Skip to main content

Imperva Incapsula

This Integration is part of the Imperva Incapsula Pack.#

Uses incapsula to manage sites and IPs.

Configure Imperva Incapsula in Cortex#

ParameterRequired
API IDTrue
API keyTrue
Use system proxy settingsFalse

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

incap-add-managed-account#


Use this operation to add a new account that should be managed by the account of the API client (the parent account). The new account will be configured according to the preferences set for the parent account by Incapsula. Depending on these preferences, an activation e-mail will be sent to the specified e-mail address. The user responds to the activation e-mail, selects a password, and can then log directly into the Incapsula console. The same e-mail address can also be used to send system notifications to the account. The new account is identified by a numeric value as provided by Incapsula in the response in the field account_id.

Base Command#

incap-add-managed-account

Input#

Argument NameDescriptionRequired
emailEmail address. For example: "joe@example.com".Required
parent_idThe newly created account's parent id. If not specified, the invoking account will be assigned as the parent.Optional
user_nameThe account owner's name. For example: 'John Doe'.Optional
plan_idAn identifier of the plan to assign to the new account. For example, ent100 for the Enterprise 100 plan.Optional
ref_idCustomer specific identifier for this operation.Optional
account_nameAccount name.Optional
log_levelAvailable only for Enterprise Plan customers that purchased the Logs Integration SKU. Sets the log reporting level for the site. Options are “full”, “security”, “none” and "default".Optional
logs_account_idAvailable only for Enterprise Plan customers that purchased the Logs Integration SKU. Numeric identifier of the account that purchased the logs integration SKU and which collects the logs. If not specified, operation will be performed on the account identified by the authentication parameters.Optional

Context Output#

There is no context output for this command.

incap-list-managed-accounts#


Use this operation to get the list of accounts that are managed by account of the API client (the parent account).

Base Command#

incap-list-managed-accounts

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.Optional
page_sizeThe number of objects to return in the response.
Default: 50
Maximum: 100.
Optional
page_numThe page to return starting from 0. Default: 0.Optional

Context Output#

There is no context output for this command.

incap-add-subaccount#


Use this operation to add a new sub account to be managed by the account of the API client (the parent account).

Base Command#

incap-add-subaccount

Input#

Argument NameDescriptionRequired
sub_account_nameThe name of the sub account.Required
parent_idThe newly created account's parent id. If not specified, the invoking account will be assigned as the parent.Optional
user_nameThe account owner's name. For example: 'John Doe'.Optional
ref_idCustomer specific identifier for this operation.Optional
log_levelAvailable only for Enterprise Plan customers that purchased the Logs Integration SKU. Sets the log reporting level for the site. Options are “full”, “security”, “none” and "default".Optional
logs_account_idAvailable only for Enterprise Plan customers that purchased the Logs Integration SKU. Numeric identifier of the account that purchased the logs integration SKU and which collects the logs. If not specified, operation will be performed on the account identified by the authentication parameters.Optional

Context Output#

There is no context output for this command.

incap-list-subaccounts#


Use this operation to get a list of sub accounts that are managed by the account of the API client (the parent account).

Base Command#

incap-list-subaccounts

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.Optional
page_sizeThe number of objects to return in the response.
Default: 50
Maximum: 100.
Optional
page_numThe page to return starting from 0. Default: 0.Optional

Context Output#

There is no context output for this command.

incap-get-account-status#


Use this operation to get information about the account of the API client or one of its managed accounts.

Base Command#

incap-get-account-status

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.Optional

Context Output#

There is no context output for this command.

incap-modify-account-configuration#


Use this operation to change the configuration of the account of the API client or one of its managed accounts.

Base Command#

incap-modify-account-configuration

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.Optional
paramName of the configuration parameter to set.
Possible values: name | email | plan_id | error_page_template | support_all_tls_versions. Possible values are: name, email, plan_id, error_page_template, support_all_tls_versions.
Required
valueAccording to the configuration paramater used.
For name - the updated name, for e-mail - the updated e-mail address.
For plan_id - a plan id.
For error_page_template - a Base64 encoded template for an error page.
For log_level - Available only for Enterprise Plan customers that purchased the Logs Integration SKU. Sets the log reporting level for the site. Possible values: full, security, none, default
For support_all_tls_versions - Use this operation to allow sites in the account to support all TLS versions for connectivity between clients (visitors) and the Incapsula service. When this option is set, you can then enable the option per site to support all TLS versions. Possible values: true, false. Note: To remain PCI-compliant, do not enable this option.
Required

Context Output#

There is no context output for this command.

incap-set-account-log-level#


Use this operation to change the account log configuration.

Base Command#

incap-set-account-log-level

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.Optional
log_levelSets the log reporting level for the site.
Possible values: full, security, none, default
Available only for Enterprise Plan customers that purchased the Log Integration SKU. Possible values are: full, security, none, default, support_all_tls_versions.
Required

Context Output#

There is no context output for this command.

incap-test-account-s3-connection#


Use this operation to check that a connection can be created with your Amazon S3 bucket.

Base Command#

incap-test-account-s3-connection

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on.Required
bucket_nameS3 bucket name.Required
access_keyS3 access key.Required
secret_key3 secret key.Required
save_on_successSave this configuration if the test connection was successful. Default value: false. Possible values are: true, false.Optional

Context Output#

There is no context output for this command.

incap-test-account-sftp-connection#


Use this operation to check that a connection can be created with your SFTP storage.

Base Command#

incap-test-account-sftp-connection

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on.Required
hostThe IP address of your SFTP server.Required
user_nameA user name that will be used to log in to the SFTP server.Required
passwordA corresponding password for the user account used to log in to the SFTP server.Required
destination_folderThe path to the directory on the SFTP server.Required
save_on_successSave this configuration if the test connection was successful. Default value: false. Possible values are: true, false.Optional

Context Output#

There is no context output for this command.

incap-set-account-s3-log-storage#


Use this operation to configure your Amazon cloud storage. Once configured, Incapsula logs will be uploaded to the selected location.

