Imperva Incapsula
Imperva Incapsula Pack.#
This Integration is part of theUses incapsula to manage sites and IPs.
#
Configure Imperva Incapsula in CortexParameter | Required |
---|---|
API ID | True |
API key | True |
Use system proxy settings | False |
#
CommandsYou can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
incap-add-managed-accountUse this operation to add a new account that should be managed by the account of the API client (the parent account). The new account will be configured according to the preferences set for the parent account by Incapsula. Depending on these preferences, an activation e-mail will be sent to the specified e-mail address. The user responds to the activation e-mail, selects a password, and can then log directly into the Incapsula console. The same e-mail address can also be used to send system notifications to the account. The new account is identified by a numeric value as provided by Incapsula in the response in the field account_id.
#
Base Commandincap-add-managed-account
#
InputArgument Name | Description | Required |
---|---|---|
Email address. For example: "joe@example.com". | Required | |
parent_id | The newly created account's parent id. If not specified, the invoking account will be assigned as the parent. | Optional |
user_name | The account owner's name. For example: 'John Doe'. | Optional |
plan_id | An identifier of the plan to assign to the new account. For example, ent100 for the Enterprise 100 plan. | Optional |
ref_id | Customer specific identifier for this operation. | Optional |
account_name | Account name. | Optional |
log_level | Available only for Enterprise Plan customers that purchased the Logs Integration SKU. Sets the log reporting level for the site. Options are “full”, “security”, “none” and "default". | Optional |
logs_account_id | Available only for Enterprise Plan customers that purchased the Logs Integration SKU. Numeric identifier of the account that purchased the logs integration SKU and which collects the logs. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-list-managed-accountsUse this operation to get the list of accounts that are managed by account of the API client (the parent account).
#
Base Commandincap-list-managed-accounts
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
page_size | The number of objects to return in the response. Default: 50 Maximum: 100. | Optional |
page_num | The page to return starting from 0. Default: 0. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-add-subaccountUse this operation to add a new sub account to be managed by the account of the API client (the parent account).
#
Base Commandincap-add-subaccount
#
InputArgument Name | Description | Required |
---|---|---|
sub_account_name | The name of the sub account. | Required |
parent_id | The newly created account's parent id. If not specified, the invoking account will be assigned as the parent. | Optional |
user_name | The account owner's name. For example: 'John Doe'. | Optional |
ref_id | Customer specific identifier for this operation. | Optional |
log_level | Available only for Enterprise Plan customers that purchased the Logs Integration SKU. Sets the log reporting level for the site. Options are “full”, “security”, “none” and "default". | Optional |
logs_account_id | Available only for Enterprise Plan customers that purchased the Logs Integration SKU. Numeric identifier of the account that purchased the logs integration SKU and which collects the logs. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-list-subaccountsUse this operation to get a list of sub accounts that are managed by the account of the API client (the parent account).
#
Base Commandincap-list-subaccounts
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
page_size | The number of objects to return in the response. Default: 50 Maximum: 100. | Optional |
page_num | The page to return starting from 0. Default: 0. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-get-account-statusUse this operation to get information about the account of the API client or one of its managed accounts.
#
Base Commandincap-get-account-status
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-modify-account-configurationUse this operation to change the configuration of the account of the API client or one of its managed accounts.
#
Base Commandincap-modify-account-configuration
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
param | Name of the configuration parameter to set. Possible values: name | email | plan_id | error_page_template | support_all_tls_versions. Possible values are: name, email, plan_id, error_page_template, support_all_tls_versions. | Required |
value | According to the configuration paramater used. For name - the updated name, for e-mail - the updated e-mail address. For plan_id - a plan id. For error_page_template - a Base64 encoded template for an error page. For log_level - Available only for Enterprise Plan customers that purchased the Logs Integration SKU. Sets the log reporting level for the site. Possible values: full, security, none, default For support_all_tls_versions - Use this operation to allow sites in the account to support all TLS versions for connectivity between clients (visitors) and the Incapsula service. When this option is set, you can then enable the option per site to support all TLS versions. Possible values: true, false. Note: To remain PCI-compliant, do not enable this option. | Required |
#
Context OutputThere is no context output for this command.
#
incap-set-account-log-levelUse this operation to change the account log configuration.
#
Base Commandincap-set-account-log-level
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
log_level | Sets the log reporting level for the site. Possible values: full, security, none, default Available only for Enterprise Plan customers that purchased the Log Integration SKU. Possible values are: full, security, none, default, support_all_tls_versions. | Required |
#
Context OutputThere is no context output for this command.
#
incap-test-account-s3-connectionUse this operation to check that a connection can be created with your Amazon S3 bucket.
#
Base Commandincap-test-account-s3-connection
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. | Required |
bucket_name | S3 bucket name. | Required |
access_key | S3 access key. | Required |
secret_key | 3 secret key. | Required |
save_on_success | Save this configuration if the test connection was successful. Default value: false. Possible values are: true, false. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-test-account-sftp-connectionUse this operation to check that a connection can be created with your SFTP storage.
#
Base Commandincap-test-account-sftp-connection
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. | Required |
host | The IP address of your SFTP server. | Required |
user_name | A user name that will be used to log in to the SFTP server. | Required |
password | A corresponding password for the user account used to log in to the SFTP server. | Required |
destination_folder | The path to the directory on the SFTP server. | Required |
save_on_success | Save this configuration if the test connection was successful. Default value: false. Possible values are: true, false. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-set-account-s3-log-storageUse this operation to configure your Amazon cloud storage. Once configured, Incapsula logs will be uploaded to the selected location.
#
Base Commandincap-set-account-s3-log-storage
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. | Required |
bucket_name | S3 bucket name. | Required |
access_key | S3 access key. | Required |
secret_key | 3 secret key. | Required |
#
Context OutputThere is no context output for this command.
#
incap-set-account-sftp-log-storageUse this operation to configure your SFTP server storage. Once configured, Incapsula logs will be uploaded to the selected location.
#
Base Commandincap-set-account-sftp-log-storage
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. | Required |
host | The IP address of your SFTP server. | Required |
user_name | A user name that will be used to log in to the SFTP server. | Required |
password | A corresponding password for the user account used to log in to the SFTP server. | Required |
destination_folder | The path to the directory on the SFTP server. | Required |
#
Context OutputThere is no context output for this command.
#
incap-set-account-default-log-storageUse this operation to have your logs saved on Incapsula servers. Once configured, the logs can be retrieved by API calls.
#
Base Commandincap-set-account-default-log-storage
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. | Required |
#
Context OutputThere is no context output for this command.
#
incap-get-account-login-tokenTokens are used instead of user/password based authentication to log in to the Incapsula management console. Use this operation to generate a token for an account. The token is valid for 15 minutes. In order to use the token, the user must use the following link: https://my.incapsula.com/?token={generated_token}
#
Base Commandincap-get-account-login-token
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-delete-managed-accountUse this operation to delete an account.
#
Base Commandincap-delete-managed-account
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-delete-subaccountUse this operation to delete a sub account.
#
Base Commandincap-delete-subaccount
#
InputArgument Name | Description | Required |
---|---|---|
sub_account_id | Numeric identifier of the sub account to operate on. | Required |
#
Context OutputThere is no context output for this command.
#
incap-get-account-audit-eventsUse this operation to get audit events for an account.
#
Base Commandincap-get-account-audit-events
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
time_range | Time range to fetch data for. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm. | Optional |
start | Start date in milliseconds since 1970. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm. | Optional |
end | End date in milliseconds since 1970. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm. | Optional |
type | The api key of the event type, such as audit.account_login. | Optional |
page_size | The number of objects to return in the response. Default: 50. Maximum: 100. | Optional |
page_num | The page to return starting from 0. Default: 0. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-set-account-default-data-storage-regionUse this operation to set the default data region of the account for newly created sites.
#
Base Commandincap-set-account-default-data-storage-region
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. | Required |
data_storage_region | The data region to use. Possible values are: APAC, EU, US, DEFAULT. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-get-account-default-data-storage-regionUse this operation to get the default data region of the account.
#
Base Commandincap-get-account-default-data-storage-region
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. | Required |
#
Context OutputThere is no context output for this command.
#
incap-add-siteAdd a new site to an account. If the site already exists, its status is returned
#
Base Commandincap-add-site
#
InputArgument Name | Description | Required |
---|---|---|
domain | The domain name of the site. For example: www.example.com, hello.example.com, example.com. | Required |
account_id | Numeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
ref_id | Customer specific identifier for this operation. | Optional |
send_site_setup_emails | If this value is "false", end users will not get emails about the add site process such as "DNS instructions" and "SSL setup". | Optional |
site_ip | Manually set the web server IP/cname. This option is only available for specific accounts. Please contact support for more details. | Optional |
force_ssl | If this value is "true", manually set the site to support SSL. This option is only available for sites with manually configured IP/cname and for specific accounts. Please contact support for more details. | Optional |
log_level | Available only for Enterprise Plan customers that purchased the Logs Integration SKU. Sets the log reporting level for the site. Options are “full”, “security”, “none” and "default". | Optional |
logs_account_id | Available only for Enterprise Plan customers that purchased the Logs Integration SKU. Numeric identifier of the account that purchased the logs integration SKU and which collects the logs. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-get-site-statusUse this operation to get the status of a site
#
Base Commandincap-get-site-status
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
tests | List of tests to run on site before returning its status. A comma separated list of one of: domain_validation, services, dns. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-get-domain-approver-emailUse this operation to get the list of email addresses that can be used when adding an SSL site
#
Base Commandincap-get-domain-approver-email
#
InputArgument Name | Description | Required |
---|---|---|
domain | The domain name of the site. For example: www.example.com, hello.example.com, example.com. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-modify-site-configurationUse this operation to change one of the basic configuration settings of the site. To watch param table, visit https://my.incapsula.com/api/docs/v1/sites#modifySiteConfig
#
Base Commandincap-modify-site-configuration
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
param | Name of configuration parameter to set. | Required |
value | According to the param value. | Required |
#
Context OutputThere is no context output for this command.
#
incap-modify-site-log-levelUse this operation to change the site log configuration
#
Base Commandincap-modify-site-log-level
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
log_level | Available only for Enterprise Plan customers that purchased the Logs Integration SKU. Sets the log reporting level for the site. Options are “full”, “security”, “none” and "default". | Optional |
#
Context OutputThere is no context output for this command.
#
incap-modify-site-tls-supportUse this operation to support all TLS versions for the site for connectivity between clients (visitors) and the Incapsula service. To remain PCI-compliant, do not enable this option.
#
Base Commandincap-modify-site-tls-support
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
support_all_tls_versions | Support all TLS versions. Default value: false. Possible values are: true, false. | Required |
#
Context OutputThere is no context output for this command.
