#%RAML 1.0 title: NetOps Console Server REST API mediaType: application/json annotationTypes: deprecated: properties: replaceWith: type: string description: | Describe the alternative resource/method that can be used as a substitute. required: true since: type: string pattern: (0[1-9]|10|11|12)/20[0-9]{2} required: true description: Describe when the resource/method became deprecated in the format (mm/YYYY) allowedTargets: [Resource, Method] displayName: Deprecated description: | A deprecated resource or method is *not* recommended for new work. The resource or method will be removed in a future version of the API. Deprecation does NOT mean it is not supported anymore in the current version. deprecatedProperty: properties: replaceWith: type: object description: | Describe the alternative property in an object that can be used as a substitute. required: false since: type: string pattern: (0[1-9]|10|11|12)/20[0-9]{2} required: true description: Describe when the property became deprecated in the format (mm/YYYY) allowedTargets: [TypeDeclaration] displayName: Deprecated Property description: | A deprecated property is *not* recommended for new work. Deprecated properties will take precedence over their new counterparts by overlaying those changes to maintain backwards compatibility if the deprecated property has been replaced with a new alias. For example if new_key is an alias for a deprecated property old_key, if both old_key and new_key are given in the same operation, new_key will be applied first, and then the old_key will be applied last, overwriting the new_key value. If a PATCH operation has been emulated, it is recommended to first remove the deprecated properties before re-using that data in a PUT. The property will be removed in a future version of the API. Deprecation does NOT mean it is not supported anymore in the current version. version: v2 documentation: - title: NetOps Console Server REST API content: This API allows control and inspection of an Opengear NetOps Console Server appliance. baseUri: https://{appliancehost}/api/v2 protocols: [ HTTPS ] securitySchemes: token: description: NetOps Console Server base authentication scheme. type: Basic Authentication describedBy: headers: Authorization: description: authorization session token type: string displayName: Authorization example: Token 521a00e57d4a461b3e4bb0c55166f97c types: error: type: object properties: error: type: array description: A list of errors items: type: object properties: type: type: integer code: type: integer level: type: integer text: type: string args: type: object potsModemPutType: type: object properties: "device": description: This is the device name (read-only) assigned to the POTS modem device by the kernel. type: string "mode": description: The operational mode of the POTS modem can be either 'disabled' or 'dialin'. type: string enum: [ "disabled", "dialin" ] "baud": description: The data rate assigned to the POTS modem. type: string enum: [ "2400", "4800", "9600", "19200", "38400", "57600", "115200", "230400" ] "command_sequence": description: | An AT command that runs when the modem is initialized. Multiple commands can be entered, separated by semicolons. [regexerr: 'command sequence' cannot contain spaces.] type: string pattern: ^\S*$ required: false potsModemType: type: object properties: "id": description: A unique identifier for the POTS modem. type: string "device": description: This is the device name (read-only) assigned to the POTS modem device by the kernel. type: string "mode": description: The operational mode of the POTS modem can be either 'disabled' or 'dialin'. type: string enum: [ "disabled", "dialin" ] "baud": description: The data rate assigned to the POTS modem. type: string enum: [ "2400", "4800", "9600", "19200", "38400", "57600", "115200", "230400" ] "command_sequence": description: | An AT command that runs when the modem is initialized. Multiple commands can be entered, separated by semicolons. type: string required: false "runtime_status": type: object required: false properties: "status": description: The current status of the modem. type: string enum: [ "listening", "connected", "disabled", "unknown" ] potsModemPut: type: object description: The configuration to apply to a POTS modem. properties: "pots_modem": type: potsModemPutType potsModem: type: object description: The configuration request for a POTS modem. properties: "pots_modem": type: potsModemType potsModemPutList: type: object description: The configuration for POTS modems. properties: "pots_modems": type: array items: type: potsModemPutType potsModemList: type: object description: The configuration for POTS modems. properties: "pots_modems": type: array items: type: potsModemType bruteForceProtection: type: object properties: brute_force_protection: type: object properties: ssh_enabled: description: enable or disable watching failed SSH login attempts type: boolean https_enabled: description: enable or disable watching failed HTTPS login attempts type: boolean max_retry: description: number of failures that have to occur in the last `find_time` minutes to ban then IP type: integer format: int32 minimum: 3 ban_time: description: effective ban duration (in seconds) type: integer format: int32 minimum: 60 find_time: description: time interval (in minutes) before the current time where failures will count towards a ban type: integer format: int32 minimum: 1 bruteForceProtectionBanItem: type: object properties: jail: description: Name of the jail responsible for banning the IP type: string address: description: IP address banned by Brute Force Protection type: string time_of_ban: description: Timestamp of when the IP address was banned type: integer ban_time: description: Length of ban in seconds type: integer multi_field_identifier: type: string description: A string which can be used to uniquely identify this brute force protection ban item. bruteForceProtectionBanItemById: type: object properties: "brute_force_protection_ban": type: bruteForceProtectionBanItem bruteForceProtectionResponseBans: type: object properties: "brute_force_protection_bans": type: array items: type: bruteForceProtectionBanItem staticRoutesStatusItem: type: object properties: route: description: The id of the route this status is for type: string status: description: A value indicating the status of the static route. type: string enum: [ "waiting", "installed", "error", "not_installed", "physif_disabled", "physif_disconnected", "no_connections", ] error: description: If the status is 'error', this is the output from the 'ip route' command. required: false type: string staticRoutesStatusItemById: type: object properties: "static_routes_status": type: staticRoutesStatusItem staticRoutesStatus: type: object properties: "static_routes_status": type: array items: type: staticRoutesStatusItem staticRoutesStatusById: type: object properties: static_routes_status: type: staticRoutesStatusItem credentials: type: object properties: username: type: string password: type: string new_password: type: string required: false confirm_password: type: string required: false errorString: type: object properties: error: type: string getSessionResponse: type: object properties: state: type: string session: type: string user: type: string required: false last_challenge: type: string required: false # these fields are common to GET/PUT/POST userObj: type: object properties: description: type: string description: A descriptive string for the user. required: false enabled: type: boolean description: Only enabled users are able to login. required: false default: true hashed_password: type: string description: | A hashed password, compatible with the crypt GNU C Library function, to set for the user. [visible:never] required: false no_password: type: boolean description: | Set this to false for local users. One of password or hashed_password is required. Set this to true for remote-only (AAA) users. Both password and hashed_password must be unset. [visible:password:=:] required: false default: false ssh_password_enabled: type: boolean description: | Allow ssh login using a password. If this is false and an authorized key has been set, the user can still login to ssh. required: false default: true groups: type: array description: A list of groups for which this user is a member. items: type: string description: | A group for which this user is a member. [reference:group:groupname] required: false # PUT for a user also accepts an optional plain-text password putUserObj: type: userObj properties: password: type: string pattern: ^(?!default$).* required: false description: | The plaintext password to set for the user. For increased security, it is strongly recommended to enable Password Complexity. [sensitive,visible:no_password:!=:true,required:no_password:=:true:stored,regexerr:'default' is not a valid password option.] # POST for a user (and PUT /users) requires the username and password postUserObj: type: userObj properties: username: type: string description: The POSIX name for the user. password: type: string pattern: ^(?!default$).* required: false description: | The plaintext password to set for the user. For increased security, it is strongly recommended to enable Password Complexity. [sensitive,required:always,visible:no_password:!=:true,regexerr:'default' is not a valid password option.] # GET for a user returns the username, but not the plain-text password getUserObj: type: userObj properties: username: type: string description: The POSIX name for the user. id: type: string description: A unique identifier for this user. rights: type: object properties: delete: type: boolean modify: type: boolean groupNames: type: array description: A duplicate list of group names for the user. items: type: string # PUT /users is like POST for a bunch of users putUserList: type: object properties: "users": type: array description: The users to add items: type: postUserObj putUserType: type: object properties: "user": type: putUserObj postUserType: type: object properties: "user": type: postUserObj getUserType: type: object properties: "user": type: getUserObj getUserList: type: object properties: "users": type: array items: type: getUserObj meta: metaResponse systemSSHAuthorizedKey: type: object properties: id: type: string description: ID of SSH key key: type: string description: The SSH key key_fingerprint: type: string description: The fingerprint of the SSH key multi_field_identifier: type: string description: A string which can be used to uniquely identify this key userSSHAuthorizedKey: type: object properties: id: type: string description: ID of SSH key key: type: string description: The SSH key key_fingerprint: type: string description: The fingerprint of the SSH key userSSHAuthorizedKeys: type: object properties: authorized_keys: type: array items: type: userSSHAuthorizedKey allUsersSSHAuthorizedKey: type: systemSSHAuthorizedKey properties: username: type: string description: The user associated with the SSH key allUsersSSHAuthorizedKeys: type: object properties: system_authorized_keys: type: array items: type: allUsersSSHAuthorizedKey allUsersSSHAuthorizedKeyPost: type: object properties: system_authorized_key: type: object properties: key: type: string description: The SSH key username: type: string description: The user associated with the SSH key allUsersSSHAuthorizedKeyGet: type: object properties: system_authorized_key: type: allUsersSSHAuthorizedKey userSSHAuthorizedKeyGet: type: object properties: authorized_key: type: userSSHAuthorizedKey userSSHAuthorizedKeyPost: type: object properties: authorized_key: type: object properties: key: type: string description: The SSH key to authenticate as this user. lldp: type: object properties: "lldp": type: object properties: "enabled": type: boolean description: | This setting enables the Link Layer Discovery Protocol (LLDP) and Cisco Discovery Protocol (CDP) services. "description": type: string required: false description: | This setting overrides the default system description sent by the network discovery protocol daemon. The default description is the kernel name, the node name, the kernel version, the build date and the architecture. "platform": type: string required: false description: | This setting overrides the CDP platform name. The default name is the kernel name (Linux). "physifs": type: array description: | The set of physical interfaces to perform LLDP/CDP monitoring on. If this is empty, then all physical interfaces will be used. items: type: string description: | [computed_options:physif_physical] lldpChassis: type: object properties: lldpstat: type: object properties: name: type: string mac: type: string Bridge: type: boolean Router: type: boolean Station: type: boolean Wlan: type: boolean descr: type: string mgmt_ip: type: array items: type: string lldpNeighborItem: type: object properties: name: type: string remote_name: type: string remote_mac: type: string mgmt_ip: type: array items: type: string port_name: type: string port: type: string id: type: integer getLLDPNeighborById: type: object properties: "lldp-status-neighbor": type: lldpNeighborItem lldpNeighborList: type: object properties: lldp-status-neighbor: type: array items: type: lldpNeighborItem getSyslogServerResponse: type: object properties: "syslogServer": type: object properties: "id": type: string description: | Unique ID assigned to the syslog server configuration. This value is used to query the '/services/syslog/:id:' endpoint. This value is automatically assigned. "multi_field_identifier": type: string description: | A string which can be used to uniquely identify this syslog server in command line tools. It cannot be used to identify a specific instance when querying the '/services/syslog/:id:' endpoint, the 'id' value must be used. This value acts as a secondary unique key and is automatically assigned and is made up of the combination of several fields (address, port, protocol). "port": type: integer description: | Port number on which the syslog server is listening. The default port is 514 for UDP and 601 for TCP. "protocol": type: string description: | Protocol used to communicate with the syslog server. enum: [ "TCP", "UDP" ] default: 'UDP' "address": type: string description: | IP address of the syslog server. "description": type: string description: | A description of the syslog server for informational purposes only. This field is not used to uniquely identify the server. "port_logging_enabled": type: boolean description: | Enable sending of serial port data logs to this remote syslog server. Logging must be separately enabled for each port for there to be any events, and only those ports that have logging explicitly enabled will have port data logged. "min_severity": type: string description: | Messages with a severity level equal to or greater than this severity are sent to the remote syslog server. 'debug' is the least severe, 'emergency' is the most severe. [no_sorting_required] enum: [ "emergency", "alert", "critical", "error", "warning", "notice", "info", "debug", ] getSyslogServerResponseSingle: type: object properties: "id": type: string description: | Unique ID assigned to the syslog server configuration. This value is used to query the '/services/syslog/:id:' endpoint. This value is automatically assigned. "multi_field_identifier": type: string description: | A string which can be used to uniquely identify this syslog server in command line tools. It cannot be used to identify a specific instance when querying the '/services/syslog/:id:' endpoint, the 'id' value must be used. This value is automatically assigned. "port": type: integer description: | Port number on which the syslog server is listening. The default port is 514 for UDP and 601 for TCP. "protocol": type: string description: | Protocol used to communicate with the syslog server. enum: [ "TCP", "UDP" ] default: UDP "address": type: string description: | IP address of the syslog server. "description": type: string description: | A description of the syslog server for informational purposes only. This field is not used to uniquely identify the server. "port_logging_enabled": type: boolean description: | Enable sending of serial port data logs to this remote syslog server. Logging must be separately enabled for each port for there to be any events, and only those ports that have logging explicitly enabled will have port data logged. "min_severity": type: string description: | Messages with a severity level equal to or greater than this severity are sent to the remote syslog server. 