Base Command#

incap-set-account-s3-log-storage

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on.Required
bucket_nameS3 bucket name.Required
access_keyS3 access key.Required
secret_key3 secret key.Required

Context Output#

There is no context output for this command.

incap-set-account-sftp-log-storage#


Use this operation to configure your SFTP server storage. Once configured, Incapsula logs will be uploaded to the selected location.

Base Command#

incap-set-account-sftp-log-storage

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on.Required
hostThe IP address of your SFTP server.Required
user_nameA user name that will be used to log in to the SFTP server.Required
passwordA corresponding password for the user account used to log in to the SFTP server.Required
destination_folderThe path to the directory on the SFTP server.Required

Context Output#

There is no context output for this command.

incap-set-account-default-log-storage#


Use this operation to have your logs saved on Incapsula servers. Once configured, the logs can be retrieved by API calls.

Base Command#

incap-set-account-default-log-storage

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on.Required

Context Output#

There is no context output for this command.

incap-get-account-login-token#


Tokens are used instead of user/password based authentication to log in to the Incapsula management console. Use this operation to generate a token for an account. The token is valid for 15 minutes. In order to use the token, the user must use the following link: https://my.incapsula.com/?token={generated_token}

Base Command#

incap-get-account-login-token

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.Optional

Context Output#

There is no context output for this command.

incap-delete-managed-account#


Use this operation to delete an account.

Base Command#

incap-delete-managed-account

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on.Optional

Context Output#

There is no context output for this command.

incap-delete-subaccount#


Use this operation to delete a sub account.

Base Command#

incap-delete-subaccount

Input#

Argument NameDescriptionRequired
sub_account_idNumeric identifier of the sub account to operate on.Required

Context Output#

There is no context output for this command.

incap-get-account-audit-events#


Use this operation to get audit events for an account.

Base Command#

incap-get-account-audit-events

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.Optional
time_rangeTime range to fetch data for. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm.Optional
startStart date in milliseconds since 1970. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm.Optional
endEnd date in milliseconds since 1970. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm.Optional
typeThe api key of the event type, such as audit.account_login.Optional
page_sizeThe number of objects to return in the response.
Default: 50.
Maximum: 100.
Optional
page_numThe page to return starting from 0. Default: 0.Optional

Context Output#

There is no context output for this command.

incap-set-account-default-data-storage-region#


Use this operation to set the default data region of the account for newly created sites.

Base Command#

incap-set-account-default-data-storage-region

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on.Required
data_storage_regionThe data region to use. Possible values are: APAC, EU, US, DEFAULT.Optional

Context Output#

There is no context output for this command.

incap-get-account-default-data-storage-region#


Use this operation to get the default data region of the account.

Base Command#

incap-get-account-default-data-storage-region

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on.Required

Context Output#

There is no context output for this command.

incap-add-site#


Add a new site to an account. If the site already exists, its status is returned

Base Command#

incap-add-site

Input#

Argument NameDescriptionRequired
domainThe domain name of the site. For example: www.example.com, hello.example.com, example.com.Required
account_idNumeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.Optional
ref_idCustomer specific identifier for this operation.Optional
send_site_setup_emailsIf this value is "false", end users will not get emails about the add site process such as "DNS instructions" and "SSL setup".Optional
site_ipManually set the web server IP/cname. This option is only available for specific accounts. Please contact support for more details.Optional
force_sslIf this value is "true", manually set the site to support SSL. This option is only available for sites with manually configured IP/cname and for specific accounts. Please contact support for more details.Optional
log_levelAvailable only for Enterprise Plan customers that purchased the Logs Integration SKU. Sets the log reporting level for the site. Options are “full”, “security”, “none” and "default".Optional
logs_account_idAvailable only for Enterprise Plan customers that purchased the Logs Integration SKU. Numeric identifier of the account that purchased the logs integration SKU and which collects the logs. If not specified, operation will be performed on the account identified by the authentication parameters.Optional

Context Output#

There is no context output for this command.

incap-get-site-status#


Use this operation to get the status of a site

Base Command#

incap-get-site-status

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
testsList of tests to run on site before returning its status. A comma separated list of one of: domain_validation, services, dns.Optional

Context Output#

There is no context output for this command.

incap-get-domain-approver-email#


Use this operation to get the list of email addresses that can be used when adding an SSL site

Base Command#

incap-get-domain-approver-email

Input#

Argument NameDescriptionRequired
domainThe domain name of the site. For example: www.example.com, hello.example.com, example.com.Optional

Context Output#

There is no context output for this command.

incap-modify-site-configuration#


Use this operation to change one of the basic configuration settings of the site. To watch param table, visit https://my.incapsula.com/api/docs/v1/sites#modifySiteConfig

Base Command#

incap-modify-site-configuration

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
paramName of configuration parameter to set.Required
valueAccording to the param value.Required

Context Output#

There is no context output for this command.

incap-modify-site-log-level#


Use this operation to change the site log configuration

Base Command#

incap-modify-site-log-level

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
log_levelAvailable only for Enterprise Plan customers that purchased the Logs Integration SKU. Sets the log reporting level for the site. Options are “full”, “security”, “none” and "default".Optional

Context Output#

There is no context output for this command.

incap-modify-site-tls-support#


Use this operation to support all TLS versions for the site for connectivity between clients (visitors) and the Incapsula service. To remain PCI-compliant, do not enable this option.

