NSX-T Data Center REST API

Publish/Cancel/Validate the custom signatures

Publish/Cancel/Validate the customer signatures.
CANCEL: Revert to earlier published state i.e. cancel/remove all the unpublished custom signatures.
VALIDATE: Trigger the validation of the custom signatures.
PUBLISH: Publish the custom signatures. This action will push all the valid custom signatures to datapath.
This API is only available when using VMware NSX.

Request:

Method:
POST
URI Path(s):
/policy/api/v1/infra/settings/firewall/security/intrusion-services/custom-signature-versions/{version-id}/custom-signatures
Request Headers:
n/a
Query Parameters:
IdsCustomSignatureActionParameter+
Request Body:
CustomSignatureValidationPayload+

Example Request:

{ "modified_signatures": [ { "signature_id": "1001061397", "overridden_signature": { "action": "DROP" } } ] } { "modified_signatures": [ { "signature_id": "1001061397", "overridden_signature": { "action": "DROP" } }, { "signature_id": "1001060933", "raw_signature": "reject http $HOME_NET any -> $EXTERNAL_NET any (msg:\"NSX - (Initial Access) Detect CVE-2014-6332\"; flow:established,to_server; target:src_ip; content:\" } ] }

Successful Response:

Response Code:
202 Accepted
Response Headers:
n/a
Response Body:
n/a

Required Permissions:

crud

Feature:

policy_common_ids

Additional Errors: