List All Policies

5 min

description list of policies (aka rules) configured in snypr to detect violators, violations and threats response includes all policies available in the system endpoint url snypr/ws/policy/getallpolicies method get output example \[ { "status code" 200, "response headers" { "date" "thu, 25 jan 2024 00 32 56 gmt", "content type" "application/xml", "transfer encoding" "chunked", "connection" "keep alive", "strict transport security" "max age=31536000 ; includesubdomains", "cache control" "private, no store, no cache, must revalidate", "x frame options" "deny", "pragma" "no cache", "x xss protection" "1 ;mode=block", "x content type options" "nosniff", "content security policy" "frame ancestors 'self' securonix net; default src 'self' securonix net; object src 'self' securonix net data blob ; script src 'unsafe inline' 'unsafe eval' 'self' securonix net https //edge fullstory com https //rs fullstory com http //iph zoominsoftware io/widget js data blob ; style src 'self' securonix net https //fonts googleapis com 'unsafe inline'; font src 'self' securonix net https //fonts gstatic com 'unsafe inline'; connect src 'self' securonix net https //edge fullstory com https //rs fullstory com https //securonix be prod zoominsoftware io http //documentation be securonix com wss\ //saaspoc5t16expo securonix net 443 data blob ; img src 'self' securonix net https //rs fullstory com data https ; child src 'self' securonix net blob ;", "set cookie" "jsessionid=610ace2e3babf8b2a161b50770a84799; path=/snypr; secure; httponly" }, "reason" "", "json body" { "policies" { "policy" \[ { "createdby" "admin", "createdon" "2022 12 09t18 04 38z", "criticality" "none", "description" "description data downloaded from ftp ports may be indicative of malicious insider/cyber aggregation activity which can later be used for exfiltration \r\ntechnique used behavior anomaly for data download activity", "hql" null, "id" "1927", "name" "abnormal amount of data aggregated from ftp ports next gen firewall" } ] } } } ] output parameters status code (number) reason (string) json body (object) policies (object) policy (array) createdby (string) createdon (string) criticality (string) description (string) hql (object) id (string) name (string) response headers header type date string content type string transfer encoding string connection string strict transport security string cache control string x frame options string pragma string x xss protection string x content type options string content security policy string set cookie string

Get Top Violators

SentinelOne Connector