Base Command#

incap-modify-site-tls-support

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
support_all_tls_versionsSupport all TLS versions. Default value: false. Possible values are: true, false.Required

Context Output#

There is no context output for this command.

incap-modify-site-scurity-config#


Use this operation to change the security configuration of a site

Base Command#

incap-modify-site-scurity-config

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
rule_idID of the security rule to change. For possible values see the security section in the Get Site Status API call.Required
block_bad_botsWhether or not to block bad bots. One of: true, false.Optional
challenge_suspected_botsWhether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). One of: true, false.Optional
activation_modeOne of the following: off (security measures are disabled even if site is under a DDoS attack), auto (security measures will be activated automatically when the system suspects site is under a DDoS attack), on (security measures are enabled even if site is not under a DDoS attack). The syntax is as follows: api.threats.ddos.activation_mode.( e.g. for "off", use "api.threats.ddos.activation_mode.off" ).Optional
security_rule_actionThe action that should be taken when a threat is detected, for example: api.threats.action.block_ip. Different actions are allowed per different threats, e.g. backdoors may only be quarantined, ignored or trigger an alert. For possible values see below.Optional
quarantined_urlsA comma seperated list of encoded URLs to be kept in quarantine.Optional
ddos_traffic_thresholdConsider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000.Optional

Context Output#

There is no context output for this command.

incap-modify-site-acl-config#


Use this operation to change the ACL configuration of a site. To modify the configuration for a specific ACL rule, its values are required, as documented below. To delete an entire ACL list, send an empty string as the list values

Base Command#

incap-modify-site-acl-config

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
rule_idThe id of the acl, e.g api.acl.blacklisted_ips. One of: api.acl.blacklisted_countries, api.acl.blacklisted_urls, api.acl.blacklisted_ips, api.acl.whitelisted_ips.Required
urlsA comma separated list of resource paths. For example, /home and /admin/index.html are resource paths, however http://www.example.com/home is not. Each URL should be encoded separately using percent encoding as specified by RFC 3986 (http://tools.ietf.org/html/rfc3986#section-2.1). An empty URL list will remove all URLs.Optional
url_patternsA comma seperated list of url patterns, one of: contains | equals | prefix | suffix | not_equals | not_contain | not_prefix | not_suffix. The patterns should be in accordance with the matching urls sent by the urls parameter.Optional
countriesA comma seperated list of country codes.Optional
continentsA comma seperated list of continent codes.Optional
ipsA comma seperated list of IPs or IP ranges, e.g: 192.168.1.1, 192.168.1.1-192.168.1.100 or 192.168.1.1/24.Optional

Context Output#

There is no context output for this command.

incap-modify-site-wl-config#


Use this operation to set allow lists to security rules or ACLs. To update an existing allow list, send its ID in the id parameter. If the id parameter does not exist a new allow list will be created

Base Command#

incap-modify-site-wl-config

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
rule_idThe id of the rule (either a security or an acl rule), e.g api.acl.blacklisted_ips. See other examples below.Required
whitelist_idThe id (an integer) of the allow list to be set. This field is optional - in case no id is supplied, a new allow list will be created.Optional
delete_whitelistAn optional boolean parameter, in case it is set to "true" and a allow list id is sent, then the allow list will be deleted.Optional
urlsA comma separated list of resource paths. For example, /home and /admin/index.html are resource paths, however http://www.example.com/home is not. Each URL should be encoded separately using percent encoding as specified by RFC 3986 (http://tools.ietf.org/html/rfc3986#section-2.1). An empty URL list will remove all URLs.Optional
countriesA comma seperated list of country codes.Optional
continentsA comma seperated list of continent codes.Optional
ipsA comma seperated list of IPs or IP ranges, e.g: 192.168.1.1, 192.168.1.1-192.168.1.100 or 192.168.1.1/24.Optional
client_app_typesA comma seperated list of client application types.Optional
client_appsA comma seperated list of client application ids.Optional
parametersA comma seperated list of encoded user agents.Optional
user_agentsA comma seperated list of encoded user agents.Optional

Context Output#

There is no context output for this command.

incap-delete-site#


Delete the site

Base Command#

incap-delete-site

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required

Context Output#

There is no context output for this command.

incap-list-sites#


List sites for an account

Base Command#

incap-list-sites

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.Optional
page_sizeThe number of objects to return in the response. Defaults to 50.Optional
page_numThe page to return starting from 0. Default to 0.Optional

Context Output#

There is no context output for this command.

incap-get-site-report#


Use this operation to get a report for a site. Reports are sent using Base64 encoding

Base Command#

incap-get-site-report

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
reportThe report to get, one of: pci-compliance.Required
formatThe format to get the report in, one of: pdf | html.Required
time_rangeTime range to fetch data for. See the introduction of the API documentation for a detailed description.Required
startStart date in milliseconds since 1970. See the introduction of the API documentation for a detailed description.Optional
endEnd date in milliseconds since 1970. See the introduction of the API documentation for a detailed description.Optional

Context Output#

There is no context output for this command.

incap-get-site-html-injection-rules#


Use this operation to list all the HTML Injection rules.

Base Command#

incap-get-site-html-injection-rules

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required

Context Output#

There is no context output for this command.

incap-add-site-html-injection-rule#


Use this operation to add a new HTML injection rule or to replace an existing rule.

Base Command#

incap-add-site-html-injection-rule

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
urlThe URL where the content is injected.Required
url_patternThe url pattern. One of: contains | not_contains | equals | not_equals | prefix | suffix | not_prefix | not_suffix. Possible values are: contains, not_contains, equals, not_equals, prefix, suffix, not_prefix, not_suffix.Required
locationThe location of the injection inside the URL ('head' or 'body_end'). Possible values are: head, body_end.Required
contentThe injected HTML snippet, Base64-encoded.Optional

Context Output#

There is no context output for this command.

incap-delete-site-html-injection-rule#


Use this operation to removes an existing HTML injection rule. To confirm the removal, set the parameter delete_content to true.