#
incap-modify-site-scurity-configUse this operation to change the security configuration of a site
#
Base Commandincap-modify-site-scurity-config
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
rule_id | ID of the security rule to change. For possible values see the security section in the Get Site Status API call. | Required |
block_bad_bots | Whether or not to block bad bots. One of: true, false. | Optional |
challenge_suspected_bots | Whether or not to send a challenge to clients that are suspected to be bad bots (CAPTCHA for example). One of: true, false. | Optional |
activation_mode | One of the following: off (security measures are disabled even if site is under a DDoS attack), auto (security measures will be activated automatically when the system suspects site is under a DDoS attack), on (security measures are enabled even if site is not under a DDoS attack). The syntax is as follows: api.threats.ddos.activation_mode.( e.g. for "off", use "api.threats.ddos.activation_mode.off" ). | Optional |
security_rule_action | The action that should be taken when a threat is detected, for example: api.threats.action.block_ip. Different actions are allowed per different threats, e.g. backdoors may only be quarantined, ignored or trigger an alert. For possible values see below. | Optional |
quarantined_urls | A comma seperated list of encoded URLs to be kept in quarantine. | Optional |
ddos_traffic_threshold | Consider site to be under DDoS if the request rate is above this threshold. The valid values are 10, 20, 50, 100, 200, 500, 750, 1000, 2000, 3000, 4000, 5000. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-modify-site-acl-configUse this operation to change the ACL configuration of a site. To modify the configuration for a specific ACL rule, its values are required, as documented below. To delete an entire ACL list, send an empty string as the list values
#
Base Commandincap-modify-site-acl-config
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
rule_id | The id of the acl, e.g api.acl.blacklisted_ips. One of: api.acl.blacklisted_countries, api.acl.blacklisted_urls, api.acl.blacklisted_ips, api.acl.whitelisted_ips. | Required |
urls | A comma separated list of resource paths. For example, /home and /admin/index.html are resource paths, however http://www.example.com/home is not. Each URL should be encoded separately using percent encoding as specified by RFC 3986 (http://tools.ietf.org/html/rfc3986#section-2.1). An empty URL list will remove all URLs. | Optional |
url_patterns | A comma seperated list of url patterns, one of: contains | equals | prefix | suffix | not_equals | not_contain | not_prefix | not_suffix. The patterns should be in accordance with the matching urls sent by the urls parameter. | Optional |
countries | A comma seperated list of country codes. | Optional |
continents | A comma seperated list of continent codes. | Optional |
ips | A comma seperated list of IPs or IP ranges, e.g: 192.168.1.1, 192.168.1.1-192.168.1.100 or 192.168.1.1/24. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-modify-site-wl-configUse this operation to set allow lists to security rules or ACLs. To update an existing allow list, send its ID in the id parameter. If the id parameter does not exist a new allow list will be created
#
Base Commandincap-modify-site-wl-config
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
rule_id | The id of the rule (either a security or an acl rule), e.g api.acl.blacklisted_ips. See other examples below. | Required |
whitelist_id | The id (an integer) of the allow list to be set. This field is optional - in case no id is supplied, a new allow list will be created. | Optional |
delete_whitelist | An optional boolean parameter, in case it is set to "true" and a allow list id is sent, then the allow list will be deleted. | Optional |
urls | A comma separated list of resource paths. For example, /home and /admin/index.html are resource paths, however http://www.example.com/home is not. Each URL should be encoded separately using percent encoding as specified by RFC 3986 (http://tools.ietf.org/html/rfc3986#section-2.1). An empty URL list will remove all URLs. | Optional |
countries | A comma seperated list of country codes. | Optional |
continents | A comma seperated list of continent codes. | Optional |
ips | A comma seperated list of IPs or IP ranges, e.g: 192.168.1.1, 192.168.1.1-192.168.1.100 or 192.168.1.1/24. | Optional |
client_app_types | A comma seperated list of client application types. | Optional |
client_apps | A comma seperated list of client application ids. | Optional |
parameters | A comma seperated list of encoded user agents. | Optional |
user_agents | A comma seperated list of encoded user agents. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-delete-siteDelete the site
#
Base Commandincap-delete-site
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
#
Context OutputThere is no context output for this command.
#
incap-list-sitesList sites for an account
#
Base Commandincap-list-sites
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
page_size | The number of objects to return in the response. Defaults to 50. | Optional |
page_num | The page to return starting from 0. Default to 0. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-get-site-reportUse this operation to get a report for a site. Reports are sent using Base64 encoding
#
Base Commandincap-get-site-report
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
report | The report to get, one of: pci-compliance. | Required |
format | The format to get the report in, one of: pdf | html. | Required |
time_range | Time range to fetch data for. See the introduction of the API documentation for a detailed description. | Required |
start | Start date in milliseconds since 1970. See the introduction of the API documentation for a detailed description. | Optional |
end | End date in milliseconds since 1970. See the introduction of the API documentation for a detailed description. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-get-site-html-injection-rulesUse this operation to list all the HTML Injection rules.
#
Base Commandincap-get-site-html-injection-rules
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
#
Context OutputThere is no context output for this command.
#
incap-add-site-html-injection-ruleUse this operation to add a new HTML injection rule or to replace an existing rule.
#
Base Commandincap-add-site-html-injection-rule
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
url | The URL where the content is injected. | Required |
url_pattern | The url pattern. One of: contains | not_contains | equals | not_equals | prefix | suffix | not_prefix | not_suffix. Possible values are: contains, not_contains, equals, not_equals, prefix, suffix, not_prefix, not_suffix. | Required |
location | The location of the injection inside the URL ('head' or 'body_end'). Possible values are: head, body_end. | Required |
content | The injected HTML snippet, Base64-encoded. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-delete-site-html-injection-ruleUse this operation to removes an existing HTML injection rule. To confirm the removal, set the parameter delete_content to true.
