Download OpenAPI specification:Download
Public API for external connectors
All API methods must include the access token used to authenticate and authorize calls in the request header. Specifying an access token in a URI is not supported. Not specifying an access token in these cases results in a returned 401 error code.
Security Scheme Type | HTTP |
---|---|
HTTP Authorization Scheme | bearer |
Bearer format | "JWT" |
Product information - Kaspersky Industrial CyberSecurity for Networks release version and list of installed components and their versions.
You can get product version and component info from Kaspersky Industrial CyberSecurity for Networks by using the about api methods.
version required | string |
{- "version": "3.1.0.131",
- "updateableComponents": [
- {
- "type": "Icr",
- "releaseTime": "2020-02-23T13:45:21"
}, - {
- "type": "Idsir",
- "releaseTime": "2020-02-23T13:45:21"
}
]
}
Allowing rules are rules for reducing the number of repeated events that do not require operator attention in Kaspersky Industrial CyberSecurity for Networks. You can get allowing rules from Kaspersky Industrial CyberSecurity for Networks by using the allowing rules api methods.
id required | integer <int64> >= 1 ID of the requested allowing rule. |
version required | string |
{- "commands": "ADD; CHECKPOINT LOAD; CHECKPOINT LOAD FINISH; CHECKPOINT LOAD INIT - RESPONSE; CHECKPOINT LOAD STOP",
- "protocols": "Foxboro FCP280/FCP270 - device interaction",
- "isDpiDetectable": false,
- "addressType": "Ip",
- "timestampCreated": "2020-10-26T10:15:06",
- "timestampModified": "2020-10-26T11:15:06",
- "monitoringPoint": "",
- "monitoringPointTimestampDeleted": null,
- "id": 12369,
- "isActive": true,
- "ruleType": "Nic",
- "side1": {
- "macAddressRanges": [
- {
- "from": "ff:ff:ff:ff:ff:ff",
- "to": "ff:ff:ff:ff:ff:ff"
}
], - "ipAddressRanges": [
- {
- "from": "1.1.1.1",
- "to": "1.1.1.10"
}
], - "portAddressRanges": [
- {
- "from": 8000,
- "to": 8080
}
]
}, - "side2": {
- "macAddressRanges": [
- {
- "from": "00:50:56:ac:b5:32",
- "to": "00:50:56:ac:b5:45"
}
], - "ipAddressRanges": [
- {
- "from": "1.1.1.1",
- "to": "1.1.1.10"
}, - {
- "from": "1.1.12.1",
- "to": "1.1.12.10"
}
], - "portAddressRanges": [ ]
}, - "comment": "",
- "isAutoGenerated": true,
- "eventType": "",
- "eventTypeId": 0,
- "triggeredRule": ""
}
You can edit allowing rule data in Kaspersky Industrial CyberSecurity for Networks by using this API.
id required | integer <int64> >= 1 ID of the edited allowing rule. |
version required | string |
Parameters of the edited allowing rule:
isActive required | boolean State of activity of allowing rule. |
{- "isActive": true
}
Returns a specified number of allowing rules starting from a certain offset (but not including rules with specified offset).
You can specify filtering and paging options for rules.
By default, allowing rules are not sorted. You should use {sort} property from argument to specify sort order.
Fields that can be used for filtering:
version required | string |
Query argument. This lets you define the parameters for filtering and sorting, the offset and maximum number of allowing rules in the returned results.
filter | object Nullable Filtering parameters.
{ "query": { ... "filter": [ { "field": "propName3", "condition": "isOneOf", "value": ["DPI", "NIC", "CC"], }, { "field": "propName4", "condition": ">=", "value": "2020-10-27T17:32:25.806Z" } ] } } Example of a set of conditions with a nested conditions group in which the conditions are merged by OR, while the top-level conditions are merged by AND: { "query": { ... "filter": [ [ { "field": "propName1", "condition": ">=", "value": 10 }, { "field": "propName1", "value": 1, "operator": "or" } ], { "field": "propName3", "condition": "isOneOf", "value": ["DPI", "NIC", "CC"] }, { "field": "propName4", "condition": ">=", "value": "2020-10-27T17:32:25.806Z" } ] } } |
Array of objects (ColumnOrderDto) Nullable Sorting results.
| |
offset | integer <int32> [ 0 .. 2147483647 ] Nullable 0-based index of the item in the full list where the results must begin.
|
limit | integer <int32> [ 0 .. 1000 ] Nullable Maximum number of items in the results.
|