Base Command#

incap-delete-site-html-injection-rule

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
urlThe URL where the content is injected.Required
url_patternThe url pattern. One of: contains | not_contains | equals | not_equals | prefix | suffix | not_prefix | not_suffix. Possible values are: contains, not_contains, equals, not_equals, prefix, suffix, not_prefix, not_suffix.Required
locationThe location of the injection inside the URL ('head' or 'body_end'). Possible values are: head, body_end.Required
delete_contentWhether or not to delete existing HTML content. Possible values: true/false. Possible values are: true, false.Optional

Context Output#

There is no context output for this command.

incap-create-new-csr#


Use this operation to create a certificate signing request (CSR) for your site

Base Command#

incap-create-new-csr

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
emailEmail address. For example: joe@example.com.Optional
organizationThe legal name of your organization. This should not be abbreviated or include suffixes such as Inc., Corp., or LLC.Optional
organization_unitThe division of your organization handling the certificate. For example, "IT Department".Optional
countryThe two-letter ISO code for the country where your organization is located.Optional
stateThe state/region where your organization is located. This should not be abbreviated.Optional
cityThe city where your organization is located.Optional

Context Output#

There is no context output for this command.

incap-upload-certificate#


Use this operation to upload custom certificate for your site. The following SSL certificate file formats are supported: PFX, PEM, CER

Base Command#

incap-upload-certificate

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate o.Required
certificateThe new certificate.Required
private_keyThe private key of the certificate in base64 format. Optional in case of PFX certificate file format.Optional
passphraseThe passphrase used to protect your SSL certificate.Optional

Context Output#

There is no context output for this command.

incap-remove-custom-integration#


Use this operation to remove custom certificate

Base Command#

incap-remove-custom-integration

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required

Context Output#

There is no context output for this command.

incap-move-site#


Use this operation to move a site from one account to another. You can move a site from a master account to one of its sub accounts, or from one sub account to another.

Base Command#

incap-move-site

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
destination_account_idThe numeric identifier of the account which the site will be moved to.Required

Context Output#

There is no context output for this command.

incap-check-compliance#


Check site’s associated SANs for CAA compliance. If a given SAN is compliant, its SSL domain validation status is updated accordingly. This operation returns an updated list of the site’s associated SANs that are not compliant. An empty list indicates that all SANs are compliant.

Base Command#

incap-check-compliance

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required

Context Output#

There is no context output for this command.

incap-set-site-data-storage-region#


Use this operation to set the site's data storage region.

Base Command#

incap-set-site-data-storage-region

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
data_storage_regionThe data region to use. Possible values are: APAC, EU, US.Required

Context Output#

There is no context output for this command.

incap-get-site-data-storage-region#


Use this operation to get the site's data storage region.

Base Command#

incap-get-site-data-storage-region

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required

Context Output#

There is no context output for this command.

incap-set-site-data-storage-region-geo-override#


Use this operation to set the data storage region for each new site based on the geolocation of the origin server.

Base Command#

incap-set-site-data-storage-region-geo-override

Input#

Argument NameDescriptionRequired
override_site_regions_by_geoA boolean parameter. If it is set to "true", the data storage region for each new site will be based on the geolocation of the origin server. Possible values are: true, false.Required
account_idNumeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.Optional

Context Output#

There is no context output for this command.

incap-get-site-data-storage-region-geo-override#


Use this operation to check if the data storage region for each new site is based on the geolocation of the origin server.

Base Command#

incap-get-site-data-storage-region-geo-override

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.Optional

Context Output#

There is no context output for this command.

incap-purge-site-cache#


Use this operation to purge all cached content on our proxy servers for a specific site. Our Proxy servers keep cached content of your sites in order to accelerate page load times for your users. When you want this cached content to be refreshed (for example, after making adjustments in your site) you can use this API call. In order to purge the entire cached content for this site just use the API call with no parameters. If you want to purge a specific resource add the resource name as parameter

Base Command#

incap-purge-site-cache

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
purge_patternThe pattern of the resource to be purged from the cache. For example: (1) Resource_name - resources that contain Resource_name will be purged, (2) ^Resource_name - resources that start with Resource_name will be purged, and (3) Resource_name$ - resources that end with Resource_name will be purged.Optional

Context Output#

There is no context output for this command.

incap-modify-cache-mode#


Use this operation to edit basic site caching settings

Base Command#

incap-modify-cache-mode

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
cache_modedisable | static_only | static_and_dynamic | aggressive : default Static_Only.Required
dynamic_cache_durationProfile dynamic pages and cache duration, pass number followed by "_" and one of: hr | min | sec | days | weeks: default: 5_min.Optional
aggressive_cache_durationCache resource duration, pass number followed by "_" and one of: hr | min | sec | days | weeks: default: 1_hr.Optional

Context Output#

There is no context output for this command.

incap-purge-resources#


Use this operation to purge site resources

Base Command#

incap-purge-resources

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
resource_urlComma seperated list of URLs where the resource is located.Optional
resource_patternComma seperated list of pattern, one of: contains | equals | prefix | suffix | not_equals | not_contains | not_prefix | not_suffix.Optional
should_purge_all_site_resourcesShould purge all cached resources on site.Optional

Context Output#

There is no context output for this command.