#
Base Commandincap-delete-site-html-injection-rule
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
url | The URL where the content is injected. | Required |
url_pattern | The url pattern. One of: contains | not_contains | equals | not_equals | prefix | suffix | not_prefix | not_suffix. Possible values are: contains, not_contains, equals, not_equals, prefix, suffix, not_prefix, not_suffix. | Required |
location | The location of the injection inside the URL ('head' or 'body_end'). Possible values are: head, body_end. | Required |
delete_content | Whether or not to delete existing HTML content. Possible values: true/false. Possible values are: true, false. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-create-new-csrUse this operation to create a certificate signing request (CSR) for your site
#
Base Commandincap-create-new-csr
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
Email address. For example: joe@example.com. | Optional | |
organization | The legal name of your organization. This should not be abbreviated or include suffixes such as Inc., Corp., or LLC. | Optional |
organization_unit | The division of your organization handling the certificate. For example, "IT Department". | Optional |
country | The two-letter ISO code for the country where your organization is located. | Optional |
state | The state/region where your organization is located. This should not be abbreviated. | Optional |
city | The city where your organization is located. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-upload-certificateUse this operation to upload custom certificate for your site. The following SSL certificate file formats are supported: PFX, PEM, CER
#
Base Commandincap-upload-certificate
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate o. | Required |
certificate | The new certificate. | Required |
private_key | The private key of the certificate in base64 format. Optional in case of PFX certificate file format. | Optional |
passphrase | The passphrase used to protect your SSL certificate. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-remove-custom-integrationUse this operation to remove custom certificate
#
Base Commandincap-remove-custom-integration
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
#
Context OutputThere is no context output for this command.
#
incap-move-siteUse this operation to move a site from one account to another. You can move a site from a master account to one of its sub accounts, or from one sub account to another.
#
Base Commandincap-move-site
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
destination_account_id | The numeric identifier of the account which the site will be moved to. | Required |
#
Context OutputThere is no context output for this command.
#
incap-check-complianceCheck site’s associated SANs for CAA compliance. If a given SAN is compliant, its SSL domain validation status is updated accordingly. This operation returns an updated list of the site’s associated SANs that are not compliant. An empty list indicates that all SANs are compliant.
#
Base Commandincap-check-compliance
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
#
Context OutputThere is no context output for this command.
#
incap-set-site-data-storage-regionUse this operation to set the site's data storage region.
#
Base Commandincap-set-site-data-storage-region
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
data_storage_region | The data region to use. Possible values are: APAC, EU, US. | Required |
#
Context OutputThere is no context output for this command.
#
incap-get-site-data-storage-regionUse this operation to get the site's data storage region.
#
Base Commandincap-get-site-data-storage-region
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
#
Context OutputThere is no context output for this command.
#
incap-set-site-data-storage-region-geo-overrideUse this operation to set the data storage region for each new site based on the geolocation of the origin server.
#
Base Commandincap-set-site-data-storage-region-geo-override
#
InputArgument Name | Description | Required |
---|---|---|
override_site_regions_by_geo | A boolean parameter. If it is set to "true", the data storage region for each new site will be based on the geolocation of the origin server. Possible values are: true, false. | Required |
account_id | Numeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-get-site-data-storage-region-geo-overrideUse this operation to check if the data storage region for each new site is based on the geolocation of the origin server.
#
Base Commandincap-get-site-data-storage-region-geo-override
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-purge-site-cacheUse this operation to purge all cached content on our proxy servers for a specific site. Our Proxy servers keep cached content of your sites in order to accelerate page load times for your users. When you want this cached content to be refreshed (for example, after making adjustments in your site) you can use this API call. In order to purge the entire cached content for this site just use the API call with no parameters. If you want to purge a specific resource add the resource name as parameter
#
Base Commandincap-purge-site-cache
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
purge_pattern | The pattern of the resource to be purged from the cache. For example: (1) Resource_name - resources that contain Resource_name will be purged, (2) ^Resource_name - resources that start with Resource_name will be purged, and (3) Resource_name$ - resources that end with Resource_name will be purged. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-modify-cache-modeUse this operation to edit basic site caching settings
#
Base Commandincap-modify-cache-mode
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
cache_mode | disable | static_only | static_and_dynamic | aggressive : default Static_Only. | Required |
dynamic_cache_duration | Profile dynamic pages and cache duration, pass number followed by "_" and one of: hr | min | sec | days | weeks: default: 5_min. | Optional |
aggressive_cache_duration | Cache resource duration, pass number followed by "_" and one of: hr | min | sec | days | weeks: default: 1_hr. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-purge-resourcesUse this operation to purge site resources
#
Base Commandincap-purge-resources
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
resource_url | Comma seperated list of URLs where the resource is located. | Optional |
resource_pattern | Comma seperated list of pattern, one of: contains | equals | prefix | suffix | not_equals | not_contains | not_prefix | not_suffix. | Optional |
should_purge_all_site_resources | Should purge all cached resources on site. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-modify-caching-rulesUse this operation to set-up advanced caching rules
#
Base Commandincap-modify-caching-rules
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
always_cache_resource_url | Comma seperated list of always cache resources url. | Optional |
always_cache_resource_pattern | Comma seperated list of always cache resources pattern, one of: contains | equals | prefix | suffix | not_equals | not_contains | not_prefix | not_suffix. | Optional |
always_cache_resource_duration | Duration that resources will be in cache, pass number followed by "_" and one of: hr | min | sec | days | weeks. Either provide a comma seperated list of duration expressions, matching the number of always cache rules, or a single duration expression to be used for all always cache rules. | Optional |
never_cache_resource_url | Comma seperated list of never cache resources url. | Optional |
never_cahce_resource_pattern | Comma seperated list of cached headers seperated with comma. | Optional |
clear_always_cache_rules | An optional boolean parameter, in case it is set to "true", the site's always cache rules will be cleared. | Optional |
clear_never_cache_rules | An optional boolean parameter, in case it is set to "true", the site's never cache rules will be cleared. | Optional |
clear_cache_headers_rules | An optional boolean parameter, in case it is set to "true", the site's cache headers rules will be cleared. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-set-advanced-caching-settingsUse this operation to modify advanced caching settings. For more information, https://my.incapsula.com/api/docs/v1/sites#modifyAdvancedCachingSettings
#
Base Commandincap-set-advanced-caching-settings
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
param | Name of configuration parameter to set. | Optional |
value | According to the param value. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-purge-hostname-from-cacheUse this operation to purge the hostname from the cache. This API is for customers who use the same CNAME provided by Incapsula for multiple hostnames and would like to change the CNAME for a particular hostname. Purging the hostname is required for the CNAME change to take effect
#
Base Commandincap-purge-hostname-from-cache
#
InputArgument Name | Description | Required |
---|---|---|
host_name | The hostname to purge from cache. | Required |
#
Context OutputThere is no context output for this command.
