POST /config/flow/common_destination_ports/active_configurations/{id}

Updates the active configuration for a common destination port, as specified by the ID.

Updates the active configuration for a common destination port, as specified by the ID. You must have System Administrator or Security Admin permissions to use this endpoint.

Table 1. POST /config/flow/common_destination_ports/active_configurations/{id} resource details
MIME Type
application/json

Table 2. POST /config/flow/common_destination_ports/active_configurations/{id} request parameter details
Parameter	Type	Optionality	Data Type	MIME Type	Description
id	path	Required	Number (Integer)	text/plain	The ID of the active configuration to update.

Table 3. POST /config/flow/common_destination_ports/active_configurations/{id} request body details
Parameter	Data Type	MIME Type	Description	Sample
body	Object	application/json	Only port, application_id, content_capture_size, app_detection_enabled and flow_direciton_enabled fields can be set when creating an active Common Destination Port configuration. All other fields are ignored. port - Integer - The unique port number to configure. application_id - Long - The application ID for this port configuration. The application ID for this port configuration that is used by the QRadar port-based mapping algorithm. content_capture_size - Integer - The maximum amount of payload to capture and store for an application on this port. Set this value to 1 if you want the application to inherit the content capture size from the SV_CONTENT_CAPTURE_LENGTH field in the nva.conf file. app_detection_enabled - Boolean - TRUE if the port configuration will be used to determine the application. If true, you must set the application_id. flow_direction_enabled - Boolean - TRUE if the port configuration will be used to determine the flow direction.	{ "app_detection_enabled": true, "application_id": 42, "content_capture_size": 42, "flow_direction_enabled": true, "port": 42 }

Table 4. POST /config/flow/common_destination_ports/active_configurations/{id} response codes
HTTP Response Code	Unique Code	Description
200		The active common destination port configuration was updated.
404	2001	A active configuration for the specified port number does not exist.
409	4002	null
422	4001	null
422	4003	The application ID is not valid.
422	4004	The content capture size must be between 0 and 65535 (inclusive).
500	1020	An error occurred while update the active Common Destination Port configuration.

Response Description

The updated active Common Destination Port Configuration for the specified ID. An active Common Destination Port Configuration object contains the following fields:

id - Long - The unique ID of the configuration.
port - Integer - The unique port number that you want to configure.
application_id - Long - The application ID for this port configuration. The application ID for this port configuration that is used by the QRadar port-based mapping algorithm.
application_name - String - The name of the application as it would appear on the Network Activity tab.
content_capture_size - Integer - The maximum amount of payload to capture and store for an application on this port. Set this value to 1 if you want the application to inherit the content capture size from the SV_CONTENT_CAPTURE_LENGTH field in the nva.conf file.
app_detection_enabled - Boolean - TRUE if the port configuration will be used to determine the application. If true, you must set the application_id.
flow_direction_enabled - Boolean - TRUE if the port configuration will be used to determine the flow direction.
uuid - String - The unique global ID of the configuration, specified as a UUID.
last_update_time - Long - The epoch timestamp, represented in milliseconds, since this configuration was last modified.

Response Sample


{
    "app_detection_enabled": true,
    "application_id": 42,
    "application_name": "String",
    "content_capture_size": 42,
    "flow_direction_enabled": true,
    "id": 42,
    "last_update_time": 42,
    "port": 42,
    "uuid": "String"
}