incap-modify-caching-rules#


Use this operation to set-up advanced caching rules

Base Command#

incap-modify-caching-rules

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
always_cache_resource_urlComma seperated list of always cache resources url.Optional
always_cache_resource_patternComma seperated list of always cache resources pattern, one of: contains | equals | prefix | suffix | not_equals | not_contains | not_prefix | not_suffix.Optional
always_cache_resource_durationDuration that resources will be in cache, pass number followed by "_" and one of: hr | min | sec | days | weeks. Either provide a comma seperated list of duration expressions, matching the number of always cache rules, or a single duration expression to be used for all always cache rules.Optional
never_cache_resource_urlComma seperated list of never cache resources url.Optional
never_cahce_resource_patternComma seperated list of cached headers seperated with comma.Optional
clear_always_cache_rulesAn optional boolean parameter, in case it is set to "true", the site's always cache rules will be cleared.Optional
clear_never_cache_rulesAn optional boolean parameter, in case it is set to "true", the site's never cache rules will be cleared.Optional
clear_cache_headers_rulesAn optional boolean parameter, in case it is set to "true", the site's cache headers rules will be cleared.Optional

Context Output#

There is no context output for this command.

incap-set-advanced-caching-settings#


Use this operation to modify advanced caching settings. For more information, https://my.incapsula.com/api/docs/v1/sites#modifyAdvancedCachingSettings

Base Command#

incap-set-advanced-caching-settings

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
paramName of configuration parameter to set.Optional
valueAccording to the param value.Optional

Context Output#

There is no context output for this command.

incap-purge-hostname-from-cache#


Use this operation to purge the hostname from the cache. This API is for customers who use the same CNAME provided by Incapsula for multiple hostnames and would like to change the CNAME for a particular hostname. Purging the hostname is required for the CNAME change to take effect

Base Command#

incap-purge-hostname-from-cache

Input#

Argument NameDescriptionRequired
host_nameThe hostname to purge from cache.Required

Context Output#

There is no context output for this command.

incap-site-get-xray-link#


Use this operation to get a URL that enables debug headers on a specific site.

Base Command#

incap-site-get-xray-link

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required

Context Output#

There is no context output for this command.

incap-list-site-rule-revisions#


Use this operation to list revisions of a rule (Delivery Rules or IncapRules).

Base Command#

incap-list-site-rule-revisions

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
rule_idRule ID.Required

Context Output#

There is no context output for this command.

incap-add-site-rule#


Use this operation to add a rule (Delivery Rules or IncapRules).

Base Command#

incap-add-site-rule

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
nameRule name.Optional
actionRule action. Possible values are: RULE_ACTION_REDIRECT, RULE_ACTION_REWRITE_URL, RULE_ACTION_REWRITE_HEADER, RULE_ACTION_REWRITE_COOKIE, RULE_ACTION_DELETE_HEADER, RULE_ACTION_DELETE_COOKIE, RULE_ACTION_FORWARD_TO_DC, RULE_ACTION_ALERT, RULE_ACTION_BLOCK, RULE_ACTION_BLOCK_USER, RULE_ACTION_BLOCK_IP, RULE_ACTION_RETRY, RULE_ACTION_INTRUSIVE_HTML, RULE_ACTION_CAPTCHA.Optional
filterRule will trigger only a request that matches this filter. For more details on filter guidelines, see https://docs.incapsula.com/Content/IncapRules/syntax-guide.htm
The filter may contain up to 400 characters.
Optional
response_codeRedirect rule's response code. Possible values are: 301, 302, 303, 307, 308.Optional
protocolProtocol.Optional
add_missingAdd cookie or header if it doesn't exist (Rewrite cookie rule only).Optional
fromThe pattern to rewrite.
RULE_ACTION_REWRITE_URL - The URL to rewrite.
RULE_ACTION_REWRITE_HEADER - The header value to rewrite.
RULE_ACTION_REWRITE_COOKIE - The cookie value to rewrite.
Optional
toThe pattern to change to.
RULE_ACTION_REWRITE_URL - The URL to change to.
RULE_ACTION_REWRITE_HEADER - The header value to change to.
RULE_ACTION_REWRITE_COOKIE - The cookie value to change to.
Optional
rewrite_nameName of cookie or header to rewrite. Applies only for RULE_ACTION_REWRITE_COOKIE and RULE_ACTION_REWRITE_HEADER.Optional
dc_idData center to forward request to. Applies only for RULE_ACTION_FORWARD_TO_DC.Optional
is_test_modeMake rule apply only for IP address the API request was sent from.Optional
lb_algorithmData center load balancing algorithm. Possible values are: LB_LEAST_PENDING_REQUESTS, LB_LEAST_OPEN_CONNECTIONS, LB_SOURCE_IP_HASH, RANDOM.Optional

Context Output#

There is no context output for this command.

incap-edit-site-rule#


Use this operation to edit an existing rule (Delivery Rules or IncapRules).

Base Command#

incap-edit-site-rule

Input#

Argument NameDescriptionRequired
rule_idRule ID.Required
nameRule name.Optional
actionRule action. Possible values are: RULE_ACTION_REDIRECT, RULE_ACTION_REWRITE_URL, RULE_ACTION_REWRITE_HEADER, RULE_ACTION_REWRITE_COOKIE, RULE_ACTION_DELETE_HEADER, RULE_ACTION_DELETE_COOKIE, RULE_ACTION_FORWARD_TO_DC, RULE_ACTION_ALERT, RULE_ACTION_BLOCK, RULE_ACTION_BLOCK_USER, RULE_ACTION_BLOCK_IP, RULE_ACTION_RETRY, RULE_ACTION_INTRUSIVE_HTML, RULE_ACTION_CAPTCHA.Optional
filterRule will trigger only a request that matches this filter. For more details on filter guidelines, see https://docs.incapsula.com/Content/IncapRules/syntax-guide.htm
The filter may contain up to 400 characters.
Optional
response_codeRedirect rule's response code. Possible values are: 301, 302, 303, 307, 308.Optional
protocolProtocol.Optional
add_missingAdd cookie or header if it doesn't exist (Rewrite cookie rule only).Optional
fromThe pattern to rewrite.
RULE_ACTION_REWRITE_URL - The URL to rewrite.
RULE_ACTION_REWRITE_HEADER - The header value to rewrite.
RULE_ACTION_REWRITE_COOKIE - The cookie value to rewrite.
Optional
toThe pattern to change to.
RULE_ACTION_REWRITE_URL - The URL to change to.
RULE_ACTION_REWRITE_HEADER - The header value to change to.
RULE_ACTION_REWRITE_COOKIE - The cookie value to change to.
Optional
rewrite_nameName of cookie or header to rewrite. Applies only for RULE_ACTION_REWRITE_COOKIE and RULE_ACTION_REWRITE_HEADER.Optional
dc_idData center to forward request to. Applies only for RULE_ACTION_FORWARD_TO_DC.Optional
is_test_modeMake rule apply only for IP address the API request was sent from.Optional
lb_algorithmData center load balancing algorithm. Possible values are: LB_LEAST_PENDING_REQUESTS, LB_LEAST_OPEN_CONNECTIONS, LB_SOURCE_IP_HASH, RANDOM.Optional

