match result.","title":"invert_matcher","format":"boolean","x-displayname":"Invert Header Matcher"},"item":{"$ref":"#/components/schemas/policyMatcherType"},"name":{"type":"string","description":" A case-insensitive HTTP header name.\n\nExample: ` \"Accept-Encoding\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.http_header_field: true\n ves.io.schema.rules.string.max_bytes: 256\n","title":"name","maxLength":256,"x-displayname":"Header Name","x-ves-example":"Accept-Encoding","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.http_header_field":"true","ves.io.schema.rules.string.max_bytes":"256"}}}},"schemapolicyIPThreatCategoryListType":{"type":"object","description":"List of ip threat categories","title":"IP Threat Category List Type","x-displayname":"IP Threat Category List Type","x-ves-proto-message":"ves.io.schema.policy.IPThreatCategoryListType","properties":{"ip_threat_categories":{"type":"array","description":" The IP threat categories is obtained from the list and is used to auto-generate equivalent label selection expressions\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.repeated.max_items: 32\n ves.io.schema.rules.repeated.unique: true\n","title":"IP Threat Categories","maxItems":32,"items":{"$ref":"#/components/schemas/policyIPThreatCategory"},"x-displayname":"List of IP Threat Categories to choose","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.repeated.max_items":"32","ves.io.schema.rules.repeated.unique":"true"}}}},"schemapolicyQueryParameterMatcherType":{"type":"object","description":"A query parameter matcher specifies the name of a single query parameter and the criteria for the input request to match it. The input has a list of actual\nvalues for each query parameter name in the original HTTP request.\nA query parameter matcher can check for one of the following:\n* Presence or absence of the query parameter in the input\n* At least one of the values for the query parameter in the input satisfies the MatcherType item","title":"QueryParameterMatcherType","x-displayname":"Query Parameter Matcher","x-ves-displayorder":"1,6,4","x-ves-oneof-field-match":"[\"check_not_present\",\"check_present\",\"item\"]","x-ves-proto-message":"ves.io.schema.policy.QueryParameterMatcherType","properties":{"check_not_present":{"$ref":"#/components/schemas/schemaEmpty"},"check_present":{"$ref":"#/components/schemas/schemaEmpty"},"invert_matcher":{"type":"boolean","description":" Invert the match result.","title":"invert_matcher","format":"boolean","x-displayname":"Invert Query Parameter Matcher"},"item":{"$ref":"#/components/schemas/policyMatcherType"},"key":{"type":"string","description":" A case-sensitive HTTP query parameter name.\n\nExample: ` \"sourceid\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_bytes: 256\n","title":"key","maxLength":256,"x-displayname":"Query Parameter Name","x-ves-example":"sourceid","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_bytes":"256"}}}},"schemaviewsObjectRefType":{"type":"object","description":"This type establishes a direct reference from one object(the referrer) to another(the referred).\nSuch a reference is in form of tenant/namespace/name","title":"ObjectRefType","x-displayname":"Object reference","x-ves-proto-message":"ves.io.schema.views.ObjectRefType","properties":{"name":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then name will hold the referred object's(e.g. route's) name.