'debug' is the least severe, 'emergency' is the most severe. [no_sorting_required] enum: [ "emergency", "alert", "critical", "error", "warning", "notice", "info", "debug", ] getSyslogServerListResponse: type: object properties: "syslogServers": type: array items: type: getSyslogServerResponseSingle putSyslogServer: type: object properties: "syslogServer" : type: object properties: "port": type: integer required: false description: | Port number on which the syslog server is listening. The default port is 514 for UDP and 601 for TCP. minimum: 1 maximum: 65535 "protocol": type: string required: false description: | Protocol used to communicate with the syslog server. enum: [ "TCP", "UDP" ] default: UDP "address": type: string description: | IP address of the syslog server. "description": type: string required: false description: | A description of the syslog server (optional) for informational purposes only. This field is not used to uniquely identify the server. "port_logging_enabled": type: boolean required: false description: | Enable sending of serial port data logs to this remote syslog server. Logging must be separately enabled for each port for there to be any events, and only those ports that have logging explicitly enabled will have port data logged. "min_severity": type: string required: false description: | Messages with a severity level equal to or greater than this severity are sent to the remote syslog server. 'debug' is the least severe, 'emergency' is the most severe. [no_sorting_required] enum: [ "emergency", "alert", "critical", "error", "warning", "notice", "info", "debug", ] getLogLinesResponse: type: object properties: "id": string "no_of_log_lines": integer "log_lines": type: array required: false items: type: string getSyslogLinesResponse: type: object properties: "syslog": type: getLogLinesResponse getPortLogLinesResponse: type: object properties: "portlog": type: getLogLinesResponse user: type: object properties: "id": string "username": string "description": string "enabled": boolean "groups": type: array items: type: string putGroupObj: type: object properties: "groupname": type: string description: | The POSIX name for the group (maximum of 60 characters). [regexerr:Uppercase and lowercase letters, regexerr:Numbers, regexerr:"_", regexerr:"-" except for first character, regexerr:"." except for first character] pattern: '^[a-zA-Z0-9_]+[a-zA-Z0-9._-]*$' maxLength: 60 "enabled": type: boolean required: false default: true description: | If the group is currently enabled. If a group is disabled, any permissions attached to it will not be bestowed upon users in that group. "mode": type: string required: false description: | Set to global to allow access to all ports. Set to scoped to limit access to specific ports. [visible:never] enum: [ "global", "scoped" ] (deprecatedProperty): since: 08/2022 "role": type: string required: false description: | Set to Administrator to allow access to the entire web UI. Set to ConsoleUser to limit access to serial port pages only. [visible:never] enum: [ "Administrator", "ConsoleUser" ] (deprecatedProperty): since: 08/2022 "access_rights": type: array required: false description: | A list of resources or features that members of this group have been granted access to. items: type: string description: | A resource or feature that members of this group have access to. See /access_rights to get a list of valid access rights. [reference:access_right:name] "description": type: string required: false description: A description of the group's purpose. maxLength: 128 "members": type: array required: false description: | A list of users assigned to this group. The users can be referenced by either usernames or user ids. items: type: string description: | A user that is a part of this group. [computed_options:user_list_without_root] "ports": type: array required: false description: | The ports that users in this group can access. items: type: string description: | A single port that users in this group can access. [reference:port:name] getGroupObj: type: putGroupObj properties: "id": description: "A unique identifier for this group" type: string "rights": type: object properties: "delete": type: boolean "modify": type: boolean putGroupType: type: object properties: group: type: putGroupObj getGroupType: type: object properties: group: type: getGroupObj getGroupList: type: object properties: "groups": type: array items: type: getGroupObj meta: metaResponse # We only document the way LH uses this endpoint. # However, this endpoint silently accepts alternative fields that match # getGroupList for config export/import purposes. putGroupList: type: object properties: "groups": type: array description: The groups to add items: type: object properties: "name": "type": string description: The POSIX name for the group (maximum of 60 characters). "description": "type": string description: A description of the group's purpose. "roles": "type": array description: | Set to ["admin"] to allow access to the entire web UI. Set to ["all_ports_user", "pmshell_user"] to limit access to serial port pages only. Set to ["basic_webui_user", "pmshell_user"] to limit access to serial port pages only. "items": "type": string enum: [ "admin", "pmshell_user", "all_ports_user", "basic_webui_user", ] "ports": "type": array "required": false "description": | The boolean at each index indicates if the port for that index is accessible. The ports field is required if roles[0] is set to 'basic_webui_user'. [reference:port:name] "items": "type": string responseToSessionChallenge: type: object properties: session: type: string state: type: object challenge: description: Next challenge (if any) type: string deleteSessionResponse: type: object properties: session: type: string success: type: string state: type: string user: type: string extendSessionResponse: type: object properties: session: type: string success: type: boolean state: type: object seconds_remaining: type: integer format: int32 putPortIpAliasListSingle: type: object description: An IP address for dedicated access to a specific serial or USB console port. properties: "ipaddress": type: string description: The IP address to use for the port alias. Supports both IPv4 and IPv6. "interface": type: string description: | The network interface to add the IP alias to. [reference:physif:device] putPortIpAliasList: type: array items: type: putPortIpAliasListSingle getPortIpAliasListSingle: type: putPortIpAliasListSingle properties: "id": string "port": string getPortIpAliasList: type: array items: type: getPortIpAliasListSingle getPortPduOutletsListSingle: type: object description: A PDU outlet associated with a specific serial or USB console port. properties: "id": type: string description: | The unique identifier for a port to reference an associated outlet. "outlet_name": type: string description: | The name of the outlet on the associated PDU. "outlet_number": type: integer description: | The number of the outlet on the associated PDU. "outlet_on": type: boolean description: | When the 'status' of the outlet is 'on'. "pdu_id": type: string description: | The id of the PDU that is associated with the outlet. [reference:pdu:id] "pdu_name": type: string description: | The name of the PDU that is associated with the outlet. [reference:pdu:name] "pdu_location": type: string description: | The port on the NetOps Console Server that is connected to the PDU associated with the outlet. "status": type: string description: | The power status of the outlet. enum: [ "unreachable", "on", "off", ] getPortPduOutletsList: type: array items: type: getPortPduOutletsListSingle getPDUDriverListResponse: type: object properties: driver_list: type: object items: powerman_list: type: array items: type: shell_list: type: array items: type: pduDriver snmp_list: type: array items: type: pduDriver # these fields are common to GET/PUT/POST for a port. portObj: type: object properties: parity: type: string description: The format of the parity byte. enum: [ "none", "odd", "even" ] label: type: string description: The label for the serial port. stopbits: type: string description: The number of stop bits between characters. enum: [ "1", "2" ] portnum: type: integer description: | The numeric port index (starting from 1) displayed in portmanager. (read-only) required: false pinout: type: string description: | The physical pinout of the port connector. [enum:available_pinouts] enum: [ "X1", "X2", "USB" ] ip_alias: type: putPortIpAliasList description: | An IP address for dedicated access to a specific serial or USB console port. [**consoleServer mode only**] required: false baudrate: type: string description: | The communication rate of the port. [no_sorting_required,enum:available_baudrates] enum: [ "50", "75", "110", "134", "150", "200", "300", "600", "1200", "1800", "2400", "4800", "9600", "19200", "38400", "57600", "115200", "230400" ] logging_level: type: string description: | Indicates the logging level for the port. [**consoleServer mode only**] enum: [ "disabled", "eventsOnly", "eventsAndReceivedCharacters", "eventsAndAllCharacters" ] databits: type: string description: The number of data bits in a character. enum: [ "7", "8" ] escape_char: type: string description: | The escape character for pmshell. [**consoleServer mode only**] control_code: type: object properties: break: type: string description: | Generate BREAK (~b) - send a break to the console. [regexerr:Lowercase letters except "i" and "m"] maxLength: 1 pattern: ^[a-h,j-l,n-z]*$ required: false portlog: type: string description: | View history (~h) - see the traffic logs for the port, must have port logging enabled. [regexerr:Lowercase letters except "i" and "m"] maxLength: 1 pattern: ^[a-h,j-l,n-z]*$ required: false power: type: string description: | Power menu (~p) - open the power menu for the port, port must be associated with a PDU outlet. [regexerr:Lowercase letters except "i" and "m"] maxLength: 1 pattern: ^[a-h,j-l,n-z]*$ required: false chooser: type: string description: | Connect to port menu (~m) - go back to the serial port selection menu. [regexerr:Lowercase letters except "i" and "m"] maxLength: 1 pattern: ^[a-h,j-l,n-z]*$ required: false quit: type: string description: | Exit pmshell (~.) - exit pmshell completely. [regexerr:Lowercase letters except "i" and "m"] maxLength: 1 pattern: ^[a-h,j-l,n-z]*$ required: false pmhelp: type: string description: | Show help message (~?) - shows the help message. [regexerr:Lowercase letters except "i" and "m"] maxLength: 1 pattern: ^[a-h,j-l,n-z]*$ required: false description: | The control characters for pmshell (CTRL + key). These are additional controls (key sequences) that can be added to the built in set of key sequences (escape_char + key) to access pmshell control commands. Example: setting control_code.pmhelp="h" will open the help menu in pmshell when CTRL + h is pressed. [**consoleServer mode only**] required: false single_session: type: boolean description: | Limit the port to a single concurrent connection. [**consoleServer mode only**] required: false terminal_emulation: type: string description: | The terminal emulation type. [**localConsole mode only**] enum: [ "vt100", "vt102", "vt220", "linux", "ansi" ] required: false kernel_debug: type: boolean description: | Emits kernel debug messages on this serial port. This can only be enabled for serial port 1 on OM12xx. Enabling for any other serial port on an OM12xx, or for any serial port on any other SKU, is an error. [**localConsole mode only**] required: false raw_tcp: type: boolean description: | Enable or disable raw tcp serial access on this port. Raw tcp access will bypass user authentication and must only be used in a secure environment. [**consoleServer mode only**] required: false # PUT/POST for a port requires the mode (but pduDevice is not a valid value). putPortObj: type: portObj properties: mode: type: string description: The mode that the port is in. [computed_options:port_modes] # GET for a port returns the mode (and pduDevice is a valid value), as well as additional read-only fields. getPortObj: type: portObj properties: mode: type: string description: The mode that the port is in. enum: [ "disabled", "consoleServer", "localConsole", "pduDevice" ] id: type: string description: The ID of the serial port. This ID can be used to fetch individual ports using the /ports/ endpoint. status: type: string description: The external hardware connection status on USB serial ports. If the serial port type is RJ45, then this will always return 'ok'. enum: [ "ok", "disconnected" ] available_pinouts: type: array items: type: string description: > Valid values for the "pinout" property of this port. Pinout settings are not applicable for USB ports and must always be set to "USB". In addition, some units do not support pinout switching on all ports and in those cases the pinout must always be set to "X2". available_baudrates: type: array items: type: string description: > Valid values for the "baudrate" property of this port. The valid baud rates for a port are hardware-dependent. sessions: type: array items: type: portSessionObj device: type: string name: type: string pdu_outlets: type: getPortPduOutletsList description: | A list of PDU outlets associated with this port. [**consoleServer mode only**] required: false putPortType: type: object properties: port: type: putPortObj putPortList: type: object properties: ports: type: array items: type: putPortObj getPortType: type: object properties: port: type: getPortObj getPortList: type: object properties: ports: type: array items: type: getPortObj portSessionObj: type: object properties: username: type: string description: The user that opened this port session. client_pid: type: integer description: The client process ID of this port session. getPortSessionType: type: object properties: port_session: type: portSessionObj getPortSessionList: type: object properties: port_sessions: type: array items: type: portSessionObj deleteMultiplePortSessionsResponse: type: object properties: disconnected_session_count: integer portStatusObj: type: object properties: id: type: string description: A unique identifier for this serial port label: type: string description: label for serial port status: type: string description: The external hardware connection status on USB serial ports. If the serial port type is RJ45, then this will always return 'ok'. enum: [ "ok", "disconnected" ] rts: type: boolean description: | Current status of the RTS pin on this serial port. cts: type: boolean description: | Current status of the CTS pin on this serial port. dsr: type: boolean description: | Current status of the DSR pin on this serial port. dtr: type: boolean description: | Current status of the DTR pin on this serial port. dcd: type: boolean description: | Current status of the DCD pin on this serial port. tx: type: integer description: | Number of bytes transmitted on this port since the last reset. rx: type: integer description: | Number of bytes received on this port since the last reset. getPortStatusList: type: object properties: port_status: type: array items: type: portStatusObj getPortStatus: type: object properties: port_status: type: portStatusObj managementportObj: type: object properties: "enabled": type: boolean description: If the management console is currently enabled "kerneldebug": type: boolean description: | If kernel debug messages are currently enabled [visible:enabled:=:true] "termemulation": type: string description: Terminal emulation for management console enum: [ "vt100", "vt102", "vt220", "linux", "ansi" ] "baud": type: string description: | The serial port speed [no_sorting_required,enum:available_bauds] enum: [ "50", "75", "110", "134", "150", "200", "300", "600", "1200", "1800", "2400", "4800", "9600", "19200", "38400", "57600", "115200", "230400" ] "databits": type: string description: The number of data bits to use enum: [ "7", "8" ] "parity": type: string description: The serial port's parity. enum: [ "none", "odd", "even" ] "stopbits": type: string description: The number of stop bits to use enum: [ "1", "2" ] managementportResponseObj: type: managementportObj properties: "id": type: string description: A unique identifier for this management port. "device": type: string description: The tty device that this management port uses. available_bauds: type: array items: type: string description: > Valid values for the "baud" property of this port. The valid baud rates for a port are hardware-dependent. putMgmtPortById: type: object properties: "managementport": type: managementportObj putMgmtPortList: type: object properties: "managementports": type: array items: type: managementportObj getMgmtPortByIdResponse: type: object properties: "managementport": type: managementportResponseObj getMgmtPortByIdResponseList: type: object properties: "managementports": type: array items: type: managementportResponseObj meta: metaResponse putPortPowerAction: type: object properties: "cmd": type: object properties: "action": type: string enum: [ # valid values are defined by ogpowergroup and validated in Port.lua "on", "off", "cycle", "status" ] putPortPowerActionResponse: type: object properties: "cmd": type: string postPortCountersResetResponse: type: object properties: "reset_port": type: object properties: "port_id": type: string description: port ID for the port which the tx/rx counters were reset "tx": type: integer description: Newly reset TX data count for this port "rx": type: integer description: Newly reset RX data count for this port getPhysifList : description: "A list of network interfaces" type: object properties: "physifs": type: array items: type: physifItemSingle ethernetSetting: type: object properties: "link_speed": type: string enum: [ "auto", "1000mbps-hd", "1000mbps-fd", "100mbps-hd", "100mbps-fd", "10mbps-hd", "10mbps-fd", ] description: | The Link Speed for this interface. - hd = half duplex - fd = full duplex - auto = auto negotiation of link speed ethernetSettingGet: type: ethernetSetting properties: "id": type: string sim: type: object description: | [fixed-size] properties: "slot": type: integer minimum: 1 maximum: 2 required: false description: SIM Slot "apn": type: string required: false description: SIM APN "username": type: string required: false description: SIM User "password": type: string description: | Cellular Password [sensitive] required: false "iptype": type: string required: false enum: [ "IPv4", "IPv6", "IPv4v6", ] description: The type of connection for this SIM "ipv4_netmask": type: string required: false description: "This IPv4 Subnet Mask will override the carrier allocated one" "mtu": type: number required: false description: "Maximum Transmission Unit (MTU) is the size of the largest protocol data unit (PDU) that can be communicated in a single network layer transaction" "failback_delay": type: number required: false description: "Delay before failback (in minutes)" minimum: 5 "fail_probe_address": type: string required: false description: "Network address to ping for connectivity testing" "fail_probe_interval": type: number required: false description: "Test interval (in seconds)" minimum: 10 default: 600 "fail_probe_count": type: number required: false description: "Maximum ping count per test, stopping on the first success" minimum: 1 default: 3 "fail_probe_threshold": type: number required: false description: "Number of consecutive test failures before failover/failback" minimum: 1 default: 1 simGet: type: sim properties: "id": type: string "runtime_status": type: object required: false properties: "id": type: string "iccid": type: string required: false description: SIM ICCID "status": type: string required: false cellularSetting: type: object properties: "apn": type: string required: false (deprecatedProperty): replaceWith: {"cellular_setting": { "sims": [{"apn": "apn"}]}} since: 10/2020 description: | [visible:never] "username": type: string required: false (deprecatedProperty): replaceWith: {"cellular_setting": { "sims": [{"username": "username"}]}} since: 10/2020 description: | [visible:never] "password": type: string required: false (deprecatedProperty): replaceWith: {"cellular_setting": { "sims": [{"password": "password"}]}} since: 10/2020 description: | [visible:never, sensitive] "iptype": type: string required: false (deprecatedProperty): replaceWith: {"cellular_setting": { "sims": [{"iptype": "IPv4v6"}]}} since: 10/2020 description: | [visible:never] "active_sim": type: number minimum: 1 maximum: 2 required: false description: The current selected SIM "sim_failover_policy": type: string enum: [ "never", "on_disconnect", ] required: false description: Failover policy for SIM-SIM "sim_failover_disconnect_mode": type: string enum: [ "ping", ] required: false description: Method of checking if a cellular connection has been disconnected "sim_failback_policy": type: string enum: [ "never", "delayed", "on_disconnect", ] required: false description: Method of checking if a cellular connection should failback to the primary SIM "sim_failback_disconnect_mode": type: string enum: [ "ping", ] required: false description: Method of checking if a cellular connection has been disconnected cellularSettingPut: type: cellularSetting properties: "sims": description: > Contains the sim settings for the cellular modems. Includes fields like abn and failover configuation [fixed-size] type: array items: type: sim cellularSettingGet: type: cellularSetting properties: "id": type: string "sims": type: array items: type: simGet bondSetting: type: object properties: "mode": type: string enum: [ "balance-rr", "active-backup", "balance-xor", "broadcast", "802.3ad", "balance-tlb", "balance-alb" ] description: "Specifies one of the bonding policies to be used" "poll_interval": type: integer minimum: 0 default: 100 required: false description: > Specifies the MII link monitoring frequency in milliseconds. This determines how often the link state of each slave is inspected for link failures. A value of zero disables MII link monitoring. "primary_slave": type: (string | nil) required: false description: > Reference to the primary interface which will be added to the bond first. This interface will be the preferred interface for applicable bond modes such as active_backup. Only nil if the bond has no slave interfaces. [computed_options:physifs_no_loopbacks] bridgeSetting: type: object properties: "stp_enabled": type: boolean required: false description: > Enable Spanning Tree Protocol (STP) on the bridge. STP communicates with other switches on the network to prevent bridge loops and allows for backup links to be used. "primary_slave": type: (string | nil) required: false description: > This is a reference to the interface from which the bridge will inherit its MAC address. [computed_options:physifs_no_loopbacks] vlanSetting: type: object properties: "parent_physif": type: string required: false description: > Primary physical interface used for vlan configuration [computed_options:physifs_no_loopbacks] "vlan_id": type: integer minimum: 1 maximum: 4094 required: false description: > The VLAN identifier (VID) for this interface. putPhysif: type: object description: "A single physical interface" properties: "physif": type: object properties: "enabled": type: boolean description: Enable or Disable this interface "mtu": type: integer minimum: 68 maximum: 1500 default: 1500 required: false description: | maximum transmission unit (MTU) is the size of the largest protocol data unit (PDU) that can be communicated in a single network layer transaction [visible:media:!=:loopback] "description": type: string description: A description of this physical interface. required: false "media": type: string enum: [ "ethernet", "cellular", "bridge", "bond", "vlan", "loopback", ] required: false description: | The device media type [visible:never] "slaves": description: > A list of physifs to become the aggregate slaves. Network connections and other settings from the first slave will be assigned to the aggregate. Network connections and other settings from other slaves will be removed. The first slave is set as the primary interface for a bond. [visible:media:in:bond|bridge] type: array required: false items: type: string description: | [computed_options:physifs_no_loopbacks] "dns": type: object required: false description: | DNS Settings for the interface [visible:media:!=:loopback] properties: "nameservers": type: array description: A List of Name servers addresses items: type: string description: An IPv4 or IPV6 address for a Name server required: false "search_domains": type: array description: A List of Search domains items: type: string description: A search domain is a domain used as part of a domain search list example: lan required: false "ethernet_setting": type: ethernetSetting required: false description: | Settings for this Ethernet interface [visible:media:=:ethernet, required:media:=:ethernet] "cellular_setting": type: cellularSettingPut required: false description: | Settings for this Cellular interface [visible:media:=:cellular, required:media:=:cellular] "bond_setting": type: bondSetting required: false description: | Settings for this Bond interface [visible:media:=:bond, required:media:=:bond] "bridge_setting": type: bridgeSetting required: false description: | Settings for this Bridge interface [visible:media:=:bridge, required:media:=:bridge] "vlan_setting": type: vlanSetting required: false description: | Settings for this VLAN interface [visible:media:=:vlan, required:media:=:vlan] physif: type: object properties: "enabled": type: boolean description: Enable or Disable this interface "mtu": type: integer minimum: 68 maximum: 1500 default: 1500 required: false description: | maximum transmission unit (MTU) is the size of the largest protocol data unit (PDU) that can be communicated in a single network layer transaction [visible:media:!=:loopback] "description": type: string required: false description: A description of this physical interface. "media": type: string enum: [ "ethernet", "cellular", "bridge", "bond", "vlan", "loopback" ] description: | The device media type "slaves": description: > A list of physifs to become the aggregate slaves. Network connections and other settings from the first slave will be assigned to the aggregate. Network connections and other settings from other slaves will be removed. The first slave is set as the primary interface for a bond. [visible:media:in:bond|bridge] type: array required: false items: type: string description: | [computed_options:physifs_no_loopbacks] "dns": type: object required: false description: | DNS Settings for the interface [visible:media:!=:loopback] properties: "nameservers": type: array description: A List of Name servers addresses items: type: string description: An IPv4 or IPV6 address for a Name server required: false "search_domains": type: array description: A List of Search domains items: type: string description: A search domain is a domain used as part of a domain search list example: lan required: false "ethernet_setting": type: ethernetSetting required: false description: | Settings for this Ethernet interface [visible:media:=:ethernet, required:media:=:ethernet] "cellular_setting": type: cellularSettingPut required: false description: | Settings for this Cellular interface [visible:media:=:cellular, required:media:=:cellular] "bond_setting": type: bondSetting required: false description: | Settings for this Bond interface [visible:media:=:bond, required:media:=:bond] "bridge_setting": type: bridgeSetting required: false description: | Settings for this Bridge interface [visible:media:=:bridge, required:media:=:bridge] "vlan_setting": type: vlanSetting required: false description: | Settings for this VLAN interface [visible:media:=:vlan, required:media:=:vlan] "device": type: string minLength: 1 maxLength: 15 pattern: ^[a-zA-Z0-9-_]+$ required: false description: | The device name for this interface [regexerr:Upper and lowercase letters, regexerr:Numbers, regexerr:"-", regexerr:"_"] example: net1 putPhysifList: type: object description: "A list of network interfaces" properties: "physifs": type: array items: type: physif postPhysif: type: object description: "A single network interface" properties: "physif": type: physif physifItemSingle: type: object description: "A network physical interface" properties: "enabled": type: "boolean" "name": type: string "mtu": type: number required: false "device": type: string "mac_address": type: string required: false description: "For Ethernet interfaces (including virtual Ethernet-based interfaces), the MAC address is returned in this property. For non-Ethernet interfaces, this property will be absent." "description": type: string "media": type: string "id": type: string "master": type: string description: "The UUID of the aggregate physif if this interface belongs to one" required: false "ethernet_setting": type: ethernetSettingGet required: false "cellular_setting": type: cellularSettingGet required: false "bond_setting": type: bondSetting required: false "bridge_setting": type: bridgeSetting required: false "vlan_setting": type: object required: false properties: "parent_physif": type: string description: > Reference to the primary interface which will be used for this VLAN interface "vlan_id": type: integer description: > The VLAN tag ID associated with this VLAN interface "slaves": type: array required: false description: > A list of slave interface references. items: type: string "dns": type: object properties: "nameservers": type: array items: type: string "search_domains": type: array items: type: string "runtime_status": type: object properties: "status": type: string "carrier": type: string required: false "id": type: string physifItem: type: object description: "A network physical interface" properties: "physif": type: physifItemSingle conn_return_status_ipv4_address: description: "A type used to represent IPv4 Address type of a conn" type: object "properties": "address": "type": string required: false "netmask": type: string required: false conn_return_status_ipv6_address: description: "A type used to represent IPv4 Address type of a conn" type: object "properties": "address": "type": string required: false "prefix_length": type: number required: false connItem: type: object description: "A Network Conn" properties: "description": type: string required: false "mode": type: string description: | The connection can be configured as one of the following modes: - static: static ipv4 connection - ipv6_static: static ipv6 connection - dhcp: dhcp ipv4 connection - ipv6_automatic: dhcp ipv6 connection [computed_options:loopback_modes] "physif": type: string description: | The network interface to be used for this connection [reference:physif:device] "ipv4_static_settings": type: object required: false description: | Settings for ipv4 static connection [visible:mode:=:static, required:mode:=:static] properties: "netmask": type: string "address": type: string "broadcast": type: string required: false "gateway": type: string required: false "dns1": type: string required: false description: | [visible:never] (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 "dns2": type: string required: false description: | [visible:never] (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 "ipv6_static_settings": type: object required: false description: | Settings for ipv6 static connection [visible:mode:=:ipv6_static, required:mode:=:ipv6_static] properties: "prefix_length": type: number "address": type: string "gateway": type: string required: false "dns1": type: string required: false description: | [visible:never] (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 "dns2": type: string required: false description: | [visible:never] (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 connGetItem : description: "A Network Conn" type: connItem properties: "id": type: string "name": type: string "runtime_status": type: object required: false properties: "status": type: string "addresses": type: (conn_return_status_ipv4_address | conn_return_status_ipv6_address)[] "last_status_change": type: number "gateway": type: string required: false "dns1": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 "dns2": type: string required: false (deprecatedProperty): replaceWith: {"physif": {"dns": {"nameservers": []}}} since: 10/2021 connPutListItem : description: "A Network Conn that can be matched by name" type: connItem properties: "name": type: string connGet : description: "A Network Conn" type: object properties: conn: type: connGetItem connGetList: type: object description: "A list of Network Conns" properties: "conns": type: array items: type: connGetItem connPost : description: "A new unnamed Network Conn" type: object properties: conn: type: connItem connPut : description: "A modified Network Conn selected by the id given in URL" type: object properties: conn: type: connItem connPutList: type: object description: "A list of named Network Conns" properties: "conns": type: array items: type: connPutListItem getSupportReport: type: object description: "A concise system report" properties: "support_report": type: object properties: "contents": type: string description: "A new line delimited dump of the current state of the system." "zip_file": type: string description: "url to a zip file which contains the system report." systemSSHPort: type: object properties: system_ssh_port: type: object properties: port: type: number description: | Set this option if you have configured SSH to be reachable on a non-standard port. Direct SSH links on the serial ports page will use this port number. minimum: 1 maximum: 65535 systemHostname: type: object properties: system_hostname: type: object properties: hostname: string systemDiskSpaceItem: description: "A disk space entry." type: object properties: path: type: string total_space: type: integer description: "total space for the path in bytes" free_space: type: integer description: "available space for the path in bytes" systemDiskSpaceByPath: description: "A disk space entry" type: object properties: system_disk_space_item: type: systemDiskSpaceItem systemDiskSpace: description: "A list of disk space entries" type: object properties: system_disk_space: type: array items: properties: path: type: string total_space: type: integer description: "total space for the path in bytes" free_space: type: integer description: "available space for the path in bytes" systemBanner: type: object properties: system_banner: type: object properties: banner: type: string description: | This message will be displayed as the banner when users login via SSH, console and the web UI. [multi-line-string,can-be-empty] systemCloudConnect: type: object properties: system_cloud_connect: type: object properties: cloud_connect_url: type: string description: The URL to use for cloud connect. cloud_callhome_enabled: type: boolean description: Set this to true to enable cloud connect. systemTimezone: type: object properties: system_timezone: type: object properties: timezone: type: string description: A TZ-compatible string for the timezone. enum: [ "Africa/Abidjan", "Africa/Accra", "Africa/Addis_Ababa", "Africa/Algiers", "Africa/Asmara", "Africa/Bamako", "Africa/Bangui", "Africa/Banjul", "Africa/Bissau", "Africa/Blantyre", "Africa/Brazzaville", "Africa/Bujumbura", "Africa/Cairo", "Africa/Casablanca", "Africa/Ceuta", "Africa/Conakry", "Africa/Dakar", "Africa/Dar_es_Salaam", "Africa/Djibouti", "Africa/Douala", "Africa/El_Aaiun", "Africa/Freetown", "Africa/Gaborone", "Africa/Harare", "Africa/Johannesburg", "Africa/Juba", "Africa/Kampala", "Africa/Khartoum", "Africa/Kigali", "Africa/Kinshasa", "Africa/Lagos", "Africa/Libreville", "Africa/Lome", "Africa/Luanda", "Africa/Lubumbashi", "Africa/Lusaka", "Africa/Malabo", "Africa/Maputo", "Africa/Maseru", "Africa/Mbabane", "Africa/Mogadishu", "Africa/Monrovia", "Africa/Nairobi", "Africa/Ndjamena", "Africa/Niamey", "Africa/Nouakchott", "Africa/Ouagadougou", "Africa/Porto-Novo", "Africa/Sao_Tome", "Africa/Tripoli", "Africa/Tunis", "Africa/Windhoek", "America/Adak", "America/Anchorage", "America/Anguilla", "America/Antigua", "America/Araguaina", "America/Argentina/Buenos_Aires", "America/Argentina/Catamarca", "America/Argentina/Cordoba", "America/Argentina/Jujuy", "America/Argentina/La_Rioja", "America/Argentina/Mendoza", "America/Argentina/Rio_Gallegos", "America/Argentina/Salta", "America/Argentina/San_Juan", "America/Argentina/San_Luis", "America/Argentina/Tucuman", "America/Argentina/Ushuaia", "America/Aruba", "America/Asuncion", "America/Atikokan", "America/Bahia", "America/Bahia_Banderas", "America/Barbados", "America/Belem", "America/Belize", "America/Blanc-Sablon", "America/Boa_Vista", "America/Bogota", "America/Boise", "America/Cambridge_Bay", "America/Campo_Grande", "America/Cancun", "America/Caracas", "America/Cayenne", "America/Cayman", "America/Chicago", "America/Chihuahua", "America/Costa_Rica", "America/Creston", "America/Cuiaba", "America/Curacao", "America/Danmarkshavn", "America/Dawson", "America/Dawson_Creek", "America/Denver", "America/Detroit", "America/Dominica", "America/Edmonton", "America/Eirunepe", "America/El_Salvador", "America/Fortaleza", "America/Glace_Bay", "America/Godthab", "America/Goose_Bay", "America/Grand_Turk", "America/Grenada", "America/Guadeloupe", "America/Guatemala", "America/Guayaquil", "America/Guyana", "America/Halifax", "America/Havana", "America/Hermosillo", "America/Indiana/Indianapolis", "America/Indiana/Knox", "America/Indiana/Marengo", "America/Indiana/Petersburg", "America/Indiana/Tell_City", "America/Indiana/Vevay", "America/Indiana/Vincennes", "America/Indiana/Winamac", "America/Inuvik", "America/Iqaluit", "America/Jamaica", "America/Juneau", "America/Kentucky/Louisville", "America/Kentucky/Monticello", "America/Kralendijk", "America/La_Paz", "America/Lima", "America/Los_Angeles", "America/Lower_Princes", "America/Maceio", "America/Managua", "America/Manaus", "America/Marigot", "America/Martinique", "America/Matamoros", "America/Mazatlan", "America/Menominee", "America/Merida", "America/Metlakatla", "America/Mexico_City", "America/Miquelon", "America/Moncton", "America/Monterrey", "America/Montevideo", "America/Montserrat", "America/Nassau", "America/New_York", "America/Nipigon", "America/Nome", "America/Noronha", "America/North_Dakota/Beulah", "America/North_Dakota/Center", "America/North_Dakota/New_Salem", "America/Ojinaga", "America/Panama", "America/Pangnirtung", "America/Paramaribo", "America/Phoenix", "America/Port-au-Prince", "America/Port_of_Spain", "America/Porto_Velho", "America/Puerto_Rico", "America/Rainy_River", "America/Rankin_Inlet", "America/Recife", "America/Regina", "America/Resolute", "America/Rio_Branco", "America/Santa_Isabel", "America/Santarem", "America/Santiago", "America/Santo_Domingo", "America/Sao_Paulo", "America/Scoresbysund", "America/Sitka", "America/St_Barthelemy", "America/St_Johns", "America/St_Kitts", "America/St_Lucia", "America/St_Thomas", "America/St_Vincent", "America/Swift_Current", "America/Tegucigalpa", "America/Thule", "America/Thunder_Bay", "America/Tijuana", "America/Toronto", "America/Tortola", "America/Vancouver", "America/Whitehorse", "America/Winnipeg", "America/Yakutat", "America/Yellowknife", "Antarctica/Casey", "Antarctica/Davis", "Antarctica/DumontDUrville", "Antarctica/Macquarie", "Antarctica/Mawson", "Antarctica/McMurdo", "Antarctica/Palmer", "Antarctica/Rothera", "Antarctica/Syowa", "Antarctica/Troll", "Antarctica/Vostok", "Arctic/Longyearbyen", "Asia/Aden", "Asia/Almaty", "Asia/Amman", "Asia/Anadyr", "Asia/Aqtau", "Asia/Aqtobe", "Asia/Ashgabat", "Asia/Baghdad", "Asia/Bahrain", "Asia/Baku", "Asia/Bangkok", "Asia/Beirut", "Asia/Bishkek", "Asia/Brunei", "Asia/Chita", "Asia/Choibalsan", "Asia/Colombo", "Asia/Damascus", "Asia/Dhaka", "Asia/Dili", "Asia/Dubai", "Asia/Dushanbe", "Asia/Gaza", "Asia/Hebron", "Asia/Ho_Chi_Minh", "Asia/Hong_Kong", "Asia/Hovd", "Asia/Irkutsk", "Asia/Jakarta", "Asia/Jayapura", "Asia/Jerusalem", "Asia/Kabul", "Asia/Kamchatka", "Asia/Karachi", "Asia/Kathmandu", "Asia/Khandyga", "Asia/Kolkata", "Asia/Krasnoyarsk", "Asia/Kuala_Lumpur", "Asia/Kuching", "Asia/Kuwait", "Asia/Macau", "Asia/Magadan", "Asia/Makassar", "Asia/Manila", "Asia/Muscat", "Asia/Nicosia", "Asia/Novokuznetsk", "Asia/Novosibirsk", "Asia/Omsk", "Asia/Oral", "Asia/Phnom_Penh", "Asia/Pontianak", "Asia/Pyongyang", "Asia/Qatar", "Asia/Qyzylorda", "Asia/Rangoon", "Asia/Riyadh", "Asia/Sakhalin", "Asia/Samarkand", "Asia/Seoul", "Asia/Shanghai", "Asia/Singapore", "Asia/Srednekolymsk", "Asia/Taipei", "Asia/Tashkent", "Asia/Tbilisi", "Asia/Tehran", "Asia/Thimphu", "Asia/Tokyo", "Asia/Ulaanbaatar", "Asia/Urumqi", "Asia/Ust-Nera", "Asia/Vientiane", "Asia/Vladivostok", "Asia/Yakutsk", "Asia/Yekaterinburg", "Asia/Yerevan", "Atlantic/Azores", "Atlantic/Bermuda", "Atlantic/Canary", "Atlantic/Cape_Verde", "Atlantic/Faroe", "Atlantic/Madeira", "Atlantic/Reykjavik", "Atlantic/South_Georgia", "Atlantic/Stanley", "Atlantic/St_Helena", "Australia/Adelaide", "Australia/Brisbane", "Australia/Broken_Hill", "Australia/Currie", "Australia/Darwin", "Australia/Eucla", "Australia/Hobart", "Australia/Lindeman", "Australia/Lord_Howe", "Australia/Melbourne", "Australia/Perth", "Australia/Sydney", "CET", "CST6CDT", "EET", "EST", "EST5EDT", "Europe/Amsterdam", "Europe/Andorra", "Europe/Athens", "Europe/Belgrade", "Europe/Berlin", "Europe/Bratislava", "Europe/Brussels", "Europe/Bucharest", "Europe/Budapest", "Europe/Busingen", "Europe/Chisinau", "Europe/Copenhagen", "Europe/Dublin", "Europe/Gibraltar", "Europe/Guernsey", "Europe/Helsinki", "Europe/Isle_of_Man", "Europe/Istanbul", "Europe/Jersey", "Europe/Kaliningrad", "Europe/Kiev", "Europe/Lisbon", "Europe/Ljubljana", "Europe/London", "Europe/Luxembourg", "Europe/Madrid", "Europe/Malta", "Europe/Mariehamn", "Europe/Minsk", "Europe/Monaco", "Europe/Moscow", "Europe/Oslo", "Europe/Paris", "Europe/Podgorica", "Europe/Prague", "Europe/Riga", "Europe/Rome", "Europe/Samara", "Europe/San_Marino", "Europe/Sarajevo", "Europe/Simferopol", "Europe/Skopje", "Europe/Sofia", "Europe/Stockholm", "Europe/Tallinn", "Europe/Tirane", "Europe/Uzhgorod", "Europe/Vaduz", "Europe/Vatican", "Europe/Vienna", "Europe/Vilnius", "Europe/Volgograd", "Europe/Warsaw", "Europe/Zagreb", "Europe/Zaporozhye", "Europe/Zurich", "GB", "GMT", "GMT+0", "GMT0", "Greenwich", "HST", "Indian/Antananarivo", "Indian/Chagos", "Indian/Christmas", "Indian/Cocos", "Indian/Comoro", "Indian/Kerguelen", "Indian/Mahe", "Indian/Maldives", "Indian/Mauritius", "Indian/Mayotte", "Indian/Reunion", "MET", "MST", "MST7MDT", "NZ", "NZ-CHAT", "Pacific/Apia", "Pacific/Auckland", "Pacific/Bougainville", "Pacific/Chatham", "Pacific/Chuuk", "Pacific/Easter", "Pacific/Efate", "Pacific/Enderbury", "Pacific/Fakaofo", "Pacific/Fiji", "Pacific/Funafuti", "Pacific/Galapagos", "Pacific/Gambier", "Pacific/Guadalcanal", "Pacific/Guam", "Pacific/Honolulu", "Pacific/Johnston", "Pacific/Kiritimati", "Pacific/Kosrae", "Pacific/Kwajalein", "Pacific/Majuro", "Pacific/Marquesas", "Pacific/Midway", "Pacific/Nauru", "Pacific/Niue", "Pacific/Norfolk", "Pacific/Noumea", "Pacific/Pago_Pago", "Pacific/Palau", "Pacific/Pitcairn", "Pacific/Pohnpei", "Pacific/Port_Moresby", "Pacific/Rarotonga", "Pacific/Saipan", "Pacific/Tahiti", "Pacific/Tarawa", "Pacific/Tongatapu", "Pacific/Wake", "Pacific/Wallis", "PRC", "PST8PDT", "ROC", "ROK", "UCT", "UTC", "Universal", "W-SU", "WET", "Zulu" ] systemTime: type: object properties: time: type: object properties: time: type: string description: | The time, as a formatted string. When setting the time, this string is parsed by the date utility. The format that is returned is HH:MM mmm DD, YYYY (mmm = "short month") eg. 14:30 Mar 24, 2022 = 2:30pm, 24th March, 2022 The following formats are supported: HH:MM mmm DD, YYYY eg. 14:30 Mar 24, 2022 = 2:30pm, 24th March, 2022 HH:MM DD mmm YYYY eg. 14:30 24 Mar 2022 = 2:30pm, 24th March, 2022 [regexerr: A valid date in HH:MM mmm DD YYYY format, regexerr: A valid date in HH:MM DD mmm YYYY format] pattern: ^(^([0-2][0-9]:[0-5][0-9] [a-zA-Z]{3} [0-3][0-9][,]? [0-9][0-9][0-9][0-9])$)|(^([0-2][0-9]:[0-5][0-9] [0-3][0-9] [a-zA-Z]{3} [0-9][0-9][0-9][0-9])$)|$ systemVersionData: type: object properties: rest_api_version: type: string description: | The version of the REST API installed on the NetOps Console Server. firmware_version: type: string description: | The version of the system firmware installed on the NetOps Console Server. systemVersion: type: object properties: system_version: type: systemVersionData systemAdminInfo: description: "A map of the NetOps Console Server System Admin Information." type: object properties: system_admin_info: type: object properties: hostname: type: string description: The hostname for the system. contact: type: string description: Administration contact for the system. required: false location: type: string description: Location for the system. required: false systemCellularLogging: description: "Enables the generation of cellular logging. Specifically Radio Resource Control (RRC) events." type: object properties: system_cellular_logging: properties: enabled: type: boolean description: Enable cellular logging on the device. This puts the system in Diagnostic Mode. filter: type: string description: The name of a binary filter file to be provided to the Sierra Wireless utility. device: type: string description: | The path to the cellular modem QCDM device. systemInfo: description: General system information type: object properties: system_info: type: object properties: cellfw_info: type: cellFwInfoData description: "[visible:has_cellular:=:true]" has_cellular: description: "[visible:never]" type: boolean model_name: type: string serial_number: type: string system_versions: type: systemVersionData lighthouseEnrollmentsList: description: "A list of the lighthouse enrollments" type: object properties: lighthouse-enrollments: type: array items: properties: "port": type: integer required: false description: | The Lighthouse server port to use when requesting enrollment. Default port is 443. "address": type: string description: | The address of the Lighthouse server to request enrollment with. "id": type: string description: | Automatically generated unique ID of this Lighthouse enrollment configuration. "bundle": type: string required: false description: | Name of the Lighthouse bundle to request during enrollment. This should match the name of a pre-configured bundle in the Lighthouse instance. "status": type: string description: | Current status of this Lighthouse enrollment (Connected, Disconnected). lighthouseEnrollmentItem: type: object description: "Lighthouse Enrollment information" properties: lighthouse_enrollment: type: object properties: "port": type: integer required: false description: | The Lighthouse server port to use when