#
incap-site-get-xray-linkUse this operation to get a URL that enables debug headers on a specific site.
#
Base Commandincap-site-get-xray-link
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
#
Context OutputThere is no context output for this command.
#
incap-list-site-rule-revisionsUse this operation to list revisions of a rule (Delivery Rules or IncapRules).
#
Base Commandincap-list-site-rule-revisions
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
rule_id | Rule ID. | Required |
#
Context OutputThere is no context output for this command.
#
incap-add-site-ruleUse this operation to add a rule (Delivery Rules or IncapRules).
#
Base Commandincap-add-site-rule
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
name | Rule name. | Optional |
action | Rule action. Possible values are: RULE_ACTION_REDIRECT, RULE_ACTION_REWRITE_URL, RULE_ACTION_REWRITE_HEADER, RULE_ACTION_REWRITE_COOKIE, RULE_ACTION_DELETE_HEADER, RULE_ACTION_DELETE_COOKIE, RULE_ACTION_FORWARD_TO_DC, RULE_ACTION_ALERT, RULE_ACTION_BLOCK, RULE_ACTION_BLOCK_USER, RULE_ACTION_BLOCK_IP, RULE_ACTION_RETRY, RULE_ACTION_INTRUSIVE_HTML, RULE_ACTION_CAPTCHA. | Optional |
filter | Rule will trigger only a request that matches this filter. For more details on filter guidelines, see https://docs.incapsula.com/Content/IncapRules/syntax-guide.htm The filter may contain up to 400 characters. | Optional |
response_code | Redirect rule's response code. Possible values are: 301, 302, 303, 307, 308. | Optional |
protocol | Protocol. | Optional |
add_missing | Add cookie or header if it doesn't exist (Rewrite cookie rule only). | Optional |
from | The pattern to rewrite. RULE_ACTION_REWRITE_URL - The URL to rewrite. RULE_ACTION_REWRITE_HEADER - The header value to rewrite. RULE_ACTION_REWRITE_COOKIE - The cookie value to rewrite. | Optional |
to | The pattern to change to. RULE_ACTION_REWRITE_URL - The URL to change to. RULE_ACTION_REWRITE_HEADER - The header value to change to. RULE_ACTION_REWRITE_COOKIE - The cookie value to change to. | Optional |
rewrite_name | Name of cookie or header to rewrite. Applies only for RULE_ACTION_REWRITE_COOKIE and RULE_ACTION_REWRITE_HEADER. | Optional |
dc_id | Data center to forward request to. Applies only for RULE_ACTION_FORWARD_TO_DC. | Optional |
is_test_mode | Make rule apply only for IP address the API request was sent from. | Optional |
lb_algorithm | Data center load balancing algorithm. Possible values are: LB_LEAST_PENDING_REQUESTS, LB_LEAST_OPEN_CONNECTIONS, LB_SOURCE_IP_HASH, RANDOM. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-edit-site-ruleUse this operation to edit an existing rule (Delivery Rules or IncapRules).
#
Base Commandincap-edit-site-rule
#
InputArgument Name | Description | Required |
---|---|---|
rule_id | Rule ID. | Required |
name | Rule name. | Optional |
action | Rule action. Possible values are: RULE_ACTION_REDIRECT, RULE_ACTION_REWRITE_URL, RULE_ACTION_REWRITE_HEADER, RULE_ACTION_REWRITE_COOKIE, RULE_ACTION_DELETE_HEADER, RULE_ACTION_DELETE_COOKIE, RULE_ACTION_FORWARD_TO_DC, RULE_ACTION_ALERT, RULE_ACTION_BLOCK, RULE_ACTION_BLOCK_USER, RULE_ACTION_BLOCK_IP, RULE_ACTION_RETRY, RULE_ACTION_INTRUSIVE_HTML, RULE_ACTION_CAPTCHA. | Optional |
filter | Rule will trigger only a request that matches this filter. For more details on filter guidelines, see https://docs.incapsula.com/Content/IncapRules/syntax-guide.htm The filter may contain up to 400 characters. | Optional |
response_code | Redirect rule's response code. Possible values are: 301, 302, 303, 307, 308. | Optional |
protocol | Protocol. | Optional |
add_missing | Add cookie or header if it doesn't exist (Rewrite cookie rule only). | Optional |
from | The pattern to rewrite. RULE_ACTION_REWRITE_URL - The URL to rewrite. RULE_ACTION_REWRITE_HEADER - The header value to rewrite. RULE_ACTION_REWRITE_COOKIE - The cookie value to rewrite. | Optional |
to | The pattern to change to. RULE_ACTION_REWRITE_URL - The URL to change to. RULE_ACTION_REWRITE_HEADER - The header value to change to. RULE_ACTION_REWRITE_COOKIE - The cookie value to change to. | Optional |
rewrite_name | Name of cookie or header to rewrite. Applies only for RULE_ACTION_REWRITE_COOKIE and RULE_ACTION_REWRITE_HEADER. | Optional |
dc_id | Data center to forward request to. Applies only for RULE_ACTION_FORWARD_TO_DC. | Optional |
is_test_mode | Make rule apply only for IP address the API request was sent from. | Optional |
lb_algorithm | Data center load balancing algorithm. Possible values are: LB_LEAST_PENDING_REQUESTS, LB_LEAST_OPEN_CONNECTIONS, LB_SOURCE_IP_HASH, RANDOM. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-enable-site-ruleUse this operation to enable or disable a rule (Delivery Rules or IncapRules).
