NSX-T Data Center REST API

Retrieves the IP reputation exclusion list from the default malicious IP group

The API retrieves the list of IP addresses excluded from IP reputation enforcement. The exclusion list
is maintained in the default malicious IP group. The behavior varies depending on whether the API is
executed on Global Manager (GM) or Local Manager (LM).

Execution on Global Manager (GM):
- API endpoint: GET https:///global-manager/api/v1/global-infra/ip-reputation-exclusion-list
- When the 'enforcement_point_path' parameter is provided, the API returns the exclusion IP list from
the default malicious IP group of the specified site (Local Manager) represented by the enforcement
point path.
- When the 'enforcement_point_path' parameter is not provided, the API returns the exclusion IP list
from the Global Manager's default malicious IP group.

Execution on Local Manager (LM):
- API endpoint: GET https:///policy/api/v1/infra/ip-reputation-exclusion-list
- The API returns the exclusion IP list from the Local Manager's default malicious IP group.
- The 'enforcement_point_path' parameter is ignored if provided, as the Local Manager maintains only
its own enforcement point and exclusion list.

Note:
- This API only considers IP addresses in the default malicious IP group. IP addresses in
user-created malicious IP groups are not included in the response.

Request:

Method:

GET

URI Path(s):

/policy/api/v1/infra/ip-reputation-exclusion-list

Request Headers:

n/a

Query Parameters:

RealizationListRequestParameters+

RealizationListRequestParameters (schema)

Name	Description	Type	Notes
cursor	Opaque cursor to be used for getting next page of records (supplied by current result page)	string
enforcement_point_path	String Path of the enforcement point The path of the enforcement point from which the list of members needs to be fetched. Forward slashes must be escaped using %2F.	string
include_mark_for_delete_objects	Include objects that are marked for deletion in results If true, resources that are marked for deletion will be included in the results. By default, these resources are not included.	boolean	Default: "False"
included_fields	Comma separated list of fields that should be included in query result Note - this parameter currently only works when used with the search APIs /policy/api/v1/search/query and /policy/api/v1/search/dsl. It is ignored for other list APIs.	string
page_size	Maximum number of results to return in this page (server may return fewer)	integer	Minimum: 0 Maximum: 1000 Default: "1000"
sort_ascending	If true, results are sorted in ascending order	boolean
sort_by	Field by which records are sorted	string

Request Body:

n/a

Example Request:

# Example 1: Execute on Global Manager with enforcement_point_path GET https:///global-manager/api/v1/global-infra/ip-reputation-exclusion-list?enforcement_point_path=%2Fglobal-infra%2Fsites%2Fpune%2Fenforcement-points%2Fdefault # Example 2: Execute on Global Manager without enforcement_point_path GET https:///global-manager/api/v1/global-infra/ip-reputation-exclusion-list # Example 3: Execute on Local Manager GET https:///policy/api/v1/infra/ip-reputation-exclusion-list

Successful Response:

Response Code:

200 OK

Response Headers:

Content-type: application/json

Response Body:

IPReputationExclusionList+

Name	Description	Type	Notes
exclusion_list	Array of IP addresses The list returns the IPs present in the exclusion list of default malicious IP reputation group present on a specific site. This array can consist of a single IP address, IP address range or a subnet. Its type can be of either IPv4 or IPv6.	array of IPElement	Readonly

Example Response:

{ "exclusion_list": ["10.112.32.54", "125.36.12.54" ] }

Required Permissions:

read

Feature:

policy_security_settings