requesting enrollment. Default port is 443. "address": type: string description: | The address of the Lighthouse server to request enrollment with. "id": type: string description: | Automatically generated unique ID of this Lighthouse enrollment configuration. "bundle": type: string required: false description: | Name of the Lighthouse bundle to request during enrollment. This should match the name of a pre-configured bundle in the Lighthouse instance. "status": type: string description: | Current status of this Lighthouse enrollment (Connected, Disconnected). lighthouseEnrollmentPost: type: object description: "Data to use to initiate a callhome enrollment" properties: lighthouse_enrollment: type: object properties: "address": type: string description: | The address of the Lighthouse server to request enrollment with. "port": type: integer default: 443 required: false description: | The Lighthouse server port to use when requesting enrollment. Default port is 443. minimum: 1 maximum: 65535 "bundle": type: string required: false description: | Name of the Lighthouse bundle to request during enrollment. This must match the name of a pre-configured bundle in the Lighthouse instance. "token": type: string description: | The shared secret used to authenticate the enrollment request (required). If a bundle name is specified this must match the token specified in the bundle configuration, otherwise it must match the general enrollment token. registrationItem: type: object description: "Data used to register node to Lighthouse" properties: "id": type: string "package_password": type: string "server": type: string "server_api_port": type: integer required: false lh_ext_eps: type: array required: false items: properties: "server": type: string "server_api_port": type: integer required: false "server_vpn_port": type: integer required: false registrationAddress: type: object description: "Object containing address to update lhvpn_tunnel to" properties: "address": type: string systemSerialNumber: type: object properties: system_serial_number: type: object properties: serial_number: type: string description: The serial number of the NetOps Console Server. systemModelName: type: object properties: system_model_name: type: object properties: model_name: type: string description: The SKU of the NetOps Console Server. sshResponse: type: object properties: ssh: type: object properties: ssh_url_delimiter: type: string description: | The character used to separate the username with port selection information. The default delimiter is '+', for example, username+port@address. maxstartups_start: type: integer required: false description: | The SSH daemon rejects a proportion of connection attempts when the number of unauthenticated connections reaches this value. The probability of rejection is determined by 'maxstartups_rate'. maxstartups_rate: type: integer required: false description: | The probability that a connection attempt is rejected once the number of unauthenticated connections reaches 'maxstartups_start'. The probability increases linearly with more connection attempts, and all connection attempts are refused if the number reaches 'maxstartups_full'. maxstartups_full: type: integer required: false description: | All connection attempts are refused if the number of unauthenticated connections reaches this number. unauthenticated_serial_port_access: type: boolean required: false description: | Unauthenticated access to all serial ports will be available through SSH on TCP port 3000+ or Serial Port IP aliases. sshPut: type: object properties: ssh: type: object properties: ssh_url_delimiter: type: string required: false description: | The character used to separate the username with port selection information. The default delimiter is '+', for example, username+port@address. [regexerr:A single character other than '@'.] pattern: ^([^@]){1}$ maxstartups_start: type: integer minimum: 1 default: 10 required: false description: | The SSH daemon rejects a proportion of connection attempts when the number of unauthenticated connections reaches this value. The probability of rejection is determined by 'maxstartups_rate'. maxstartups_rate: type: integer minimum: 1 maximum: 100 required: false description: | The probability that a connection attempt is rejected once the number of unauthenticated connections reaches 'maxstartups_start'. The probability increases linearly with more connection attempts, and all connection attempts are refused if the number reaches 'maxstartups_full'. maxstartups_full: type: integer minimum: 1 maximum: 100 required: false description: | All connection attempts are refused if the number of unauthenticated connections reaches this number. unauthenticated_serial_port_access: type: boolean required: false description: | Unauthenticated access to all serial ports will be available through SSH on TCP port 3000+ or Serial Port IP aliases. metaResponse: type: object properties: total_pages: type: string required: false firmwareUpgradeStatus: type: object properties: system_firmware_upgrade_status: type: object properties: state: required: false type: string enum: [ "pending", "running", "error", "finished" ] error_message: required: false type: string enum: [ "format_error", "download_error", "version_error", "runtime_error" ] script_metadata: description: "NetOps Console Server Script Configuration." type: object properties: script_timeout: type: integer description: The number of minutes that the script is allowed to run script_checksum: type: string description: The SHA1 checksum of the script script_execution_status: description: "NetOps Console Server Script Execution Status." type: object properties: script_status: type: string enum: [ "in_progress", "timed_out", "completed" ] script_info: description: "Script Upload Status" type: object properties: "info": type: string "execution_id": type: string getFirewallServicesListItemPort: description: "A firewall service port" type: object properties: "protocol": type: string description: The protocol for this firewall service. enum: [ "tcp", "udp", "tcp+udp", ] "port": type: integer minimum: 0 maximum: 65535 description: The port used for this firewall service. getFirewallServicesListItem: description: "A firewall service" type: object properties: "id": type: string description: The unique identifier for this firewall service. "name": type: string description: The name of this firewall service. "label": type: string description: The human-readable label of this firewall service. "ports": type: array items: type: getFirewallServicesListItemPort getFirewallServicesListResponse: description: "A list of firewall services" type: object properties: "firewall_services": type: array items: type: getFirewallServicesListItem meta: metaResponse setFirewallService: description: "A single firewall service" type: object properties: "firewall_service": type: object properties: "name": type: string description: | Symbolic name for a service. Limited to '-', '_', and alphanumeric characters. This is an identifier field used to select a specific service in command line tools, and is the identifier to use when adding services to a firewall zone. For example, "my-service". "label": type: string description: | A concise, user-friendly label for this service. This value is displayed in the web user interface. For example, "My Service". "ports": type: array description: | The set of protocol/port combinations used by this service. items: type: getFirewallServicesListItemPort getFirewallServiceResponse: description: "A single firewall service" type: object properties: "firewall_service": type: getFirewallServicesListItem getFirewallPortForwardRuleListItem: description: "A firewall port forwarding rule" type: object properties: "protocol": type: string enum: [ "tcp", "udp", "tcp+udp", ] description: | Apply port forwarding to this transport protocol. "from_port": type: string description: | A comma-separated set of individual port numbers, and/or port ranges (e.g. 22,290-300,443). Traffic received on each of these ports or port ranges will be forwarded to the specified 'to_port'. [regexerr:A comma-separated set of port numbers, and/or port ranges (0-65535).] pattern: ^((^|,)\d{1,5}(-\d{1,5})?)+$ "to_port": type: integer minimum: 0 maximum: 65535 description: The network port number "to_address": required: false type: string description: The IP Address to forward packets to getFirewallCustomRuleListItem: description: "A custom firewall rule" type: object properties: "rule_content": description: > Additional rich rules to be applied to this zone using firewalld 'rich language'. see https://firewalld.org/documentation/man-pages/firewalld.richlanguage.html type: string "description": required: false type: string description: > Human-readable description (optional) for this rich rule item. firewallAddressFilterItem: description: "Source address filtering can be used to allow services from specific source IP addresses." type: object properties: "source_address": required: true description: > The source address or network that the services are allowed on. type: string "services": type: array items: type: string setFirewallZonesList: description: "A list of firewall zones" type: object properties: "firewall_zones": type: array items: type: firewallZone getFirewallZonesListItem: description: "A firewall zone" type: object properties: "id": type: string description: The unique identifier for this firewall zone. "name": type: string description: The name used to identify this firewall zone. "label": type: string description: A human-readable label to identify this firewall zone. "description": type: string description: A description of this firewall zone. "physifs": type: array required: false description: | The network interfaces this firewall zone applies to. items: type: string description: | The network interfaces this firewall zone applies to. [reference:physif:device, computed_options:physifs_no_loopbacks] "wireguards": type: array required: false description: | The list of wireguard tunnels that are included in this firewall zone. items: type: string "permit_all_traffic": type: boolean description: | When enabled, all traffic will be permitted in this zone. Any rules configured in this zone will have no effect. "masquerade": type: boolean description: | When enabled, traffic through this zone is masqueraded. "permitted_services": (deprecatedProperty): replaceWith: {"address_filters": [{"source_address": "0.0.0.0/0", "services": []}, {"source_address": "::/0", "services": []} ]} since: 12/2022 required: false type: array description: | List of services that are allowed for this zone. Each entry is the service name, not the service label (e.g. 'dhcpv6-client' rather than 'DHCPv6 Client'). See fireware/predefined_services for the list of predefined services, and firewall/services for custom services. [visible:never] items: type: string "port_forwarding_rules": type: array description: List of port forwarding rules items: type: getFirewallPortForwardRuleListItem "custom_rules": type: array description: List of user defined rich rules items: type: getFirewallCustomRuleListItem "address_filters": type: array required: false items: type: firewallAddressFilterItem "managed_by": type: string description: | The user or system responsible for management of this object. If managed_by is set to a non-empty string then client interfaces (like the web ui or config shell) will prevent users from editing this object. Managed_by should be an intelligible string as client interfaces may display it to users. [visible:managed_by:!=::stored] required: false fipsResponse: description: | The configuration of the OpenSSL package for FIPS 140-2 compliance. type: object properties: fips: properties: enabled: type: boolean description: | Set whether the OpenSSL package only uses FIPS 140-2 compliant cryptographic modules. getFirewallZonesListResponse: description: "A list of firewall zones" type: object properties: "firewall_zones": type: array items: type: getFirewallZonesListItem meta: metaResponse firewallZone: description: "A single firewall zone" type: object properties: "name": type: string maxLength: 17 description: | Symbolic name for this firewall zone. Limited to uppercase (A-Z), lowercase (a-z), digits (0-9), and underscore characters, up to a maximum length of 17 characters. This is an identifier field used to select a specific zone in command line tools. For example, "myzone". [regexerr:Uppercase and lowercase letters, regexerr:Numbers, regexerr:"_"] pattern: '^[a-zA-Z0-9_]+$' "label": type: string description: | A concise, user-friendly label for this firewall zone. This value is displayed in the web user interface. For example, "My Zone". "description": type: string description: | A comment field used to provide a full description of this firewall zone. "physifs": type: array required: false description: | The network interfaces this firewall zone applies to. items: type: string description: | The network interfaces this firewall zone applies to. [reference:physif:device, computed_options:physifs_no_loopbacks] "wireguards": type: array required: false description: | The wireguard tunnels this firewall zone applies to. items: type: string "permit_all_traffic": type: boolean description: | When enabled, all traffic will be permitted in this zone. Any rules configured in this zone will have no effect. "masquerade": type: boolean description: | When enabled, traffic through this zone is masqueraded. "permitted_services": (deprecatedProperty): replaceWith: {"address_filters": [{"source_address": "0.0.0.0/0", "services": []}, {"source_address": "::/0", "services": []} ]} since: 12/2022 type: array required: false description: | List of services that are allowed for this zone. Each entry is the service name, not the service label (e.g. 'dhcpv6-client' rather than 'DHCPv6 Client'). See fireware/predefined_services for the list of predefined services, and firewall/services for custom services. [visible:never] items: type: string "port_forwarding_rules": type: array required: false description: List of port forwarding rules items: type: getFirewallPortForwardRuleListItem "custom_rules": type: array required: false description: List of user defined rich rules items: type: getFirewallCustomRuleListItem "address_filters": description: | A list of source address filters that specify which services can be accepted over a specified source address or network type: array required: false items: type: firewallAddressFilterItem "managed_by": type: string description: | The user or system responsible for management of this object. If managed_by is set to a non-empty string then client interfaces (like the web ui or config shell) will prevent users from editing this object. Managed_by should be an intelligible string as client interfaces may display it to users. [visible:managed_by:!