addIntrusionGroupRuleUpdate - Firepower Threat Defense API v6.2 (FTD v7.2)

Description

The addIntrusionGroupRuleUpdate operation handles configuration related to IntrusionGroupRuleUpdate model.
Use this API to update the set of contained Intrusion Rules by an Intrusion Rule Group

HTTP request

POST /api/fdm/v6/action/intrusionrulegroups/{objId}/ruleupdates

Data Parameters

Parameter	Required	Type	Description
addRuleReferences	False	[object]	A list of rule references that will be added to the IntrusionRuleGroup Allowed types are: [IntrusionRule]
deleteRuleReferences	False	[object]	A list of rule references that will be removed from the IntrusionRuleGroup Allowed types are: [IntrusionRule]
type	True	string	A UTF8 string, all letters lower-case, that represents the class-type. This corresponds to the class name.

Path Parameters

Parameter	Required	Type	Description
objId	True	string

Example

curl -X POST \
    --header "Accept: application/json" \
    --header "Authorization: Bearer ${ACCESS_TOKEN}" \
    --header "Content-Type: application/json" \
    -d '{
        "addRuleReferences": [],
        "deleteRuleReferences": [],
        "id": "string",
        "type": "IntrusionGroupRuleUpdate",
        "version": "string"
    }' \
    "https://${HOST}:${PORT}/api/fdm/v6/action/intrusionrulegroups/{objId}/ruleupdates"

from bravado.requests_client import RequestsClient
from bravado.client import SwaggerClient


def get_client(host, token):
    http_client = RequestsClient()
    http_client.ssl_verify = False
    http_client.set_api_key(
        host,
        "Bearer {}".format(token),
        param_name="Authorization",
        param_in="header"
    )
    return SwaggerClient.from_url(
        "https://{}/apispec/ngfw.json".format(host),
        http_client=http_client,
        config={
            "validate_responses": False,
            "validate_swagger_spec": False
        }
    )


def add_intrusion_group_rule_update(client, obj_id, body):
    return client.IntrusionPolicy.addIntrusionGroupRuleUpdate(
        objId=obj_id,
        body=body
    ).response().result


if __name__ == "__main__":
    host = "ftd.example.com"
    token = "access_token"
    client = get_client(host, token)

    obj_id = "string"
    body = {'addRuleReferences': [],
 'deleteRuleReferences': [],
 'type': 'IntrusionGroupRuleUpdate'}

    add_intrusion_group_rule_update(client, obj_id, body)