POST /config/flow/common_destination_ports/active_configurations

Creates a new active configuration.

Creates a new active configuration. You must have System Administrator or Security Admin permissions to use this endpoint.

Table 1. POST /config/flow/common_destination_ports/active_configurations resource details
MIME Type
application/json

Table 2. POST /config/flow/common_destination_ports/active_configurations request body details
Parameter	Data Type	MIME Type	Description	Sample
body	Object	application/json	Only port, application_id, content_capture_size, app_detection_enabled and flow_direciton_enabled fields can be set when creating an active Common Destination Port configuration. All other fields are ignored. port - Integer - The unique port number that you want to configure. application_id - Long - (Optional) The application ID for this port configuration. The application ID for this port configuration that is used by the QRadar port-based mapping algorithm. content_capture_size - Integer - The maximum amount of payload to capture and store for an application on this port. Set this value to 1 if you want the application to inherit the content capture size from the SV_CONTENT_CAPTURE_LENGTH field in the nva.conf file. app_detection_enabled - Boolean - TRUE if the port configuration will be used to determine the application. If true, you must set the application_id. flow_direction_enabled - Boolean - TRUE if the port configuration will be used to determine the flow direction.	{ "app_detection_enabled": true, "application_id": 42, "content_capture_size": 42, "flow_direction_enabled": true, "port": 42 }

Table 3. POST /config/flow/common_destination_ports/active_configurations response codes
HTTP Response Code	Unique Code	Description
201		The active Common Destination Port configuration was created.
409	3000	A configuration already exists for this port number.
422	3001	The port field is required, but was not provided.
422	3002	The port must be between 1 and 65535 (inclusive).
422	3003	The application_id field is required, but was not provided.
422	3004	The application ID is not valid.
422	3005	The content_capture_size field is required, but was not provided.
422	3006	The content capture size must be between 0 and 65535 (inclusive).
422	3007	The app_detection_enabled field is required, but was not provided.
422	3008	The flow_direction_enabled field is required, but was not provided.
500	1020	An error occurred while creating new active Common Destination Port configuration.

Response Description

201 response with the new active Common Destination Port configuration structure. Location header set to the URL of the new active Common Destination Port.

id - Long - The unique ID of the configuration.
port - Integer - The unique port number that you want to configure.
application_id - Long - The application ID for this port configuration. The application ID for this port configuration that is used by the QRadar port-based mapping algorithm.
application_name - String - The name of the application as it would appear on the Network Activity tab.
content_capture_size - Integer - The maximum amount of payload to capture and store for an application on this port. Set this value to 1 if you want the application to inherit the content capture size from the SV_CONTENT_CAPTURE_LENGTH field in the nva.conf file.
app_detection_enabled - Boolean - TRUE if the port configuration will be used to determine the application. If true, you must set the application_id.
flow_direction_enabled - Boolean - TRUE if the port configuration will be used to determine the flow direction.
uuid - String - The unique global ID of the configuration, specified as a UUID.
last_update_time - Long - The epoch timestamp, represented in milliseconds, since this configuration was last modified.

Response Sample


{
    "app_detection_enabled": true,
    "application_id": 42,
    "application_name": "String",
    "content_capture_size": 42,
    "flow_direction_enabled": true,
    "id": 42,
    "last_update_time": 42,
    "port": 42,
    "uuid": "String"
}