Get Available Rules

Retrieves the set of rules associated with the specified policy.

The set of rules associated with a policy may vary by a rule set's version.

Request

A request to retrieve rules is described below.

HTTP Method	Request URI
GET	https://api.transactcdn.com/v2/mcc/customers/AccountNumber/waf/v1.0/profile/rulesets/RuleSetID/version/RuleSetVersion/policies/PolicyID/rules

Define the following variables when submitting the above request:

VariableA variable represents a value that must be replaced. A variable consists of either a URL segment (e.g., "0001" in /0001/) or a query string value (e.g., "3" in mediaTypes=3).	Description
AccountNumber Required	Replace this variable with a customer account number. This account number may be found in the upper left-hand corner of the TCC.
RuleSetID Required	Replace this variable with the system-defined ID of the rule set that contains the policy whose rules will be retrieved. Use the Get Managed Rule endpoint to find out the system-defined ID of the rule setThis ID is reported by the ruleset_id response parameter. associated with the desired managed rule. Alternatively, retrieve a list of the available rule sets and their system-defined IDs through the Get Available Rule Sets endpoint.
RuleSetVersion Required	Replace this variable with the version of the rule set that contains the policy whose rules will be retrieved. Use the Get Managed Rule endpoint to find out the version of the rule setThis version is reported by the ruleset_version response parameter. associated with the desired managed rule. Alternatively, retrieve a list of the available rule sets and their system-defined IDs through the Get Available Rule Sets endpoint.
PolicyID Required	Replace this variable with the system-defined ID of the policy whose rules will be retrieved. Use the Get Available Policies endpoint to retrieve a list of the available policies and their system-defined IDs.

Description

AccountNumber

Required

Replace this variable with a customer account number. This account number may be found in the upper left-hand corner of the TCC.

RuleSetID

Required

Replace this variable with the system-defined ID of the rule set that contains the policy whose rules will be retrieved.

Use the Get Managed Rule endpoint to find out the system-defined ID of the rule setThis ID is reported by the ruleset_id response parameter. associated with the desired managed rule. Alternatively, retrieve a list of the available rule sets and their system-defined IDs through the Get Available Rule Sets endpoint.

RuleSetVersion

Required

Replace this variable with the version of the rule set that contains the policy whose rules will be retrieved.

Use the Get Managed Rule endpoint to find out the version of the rule setThis version is reported by the ruleset_version response parameter. associated with the desired managed rule. Alternatively, retrieve a list of the available rule sets and their system-defined IDs through the Get Available Rule Sets endpoint.

PolicyID

Required

Replace this variable with the system-defined ID of the policy whose rules will be retrieved.

Use the Get Available Policies endpoint to retrieve a list of the available policies and their system-defined IDs.

Request Headers

This endpointIdentifies a request's connection point to our REST API service. only takes advantage of common request headers.

Request Body

Request body parameters are not required by this endpoint.

Response

The response to the above request includes an HTTP status code, response headers, and a response body.

Status Code

A status code indicates whether the request was successfully performed.

Response Headers

The response for this endpoint only includes standard HTTP response headers.

View common response headers.

Response Body

The response body for a successful request contains the following response parameters for each rule returned by this endpoint:

Name	Data Type	Description
Id	Integer	Identifies a rule by its system-defined ID.
Msg	String	Describes the rule identified by the Id response parameter.

Errors

The response body for an unsuccessful request will contain an error response that provides additional information.

View common error messages.

Sample Request and Response

A sample JSON request is shown below.

GET https://api.transactcdn.com/v2/mcc/customers/0001/waf/v1.0/profile/rulesets/ECRS/version/latest/policies/r2000_ec_custom_rule.conf.json/rules HTTP/1.1

Authorization: TOK:12345678-1234-1234-1234-1234567890ab

Accept: application/json

Content-Type: application/json

Host: api.transactcdn.com

A sample JSON response is shown below.

HTTP/1.1 200 OK

Cache-Control: private

Content-Type: application/json; charset=utf-8

Date: Thu, 15 Apr 2021 12:00:00 GMT

Content-Length: 1194

[{
		"Id": "431000",
		"Msg": "Bash shellshock attack detected",
		"Tag": [
			"CVE-2014-6271"
		]
	}, {
		"Id": "431001",
		"Msg": "httpoxy attack detected, Proxy header unnecessary",
		"Tag": [
			"CVE-2016-5385,CVE-2016-5386,CVE-2016-5387,CVE-2016-5388,CVE-2016-1000109,CVE-2016-1000110"
		]
	}, {
		"Id": "431002",
		"Msg": "SLR: Drupal 7.x/8.x RCE CVE-2018-7600 ",
		"Tag": [
			"application-Drupal",
			"language-php",
			"platform-multi",
			"attack-rce",
			"https://www.drupal.org/sa-core-2018-002"
		]
	}, {
		"Id": "431003",
		"Msg": "SLR: Drupal 7.x/8.x RCE CVE-2018-7600 ",
		"Tag": [
			"application-Drupal",
			"language-php",
			"platform-multi",
			"attack-rce",
			"https://www.drupal.org/sa-core-2018-002"
		]
	}, {
		"Id": "431007",
		"Msg": "Log4j Headers CVE-2021-44228",
		"Tag": [
			"language-java",
			"attack-rce",
			"CVE-2021-44228"
		]
	}, {
		"Id": "431008",
		"Msg": "Log4j Body CVE-2021-44228",
		"Tag": [
			"language-java",
			"attack-rce",
			"CVE-2021-44228"
		]
	}, {
		"Id": "431009",
		"Msg": "Log4j URI CVE-2021-44228",
		"Tag": [
			"language-java",
			"attack-rce",
			"CVE-2021-44228"
		]
	}
]