=::stored] required: false setFirewallZone: description: "A single firewall zone" type: object properties: "firewall_zone": type: firewallZone getFirewallZoneResponse: description: "A single firewall zone" type: object properties: "firewall_zone": type: getFirewallZonesListItem getFirewallRulesListItem: description: "A firewall rule" type: object properties: "id": type: string "multi_field_identifier": type: string description: "A string which can be used to uniquely identify this firewall rule" "service": type: string "zone": type: string getFirewallRulesListResponse: description: "A list of firewall rules" type: object properties: "firewall_rules": type: array items: type: getFirewallRulesListItem bulkDeleteFirewallRuleList: description: "A list of firewall rule ids" type: object properties: "firewall_rules": type: array items: type: string setFirewallRule: description: "A single firewall rule" type: object properties: "firewall_rule": type: object properties: "service": type: string "zone": type: string description: | The zone this firewall rule will be added to. [reference:firewall/zone:name] getFirewallRuleResponse: description: "A single firewall rule" type: object properties: "firewall_rule": type: getFirewallRulesListItem getFirewallPredefinedServicesListItemPort: description: "A predefined firewall service port" type: object properties: protocol: type: string port: description: "Can be a numeric port number or a range such as 5900-5903" type: string getFirewallPredefinedServicesListItem: description: "A predefined firewall service" type: object properties: name: type: string label: type: string ports: type: array required: false items: type: getFirewallPredefinedServicesListItemPort getFirewallPredefinedServicesListResponse: description: "A list of predefined firewall services" type: object properties: predefined_firewall_services: type: array items: type: getFirewallPredefinedServicesListItem meta: metaResponse getFirewallPredefinedServiceResponse: description: "A list of predefined firewall services" type: object properties: predefined_firewall_service: type: getFirewallPredefinedServicesListItem policyRuleItem: description: "A list of firewall policy rules" type: object properties: "services": type: array required: false description: | A list of services that this rule will apply to. If no services are specified this rule will apply to all services. items: type: string description: | A list of services that this rule will apply to. [computed_options:predefined_and_user_created_services] "source_address": required: false type: string description: | The source address that this rule will apply to. One of source_address or destination_address is required. Use 0.0.0.0/0 or ::/0 to match on any address. [required:destination_address:=:] "destination_address": required: false type: string description: | The destination address that this rule will apply to. One of source_address or destination_address is required. Use 0.0.0.0/0 or ::/0 to match on any address. [required:source_address:=:] "log_prefix": required: false type: string description: | This sets the prefix of the info level log that is sent when this rule is hit. If this is left blank no log will be sent. "priority": type: integer minimum: -32768 maximum: 32767 default: 0 required: false description: | The priority given to this rule. Rules with a lower priority are applied first. The default value is 0. "action": type: string enum: [ "accept", "reject", "drop", ] required: true description: | The action that is going to be taken on matching packets. getFirewallPoliciesListItem: description: "A firewall policy" type: object properties: "id": type: string description: The unique identifier for this firewall policy. "name": type: string description: The name used to identify this firewall policy. "description": type: string required: false description: A description of this firewall policy. "priority": type: integer required: false description: | The priority of the policy dictates when it is applied compared to other policies and zones. Policies with negative priorities are applied before rules in zones; policies with positive priorities are applied after. A priority of 0 is a special priority and cannot be set. "default_action": type: string required: false description: The default action of the policy i.e. what happens to packets that don't match any rule. "ingress_zones": type: array description: | Traffic originating from the ingress zones will be subject to this policy. The allowed values are those defined in firewall/zones or the symbolic values HOST/ANY. (If HOST or ANY are selected then they must be the only zone selected) items: type: string "egress_zones": type: array description: | Traffic directed to the egress zones will be subject to this policy. The allowed values are those defined in firewall/zones or the symbolic values HOST/ANY. (If HOST or ANY are selected then they must be the only zone selected) items: type: string "rules": type: array description: | A list of rules that specify what happens to specific packets as they pass through the firewall policy. required: false items: type: policyRuleItem "managed_by": type: string description: | The user or system responsible for management of this object. If managed_by is set to a non-empty string then client interfaces (like the web ui or config shell) will prevent users from editing this object. Managed_by should be an intelligible string as client interfaces may display it to users. [visible:managed_by:!=::stored] required: false getFirewallPoliciesListResponse: description: "A list of firewall policies" type: object properties: "firewall_policies": type: array items: type: getFirewallPoliciesListItem meta: metaResponse setFirewallPolicy: description: "A single firewall policy" type: object properties: "firewall_policy": type: object properties: "name": type: string description: | The name used to identify this firewall policy. [regexerr:Uppercase and lowercase letters, regexerr:Numbers, regexerr:"_", regexerr:Maximum length of 17 characters] pattern: ^([a-zA-Z0-9_]){1,17}$ "description": type: string required: false description: A description of this firewall policy. "priority": type: integer minimum: -32768 maximum: 32767 default: -1 required: false description: | The priority of the policy dictates when it is applied compared to other policies and zones. Policies with negative priorities are applied before rules in zones; policies with positive priorities are applied after. A priority of 0 is a special priority and cannot be set. "default_action": type: string required: false default: "accept" description: The default action of the policy i.e. what happens to packets that don't match any rule. enum: [ "accept", "reject", "drop", "continue" ] "ingress_zones": type: array description: | Traffic originating from the ingress zones will be subject to this policy. The allowed values are those defined in firewall/zones or the symbolic values HOST/ANY. (If HOST or ANY are selected then they must be the only zone selected) items: type: string description: | Traffic originating from the ingress zones will be subject to this policy. The allowed values are those defined in firewall/zones or the symbolic values HOST/ANY. (If HOST or ANY are selected then they must be the only zone selected) [computed_options:zones_list_with_any_and_host] "egress_zones": type: array description: | Traffic directed to the egress zones will be subject to this policy. The allowed values are those defined in firewall/zones or the symbolic values HOST/ANY. (If HOST or ANY are selected then they must be the only zone selected) items: type: string description: | Traffic directed to the egress zones will be subject to this policy. The allowed values are those defined in firewall/zones or the symbolic values HOST/ANY. (If HOST or ANY are selected then they must be the only zone selected) [computed_options:zones_list_with_any_and_host] "rules": description: | A list of rules that specify what happens to specific packets as they pass through the firewall policy. type: array required: false items: type: policyRuleItem "managed_by": type: string description: | The user or system responsible for management of this object. If managed_by is set to a non-empty string then client interfaces (like the web ui or config shell) will prevent users from editing this object. Managed_by should be an intelligible string as client interfaces may display it to users. [visible:managed_by:!=::stored] required: false getFirewallPolicyResponse: description: "A single firewall policy" type: object properties: "firewall_policy": type: getFirewallPoliciesListItem getFirewallServiceTranslationItem: description: "A firewall service translation" type: object properties: "id": type: string description: The unique identifier for this firewall service translation. "address": type: string description: The address that services will use when exiting the device. "services": type: array description: | A list of services that will have the associated address assigned to them items: type: string getFirewallServiceTranslations: description: "A list of firewall service translations" type: object properties: "firewall_service_translations": type: array items: type: getFirewallServiceTranslationItem getFirewallServiceTranslation: description: "A single firewall service translation" type: object properties: "firewall_service_translation": type: getFirewallServiceTranslationItem setFirewallServiceTranslationItem: description: "A firewall service translation" type: object properties: "address": type: string description: | The address that services will use when exiting the device. [warning_function:check_if_ip_exists] required: true "services": type: array required: true description: | A list of services that will have the associated address assigned to them items: type: string description: | A list of services that will have the associated address assigned to them [computed_options:services_for_source_nat_translation] setFirewallServiceTranslations: description: "A list of firewall service translations" type: object properties: "firewall_service_translations": type: array items: type: setFirewallServiceTranslationItem setFirewallServiceTranslation: description: "A single firewall service translation" type: object properties: "firewall_service_translation": type: setFirewallServiceTranslationItem cellReliabilityTestConfiguration: description: "The cell reliability test configuration" type: object properties: "cell_reliability_test": type: object properties: "enabled": type: boolean description: Enable or disable the cell reliability test. "period": type: integer description: The time between cell reliability test runs. minimum: 0 "test_url": type: array description: The URL to perform the cell reliability test against. "signal_strength_threshold": type: object description: | The lower and upper threshold values for acceptable cellular signal strength. properties: "lower": type: integer description: The lower threshold value for acceptable signal strength. minimum: 0 maximum: 100 "upper": type: integer description: The upper threshold value for acceptable signal strength. minimum: 0 maximum: 100 snmpManager: description: "The SNMP manager legacy configuration" type: object properties: snmp_manager: type: object properties: "protocol": type: string enum: [ "UDP", "TCP", "UDP6", "TCP6" ] "address": type: string required: false "port": type: integer minimum: 1 maximum: 65535 required: false "msg_type": type: string description: | Type of SNMP message to send. [visible:version:in:v2c|v3] enum: [ "TRAP", "INFORM", ] "version": type: string enum: [ "v1", "v2c", "v3", ] "community": type: string description: "[sensitive,visible:version:in:v1|v2c,required:version:in:v1|v2c]" required: false "auth_protocol": type: string enum: [ "SHA", "MD5", ] required: false description: | [visible:version:=:v3,visible:security_level:in:authNoPriv|authPriv] "auth_password": type: string description: "[sensitive,visible:version:=:v3,visible:security_level:in:authNoPriv|authPriv]" required: false "username": type: string required: false description: | [visible:version:=:v3] "engine_id": type: string required: false description: | [visible:version:=:v3] "privacy_protocol": type: string enum: [ "AES", "DES", ] required: false description: | [visible:version:=:v3,visible:security_level:=:authPriv] "privacy_password": type: string description: "[sensitive,visible:version:=:v3,visible:security_level:=:authPriv]" required: false "security_level": type: string enum: [ "noAuthNoPriv", "authNoPriv", "authPriv", ] required: false description: | [visible:version:=:v3] snmpManagerResponse: description: "The SNMP manager legacy configuration" type: object properties: snmp_manager: type: object properties: "id": type: string "multi_field_identifier": type: string description: "A string which can be used to uniquely identify this snmp alert manager" "protocol": type: string enum: [ "UDP", "TCP", "UDP6", "TCP6" ] "address": type: string "port": type: integer minimum: 1 maximum: 65535 required: false "msg_type": type: string enum: [ "TRAP", "INFORM", ] description: | Type of SNMP message to send. [visible:version:in:v2c|v3] "version": type: string enum: [ "v1", "v2c", "v3", ] "community": type: string description: "[sensitive,visible:version:in:v1|v2c,required:version:in:v1|v2c]" required: false "auth_protocol": type: string enum: [ "SHA", "MD5", ] required: false description: | [visible:security_level:in:authNoPriv|authPriv] "auth_password": type: string description: "[sensitive,visible:security_level:in:authNoPriv|authPriv]" required: false "username": type: string required: false description: | [visible:version:=:v3] "engine_id": type: string required: false description: | [visible:version:=:v3] "privacy_protocol": type: string enum: [ "AES", "DES", ] required: false description: | [visible:security_level:=:authPriv] "privacy_password": type: string description: "[sensitive,visible:security_level:=:authPriv]" required: false "security_level": type: string enum: [ "noAuthNoPriv", "authNoPriv", "authPriv", ] required: false description: | [visible:version:=:v3] snmpAlertManager: description: "The SNMP Alert Manager configuration" type: object properties: snmp_alert_manager: type: object properties: "name": type: string description: A description used to identify the SNMP Alert Manager. required: false "protocol": type: string enum: [ "UDP", "TCP", "UDP6", "TCP6" ] description: | The transport protocol used to deliver SNMP alert messages to the SNMP Alert Manager. "address": type: string description: | The IPv4/IPv6 address or domain name of the SNMP Alert Manager where the SNMP alerts will be sent. required: false "port": type: integer minimum: 1 maximum: 65535 description: | The port used by the SNMP Alert Managaer to receive SNMP alerts. The default value is 162. required: false "msg_type": type: string enum: [ "TRAP", "INFORM", ] description: | The type of SNMP message to send to the SNMP Alert Manager. The INFORM option will receive an acknowledgment from the SNMP Alert Manager and will retransmit if required. The TRAP option does not expect acknowledgments. [visible:version:in:v2c|v3,required:version:in:v2c|v3] "version": type: string enum: [ "v1", "v2c", "v3", ] description: | The version of SNMP that will be used when sending a message to this SNMP Alert Manager. Additional properties may be required depending on the version specified. "community": type: string description: | A shared secret that allows SNMP alerts to be sent by the SNMP Alert Manager configuration for SNMPv1 and SNMPv2c. This needs to match what is setup in the SNMP Alert Manager. Examples of commonly used values are 'log', 'execute', 'net' and 'public'. [sensitive,visible:version:in:v1|v2c,required:version:in:v1|v2c] required: false "auth_protocol": type: string enum: [ "SHA", "MD5", ] required: false description: | The encryption algorithm to use for authentication with SNMPv3. [visible:security_level:in:authNoPriv|authPriv] "auth_password": type: string description: | The plaintext authentication password to use with SNMPv3. [sensitive,visible:security_level:in:authNoPriv|authPriv] required: false "username": type: string required: false description: | Set the username to be used for authentication with SNMPv3 to allow clients to retrieve and set values, it is not related to system users. [visible:version:=:v3] "engine_id": type: string required: false description: | A unique identifier for the SNMP agent entity. This needs to match the engineID of the SNMP Alert Manager. For example, `0x80001f8803555000000000`. [visible:version:=:v3] "privacy_protocol": type: string enum: [ "AES", "DES", ] required: false description: | The encryption algorithm to use for privacy with SNMPv3. [visible:security_level:=:authPriv] "privacy_password": type: string description: | The plaintext privacy password to use with SNMPv3. [sensitive,visible:security_level:=:authPriv] required: false "security_level": type: string enum: [ "noAuthNoPriv", "authNoPriv", "authPriv", ] default: "noAuthNoPriv" required: false description: | Set the User-based Security Model to use for communication with the SNMP Alert Manager. [visible:version:=:v3,required:version:=:v3] snmpManagerListItem: description: "The SNMP manager configuration" type: object properties: "id": type: string description: The primary unique identifier for this SNMP Alert Manager. "multi_field_identifier": type: string description: | A string which can be used to uniquely identify this SNMP Alert Manager when using ogcli. It consists of "\\:\\/\" "name": type: string description: A description used to identify the SNMP Alert Manager. required: false "protocol": type: string enum: [ "UDP", "TCP", "UDP6", "TCP6" ] description: | The transport protocol used to deliver SNMP alert messages to the SNMP Alert Manager. "address": type: string description: | The IPv4/IPv6 address or domain name of the SNMP Alert Manager where the SNMP alerts will be sent. "port": type: integer minimum: 1 maximum: 65535 description: | The port used by the SNMP Alert Managaer to receive SNMP alerts. The default value is 162. required: false "msg_type": type: string enum: [ "TRAP", "INFORM", ] description: | The type of SNMP message to send to the SNMP Alert Manager. The INFORM option will receive an acknowledgment from the SNMP Alert Manager and will retransmit if required. The TRAP option does not expect acknowledgments. [visible:version:in:v2c|v3] "version": type: string enum: [ "v1", "v2c", "v3", ] description: | The version of SNMP that will be used when sending a message to this SNMP Alert Manager. "community": type: string description: | A group name authorized to send traps by the SNMP Alert Manager configuration for SNMPv1 and SNMPv2c. This needs to match what is setup in the SNMP Alert Manager. Examples of commonly used values are 'log', 'execute', 'net' and 'public'. [sensitive,visible:version:in:v1|v2c,required:version:in:v1|v2c] required: false "auth_protocol": type: string enum: [ "SHA", "MD5", ] required: false description: | The encryption algorithm to use for authentication with SNMPv3. [visible:version:=:v3,visible:security_level:in:authNoPriv|authPriv] "auth_password": type: string description: | The plaintext authentication password to use with SNMPv3. [sensitive,visible:version:=:v3,visible:security_level:in:authNoPriv|authPriv] required: false "username": type: string required: false description: | Set the username to be used for authentication with SNMPv3 to allow clients to retrieve and set values, it is not related to system users. [visible:version:=:v3,visible:security_level:in:authNoPriv|authPriv] "engine_id": type: string required: false description: | A unique identifier for the SNMP agent entity. This needs to match the engineID of the SNMP Alert Manager. For example, `0x80001f8803555000000000`. [visible:version:=:v3] "privacy_protocol": type: string enum: [ "AES", "DES", ] required: false description: | The encryption algorithm to use for privacy with SNMPv3. [visible:version:=:v3,visible:security_level:=:authPriv] "privacy_password": type: string description: | The plaintext privacy password to use with SNMPv3. [sensitive,visible:version:=:v3,visible:security_level:=:authPriv] required: false "security_level": type: string enum: [ "noAuthNoPriv", "authNoPriv", "authPriv", ] required: false description: | Set the User-based Security Model to use for communication with the SNMP Alert Manager. [visible:version:=:v3] snmpAlertManagerResponse: description: "The SNMP manager configuration" type: object properties: snmp_alert_manager: type: snmpManagerListItem getSnmpAlertManagerList: description: "A list of SNMP Managers" type: object properties: "snmp_alert_managers": type: array items: type: snmpManagerListItem snmpd: description: "The SNMP Daemon configuration" type: object properties: snmpd: type: object properties: "enabled": type: boolean description: Enable or disable the SNMP service. default: false required: false "port": type: integer description: | Specify the port for the SNMP service to use. The default value is 161. minimum: 1 maximum: 65535 default: 161 required: false "protocol": type: string description: | Set the protocol for the SNMP service to use. The default value is UDP. enum: [ "UDP", "TCP", ] default: UDP required: false "enable_legacy_versions": type: boolean description: Enable SNMPv1 and SNMPv2c. default: false required: false "rocommunity": type: string description: | The read-only community is a shared secret allowing clients to read SNMP information from the server. [sensitive,visible:enable_legacy_versions:=:true] required: false "rwcommunity": type: string description: | The read-write community is a shared secret allowing clients to set data via SNMP on the server. [sensitive,visible:enable_legacy_versions:=:true] required: false "enable_secure_snmp": type: boolean description: Enable SNMPv3. default: false required: false "security_level": type: string enum: [ "noauth", "auth", "priv", ] default: "priv" required: false description: | Set User-based Security Model settings to allow communication without authentication or privacy (noauth), authentication without privacy (auth), or authentication and privacy (priv). [visible:enable_secure_snmp:=:true] "security_name": type: string required: false description: | Set the username to be used for authentication with SNMPv3. [visible:enable_secure_snmp:=:true,required:enable_secure_snmp:=:true] "engine_id": type: string required: false description: | A unique identifier for the SNMP agent entity. [visible:enable_secure_snmp:=:true] "auth_protocol": type: string enum: [ "SHA", "MD5", ] required: false description: | The encryption algorithm to use for authentication with SNMPv3. [visible:enable_secure_snmp:=:true,visible:security_level:in:auth|priv] "auth_use_plaintext": type: boolean default: false required: false description: | Use plaintext password for authentication with SNMPv3 instead of a localized key. [visible:enable_secure_snmp:=:true,visible:security_level:in:auth|priv] "auth_password": type: string description: | The plaintext authentication password to use with SNMPv3. [sensitive,visible:enable_secure_snmp:=:true,visible:auth_use_plaintext:=:true,visible:security_level:in:auth|priv] required: false "auth_localized_key": type: string required: false description: | An encrpytion key for authentication used with SNMPv3 that incorporates the engineID of the SNMP agent. [visible:enable_secure_snmp:=:true,visible:auth_use_plaintext:=:false,visible:security_level:in:auth|priv] "priv_protocol": type: string enum: [ "AES", "DES", ] required: false description: | The encryption algorithm to use for privacy with SNMPv3. [visible:enable_secure_snmp:=:true,visible:security_level:=:priv] "priv_use_plaintext": type: boolean default: false required: false description: | Use plaintext password for privacy with SNMPv3 instead of a localized key. [visible:enable_secure_snmp:=:true,visible:security_level:=:priv] "priv_password": type: string description: | The plaintext privacy passsword to use with SNMPv3. [sensitive,visible:enable_secure_snmp:=:true,visible:priv_use_plaintext:=:true,visible:security_level:=:priv] required: false "priv_localized_key": type: string required: false description: | A encryption key for privacy used with SNMPv3 that incorporates the engineID of the SNMP agent. [visible:enable_secure_snmp:=:true,visible:priv_use_plaintext:=:false,visible:security_level:=:priv] authenticationAlert: description: "Configuration for legacy authentication alerts" type: object properties: authentication_trap_group: type: object properties: "enabled": type: boolean systemAlert: description: "Configuration for legacy system alerts" type: object properties: system_trap_group: type: object properties: "enabled": type: boolean "power_supply_millivolt_lower": type: integer "power_supply_millivolt_upper": type: integer networkingAlert: description: "Configuration for legacy networking alerts" type: object properties: "networking_trap_group": type: object properties: "enabled": type: boolean "signal_strength_threshold_lower": type: integer required: false "signal_strength_threshold_upper": type: integer required: false configChangeAlert: description: "Configuration for legacy config change based alerts" type: object properties: config_change_trap_group: type: object properties: "enabled": type: boolean networkingAlertGroup: description: "Configuration for Network Connection Status alerts" type: object properties: "networking_alert_group": type: object properties: "cell_signal_strength_alert": type: object required: false description: | The alert related to this functionality is the Network Connection Status which sends an alert when cell signal strength leaves or re-enters a user-defined range, or, when the network link state changes. properties: "enabled": type: boolean default: false required: false description: | Enable the alerts for network connection status signal strength. If this is true, an alert will be sent when any network interfaces goes up or down. For cellular devices, alerts will also be sent if the signal strength crosses a threshold. "threshold_lower": type: integer required: false description: | The lower level for the network signal strength range (in percent %). If alerts are enabled and the signal strength goes below this value, an alert is sent. Field is only valid when a cell modem is present. minimum: 0 maximum: 100 default: 33 "threshold_upper": type: integer required: false description: | The upper level for the network signal strength range (in percent %). If alerts are enabled and the signal strength goes above this value, an alert is sent. Field is only valid when a cell modem is present. minimum: 0 maximum: 100 default: 66 powerAlertGroup: description: "Configuration for power alerts" type: object properties: "power_alert_group": type: object properties: "power_supply_voltage_alert": type: object required: false description: | System alerts are sent when the system reboots or the supply bus voltages are out of range. properties: "enabled": type: boolean (deprecatedProperty): replaceWith: {"power_alert_group": {"power_supply_voltage_alert": {"snmp": { "enabled" } } } } since: 10/2022 default: false required: false description: | Enable the alerts for supply voltage range. If this is true, an alert will be sent when device's supply bus voltages are out of range. [visible:never] "millivolt_lower": type: integer required: false description: | The lower level for the device's supply voltage range (in mV). If alerts are enabled and the supply voltage goes below this value, an alert is sent. minimum: 8000 maximum: 16000 default: 11000 "millivolt_upper": type: integer required: false description: | The upper level for the device's supply voltage range (in mV). If alerts are enabled and the supply voltage goes above this value, an alert is sent. minimum: 8000 maximum: 16000 default: 13000 "snmp": type: object required: false description: | "Power alert configuration specific to SNMP" properties: "enabled": type: boolean default: false required: false description: | Enable SNMP alerts for supply voltage range. If this is true, an alert will be sent when device's supply bus voltages are out of range. "syslog": type: object required: false description: | "Power alert configuration specific to syslog" properties: "enabled": type: boolean default: false required: false description: | Enable logging of supply voltage alerts to syslog. "alert_active_severity": type: string enum: [ "emergency", "alert", "critical", "error", "warning", "notice", "info", "debug", ] required: false default: "error" description: | Syslog severity level to use when the alert becomes active (voltage is out of range) [no_sorting_required] "alert_inactive_severity": type: string enum: [ "emergency", "alert", "critical", "error", "warning", "notice", "info", "debug", ] required: false default: "info" description: | Syslog severity level to use when the alert becomes inactive (voltage is within range) [no_sorting_required] systemAlertGroup: description: "Configuration for system alerts" type: object properties: "system_alert_group": type: object properties: "authentication_alert": type: object required: false description: | Authentication alerts are triggered when a user attempts to log in via SSH, REST API, or the device's serial ports. An alert is sent regardless of whether the login has succeeded or failed. properties: "enabled": type: boolean default: false required: false description: | Enable the alerts for authentication. If this is true, an alert will be sent when a user attempts to log in. "config_change_alert": type: object required: false description: | Configuration change alerts are sent when changes occur to the system configuration. properties: "enabled": type: boolean default: false required: false description: | Enable the alerts for configuration changes. If this is true, an alert will be sent when changes occur to the system configuration. "temperature_alert": type: object required: false description: | A temperature notification will be sent when any of the temperature sensors leaves or re-enters the specified range. properties: "enabled": type: boolean default: false required: false description: | Enable the alerts for the device's temperature range. If this is true, an alert will be sent when device's temperature sensors leaves or re-enters the specified range. "threshold_lower": type: integer required: false description: | The lower trigger level for the device's temperature (in °C). If alerts are enabled and the temperature sensors goes below this value, an alert is sent. minimum: -127 maximum: 127 "threshold_upper": type: integer required: false description: | The upper trigger level for the device's temperature (in °C). If alerts are enabled and the temperature sensors goes above this value, an alert is sent. minimum: -127 maximum: 127 failoverSettings: type: object properties: "enabled": type: boolean description: Enable or disable failover. default: false "probe_physif": type: string description: | The interface through which the device will attempt to probe the given probe_address. A Failover event occurs if the probe_address isn't reachable on this interface. "probe_address": type: string maxLength: 253 description: | Probe address can be an IPv4 address, IPv6 address or a hostname. Be aware that hostnames may not resolve during Failover depending on DNS settings. "probe_address_2": type: string maxLength: 253 required: false description: | Probe address can be an IPv4 address, IPv6 address, or a hostname. Be aware that hostnames may not resolve during Failover depending on DNS settings. If configured, this address is probed by probe_physif if probe_address isn't reachable. A Failover event occurs if this address isn't reachable. "dormant_dns": type: boolean default: false required: false description: "Whether DNS is dormant (not configured) for the Failover interface in normal operation. During Failover this will be restored." "failover_physif": type: string required: false description: | Fail over to this network interface. failoverSettingsResponse: description: "The failover settings" type: object properties: "failover_settings": type: failoverSettings failoverSettingsPut: description: "The failover settings" type: object properties: "failover_settings": type: failoverSettings properties: "probe_physif": type: string description: | The interface through which the device will attempt to probe the given probe_address. A Failover event occurs if the probe_address isn't reachable on this interface. [**Optional when