Show search and navigation.

 

Get RTLD WAF Profile

Retrieves a RTLD WAF profile.

Request

Retrieve a specific RTLD WAF profile via the following request:

HTTP Method Request URI

GET

https://api.vdms.io/rtld/v1/waf/profiles/ProfileID

Define the following variable when submitting the above request:

VariableA variable represents a value that must be replaced. A variable consists of either a URL segment (e.g., "0001" in /0001/) or a query string value (e.g., "3" in mediaTypes=3). Description

ProfileID

Required

Replace this variable with the system-defined ID assigned to the desired RTLD WAF profile.

Use the Get All RTLD WAF Profiles endpoint to find out the system-defined ID assigned to your RTLD WAF profile.

Request Headers

This endpointIdentifies a request's connection point to our REST API service. only takes advantage of common request headers.

Unlike requests to api.edgecast.com, requests to our API gateway (api.vdms.io) require an access token (OAuth).

Request Body

Request body parameters are not required by this endpoint.

Response

The response to the above request includes an HTTP status code, response headers, and a response body.

Status Code

A status code indicates whether the request was successfully performed.

Response Headers

The response for this endpoint only includes standard HTTP response headers.

View common response headers.

Response Body

The response body for a successful request contains the following response elements:

Name Data Type Description

@id

String

Indicates the relative path for an endpoint that returns this profile.

@type

String

Returns RtldSetting.

account_number

String

Indicates your customer account number.

aws_s3

Object

Contains the configuration for the AWS S3 log delivery method.

azure_blob_storage

Object

Contains the configuration for the Azure Blob Storage log delivery method.

datadog

Object

Contains the configuration for the Datadog log delivery method.

delivery_method

String

Indicates the destination (e.g., aws_s3 or azure_blob_storage) to which log data will be delivered.

Learn more.

description

String

Indicates the log delivery profile's description.

downsampling_rate

Decimal

Indicates the rate at which log data will be downsampled.

RTLD will not downsample log data when this property is set to a null value.

enabled

Boolean

Indicates whether RTLD will use this profile to deliver log data. Valid values are: 

true | false

fields

Array of string values

Indicates the set of log fields that will be delivered.

Learn more.

filters

Object

Contains your log data filtering configuration.

gcs

Object

Contains the configuration for the Google Cloud Storage log delivery method.

http_post

Object

Contains the configuration for the HTTP POST log delivery method.

id

Integer

Indicates the system-defined ID for a RTLD WAF profile.

log_format

String

Indicates the log data's format. Valid values are:

json | json_array | json_lines

RTLD uses a default log format when this property is set to a null value.

Learn more.

new_relic

Object

Reserved for future use.

profile_name

String

Indicates the log delivery profile's name.

splunk_enterprise

Object

Contains the configuration for the Splunk Enterprise log delivery method.

sumo_logic

Object

Contains the configuration for the Sumo Logic log delivery method.

aws_s3 Object

The aws_s3 object describes the AWS S3 log delivery method using the following properties:

Name Data Type Description

bucket

String

Indicates the AWS S3 bucket to which log data will be delivered.

prefix

String

Indicates the prefix that identifies a virtual log file storage location and/or a prefix that will be added to each object added to your bucket.

Learn more.

region

String

Indicates the region assigned to the AWS S3 bucket defined by the bucket parameter.

Learn more.

azure_blob_storage Object

The azure_blob_storage object describes the Azure Blob Storage log delivery method using the following properties:

Name Data Type Description

access_key

String

Indicates the access key through which log data uploads will be authorized.

access_type

String

Indicates whether log data uploads will be authorized via a SAS token or an access key.

masked_access_key

String

Indicates a masked value that represents the access key defined within the access_key element.

masked_token

String

Indicates a masked value that represents the SAS token defined within the token element.

prefix

String

Indicates a virtual log file storage location and/or a prefix that will be added to each log file added to your container.

Learn more.

token

String

Indicates the SAS token through which log data uploads will be authorized.

url

String

Indicates a URL that points to the Blob container to which log data will be posted.

Learn more.

datadog Object

The datadog object describes the Datadog log delivery method using the following properties:

Name Data Type Description

api_key

String

Indicates the encrypted API key through which log data uploads will be authorized.

masked_api_key

String

Indicates a masked value that represents the API key defined within the api_key element.

service_attribute_value

String

Indicates a value through which uploaded log data will be identified within the Datadog environment.

site

String

Indicates the Datadog site to which log data will be delivered. Valid values are:

us | eu

gcs Object

The gcs object describes the Google Cloud Storage log delivery method using the following properties:

Name Data Type Description

bucket

String

Indicates the Google Cloud Storage bucket to which log data will be delivered.

prefix

String

Indicates the prefix that identifies a virtual log file storage location and/or a prefix that will be added to each object added to your bucket.

