GET /config/flow/common_destination_ports/default_configurations

Gets the list of default configurations for common destination ports.

Gets the list of default configurations for common destination ports. You must have System Administrator or Security Admin permissions to use this endpoint.

Table 1. GET /config/flow/common_destination_ports/default_configurations resource details
MIME Type

application/json

Table 2. GET /config/flow/common_destination_ports/default_configurations request parameter details
Parameter Type Optionality Data Type MIME Type Description

sort

query

Optional

String

text/plain

Optional - This parameter is used to sort the elements in a list.

fields

query

Optional

String

text/plain

Optional - Use this parameter to specify which fields you would like to get back in the response. Fields that are not named are excluded. Specify subfields in brackets and multiple fields in the same object are separated by commas.

filter

query

Optional

String

text/plain

Optional - This parameter is used to restrict the elements in a list base on the contents of various fields.

Range

header

Optional

String

text/plain

Optional - Use this parameter to restrict the number of elements that are returned in the list to a specified range. The list is indexed starting at zero.

Table 3. GET /config/flow/common_destination_ports/default_configurations response codes
HTTP Response Code Unique Code Description

200

An array of default Common Destination Port Configurations. The port is used as the default sort input in ascending order.

422

1005

A field request parameter is not valid.

422

1010

Invalid filter criteria supplied.

422

1015

The sort field or order is not valid.

500

1020

An error occurred while retiriving default Common Destination Port Configurations.

Response Description

An array of default Common Destination Port Configurations. The port is used as the default sort input in ascending order. A default Common Destination Port Configuration object contains the following fields:
  • id - Long - The unique ID of the configuration.
  • port - Integer - The unique port number that you want to configure.
  • application_id - Long - The application ID for this port configuration. The application ID for this port configuration that is used by the QRadar port-based mapping algorithm.
  • application_name - String - The name of the application as it would appear on the Network Activity tab.
  • content_capture_size - Integer - The maximum amount of payload to capture and store for an application on this port. Set this value to 1 if you want the application to inherit the content capture size from the SV_CONTENT_CAPTURE_LENGTH field in the nva.conf file.
  • app_detection_enabled - Boolean - TRUE if the port configuration will be used to determine the application. If true, you must set the application_id.
  • flow_direction_enabled - Boolean - TRUE if the port configuration will be used to determine the flow direction.
  • uuid - String - The unique global ID of the configuration, specified as a UUID.
  • last_update_time - Long - The epoch timestamp, represented in milliseconds, since this configuration was last modified.

Response Sample


[
    {
        "app_detection_enabled": true,
        "application_id": 42,
        "application_name": "String",
        "content_capture_size": 42,
        "flow_direction_enabled": true,
        "id": 42,
        "last_update_time": 42,
        "port": 42,
        "uuid": "String"
    }
]