#
Base Commandincap-enable-site-rule
#
InputArgument Name | Description | Required |
---|---|---|
rule_id | Rule ID. | Required |
name | Rule name. | Optional |
enable | When true, the rule will be enabled. Set to false to disable. Possible values are: true, false. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-delete-site-ruleUse this operation to delete a rule (Delivery Rules or IncapRules).
#
Base Commandincap-delete-site-rule
#
InputArgument Name | Description | Required |
---|---|---|
rule_id | Rule ID. | Required |
name | Rule name. | Optional |
enable | When true, the rule will be enabled. Set to false to disable. Possible values are: true, false. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-list-site-rulesUse this operation to list rules (Delivery Rules and IncapRules) for a given site.
#
Base Commandincap-list-site-rules
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
include_ad_rules | Whether or not delivery rules should be included. Defaults to "Yes". Possible values are: Yes, No. | Optional |
include_incap_rules | Whether or not security rules be included. Defaults to "Yes". Possible values are: Yes, No. | Optional |
page_size | The number of objects to return in the response. Default is 50. Maximum: 100. | Optional |
page_num | The page to return starting from 0. Default is 0. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-revert-site-ruleRevert a rule (Delivery Rule or IncapRule) using an existing revision.
#
Base Commandincap-revert-site-rule
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
rule_id | Rule ID. | Required |
revision_id | ID of the revision to revert to. Revision ID can be found using !incap-list-site-rule-revisions. | Required |
#
Context OutputThere is no context output for this command.
#
incap-set-site-rule-priorityUse this operation to change a Delivery Rule's priority.
#
Base Commandincap-set-site-rule-priority
#
InputArgument Name | Description | Required |
---|---|---|
rule_id | Rule ID. | Required |
priority | New priority for the selected rule. | Required |
#
Context OutputThere is no context output for this command.
#
incap-add-site-datacenterUse this operation to add a data center to a site.
#
Base Commandincap-add-site-datacenter
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
name | The new data center's name. | Required |
server_address | The server's address. Possible values: IP, CNAME. | Required |
is_enabled | Enables the data center. Possible values are: true, false. | Optional |
is_content | The data center will be available for specific resources (Forward Delivery Rules). Possible values are: true, false. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-edit-site-datacenterUse this operation to edit a site's data center.
#
Base Commandincap-edit-site-datacenter
#
InputArgument Name | Description | Required |
---|---|---|
dc_id | The data center's ID. | Required |
name | The new data center's name. | Optional |
is_enabled | Enables the data center. Possible values are: true, false. | Optional |
is_standby | Defines the data center as standby for failover. Possible values are: true, false. | Optional |
is_content | The data center will be available for specific resources (Forward Delivery Rules). Possible values are: true, false. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-delete-site-datacenterUse this operation to delete a site's data center.
#
Base Commandincap-delete-site-datacenter
#
InputArgument Name | Description | Required |
---|---|---|
dc_id | The data center's ID. | Required |
#
Context OutputThere is no context output for this command.
#
incap-list-site-datacentersUse this operation to list a site's data centers including the data centers' servers.
#
Base Commandincap-list-site-datacenters
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
#
Context OutputThere is no context output for this command.
#
incap-add-site-datacenter-serverUse this operation to add a server to a data center.
#
Base Commandincap-add-site-datacenter-server
#
InputArgument Name | Description | Required |
---|---|---|
dc_id | The data center's ID. | Required |
server_address | The server's address. Possible values: IP, CNAME. | Required |
name | The new data center's name. | Optional |
is_standby | Set the server as Active (P0) or Standby (P1) (Boolean). Possible values are: true, false. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-edit-site-datacenter-serverUse this operation to add a server to a data center.
#
Base Commandincap-edit-site-datacenter-server
#
InputArgument Name | Description | Required |
---|---|---|
server_id | Server ID. | Required |
server_address | The server's address. Possible values: IP, CNAME. | Required |
name | The new data center's name. | Optional |
is_enabled | Enable or disable the server (Boolean). Possible values are: true, false. | Optional |
is_standby | Set the server as Active (P0) or Standby (P1) (Boolean). Possible values are: true, false. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-delete-site-datacenter-serverUse this operation to delete a data center's server.
#
Base Commandincap-delete-site-datacenter-server
#
InputArgument Name | Description | Required |
---|---|---|
server_id | Server ID. | Required |
#
Context OutputThere is no context output for this command.