\n\nExample: ` \"contacts-route\"`\n\nRequired: YES\n\nValidation Rules:\n ves.io.schema.rules.message.required: true\n ves.io.schema.rules.string.max_bytes: 128\n ves.io.schema.rules.string.min_bytes: 1\n","title":"name","minLength":1,"maxLength":128,"x-displayname":"Name","x-ves-example":"contacts-route","x-ves-required":"true","x-ves-validation-rules":{"ves.io.schema.rules.message.required":"true","ves.io.schema.rules.string.max_bytes":"128","ves.io.schema.rules.string.min_bytes":"1"}},"namespace":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then namespace will hold the referred object's(e.g. route's) namespace.\n\nExample: ` \"ns1\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_bytes: 64\n","title":"namespace","maxLength":64,"x-displayname":"Namespace","x-ves-example":"ns1","x-ves-validation-rules":{"ves.io.schema.rules.string.max_bytes":"64"}},"tenant":{"type":"string","description":" When a configuration object(e.g. virtual_host) refers to another(e.g route)\n then tenant will hold the referred object's(e.g. route's) tenant.\n\nExample: ` \"acmecorp\"`\n\nValidation Rules:\n ves.io.schema.rules.string.max_bytes: 64\n","title":"tenant","maxLength":64,"x-displayname":"Tenant","x-ves-example":"acmecorp","x-ves-validation-rules":{"ves.io.schema.rules.string.max_bytes":"64"}}}},"suspicious_user_logAvgAggregation":{"type":"object","description":"x-displayName: \"Avg aggregation\"\nGet the average value of the numeric values extracted from the field in the suspicious user log.","title":"Average aggregation","properties":{"field":{"$ref":"#/components/schemas/suspicious_user_logNumKeyField"}}},"suspicious_user_logMaxAggregation":{"type":"object","description":"x-displayName: \"Max aggregation\"\nGet the maximum value among the numeric values extracted from the field in the suspicious user log.","title":"Max aggregation","properties":{"field":{"$ref":"#/components/schemas/suspicious_user_logNumKeyField"}}},"suspicious_user_logMinAggregation":{"type":"object","description":"x-displayName: \"Min aggregation\"\nGet the minimum value among the numeric values extracted from the field in the suspicious user log.","title":"Min aggregation","properties":{"field":{"$ref":"#/components/schemas/suspicious_user_logNumKeyField"}}},"suspicious_user_logNumKeyField":{"type":"string","description":"x-displayName: \"Num-Key Field\"\nsuspicious user log can be aggregated based on these numeric fields.\n\n - SUSPICION_SCORE: x-displayName: \"SUSPICION SCORE\"\n - BEHAVIOR_ANOMALY_SCORE: x-displayName: \"BEHAVIOR ANOMALY SCORE\"\n - BOT_DEFENSE_SEC_EVENT_COUNT: x-displayName: \"BOT DEFENSE SEC EVENT COUNT\"\n - BOT_DEFENSE_SUSPICION_SCORE: x-displayName: \"BOT DEFENSE SUSPICION SCORE\"\n - ERR_COUNT: x-displayName: \"ERR COUNT\"\n - FAILED_LOGIN_COUNT: x-displayName: \"FAILED LOGIN COUNT\"\n - FAILED_LOGIN_SUSPICION_SCORE: x-displayName: \"FAILED LOGIN SUSPICION SCORE\"\n - FORBIDDEN_ACCESS_COUNT: x-displayName: \"FORBIDDEN ACCESS COUNT\"\n - FORBIDDEN_ACCESS_SUSPICION_SCORE: x-displayName: \"FORBIDDEN ACCESS SUSPICION SCORE\"\n - IP_REPUTATION_SUSPICION_SCORE: x-displayName: \"IP REPUTATION SUSPICION SCORE\"\n - PAGE_NOT_FOUND_COUNT: x-displayName: \"PAGE NOT FOUND COUNT\"\n - RATE_LIMIT_SUSPICION_SCORE: x-displayName: \"RATE LIMIT SUSPICION SCORE\"\n - RATE_LIMITING_COUNT: x-displayName: \"RATE LIMITING COUNT\"\n - WAF_SEC_EVENT_COUNT: x-displayName: \"WAF SEC EVENT COUNT\"\n - WAF_SUSPICION_SCORE: x-displayName: \"WAF SUSPICION SCORE\"","title":"Numeric-Key Field","enum":["SUSPICION_SCORE","BEHAVIOR_ANOMALY_SCORE","BOT_DEFENSE_SEC_EVENT_COUNT","BOT_DEFENSE_SUSPICION_SCORE","ERR_COUNT","FAILED_LOGIN_COUNT","FAILED_LOGIN_SUSPICION_SCORE","FORBIDDEN_ACCESS_COUNT","FORBIDDEN_ACCESS_SUSPICION_SCORE","IP_REPUTATION_SUSPICION_SCORE","PAGE_NOT_FOUND_COUNT","RATE_LIMIT_SUSPICION_SCORE","RATE_LIMITING_COUNT","WAF_SEC_EVENT_COUNT","WAF_SUSPICION_SCORE"],"default":"SUSPICION_SCORE"}}}}