Akamai WAF
Manage a common set of lists for use in various Akamai security products such as Kona Site Defender, Web App Protector, and Bot Manager. This integration was integrated and tested with Network Lists API v2.0
Playbooks
- Akamai WAF Network list activate generic polling
Use Cases
- Get network list details - activations status, elements etc
- Create or remove network lists.
- Network list editing - add or remove elements.
- Network list activation.
Detailed Description
The Akamai WAF integration allows you to manage a common set of lists for use in various Akamai security products such as Kona Site Defender, Web App Protector, and Bot Manager. Network lists are shared sets of IP addresses, CIDR blocks, or broad geographic areas. Along with managing your own lists, you can also access read-only lists that Akamai dynamically updates for you.
API keys generating steps
- Open Control panel and login with admin account.
- Open
identity and access managementmenu. - Create
new api client for me - Assign API key to the relevant users group, and assign on next page
Read/Writeaccess forNetwork Lists. - Save configuration and go to API detail you created.
- Press
new credentialsand download or copy it. - Now use the credentials for configure Akamai WAF in Demisto
Configure Akamai WAF on Demisto
- Navigate to Settings > Integrations > Servers & Services.
- Search for Akamai WAF.
- Click Add instance to create and configure a new integration instance.
- Name: a textual name for the integration instance.
- Server URL (e.g., https://example.net)
- Client token
- Access token
- Client secret
- Trust any certificate (not secure)
- Use system proxy settings
- Click Test to validate the new instance.
Commands
You can execute these commands from the Demisto CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
- Returns a list of all network lists available for an authenticated user who belongs to a group: akamai-get-network-lists
- Gets a network list by the network list ID: akamai-get-network-list-by-id
- Creates a new network list. Supports TXT file upload for elements: akamai-create-network-list
- Deletes the specified network list: akamai-delete-network-list
- Activates a network list on the specified environment: akamai-activate-network-list
- Adds elements to the specified network list: akamai-add-elements-to-network-list
- Removes elements from the specified network list: akamai-remove-element-from-network-list
- Production or staging:Get network list activation status in akamai-get-network-list-activation-status
akamai-get-network-lists
Returns a list of all network lists available for an authenticated user who belongs to a group.
Base Command
akamai-get-network-lists
Input
| Argument Name | Description | Required |
|---|---|---|
| list_type | The network list type by which to filter the results. Can be "IP" or "GEO". | Optional |
| search | The query by which to search for list names and list items. | Optional |
Context Output
| Path | Type | Description |
|---|---|---|
| Akamai.NetworkLists.Name | String | The network list name. |
| Akamai.NetworkLists.Type | String | The network list type. |
| Akamai.NetworkLists.UniqueID | String | The network list unique ID. |
| Akamai.NetworkLists.ElementCount | String | The network list elements coun.t |
| Akamai.NetworkLists.CreateDate | Date | The network list creation date. |
| Akamai.NetworkLists.CreatedBy | String | The network list creator. |
| Akamai.NetworkLists.ExpeditedProductionActivationStatus | String | The expedited production activation status. |
| Akamai.NetworkLists.ExpeditedStagingActivationStatus | String | The expedited staging activation status. |
| Akamai.NetworkLists.ProductionActivationStatus | String | The production activation status. |
| Akamai.NetworkLists.StagingActivationStatus | String | The staging activation status. |
| Akamai.NetworkLists.UpdateDate | String | The date that the network list was updated. |
| Akamai.NetworkLists.UpdatedBy | String | The last user that updated the network list. |
| Akamai.NetworkLists.Elements | String | The number of elements in the list. |
Command Example
!akamai-get-network-lists
!akamai-get-network-lists type=IP search="192.168.0.1"
!akamai-get-network-lists type=GEO search=IL
Context Example
Human Readable Output
Akamai WAF - network lists
| Element count | Name | The production Activation Status | The staging Activation Status | Type | Unique ID | Updated by |
|---|---|---|---|---|---|---|
| 2 | Test | PENDING_ACTIVATION | INACTIVE | IP | uniqe_id | user |
| 1 | test | INACTIVE | INACTIVE | IP | uniqe_id | user |
akamai-get-network-list-by-id
Gets a network list by the network list ID.
Base Command
akamai-get-network-list-by-id
Input
| Argument Name | Description | Required |
|---|---|---|
| network_list_id | The network list ID | Required |
Context Output
| Path | Type | Description |
|---|---|---|
| Akamai.NetworkLists.Name | String | The network list name. |
| Akamai.NetworkLists.Type | String | The network list type. |
| Akamai.NetworkLists.UniqueID | String | The network list unique ID. |
| Akamai.NetworkLists.ElementCount | String | The network list elements. |
| Akamai.NetworkLists.CreateDate | Date | The network list creation date. |
| Akamai.NetworkLists.CreatedBy | String | The network list creator. |
| Akamai.NetworkLists.ExpeditedProductionActivationStatus | String | The expedited production activation status. |
| Akamai.NetworkLists.ExpeditedStagingActivationStatus | String | The expedited staging activation status. |
| Akamai.NetworkLists.ProductionActivationStatus | String | The production activation status. |
| Akamai.NetworkLists.StagingActivationStatus | String | The staging activation status. |
| Akamai.NetworkLists.UpdateDate | String | The date that the network list was updated. |
| Akamai.NetworkLists.UpdatedBy | String | The last user that updated the network list. |
| Akamai.NetworkLists.Elements | String | The number of elements in the list. |
Command Example
!akamai-get-network-list-by-id network_list_id=69988_TEST
Context Example
Human Readable Output
Akamai WAF - network list 69988_TEST
| Element count | Name | The production Activation Status | The staging Activation Status | Type | Unique ID | Updated by |
|---|---|---|---|---|---|---|
| 2 | Test | PENDING_ACTIVATION | INACTIVE | IP | uique_id | user |
akamai-create-network-list
Creates a new network list. Supports TXT file upload for elements.