#
incap-get-statisticsUse this operation to get site statistics for one or more sites. This operation may return multiple statistics, as specified in the stats parameter
#
Base Commandincap-get-statistics
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to fetch data for. If not specified, data will be fetched for all site of the account identified by the authentication parameters. | Optional |
time_range | Time range to fetch data for. See https://my.incapsula.com/api/docs/v1#timeRange. | Required |
start | Start date in milliseconds since 1970. See the introduction of the API documentation for a detailed description. | Optional |
end | End date in milliseconds since 1970. See the introduction of the API documentation for a detailed description. | Optional |
site_id | Numeric identifier of the site to fetch data for. Multiple sites can be specified in a comma separated list. For example: 123,124,125. | Optional |
stats | Statistics to fetch, see options at https://my.incapsula.com/api/docs/v1/data#getStats. | Required |
granularity | Time interval in milliseconds between data points for time series stats. Default is 86400000 (1 day) for a range of less than 30 days and 259200000 (3 days) for a range of less than 90 days. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-get-visitsUse this operation to get a log of recent visits to a website. The visits are fetched in reverse chronological order, starting with the most recent visit. Not all visits are recorded - only visits with abnormal activity are recorded e.g. violation of security rules, visits from black-listed IPs/Countries, etc. A visit may still be updated even after it was retrieved. To avoid retrieving such visits and to retrieve only visits that will no longer be updated use the list_live_visits parameter
#
Base Commandincap-get-visits
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
time_range | Time range to fetch data for. Default is last_7_days. | Optional |
start | Start date in milliseconds since 1970. See the introduction of the API documentation for a detailed description. | Optional |
end | End date in milliseconds since 1970. See the introduction of the API documentation for a detailed description. | Optional |
page_size | The number of objects to return in the response. Defaults to 10. | Optional |
page_num | Filter the sessions that were handled according to the security-related specifications. Multiple values are supported, e.g.: "api.threats.action.block_ip, api.threats.sql_injection". | Optional |
country | Filter the sessions coming from the specified country. | Optional |
ip | Filter the sessions coming from the specified IP. | Optional |
visit_id | Comma separated list of visit IDs to load. | Optional |
list_live_visits | Whether or not to list visits that did not end and that may still be updated. One of: true | false. Default: true. | Optional |
security | Filter the sessions that were handled according to the security-related specifications. Multiple values are supported, e.g.: "api.threats.action.block_ip, api.threats.sql_injection". | Optional |
#
Context OutputThere is no context output for this command.
#
incap-upload-public-keyOrganizations that purchased the Security Logs Integration SKU can download security events created for their account and archive or push those events into their SIEM solution
#
Base Commandincap-upload-public-key
#
InputArgument Name | Description | Required |
---|---|---|
config_id | The Logs Collector configuration identifier. | Required |
public_key | The public key file(2048bit) in base64 format (without password protection). | Required |
#
Context OutputThere is no context output for this command.
#
incap-change-logs-collector-configurationAvailable only for Enterprise Plan customers that purchased the Security Logs Integration SKU. Use this operation to change the status of the Logs Collector configuration
#
Base Commandincap-change-logs-collector-configuration
#
InputArgument Name | Description | Required |
---|---|---|
config_id | The Logs Collector configuration identifier. | Required |
logs_config_new_status | The new configuration status of the Logs Collector. Values can be ACTIVE or SUSPENDED. | Required |
#
Context OutputThere is no context output for this command.
#
incap-get-infra-protection-statisticsUse this operation to get Infrastructure Protection statistics for an account or IP range.
#
Base Commandincap-get-infra-protection-statistics
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
ip_prefix | Specific Protected IP or IP range. For example, 1.1.1.0/24. | Optional |
traffic | Specific traffic. One of: Total, Passed, Blocked. Possible values are: Total, Passed, Blocked. | Optional |
traffic_type | A comma separated list of specific traffic types. Any of: UDP, TCP, DNS, DNS_RESPONSE, ICMP, SYN, FRAG, LARGE_SYN, NTP, NETFLOW, SSDP, GENERAL. Cannot be used together with the pop parameter. | Optional |
pop | A comma separated list of specific PoP names. For example: iad, tko. Cannot be used together with the traffic_type parameter. For the list of PoP codes and locations, see https://docs.incapsula.com/Content/read-more/pops.htm. | Optional |
start | The start date in milliseconds, since 1970. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm. | Optional |
end | The end date in milliseconds, since 1970. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
Imperva.EventStats.stats.payload.ipPrefix | string | IP prefix |
Imperva.EventStats.stats.payload.ipPrefixType | string | IP prefix type |
Imperva.EventStats.stats.payload.traffic | unknown | Traffic state, such as blocked or passed |
#
incap-get-infra-protection-eventsUse this operation to get Infrastructure Protection event information for an account.