Context Output#

There is no context output for this command.

incap-enable-site-rule#


Use this operation to enable or disable a rule (Delivery Rules or IncapRules).

Base Command#

incap-enable-site-rule

Input#

Argument NameDescriptionRequired
rule_idRule ID.Required
nameRule name.Optional
enableWhen true, the rule will be enabled. Set to false to disable. Possible values are: true, false.Optional

Context Output#

There is no context output for this command.

incap-delete-site-rule#


Use this operation to delete a rule (Delivery Rules or IncapRules).

Base Command#

incap-delete-site-rule

Input#

Argument NameDescriptionRequired
rule_idRule ID.Required
nameRule name.Optional
enableWhen true, the rule will be enabled. Set to false to disable. Possible values are: true, false.Optional

Context Output#

There is no context output for this command.

incap-list-site-rules#


Use this operation to list rules (Delivery Rules and IncapRules) for a given site.

Base Command#

incap-list-site-rules

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
include_ad_rulesWhether or not delivery rules should be included. Defaults to "Yes". Possible values are: Yes, No.Optional
include_incap_rulesWhether or not security rules be included. Defaults to "Yes". Possible values are: Yes, No.Optional
page_sizeThe number of objects to return in the response.
Default is 50.
Maximum: 100.
Optional
page_numThe page to return starting from 0. Default is 0.Optional

Context Output#

There is no context output for this command.

incap-revert-site-rule#


Revert a rule (Delivery Rule or IncapRule) using an existing revision.

Base Command#

incap-revert-site-rule

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
rule_idRule ID.Required
revision_idID of the revision to revert to. Revision ID can be found using !incap-list-site-rule-revisions.Required

Context Output#

There is no context output for this command.

incap-set-site-rule-priority#


Use this operation to change a Delivery Rule's priority.

Base Command#

incap-set-site-rule-priority

Input#

Argument NameDescriptionRequired
rule_idRule ID.Required
priorityNew priority for the selected rule.Required

Context Output#

There is no context output for this command.

incap-add-site-datacenter#


Use this operation to add a data center to a site.

Base Command#

incap-add-site-datacenter

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
nameThe new data center's name.Required
server_addressThe server's address. Possible values: IP, CNAME.Required
is_enabledEnables the data center. Possible values are: true, false.Optional
is_contentThe data center will be available for specific resources (Forward Delivery Rules). Possible values are: true, false.Optional

Context Output#

There is no context output for this command.

incap-edit-site-datacenter#


Use this operation to edit a site's data center.

Base Command#

incap-edit-site-datacenter

Input#

Argument NameDescriptionRequired
dc_idThe data center's ID.Required
nameThe new data center's name.Optional
is_enabledEnables the data center. Possible values are: true, false.Optional
is_standbyDefines the data center as standby for failover. Possible values are: true, false.Optional
is_contentThe data center will be available for specific resources (Forward Delivery Rules). Possible values are: true, false.Optional

Context Output#

There is no context output for this command.

incap-delete-site-datacenter#


Use this operation to delete a site's data center.

Base Command#

incap-delete-site-datacenter

Input#

Argument NameDescriptionRequired
dc_idThe data center's ID.Required

Context Output#

There is no context output for this command.

incap-list-site-datacenters#


Use this operation to list a site's data centers including the data centers' servers.

Base Command#

incap-list-site-datacenters

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required

Context Output#

There is no context output for this command.

incap-add-site-datacenter-server#


Use this operation to add a server to a data center.

Base Command#

incap-add-site-datacenter-server

Input#

Argument NameDescriptionRequired
dc_idThe data center's ID.Required
server_addressThe server's address. Possible values: IP, CNAME.Required
nameThe new data center's name.Optional
is_standbySet the server as Active (P0) or Standby (P1) (Boolean). Possible values are: true, false.Optional

Context Output#

There is no context output for this command.

incap-edit-site-datacenter-server#


Use this operation to add a server to a data center.

Base Command#

incap-edit-site-datacenter-server

Input#

Argument NameDescriptionRequired
server_idServer ID.Required
server_addressThe server's address. Possible values: IP, CNAME.Required
nameThe new data center's name.Optional
is_enabledEnable or disable the server (Boolean). Possible values are: true, false.Optional
is_standbySet the server as Active (P0) or Standby (P1) (Boolean). Possible values are: true, false.Optional

Context Output#

There is no context output for this command.

incap-delete-site-datacenter-server#


Use this operation to delete a data center's server.

