Table of Contents
How to create, update, query and delete policies in SPM using the Fire Scope REST API.
Overview
The REST API allows you to work with Policies in Fire Scope SPM. Specifically, you can:
- Retrieve
- Create or Update
- Delete
Retrieve
To retrieve the current information about a Policy in SPM, send unique query parameters in a GET request to the following URL:
Example:
http://localhost:38050/web_services/...s&name=policy1
Note: Don’t forget to change the domain name (localhost) and query parameter values (account, servicegroup, and name) to match your environment and data.
A JSON response will be returned similar in structure to the payload for the Create or Update.
Query Parameter Descriptions
| Parameter | Description | Type | Required |
| servicegroup | Name of the associated Service Group | String | Yes |
| name | Name of the Policy | String | Yes |
| account | Name of the SPM Account | String | Yes |
Create or Update
To create a Policy, send a POST operation with a JSON document to the following URL:
http://[IP address]:38050/web_services/policy
Use the following examples as a guide.
{
"account_id" : "firescope",
"adbuilder" : "@A&@B",
"description" : "Web Servers Policy",
"eventdefmembers" : [{
"memberid" : {"edge_device" : "edge1", "ci" : "ci1", "eventdef" : "ed1"},
"builder_symbol" : "@A"
}, {
"memberid" : {"logicalgroup" : "logicalgroup1", "aed" : "aed1"},
"builder_symbol" : "@B"
}],
"fs_eventdef_type" : {
"perf" : 1
},
"fs_groupid" : {"servicegroup" : "REST Service Group 1"},
"priority" : 3
}Property Descriptions
| Property | Description | Type | Default Value | Required |
| account_id | Name of the SPM account. | String | Yes | |
| adbuilder | The list of member variables (@A, @B, etc) and the “logic” needed to perform this evaluation.Examples: @A|@B ((@A|@B)&@C) ((@A&@B)|(@C&@D)) | String | Yes | |
| comments | String | No | ||
| custom_1 | Use these custom fields to store and assign additional information that will be associated with any generated events. The custom fields are accessible for notifications as macros {EVENT.CUSTOM_1} … {EVENT.CUSTOM_5}. | String | No | |
| custom_2 | String | No | ||
| custom_3 | String | No | ||
| custom_4 | String | No | ||
| custom_5 | String | No | ||
| description | Unique name of the Policy. | String | Yes | |
| eventdefmembers | Nested array of either member Event Definitions OR AED’s that make up this Policy. PropertyDescriptionTypeDefault ValueRequiredbuilder_symbolCorresponding symbol (@A, etc.) from the adbuilder.String YesmemberidA complex foreign key to either an Event Def or AED.Object[] Yes |
Object[] | Yes | |
| fs_business_avail | Whether this policy affects business availability. The failure of this policy will typically have a functional impact on the business and will be reflected in the status of the Service Group | Boolean | FALSE | Yes |
| fs_eventdef_concat | For simple mode, the AND (&) or OR (|) operator for evaluation. | String | & | Yes, when modetype=0 |
| fs_eventdef_type | Classify how identified events will impact IT operations. At least one of the following flags must be enabled: avail, bus, perf, or sec. PropertyDescriptionTypeDefault ValueRequiredamountFinancial cost to the business Number0YesavailAvailability: Indicates that either this asset is offline or users will not be able to perform tasks.Boolean FALSEYesbusBusiness flag: This event directly impacts key business processes or the business will lose money if the event occurs.Boolean FALSEYescurrencyCurrrency type String USDYesintervalvalueInterval in seconds to calculate the financial cost to the business. Possible values: 3600, 43200 , 86400, 604800Number0YesperfPerformance flag: End users will experience slowness or degraded service as a result of this event.Boolean FALSEYessecSecurity flag: Sensitive data may be compromised or unauthorized actions have been identified.Boolean FALSEYes |
Object | Yes | |
| fs_groupid | Name of the associated Service Group. | String | Yes | |
| modetype | 0 = Simple1 = Advanced | Number | 0 | No |
| priority | The severity for events generated by this definition. Severity is used in dashboards, reports and notifications. The severity level of events can determine if a notification is create and/or sent to users or not.0 = Not Classified1 = Information2 = Average3 = Warning4 = High5 = Major | Number | 0 | Yes |
| status | 0 = Enabled1 = Disabled | Number | 0 | Yes |
| value | The read only result of the last calculation of the policy.0 = OK1 = Failed | Number | 0 | No |
Delete
To delete a policy, send an HTTP DELETE request with the same query parameters as the GET request.See the Retrieve for the URL format and query parameter descriptions.