Fortinet black logo

Online Help

Get Policy Violation

Copy Link
Copy Doc ID e4328cd7-f48b-11eb-97f7-00505692583a:419416

Get Policy Violation

Description

Get top violation policies and details.

URL

/api/v1/dashboard/policy/violation

Request Method: GET

Request Headers

Key

Value

Required /Optional

Type

Description

companyId <12345>

Required

Integer Company ID - Company ID can be obtained through Get Resource Map
Authorization Bearer <Authorization Token>

Required

String Authorization credential generated by FortiCWP

startTime

<1583431870>

Optional

Long

Starting time of filtered open alerts in Unix Epoch timestamp. To convert date and time to Unix Epoch timestamp, refer to https://www.epochconverter.com/.

endTime

<1583431870>

Optional

Long

Ending time of filtered open alerts in Unix Epoch timestamp. To convert date and time to Unix Epoch timestamp, refer to https://www.epochconverter.com/.

Content-Type application/json

Required

String

Sample Request

Request URL

GET https://www.forticwp.com/api/v1/dashboard/policy/violation

Request Header

Authorization: Bearer <Authorization_Token>

companyId: <Company_ID>

Content-Type: application/json

starttime: 1583347487553

endtime: 1583433887553

Response Variables

Name

Type

Description

id String Policy code of the top violation policy
key String Policy name
value integer Total number of alerts triggered by the violation policy

Sample Response

[

{

"id":"FC-RS-140",

"key":"The flow logs retention day",

"value":14

},

{

"id":"FC-RS-139",

"key":"Network Security Groups should enable the flow logs",

"value":10

},

{

"id":"FC-RS-121",

"key":"Network Security Groups should block public traffic through SSH port (22)",

"value":8

},

{

"id":"FC-TF-002",

"key":"Inbound traffic from Internet to MySQL ports (3306,4333)",

"value":6

},

{

"id":"FC-RS-133",

"key":"Network Security Groups should block public traffic through MySQL port (3306)",

"value":5

},

{

"id":"FC-TF-003",

"key":"Inbound traffic from Internet to FTP port (21)",

"value":5

},

{

"id":"FC-TF-004",

"key":"Inbound traffic from Internet to Zookeeper port (2181)",

"value":5

},

{

"id":"FC-TF-005",

"key":"Inbound traffic from Internet to Telnet port (23)",

"value":5

},

{

"id":"FC-TF-006",

"key":"Inbound traffic from Internet to CIFS port (445)",

"value":5

},

{

"id":"FC-TF-007",

"key":"Inbound traffic from Internet to DNS port (53)",

"value":5

},

{

"id":"FC-TF-008",

"key":"Inbound traffic from Internet to NetBIOS port (137)",

"value":5

}

]

Get Policy Violation

Description

Get top violation policies and details.

URL

/api/v1/dashboard/policy/violation

Request Method: GET

Request Headers

Key

Value

Required /Optional

Type

Description

companyId <12345>

Required

Integer Company ID - Company ID can be obtained through Get Resource Map
Authorization Bearer <Authorization Token>

Required

String Authorization credential generated by FortiCWP

startTime

<1583431870>

Optional

Long

Starting time of filtered open alerts in Unix Epoch timestamp. To convert date and time to Unix Epoch timestamp, refer to https://www.epochconverter.com/.

endTime

<1583431870>

Optional

Long

Ending time of filtered open alerts in Unix Epoch timestamp. To convert date and time to Unix Epoch timestamp, refer to https://www.epochconverter.com/.

Content-Type application/json

Required

String

Sample Request

Request URL

GET https://www.forticwp.com/api/v1/dashboard/policy/violation

Request Header

Authorization: Bearer <Authorization_Token>

companyId: <Company_ID>

Content-Type: application/json

starttime: 1583347487553

endtime: 1583433887553

Response Variables

Name

Type

Description

id String Policy code of the top violation policy
key String Policy name
value integer Total number of alerts triggered by the violation policy

Sample Response

[

{

"id":"FC-RS-140",

"key":"The flow logs retention day",

"value":14

},

{

"id":"FC-RS-139",

"key":"Network Security Groups should enable the flow logs",

"value":10

},

{

"id":"FC-RS-121",

"key":"Network Security Groups should block public traffic through SSH port (22)",

"value":8

},

{

"id":"FC-TF-002",

"key":"Inbound traffic from Internet to MySQL ports (3306,4333)",

"value":6

},

{

"id":"FC-RS-133",

"key":"Network Security Groups should block public traffic through MySQL port (3306)",

"value":5

},

{

"id":"FC-TF-003",

"key":"Inbound traffic from Internet to FTP port (21)",

"value":5

},

{

"id":"FC-TF-004",

"key":"Inbound traffic from Internet to Zookeeper port (2181)",

"value":5

},

{

"id":"FC-TF-005",

"key":"Inbound traffic from Internet to Telnet port (23)",

"value":5

},

{

"id":"FC-TF-006",

"key":"Inbound traffic from Internet to CIFS port (445)",

"value":5

},

{

"id":"FC-TF-007",

"key":"Inbound traffic from Internet to DNS port (53)",

"value":5

},

{

"id":"FC-TF-008",

"key":"Inbound traffic from Internet to NetBIOS port (137)",

"value":5

}

]