#
Base Commandincap-get-infra-protection-events
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. If not specified, operation will be performed on the account identified by the authentication parameters. | Optional |
event_type | A comma separated list of specific event types. Any of: GRE_TUNNEL_UP, GRE_TUNNEL_DOWN, ORIGIN_CONNECTION_GRE_UP, ORIGIN_CONNECTION_GRE_DOWN, ORIGIN_CONNECTION_ECX_UP, ORIGIN_CONNECTION_ECX_DOWN, ORIGIN_CONNECTION_CROSS_CONNECT_UP, ORIGIN_CONNECTION_CROSS_CONNECT_DOWN, DDOS_START_IP_RANGE, DDOS_STOP_IP_RANGE, DDOS_QUIET_TIME_IP_RANGE, EXPORTER_NO_DATA, EXPORTER_BAD_DATA, EXPORTER_GOOD_DATA, MONITORING_CRITICAL_ATTACK, PROTECTED_IP_STATUS_UP, PROTECTED_IP_STATUS_DOWN, PER_IP_DDOS_START_IP_RANGE. | Optional |
ip_prefix | Specific Protected IP or IP range. For example, 1.1.1.0/24. | Optional |
page_size | The number of objects to return in the response. Default: 50 Maximum: 100. | Optional |
page_num | The page to return starting from 0. Default: 0. | Optional |
start | The start date in milliseconds, since 1970. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm. | Optional |
end | The end date in milliseconds, since 1970. For a detailed description, see https://docs.incapsula.com/Content/API/api.htm. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-add-login-protectUse this operation to add Login Protect user for site
#
Base Commandincap-add-login-protect
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. | Required |
E-mail address, for example: "joe@example.com". | Required | |
name | Example: John Smith. | Optional |
phone | Phone number, country code - number, for example: "1-8662507659". | Optional |
is_email_verified | Whether or not to skip E-Mail address verificaion. | Optional |
is_phone_verified | Whether or not to skip phone address verificaion. | Optional |
should_send_activation_email | Whether or not to send activation E-Mail to user. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-edit-login-protectUse this operation to edit Login Protect user's settings
#
Base Commandincap-edit-login-protect
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. | Required |
E-mail address, for example: "joe@example.com". | Required | |
name | Example: John Smith. | Optional |
phone | Phone number, country code - number, for example: "1-8662507659". | Optional |
is_email_verified | Whether or not to skip E-Mail address verificaion. | Optional |
is_phone_verified | Whether or not to skip phone address verificaion. | Optional |
should_send_activation_email | Whether or not to send activation E-Mail to user. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-get-login-protectUse this operation to get the account's login protect user list
#
Base Commandincap-get-login-protect
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. | Required |
#
Context OutputThere is no context output for this command.
#
incap-remove-login-protectUse this operation to remove login protect user from account's user list
#
Base Commandincap-remove-login-protect
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. | Required |
E-mail address, for example: "joe@example.com". | Required |
#
Context OutputThere is no context output for this command.
#
incap-send-sms-to-userUse this operation to send SMS to login protect user
#
Base Commandincap-send-sms-to-user
#
InputArgument Name | Description | Required |
---|---|---|
account_id | Numeric identifier of the account to operate on. | Required |
E-mail address, for example: "joe@example.com". | Optional | |
sms_text | Text that will be sent in SMS. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-modify-login-protectUse this operation to change Login Protect settings for site
#
Base Commandincap-modify-login-protect
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
enabled | Pass true to enable login protect on site, and false to disable it. Default is true. | Optional |
specific_users_list | Comma seperated E-Mail list to set login protect users for the site, if the list is empty all users will be allowed to access the site using Login Protect. | Optional |
send_lp_notifications | Pass true to send notification on successful login using login protect. Default is false. | Optional |
allow_all_users | Pass true to allow all login protect users to access the site. If you choose to allow only spesific list of users to access the site using Login Protect set this to false, and add the list to specific_user_list. Default value is true. | Optional |
authentication_methods | Comma seperated list of allowed authentication methods sms | email | ga. | Optional |
urls | A comma separated list of resource paths. For example, /home and /admin/index.html are resource paths, however http://www.example.com/home is not. Each URL should be encoded separately using percent encoding as specified by RFC 3986 (http://tools.ietf.org/html/rfc3986#section-2.1). An empty URL list will remove all URLs. | Optional |
url_patterns | A comma seperated list of url patterns, one of: contains | equals | prefix | suffix | not_equals | not_contain | not_prefix | not_suffix. The patterns should be in accordance with the matching urls sent by the urls parameter. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-configure-appUse this operation to configure Login Protect on wordpress | joomla | phpbb admin areas
#
Base Commandincap-configure-app
#
InputArgument Name | Description | Required |
---|---|---|
site_id | Numeric identifier of the site to operate on. | Required |
protected_app | Protect admin areas of joomla | wordpress | phpBB. | Optional |
#
Context OutputThere is no context output for this command.
#
incap-get-ip-rangesUse this operation to get the updated list of Incapsula IP ranges
#
Base Commandincap-get-ip-ranges
#
InputArgument Name | Description | Required |
---|
#
Context OutputThere is no context output for this command.
#
incap-get-textsUse this operation to retrieve a list of all text messages that may be part of API responses
#
Base Commandincap-get-texts
#
InputArgument Name | Description | Required |
---|
#
Context OutputThere is no context output for this command.
#
incap-get-geo-infoUse this operation to retrieve a list of all the countries and continents codes
#
Base Commandincap-get-geo-info
#
InputArgument Name | Description | Required |
---|
#
Context OutputThere is no context output for this command.
#
incap-get-app-infoUse this operation to retrieve a list of all the client applications
#
Base Commandincap-get-app-info
#
InputArgument Name | Description | Required |
---|
#
Context OutputThere is no context output for this command.
#
incap-get-infra-protection-top-items-tableUse this operation to view the highest peak values and highest average values for a protected IP range during a selected time period
#
Base Commandincap-get-infra-protection-top-items-table
#
InputArgument Name | Description | Required |
---|---|---|
ip_range | The customer's IP range. | Required |
range_type | One of the following: BGP, NETFLOW, PROTECTED_IP. Possible values are: BGP, NETFLOW, PROTECTED_IP. | Required |
start | The start date in milliseconds, since 1970. | Required |
end | The end date in milliseconds, since 1970. | Required |
data_type | One of the following: SRC_IP, DST_IP, SRC_PORT_PROTOCOL, DST_PORT_PROTOCOL. Possible values are: SRC_IP, DST_IP, SRC_PORT_PROTOCOL, DST_PORT_PROTOCOL. | Required |
metric_type | One of the following: BW, PPS. Possible values are: BW, PPS. | Required |
mitigation_type | One of the following: BLOCK, PASS. Possible values are: BLOCK, PASS. | Required |
aggregation_type | One of the following: PEAK, AVERAGE. Possible values are: PEAK, AVERAGE. | Required |
#
Context OutputThere is no context output for this command.