POST /config/flow/common_destination_ports/active_configurations/{id}
Updates the active configuration for a common destination port, as specified by the ID.
Updates the active configuration for a common destination port, as specified by the ID. You must have System Administrator or Security Admin permissions to use this endpoint.
MIME Type |
---|
application/json |
Parameter | Type | Optionality | Data Type | MIME Type | Description |
---|---|---|---|---|---|
id |
path |
Required |
Number (Integer) |
text/plain |
The ID of the active configuration to update. |
Parameter | Data Type | MIME Type | Description | Sample |
---|---|---|---|---|
body |
Object |
application/json |
Only port, application_id, content_capture_size, app_detection_enabled and flow_direciton_enabled fields can be set when creating an active Common Destination Port configuration. All other fields are ignored.
|
{ "app_detection_enabled": true, "application_id": 42, "content_capture_size": 42, "flow_direction_enabled": true, "port": 42 } |
HTTP Response Code | Unique Code | Description |
---|---|---|
200 |
The active common destination port configuration was updated. |
|
404 |
2001 |
A active configuration for the specified port number does not exist. |
409 |
4002 |
null |
422 |
4001 |
null |
422 |
4003 |
The application ID is not valid. |
422 |
4004 |
The content capture size must be between 0 and 65535 (inclusive). |
500 |
1020 |
An error occurred while update the active Common Destination Port configuration. |
Response Description
- id - Long - The unique ID of the configuration.
- port - Integer - The unique port number that you want to configure.
- application_id - Long - The application ID for this port configuration. The application ID for this port configuration that is used by the QRadar port-based mapping algorithm.
- application_name - String - The name of the application as it would appear on the Network Activity tab.
- content_capture_size - Integer - The maximum amount of payload to capture and store for an application on this port. Set this value to 1 if you want the application to inherit the content capture size from the SV_CONTENT_CAPTURE_LENGTH field in the nva.conf file.
- app_detection_enabled - Boolean - TRUE if the port configuration will be used to determine the application. If true, you must set the application_id.
- flow_direction_enabled - Boolean - TRUE if the port configuration will be used to determine the flow direction.
- uuid - String - The unique global ID of the configuration, specified as a UUID.
- last_update_time - Long - The epoch timestamp, represented in milliseconds, since this configuration was last modified.
Response Sample
{
"app_detection_enabled": true,
"application_id": 42,
"application_name": "String",
"content_capture_size": 42,
"flow_direction_enabled": true,
"id": 42,
"last_update_time": 42,
"port": 42,
"uuid": "String"
}