Retrieves all of your RTLD WAF profiles.
Retrieve all RTLD WAF profiles via the following request:
| HTTP Method | Request URI |
|---|---|
|
GET |
https://api.vdms.io/rtld/v1/waf/profiles |
This endpointIdentifies a request's connection point to our REST API service. only takes advantage of common request headers.
Unlike requests to api.edgecast.com, requests to our API gateway (api.vdms.io) require an access token (OAuth).
Request body parameters are not required by this endpoint.
The response to the above request includes an HTTP status code, response headers, and a response body.
A status code indicates whether the request was successfully performed.
The response for this endpoint only includes standard HTTP response headers.
The response body for a successful request contains the following response elements:
| Name | Data Type | Description |
|---|---|---|
|
@id |
String |
Indicates the relative path to the requested endpoint. |
|
@type |
String |
Returns Collection. |
|
Array |
Contains your RTLD WAF profiles. |
|
|
total_items |
Integer |
Indicates the total number of RTLD WAF profiles that were included in the response. |
The items array describes each RTLD WAF profile using the following properties:
| Name | Data Type | Description |
|---|---|---|
|
@id |
String |
Indicates the relative path for an endpoint that returns this profile. |
|
@type |
String |
Returns RtldSetting. |
|
account_number |
String |
Indicates your customer account number. |
|
Object |
Contains the configuration for the AWS S3 log delivery method. |
|
|
Object |
Contains the configuration for the Azure Blob Storage log delivery method. |
|
|
created_by |
String |
Reserved for future use. |
|
created_on |
String |
Indicates the timestamp at which this profile was created. Syntax: YYYY-MM-DDThh:mm:ss.ffffffZ
|
|
Object |
Contains the configuration for the Datadog log delivery method. |
|
|
delivery_method |
String |
Indicates the destination (e.g., aws_s3 or azure_blob_storage) to which log data will be delivered. |
|
description |
String |
Indicates the log delivery profile's description. |
|
downsampling_rate |
Decimal |
Indicates the rate at which log data will be downsampled. RTLD will not downsample log data when this property is set to a null value. |
|
enabled |
Boolean |
Indicates whether RTLD will use this profile to deliver log data. Valid values are: true | false
|
|
fields |
Array of string values |
Indicates the set of log fields that will be delivered. Use the Get Log Fields (RTLD WAF) endpoint to retrieve the set of valid values for this parameter. |
|
Object |
Contains your log data filtering configuration. |
|
|
Object |
Contains the configuration for the Google Cloud Storage log delivery method. |
|
|
Object |
Contains the configuration for the HTTP POST log delivery method. |
|
|
id |
Integer |
Indicates the system-defined ID for a RTLD |
|
last_modified_on |
String |
Indicates the timestamp at which this profile was last modified. Syntax: YYYY-MM-DDThh:mm:ss.ffffffZ
|
|
log_format |
String |
Indicates the log data's format. Valid values are: json | json_array | json_lines
RTLD uses a default log format when this property is set to a null value. |
|
new_relic |
Object |
Reserved for future use. |
|
profile_name |
String |
Indicates the log delivery profile's name. |
|
Object |
Contains the configuration for the Splunk Enterprise log delivery method. |
|
|
Object |
Contains the configuration for the Sumo Logic log delivery method. |
The aws_s3 object describes the AWS S3 log delivery method using the following properties:
| Name | Data Type | Description |
|---|---|---|
|
bucket |
String |
Indicates the AWS S3 bucket to which log data will be delivered. |
|
prefix |
String |
Indicates the prefix that identifies a virtual log file storage location and/or a prefix that will be added to each object added to your bucket. |
|
region |
String |
Indicates the region assigned to the AWS S3 bucket defined by the bucket parameter. |
The azure_blob_storage object describes the Azure Blob Storage log delivery method using the following properties:
| Name | Data Type | Description |
|---|---|---|
|
access_key |
String |
Indicates the access key through which log data uploads will be authorized. |
|
access_type |
String |
Indicates whether log data uploads will be authorized via a SAS token or an access key. |
|
masked_access_key |
String |
Indicates a masked value that represents the access key defined within the access_key element. |
|
masked_token |
String |
Indicates a masked value that represents the SAS token defined within the token element. |
|
prefix |
String |
Indicates a virtual log file storage location and/or a prefix that will be added to each log file added to your container. |
|
token |
String |
Indicates the SAS token through which log data uploads will be authorized. |
|
url |
String |
Indicates a URL that points to the Blob container to which log data will be posted. |
The datadog object describes the Datadog log delivery method using the following properties:
| Name | Data Type | Description |
|---|---|---|
|
api_key |
String |
Indicates the |
|
masked_api_key |
String |
Indicates a masked value that represents the API key defined within the api_key element. |
|
service_attribute_value |
String |
Indicates a value through which uploaded log data will be identified within the Datadog environment. |
