Era.Common.DataDefinition.Policy.CreateRules

Description

Configuration for rules creation from logs.

Properties

Name	JsonSchemaType	Description
hashExclusions	array of references to Era.Common.DataDefinition.Policy.CreateRules_HashExclusions	If set, the array of hashes and their respective descriptions will be converted to exclusions.
logCSN	array of integer	Logs' identifiers that will converted to rules.
threatExclusions	reference to Era.Common.DataDefinition.Policy.CreateRules_ThreatExclusions	If set, threat logs will be converted to exclusions.
threatExclusionsFromFile	string	If set, the content of a file (CSV) will be converted to exclusions.
unifiedFirewallExclusions	array of references to Era.Common.DataDefinition.Policy.CreateRules_UnifiedFirewallExclusions	If set, firewall data will be converted to unified exclusions.
unifiedThreatExclusions	array of references to Era.Common.DataDefinition.Policy.CreateRules_UnifiedThreatExclusions	If set, threat data will be converted to unified exclusions.

Dual message (request/response)

No dual message.

Referenced in messages

Era.Common.NetworkMessage.ConsoleApi.Policies.RpcCreateRulesRequest

JsonSchema

{
    "title": "Era.Common.DataDefinition.Policy.CreateRules",
    "type": "object",
    "$schema": "http://json-schema.org/draft-04/schema#",
    "additionalProperties": false,
    "required": [
        "Era.Common.DataDefinition.Policy.CreateRules"
    ],
    "properties": {
        "Era.Common.DataDefinition.Policy.CreateRules": {
            "$ref": "#/definitions/CreateRules"
        }
    },
    "definitions": {
        "CreateRules": {
            "additionalProperties": false,
            "type": "object",
            "properties": {
                "hashExclusions": {
                    "maxItems": 10,
                    "minItems": 0,
                    "type": "array",
                    "items": [
                        {
                            "$ref": "Era.Common.DataDefinition.Policy.CreateRules_HashExclusions#/definitions/CreateRules_HashExclusions"
                        }
                    ]
                },
                "logCSN": {
                    "type": "array",
                    "items": [
                        {
                            "type": "integer"
                        }
                    ]
                },
                "threatExclusions": {
                    "$ref": "Era.Common.DataDefinition.Policy.CreateRules_ThreatExclusions#/definitions/CreateRules_ThreatExclusions"
                },
                "threatExclusionsFromFile": {
                    "type": "string"
                },
                "unifiedFirewallExclusions": {
                    "maxItems": 10,
                    "minItems": 0,
                    "type": "array",
                    "items": [
                        {
                            "$ref": "Era.Common.DataDefinition.Policy.CreateRules_UnifiedFirewallExclusions#/definitions/CreateRules_UnifiedFirewallExclusions"
                        }
                    ]
                },
                "unifiedThreatExclusions": {
                    "maxItems": 10,
                    "minItems": 0,
                    "type": "array",
                    "items": [
                        {
                            "$ref": "Era.Common.DataDefinition.Policy.CreateRules_UnifiedThreatExclusions#/definitions/CreateRules_UnifiedThreatExclusions"
                        }
                    ]
                }
            }
        }
    }
}