Base Command
akamai-create-network-list
Input
| Argument Name | Description | Required |
|---|---|---|
| list_name | The network list name | Required |
| list_type | The network list type | Required |
| elements | The network list elements | Optional |
| entry_id | The War Room entry ID of the sample file. | Optional |
| description | The network list description | Optional |
Context Output
| Path | Type | Description |
|---|---|---|
| Akamai.NetworkLists.Name | String | The network list name. |
| Akamai.NetworkLists.UniqueID | String | The ID of the network list to create. |
| Akamai.NetworkLists.Type | String | The network list type. |
| Akamai.NetworkLists.ElementCount | Number | Number of element in the list. |
| Akamai.NetworkLists.Elements | String | Elements in the list. |
Command Example
!akamai-create-network-list list_name=test list_type=IP description=test elements=8.8.8.8
Context Example
Human Readable Output
Akamai WAF - network list test created successfully
| Name | Type | Unique ID |
|---|---|---|
| test | IP | 70548_TEST |
akamai-delete-network-list
Deletes the specified network list.
Base Command
akamai-delete-network-list
Input
| Argument Name | Description | Required |
|---|---|---|
| network_list_id | The ID of the network list to delete. | Required |
Context Output
There are no context output for this command.
Command Example
!akamai-delete-network-list network_list_id=69856_NEW
Context Example
Human Readable Output
Akamai WAF - network list 69856_NEW deleted.
akamai-activate-network-list
Activates a network list on the specified environment.
Base Command
akamai-activate-network-list
Input
| Argument Name | Description | Required |
|---|---|---|
| network_list_id | The ID of the network to activate-can be list of network lists | Required |
| env | The environment type to activate the network list. Can be "STAGING" OR 'PRODUCTION". | Required |
| comment | A comment to be logged. | Optional |
| notify | A comma-separated list of email addresses. | Optional |
Context Output
There are no context output for this command.
Command Example
!akamai-activate-network-list network_list_id=69988_TEST,69989_TEST env=PRODUCTION comment=test
Context Example
Human Readable Output
Akamai WAF - network list 69988_TEST activated on PRODUCTION successfully Akamai WAF - network list 69989_TEST already active on PRODUCTION
akamai-add-elements-to-network-list
Adds elements to the specified network list.
Base Command
akamai-add-elements-to-network-list
Input
| Argument Name | Description | Required |
|---|---|---|
| network_list_id | The network list ID | Required |
| entry_id | The War Room entry ID of the sample file. | Optional |
| elements | A comma-separated list of elements to add to the network list. | Optional |
Context Output
There are no context output for this command.
Command Example
!akamai-add-elements-to-network-list network_list_id=69988_TEST elements="8.8.8.8, 9.9.9.9"
Context Example
Human Readable Output
Akamai WAF - elements added to network list 69988_TEST successfully
| elements |
|---|
| 8.8.8.8, 9.9.9.9 |
akamai-remove-element-from-network-list
Removes elements from the specified network list.
Base Command
akamai-remove-element-from-network-list
Input
| Argument Name | Description | Required |
|---|---|---|
| network_list_id | The ID of the network list from which to remove elements. | Required |
| element | The element to remove from the network list. | Required |
Context Output
There are no context output for this command.
Command Example
!akamai-remove-element-from-network-list network_list_id=69988_TEST element=8.8.8.8
Context Example
Human Readable Output
Akamai WAF - element 8.8.8.8 removed from network list 69988_TEST successfully
akamai-get-network-list-activation-status
Gets the activation status of the specified network list
Base Command
akamai-get-network-list-activation-status
Input
| Argument Name | Description | Required |
|---|---|---|
| network_list_ids | The ID of the network list for which to get the activation status - Accept list of network lists | Required |
| env | The environment type. Can be "PRODUCTION" or "STAGING". | Required |
Context Output
| Path | Type | Description |
|---|---|---|
| Akamai.NetworkLists.ActivationStatus.UniqueID | String | The network list name. |
| Akamai.NetworkLists.ActivationStatus.Status | String | The network list enviorment activation status. |
| Akamai.NetworkLists.ActivationStatus.Enviorment | String | TThe network list enviorment. |
Command Example
!akamai-get-network-list-activation-status network_list_id=69988_TEST env=PRODUCTION
!akamai-get-network-list-activation-status network_list_id=69988_TEST, 69989_TEST env=PRODUCTION
Context Example
Human Readable Output
Akamai WAF - network list 69988_TEST is PENDING_ACTIVATION in PRODUCTION Akamai WAF - network list 69989_TEST canot be found