Base Command#

incap-delete-site-datacenter-server

Input#

Argument NameDescriptionRequired
server_idServer ID.Required

Context Output#

There is no context output for this command.

incap-get-statistics#


Use this operation to get site statistics for one or more sites. This operation may return multiple statistics, as specified in the stats parameter

Base Command#

incap-get-statistics

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to fetch data for. If not specified, data will be fetched for all site of the account identified by the authentication parameters.Optional
time_rangeTime range to fetch data for. See https://my.incapsula.com/api/docs/v1#timeRange.Required
startStart date in milliseconds since 1970. See the introduction of the API documentation for a detailed description.Optional
endEnd date in milliseconds since 1970. See the introduction of the API documentation for a detailed description.Optional
site_idNumeric identifier of the site to fetch data for. Multiple sites can be specified in a comma separated list. For example: 123,124,125.Optional
statsStatistics to fetch, see options at https://my.incapsula.com/api/docs/v1/data#getStats.Required
granularityTime interval in milliseconds between data points for time series stats. Default is 86400000 (1 day) for a range of less than 30 days and 259200000 (3 days) for a range of less than 90 days.Optional

Context Output#

There is no context output for this command.

incap-get-visits#


Use this operation to get a log of recent visits to a website. The visits are fetched in reverse chronological order, starting with the most recent visit. Not all visits are recorded - only visits with abnormal activity are recorded e.g. violation of security rules, visits from black-listed IPs/Countries, etc. A visit may still be updated even after it was retrieved. To avoid retrieving such visits and to retrieve only visits that will no longer be updated use the list_live_visits parameter

Base Command#

incap-get-visits

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
time_rangeTime range to fetch data for. Default is last_7_days.Optional
startStart date in milliseconds since 1970. See the introduction of the API documentation for a detailed description.Optional
endEnd date in milliseconds since 1970. See the introduction of the API documentation for a detailed description.Optional
page_sizeThe number of objects to return in the response. Defaults to 10.Optional
page_numFilter the sessions that were handled according to the security-related specifications. Multiple values are supported, e.g.: "api.threats.action.block_ip, api.threats.sql_injection".Optional
countryFilter the sessions coming from the specified country.Optional
ipFilter the sessions coming from the specified IP.Optional
visit_idComma separated list of visit IDs to load.Optional
list_live_visitsWhether or not to list visits that did not end and that may still be updated. One of: true | false. Default: true.Optional
securityFilter the sessions that were handled according to the security-related specifications. Multiple values are supported, e.g.: "api.threats.action.block_ip, api.threats.sql_injection".Optional

Context Output#

There is no context output for this command.

incap-upload-public-key#


Organizations that purchased the Security Logs Integration SKU can download security events created for their account and archive or push those events into their SIEM solution

Base Command#

incap-upload-public-key

Input#

Argument NameDescriptionRequired
config_idThe Logs Collector configuration identifier.Required
public_keyThe public key file(2048bit) in base64 format (without password protection).Required

Context Output#

There is no context output for this command.

incap-change-logs-collector-configuration#


Available only for Enterprise Plan customers that purchased the Security Logs Integration SKU. Use this operation to change the status of the Logs Collector configuration

Base Command#

incap-change-logs-collector-configuration

Input#

Argument NameDescriptionRequired
config_idThe Logs Collector configuration identifier.Required
logs_config_new_statusThe new configuration status of the Logs Collector. Values can be ACTIVE or SUSPENDED.Required

Context Output#

There is no context output for this command.

incap-get-infra-protection-statistics#


Use this operation to get Infrastructure Protection statistics for an account or IP range.

Base Command#

incap-get-infra-protection-statistics

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.Optional
ip_prefixSpecific Protected IP or IP range. For example, 1.1.1.0/24.Optional
trafficSpecific traffic. One of: Total, Passed, Blocked. Possible values are: Total, Passed, Blocked.Optional
traffic_typeA comma separated list of specific traffic types. Any of: UDP, TCP, DNS, DNS_RESPONSE, ICMP, SYN, FRAG, LARGE_SYN, NTP, NETFLOW, SSDP, GENERAL. Cannot be used together with the pop parameter.Optional
popA comma separated list of specific PoP names. For example: iad, tko. Cannot be used together with the traffic_type parameter. For the list of PoP codes and locations, see https://docs.incapsula.com/Content/read-more/pops.htm.Optional
startThe start date in milliseconds, since 1970. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm.Optional
endThe end date in milliseconds, since 1970. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm.Optional

Context Output#

PathTypeDescription
Imperva.EventStats.stats.payload.ipPrefixstringIP prefix
Imperva.EventStats.stats.payload.ipPrefixTypestringIP prefix type
Imperva.EventStats.stats.payload.trafficunknownTraffic state, such as blocked or passed

incap-get-infra-protection-events#


Use this operation to get Infrastructure Protection event information for an account.

Base Command#

incap-get-infra-protection-events

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters.Optional
event_typeA comma separated list of specific event types. Any of: GRE_TUNNEL_UP, GRE_TUNNEL_DOWN, ORIGIN_CONNECTION_GRE_UP, ORIGIN_CONNECTION_GRE_DOWN, ORIGIN_CONNECTION_ECX_UP, ORIGIN_CONNECTION_ECX_DOWN, ORIGIN_CONNECTION_CROSS_CONNECT_UP, ORIGIN_CONNECTION_CROSS_CONNECT_DOWN, DDOS_START_IP_RANGE, DDOS_STOP_IP_RANGE, DDOS_QUIET_TIME_IP_RANGE, EXPORTER_NO_DATA, EXPORTER_BAD_DATA, EXPORTER_GOOD_DATA, MONITORING_CRITICAL_ATTACK, PROTECTED_IP_STATUS_UP, PROTECTED_IP_STATUS_DOWN, PER_IP_DDOS_START_IP_RANGE.Optional
ip_prefixSpecific Protected IP or IP range. For example, 1.1.1.0/24.Optional
page_sizeThe number of objects to return in the response.
Default: 50
Maximum: 100.
Optional
page_numThe page to return starting from 0. Default: 0.Optional
startThe start date in milliseconds, since 1970. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm.Optional
endThe end date in milliseconds, since 1970. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm.Optional