Learn more.

filters Object

The filters object describes your log filtering configuration using the following properties:

Name Data Type Description

acl_config_name

Array of string values

Indicates the set of access rules by which log data will be filtered. A null value indicates that log data will not be filtered by an access rule.

cnames

Array of string values

Indicates the set of edge CNAMEs by which log data will be filtered. A null value indicates that log data will not be filtered by an edge CNAME.

cnames_condition

String

Indicates how log data will be filtered by edge CNAME(s). Valid values are:

  • in: Filters log data to only include requests that point to the edge CNAMEs defined within the cnames property.
  • not_in: Filters log data to exclude requests that point to the edge CNAMEs defined within the cnames property.

country_code

Array of string values

Indicates the set of countries (ISO 3166 country codes) by which log data will be filtered. A null value indicates that log data will not be filtered by a country.

country_code_condition

String

Indicates how log data will be filtered by country. Valid values are:

  • in: Filters log data to only include requests that originate from the countries defined within the country_code property.
  • not_in: Filters log data to exclude requests that originate from the countries defined within the country_code property.

rules_config_name

Array of string values

Indicates the set of custom rules by which log data will be filtered. A null value indicates that log data will not be filtered by a custom rule.

scope_config_name

Array of string values

Indicates the set of security application manager configurations by which log data will be filtered. A null value indicates that log data will not be filtered by a security application manager configuration.

user_agent_regexp

String

Indicates a regular expression that identifies user agents by which log data will be filtered. A null value indicates that log data will not be filtered by a user agent.

waf_profile_name

Array of string values

Indicates the set of managed rules by which log data will be filtered. A null value indicates that log data will not be filtered by a managed rule.

http_post Object

The http_post object describes the HTTP POST log delivery method using the following properties:

Name Data Type Description

authentication_type

String

Indicates how log delivery requests will be authenticated to your web servers.

Learn more.

destination_endpoint

String

Indicates the absolute URL to which log data will be delivered.

masked_password

String

Indicates a masked value that represents the password defined within the password element.

masked_token

String

Indicates a masked value that represents the token defined within the token element.

password

String

Indicates the encrypted value of the password through which requests to your web server will be authenticated.

token

String

Indicates the token value that will be passed via the Authorization request header whenever log data is delivered to your web servers.

username

String

Indicates the user name through which requests to your web server will be authenticated.

splunk_enterprise Object

The splunk_enterprise object describes the Splunk Enterprise log delivery method using the following properties:

Name Data Type Description

masked_token

String

Indicates a masked value that represents the token defined within the token element.

token

String

Indicates the token for the HTTP Event Collector configuration associated with the URL corresponding to the url parameter.

url

String

Indicates a URL that points to your Splunk Enterprise's HTTP Event Collector configuration.

sumo_logic Object

The sumo_logic object describes the Sumo Logic log delivery method using the following properties:

Name Data Type Description

masked_url

String

Indicates a masked value that represents the URL defined within the url element.

url

String

Indicates a URL that points to the HTTP source defined within Sumo Logic.

Errors

The response body for an unsuccessful request will contain an error response that provides additional information.

Sample Request and Response (JSON)

A sample JSON request is shown below.

GET https://api.vdms.io/rtld/v1/waf/profiles/10027 HTTP/1.1

Authorization: Bearer A1bcbGciOiJSUzI1NiIsImtpZCI6Ij13N1VGQ01z...A1bcbGciOiJSUzI1NiIsImtpZCI6Ij13N1VGQ01zOTIzQjI1MTYzRjU4MU1wQ0I3MUNBRDk3QjAzNkUwQjgiLCJ01XAiOiJKV1QiLCJ4NXQiOiJGMDc4bzVJN0pSWV9XQm9Ndcc5dGw3QTI0TGcifQ.1yJuYmYiOj11NjUzMDgwNzgsImV4cCI6MTU2NTMwODM3OCwiaXNzIjoiacR0ccM6Ly9pZC52ZG1zLmlvIiwiYXVkIjpbImc0dcBzOi8vaWQudmRtcy5pby9yZXNvdXJjZXMiLCJlYy5ydWxlcyJdLCJjbGllbnRfaWQiOiIxNTccOWZmZi04MTQzLTRmOW1tOWY1Yi1jNDgzZWVkNzclM2QiLCJzY29wZSI6WyJlYy5ydWxlcyJdfQ.XQ4TvzDrwLo4bO71cb1TbgYxmtcgTzC46Do0A9F3inAqw1qcr_Nr9IgRDxJDqR4Udc9QR86LVTQC2-ogGWP3pI12GtDtiUQdKYs5fpcuMf2Kbqau6kuU1M5BJm_GOcBNCCAJnU7SrDprVbPlwanGqk3yjcyo9nto8KWCRTwq2t31UQ1Ci31FZSr4vaMZJqk1vBW6NS3-yGowGCZbSIQBKpSgcc75coPtSjF1Qi6M4yORDyMC8c3KKlIp2b-6mpfDFXINIFV-XvnNuQ9v-lcc43_VWuDA_cQO8wmS4VzS1Ac1tpg1Pp4Bcdtjt12yKAXvi0X19R1BDmpxmO17cRRKYQ

Accept: application/json

Content-Type: application/json

Host: api.vdms.io

A sample JSON response is shown below.

HTTP/1.1 200 OK

Cache-Control: no-cache

Content-Type: application/json; charset=utf-8

Date: Thu, 15 Apr 2021 12:00:00 GMT

Content-Length: 835

{
	"@id": "/rtld/v1/waf/profiles/10027",
	"@type": "RtldSetting",
	"id": 10027,
	"account_number": "0001",
	"delivery_method": "http_post",
	"enabled": false,
	"downsampling_rate": null,
	"fields": ["rule_message", "rule_tags", "client_country_code", "client_country", "client_city", "sub_events_count", "sub_events", "waf_instance_name", "waf_profile_name", "action_type", "waf_profile_type", "timestamp", "client_ip", "server_port", "url", "host", "user_agent", "referer", "account_number", "uuid"],
	"aws_s3": null,
	"http_post": {
		"destination_endpoint": "https://logs.example.com/cdn/",
		"authentication_type": "none",
		"token": null,
		"username": null,
		"password": null
	},
	"sumo_logic": null,
	"splunk_enterprise": null,
	"azure_blob_storage": null
}