|
site |
String |
Indicates the Datadog site to which log data will be delivered. Valid values are: us | eu
|
The gcs object describes the Google Cloud Storage log delivery method using the following properties:
| Name | Data Type | Description |
|---|---|---|
|
bucket |
String |
Indicates the Google Cloud Storage bucket to which log data will be delivered. |
|
prefix |
String |
Indicates the prefix that identifies a virtual log file storage location and/or a prefix that will be added to each object added to your bucket. |
The filters object describes your log filtering configuration using the following properties:
| Name | Data Type | Description |
|---|---|---|
|
acl_config_name |
Array of string values |
Indicates the set of access rules by which log data will be filtered. A null value indicates that log data will not be filtered by an access rule. |
|
cnames |
Array of string values |
Indicates the set of edge CNAMEs by which log data will be filtered. A null value indicates that log data will not be filtered by an edge CNAME. |
|
cnames_condition |
String |
Indicates how log data will be filtered by edge CNAME(s). Valid values are:
|
|
country_code |
Array of string values |
Indicates the set of countries (ISO 3166 country codes) by which log data will be filtered. A null value indicates that log data will not be filtered by a country. |
|
country_code_condition |
String |
Indicates how log data will be filtered by country. Valid values are:
|
|
rules_config_name |
Array of string values |
Indicates the set of custom rules by which log data will be filtered. A null value indicates that log data will not be filtered by a custom rule. |
|
scope_config_name |
Array of string values |
Indicates the set of security application manager configurations by which log data will be filtered. A null value indicates that log data will not be filtered by a security application manager configuration. |
|
user_agent_regexp |
String |
Indicates a regular expression that identifies user agents by which log data will be filtered. A null value indicates that log data will not be filtered by a user agent. |
|
waf_profile_name |
Array of string values |
Indicates the set of managed rules by which log data will be filtered. A null value indicates that log data will not be filtered by a managed rule. |
The http_post object describes the HTTP POST log delivery method using the following properties:
| Name | Data Type | Description |
|---|---|---|
|
authentication_type |
String |
Indicates how log delivery requests will be authenticated to your web servers. |
|
destination_endpoint |
String |
Indicates the absolute URL to which log data will be delivered. |
|
masked_password |
String |
Indicates a masked value that represents the password defined within the password element. |
|
masked_token |
String |
Indicates a masked value that represents the token defined within the token element. |
|
password |
String |
Indicates the |
|
token |
String |
Indicates the token value that will be passed via the Authorization request header whenever log data is delivered to your web servers. |
|
username |
String |
Indicates the user name through which requests to your web server will be authenticated. |
The splunk_enterprise object describes the Splunk Enterprise log delivery method using the following properties:
| Name | Data Type | Description |
|---|---|---|
|
masked_token |
String |
Indicates a masked value that represents the token defined within the token element. |
|
token |
String |
Indicates the token for the HTTP Event Collector configuration associated with the URL corresponding to the url parameter. |
|
url |
String |
Indicates a URL that points to your Splunk Enterprise's HTTP Event Collector configuration. |
The sumo_logic object describes the Sumo Logic log delivery method using the following properties:
| Name | Data Type | Description |
|---|---|---|
|
masked_url |
String |
Indicates a masked value that represents the URL defined within the url element. |
|
url |
String |
Indicates a URL that points to the HTTP source defined within Sumo Logic. |
The response body for an unsuccessful request will contain an error response that provides additional information.
A sample JSON request is shown below.
GET https://api.vdms.io/rtld/v1/waf/profiles HTTP/1.1
Accept: application/json
Content-Type: application/json
Host: api.vdms.io
A sample JSON response is shown below.
HTTP/1.1 200 OK
Cache-Control: no-cache
Content-Type: application/json; charset=utf-8
Date: Thu, 15 Apr 2021 12:00:00 GMT
Content-Length: 1013
{
"@id": "/waf/profiles",
"@type": "Collection",
"items": [{
"@id": "/rtld/v1/waf/profiles/10027",
"@type": "RtldSetting",
"id": 10027,
"account_number": "0001",
"delivery_method": "http_post",
"enabled": false,
"downsampling_rate": null,
"fields": ["rule_message", "rule_tags", "client_country_code", "client_country", "client_city", "sub_events_count", "sub_events", "waf_instance_name", "waf_profile_name", "action_type", "waf_profile_type", "timestamp", "client_ip", "server_port", "url", "host", "user_agent", "referer", "account_number", "uuid"],
"aws_s3": null,
"http_post": {
"destination_endpoint": "https://logs.example.com/waf/",
"authentication_type": "none",
"token": null,
"username": null,
"password": null
},
"sumo_logic": null,
"splunk_enterprise": null,
"azure_blob_storage": null
}
],
"total_items": 1
}