Context Output#

There is no context output for this command.

incap-add-login-protect#


Use this operation to add Login Protect user for site

Base Command#

incap-add-login-protect

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on.Required
emailE-mail address, for example: "joe@example.com".Required
nameExample: John Smith.Optional
phonePhone number, country code - number, for example: "1-8662507659".Optional
is_email_verifiedWhether or not to skip E-Mail address verificaion.Optional
is_phone_verifiedWhether or not to skip phone address verificaion.Optional
should_send_activation_emailWhether or not to send activation E-Mail to user.Optional

Context Output#

There is no context output for this command.

incap-edit-login-protect#


Use this operation to edit Login Protect user's settings

Base Command#

incap-edit-login-protect

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on.Required
emailE-mail address, for example: "joe@example.com".Required
nameExample: John Smith.Optional
phonePhone number, country code - number, for example: "1-8662507659".Optional
is_email_verifiedWhether or not to skip E-Mail address verificaion.Optional
is_phone_verifiedWhether or not to skip phone address verificaion.Optional
should_send_activation_emailWhether or not to send activation E-Mail to user.Optional

Context Output#

There is no context output for this command.

incap-get-login-protect#


Use this operation to get the account's login protect user list

Base Command#

incap-get-login-protect

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on.Required

Context Output#

There is no context output for this command.

incap-remove-login-protect#


Use this operation to remove login protect user from account's user list

Base Command#

incap-remove-login-protect

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on.Required
emailE-mail address, for example: "joe@example.com".Required

Context Output#

There is no context output for this command.

incap-send-sms-to-user#


Use this operation to send SMS to login protect user

Base Command#

incap-send-sms-to-user

Input#

Argument NameDescriptionRequired
account_idNumeric identifier of the account to operate on.Required
emailE-mail address, for example: "joe@example.com".Optional
sms_textText that will be sent in SMS.Optional

Context Output#

There is no context output for this command.

incap-modify-login-protect#


Use this operation to change Login Protect settings for site

Base Command#

incap-modify-login-protect

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
enabledPass true to enable login protect on site, and false to disable it. Default is true.Optional
specific_users_listComma seperated E-Mail list to set login protect users for the site, if the list is empty all users will be allowed to access the site using Login Protect.Optional
send_lp_notificationsPass true to send notification on successful login using login protect. Default is false.Optional
allow_all_usersPass true to allow all login protect users to access the site. If you choose to allow only spesific list of users to access the site using Login Protect set this to false, and add the list to specific_user_list. Default value is true.Optional
authentication_methodsComma seperated list of allowed authentication methods sms | email | ga.Optional
urlsA comma separated list of resource paths. For example, /home and /admin/index.html are resource paths, however http://www.example.com/home is not. Each URL should be encoded separately using percent encoding as specified by RFC 3986 (http://tools.ietf.org/html/rfc3986#section-2.1). An empty URL list will remove all URLs.Optional
url_patternsA comma seperated list of url patterns, one of: contains | equals | prefix | suffix | not_equals | not_contain | not_prefix | not_suffix. The patterns should be in accordance with the matching urls sent by the urls parameter.Optional

Context Output#

There is no context output for this command.

incap-configure-app#


Use this operation to configure Login Protect on wordpress | joomla | phpbb admin areas

Base Command#

incap-configure-app

Input#

Argument NameDescriptionRequired
site_idNumeric identifier of the site to operate on.Required
protected_appProtect admin areas of joomla | wordpress | phpBB.Optional

Context Output#

There is no context output for this command.

incap-get-ip-ranges#


Use this operation to get the updated list of Incapsula IP ranges

Base Command#

incap-get-ip-ranges

Input#

Argument NameDescriptionRequired

Context Output#

There is no context output for this command.

incap-get-texts#


Use this operation to retrieve a list of all text messages that may be part of API responses

Base Command#

incap-get-texts

Input#

Argument NameDescriptionRequired

Context Output#

There is no context output for this command.

incap-get-geo-info#


Use this operation to retrieve a list of all the countries and continents codes

Base Command#

incap-get-geo-info

Input#

Argument NameDescriptionRequired

Context Output#

There is no context output for this command.

incap-get-app-info#


Use this operation to retrieve a list of all the client applications

Base Command#

incap-get-app-info

Input#

Argument NameDescriptionRequired

Context Output#

There is no context output for this command.

incap-get-infra-protection-top-items-table#


Use this operation to view the highest peak values and highest average values for a protected IP range during a selected time period

Base Command#

incap-get-infra-protection-top-items-table

Input#

Argument NameDescriptionRequired
ip_rangeThe customer's IP range.Required
range_typeOne of the following: BGP, NETFLOW, PROTECTED_IP. Possible values are: BGP, NETFLOW, PROTECTED_IP.Required
startThe start date in milliseconds, since 1970.Required
endThe end date in milliseconds, since 1970.Required
data_typeOne of the following: SRC_IP, DST_IP, SRC_PORT_PROTOCOL, DST_PORT_PROTOCOL. Possible values are: SRC_IP, DST_IP, SRC_PORT_PROTOCOL, DST_PORT_PROTOCOL.Required
metric_typeOne of the following: BW, PPS. Possible values are: BW, PPS.Required
mitigation_typeOne of the following: BLOCK, PASS. Possible values are: BLOCK, PASS.Required
aggregation_typeOne of the following: PEAK, AVERAGE. Possible values are: PEAK, AVERAGE.Required

Context Output#

There is no context output for this command.