Failover is disabled**, computed_options:physifs_no_loopbacks] "failover_physif": type: string description: | Fail over to this network interface. Note that if this field is omitted when failover is enabled, it will be set to wwan0 (for compatibility with older releases). [**Optional when Failover is disabled**, computed_options:physifs_no_loopbacks] required: false portlogSettings: description: "The port log settings" type: object properties: "portlog_settings": type: object properties: "facility": type: string description: The syslog facility to use for port logs. enum: [ "daemon", "auth", "authpriv", "cron", "daemon", "ftp", "kern", "lpr", "mail", "news", "syslog", "user", "uucp", "local0", "local1", "local2", "local3", "local4", "local5", "local6", "local7" ] "severity": type: string description: The syslog severity to use for port logs. enum: [ "info", "alert", "critical", "debug", "emergency", "error", "info", "notice", "warning" ] exportType: type: object properties: "export": type: object failoverStatus: type: object properties: "failover_status": type: object properties: "status": description: "Failover status" type: string enum: [ "primary_starting", "primary_complete", "primary_stopping", "failover_starting", "failover_complete", "failover_stopping", "disabled", "unknown" ] cellFwInfoData: type: object properties: firmware: type: object properties: model: description: "The model name of this cell modem" type: string boot_version: description: "The version of the boot firmware on this cell modem" type: string amss_version: description: "The version of the AMSS (Advanced Mode Subscriber Software) on this cell modem" type: string sku_id: description: "The SKU (Stock Keeping Unit) that uniquely identifies this cell modem" type: string package_id: description: "The id of the update package used for the cell modem firmware" type: string carrier_id: description: "The id of the cellular carrier being used" type: string config_version: description: "The version of the config installed on this cell modem" type: string operating_mode: type: object properties: mode: description: "The connection status of this cell modem" type: string hw_restricted: description: "The status of hardware restriction on this cell modem" type: string cellFWInfo: description: "Cell Modem Firmware Information" type: object properties: "cellfw_info": type: cellFwInfoData getCellModemInfo: description: "Cell Modem Status Information" type: object properties: "cellmodem": type: object properties: "enabled": description: Is the cell modem currently enabled type: boolean required: false "device": description: Device name type: string required: false "up": description: Is this cell modem currently connected type: boolean required: false "signalStrength": description: Signal quality (%) (backwards compatable) type: integer required: false "signal_quality": description: Signal quality (%) type: integer required: false "rssi": description: Received Signal Strength Indicator (RSSI) type: integer required: false "technology": description: Access technology type: string required: false "modem_status": description: Modem status type: string required: false "failure_reason": description: Failure reason type: string required: false "ipv4_addresses": description: IPv4 addresses of the cell modem type: array required: false items: type: string "ipv6_addresses": description: IPv6 addresses of the cell modem type: array required: false items: type: string "failover": description: Details about whether failover is enabled on the cell modem required: false type: object properties: "enabled": description: Is Failover enabled type: boolean required: false "active": description: Is Failover active type: boolean required: false "dormant": description: Does the interface stay up when not failed-over to type: boolean required: false "sims": description: Details about the current SIM cards type: object properties: "active_sim": description: The current selected SIM type: number required: false "failover_status": description: The current SIM failover state type: string required: false enum: [ "disabled", "enabled", "failing_over", "failed_over", "failing_back", "unknown" ] "sim1": description: Details about SIM1 type: object properties: "iccid": description: SIM ICCID type: string required: false "carrier": description: SIM Carrier type: string required: false "apn": description: SIM APN type: string required: false "ip_type": description: SIM IP-Type type: string required: false "username": description: SIM User type: string required: false "imsi": description: SIM IMSI type: string required: false "state": description: Current state of the SIM type: string required: false "last_active": description: The time-stamp of the last time this SIM became active type: number required: false "last_update": description: The time-stamp of the last update type: number required: false "signal_strength": description: Signal strength of the modem connection with this SIM type: number required: false sim2: description: Details about SIM2 type: object properties: "iccid": description: SIM ICCID type: string required: false "carrier": description: SIM Carrier type: string required: false "apn": description: SIM APN type: string required: false "ip_type": description: SIM IP-Type type: string required: false "username": description: SIM User type: string required: false "imsi": description: SIM IMSI type: string required: false "state": description: Current state of the SIM type: string required: false "last_active": description: The time-stamp of the last time this SIM became active type: number required: false "last_update": description: The time-stamp of the last update type: number required: false "signal_strength": description: Signal strength of the modem connection with this SIM type: number required: false getCellModemSimInfo: description: "Cell Modem SIM Status Information" type: object properties: "cellmodem_sims": type: array items: type: getCellModemSimInfoResponseSingle getCellModemSimInfoResponseSingle: description: "Cell Modem SIM Status Information" type: object properties: "id": type: string "active": description: This SIM is the currently selected SIM type: boolean required: false "slot": description: SIM Slot type: number required: false "iccid": description: SIM ICCID type: string required: false "carrier": description: SIM Carrier type: string required: false "apn": description: SIM APN type: string required: false "ip_type": description: SIM IP-Type type: string required: false "username": description: SIM User type: string required: false "imsi": description: SIM IMSI type: string required: false "state": description: Current state of the SIM type: string required: false "last_active": description: The time-stamp of the last time this SIM became active type: number required: false "last_update": description: The time-stamp of the last update type: number required: false "signal_strength": description: Signal strength of the modem connection with this SIM type: number required: false getCellModemSimInfoResponseById: description: "Cell Modem SIM Status Information" type: object properties: "cellmodem_sim": type: getCellModemSimInfoResponseSingle routingDaemon: description: "Configure routing daemons" type: object properties: routing: type: object properties: bgpd: description: Border Gateway Protocol (BGP) is a gateway protocol that enables the Internet to exchange routing information between autonomous systems. type: object properties: enabled: description: Is bdgpd enabled type: boolean ospfd: description: Open Shortest Path First (OSPF) is a routing protocol for Internet Protocol (IP) networks. It uses a link state routing (LSR) algorithm and falls into the group of interior gateway protocols (IGPs), operating within a single autonomous system. type: object properties: enabled: description: Is ospfd enabled type: boolean router_id: type: string description: > A 32 bit number expressed in dotted decimal notation (A.B.C.D) that identifies the OSPF router. The number must be unique within the OSPF network and does not need to be a real IPv4 address. The highest RID will determine which node is the designated router (DR). [regexerr: Dotted decimal notation format required] pattern: ^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?){1}$|^$ required: false redistribute_connected: type: boolean description: > Whether or not to add 'redistribute_connected' option to the system OSPF configuration. If this is enabled, any directly connected network routes will be advertised to OSPF neighbours. required: false redistribute_static: type: boolean description: > Whether or not to add 'redistribute_static' option to the system OSPF configuration. If this is enabled, statically defined network routes will be advertised to OSPF neighbours. required: false redistribute_kernel: type: boolean description: > Whether or not to add 'redistribute_kernel' option to the system OSPF configuration. If this is enabled, static routes defined in the kernel will be advertised to OSPF neighbours. required: false interfaces: type: array description: The specific individual interface related parameters for OSPF. items: type: ospfConfigurationInterfaceItem required: false neighbors: type: array description: > Specifies the static OSPF neighbor devices for non-broadcast networks. Use this field to configure and manage specific OSPF neighbors manually. items: type: ospfConfigurationNeighborItem required: false networks: type: array description: The IP network configurations to enable the system OSPF service for. items: type: ospfConfigurationNetworkItem required: false managed_by: type: string description: | The user or system responsible for management of this object. If managed_by is set to a non-empty string then client interfaces (like the web ui or config shell) will prevent users from editing this object. Managed_by should be an intelligible string as client interfaces may display it to users. [visible:managed_by:!=::stored] required: false isisd: description: Intermediate System to Intermediate System (IS-IS) is a routing protocol designed to move information efficiently within a computer network, a group of physically connected computers or similar devices. It accomplishes this by determining the best route for data through a packet switching network. type: object properties: enabled: description: Is isisd enabled type: boolean ripd: description: Routing Information Protocol (RIP) is a distance-vector routing protocol which employs the hop count as a routing metric. RIP prevents routing loops by implementing a limit on the number of hops allowed in a path from source to destination. type: object properties: enabled: description: Is ripd enabled type: boolean getX509CertFileItem: type: object description: "This object contains information for an IPsec x509 certificate file." properties: "id": type: string description: "Database ID for this file." required: true "name": description: "The name of the file. This should contain the file extension." type: string required: true "content": description: "The content of the file stored either in plaintext PEM format or base64 encoded binary." type: string required: true "timestamp": description: "The last time the file was updated. This will be returned in rfc3339 format." type: string required: true getPrivateKeyItem: type: object description: "This object contains information for an IPsec private key file." properties: "id": type: string description: "Database ID for this file." required: true "name": description: "The name of the file. This should contain the file extension." type: string required: true "content": description: | The content of the file stored either in plaintext PEM format or base64 encoded binary. [sensitive] type: string required: true "password": description: | An optional password that can be used to decrypt the file. [sensitive] type: string required: false "timestamp": description: "The original time the file was uploaded in rfc3339 format." type: string required: true getX509BundleFileItem: type: object description: "This object contains information for an IPsec bundle file." properties: "id": type: string description: "Database ID for this file." required: true "name": description: "The name of the file. This should contain the file extension." type: string required: true "content": description: "The base64 encoded binary content of the file." type: string required: true "password": description: | An optional password that can be used to decrypt the file. [sensitive] type: string required: false "timestamp": description: "The last time the file was updated. This will be returned in rfc3339 format." type: string required: true getIPsecTunnelItem: type: object description: "This object contains configuration information for an IPsec tunnel." properties: "id": type: string description: "Database ID for this IPsec tunnel." "name": type: string description: "Each IPsec tunnel must have a unique symbolic name. The name can contain letters, digits, and hyphens. It will appear in log messages when the tunnel is being established. Use this to distinguish between multiple tunnels on the device." "enabled": type: boolean "initiate": type: boolean description: "When true, the device will actively initiate the tunnel by sending IKE negotiation packets to the remote end. If false, the tunnel will only be activated when an IKE negotiation is initiated by the remote end." "version": type: string description: "An IPsec tunnel can use either the IKEv1 or IKEv2 protocol. IKEv1 also provides the ability to run in aggressive mode which is not applicable to IKEv2" "keying_tries": type: integer description: "The number of attempts that should be made to negotiate a connection before giving up. The default value of 0 means 'never give up'." "dpd_enabled": required: false type: boolean "dpd_action": required: false type: string description: "Determines the action to perform on timeout." "dpd_delay": required: false type: integer description: "Defines the time interval between keep-alive exchanges sent to the peer." "dpd_timeout": type: integer description: "Defines the timeout period for a connection." "phase1_rekey_time": required: false type: integer description: "Controls the time between key material refreshes for the IKE. This is only valid for IKEv2 and 0s translates to disabled." "phase1_rekey_unit": required: false type: string description: "Determines the units for phase1_rekey_time." "phase1_reauth_time": required: false type: integer description: "Controls the time between IKE reauthentication. 0s translates to disabled." "phase1_reauth_unit": required: false type: string description: "Determines the units for phase1_reauth_time." "phase1_random_time": required: false type: integer description: "Time range from which to choose a random value to subtract from IKE rekey/reauth times. Is used to avoid both peers initiating the process simultaneously." "phase1_random_unit": required: false type: string description: "Determines the units for phase1_random_time." "phase1_over_time": required: false type: integer description: "The hard IKE SA lifetime if rekey/reauth does not complete. The default value is 10% of phase1_rekey_time or phase1_reauth_time, whichever is greater. The expiry of an IKE SA is calculated using this value plus phase1_rekey_time or phase1_reauth_time." "phase1_over_unit": required: false type: string description: "Determines the units for phase1_over_time." "phase2_rekey_time": required: false type: integer description: "Controls the time between key material refreshes for the CHILD_SA. 0s translates to disabled." "phase2_rekey_unit": required: false type: string description: "Determines the units for phase2_rekey_time." "phase2_random_time": required: false type: integer description: "Time range from which to choose a random value to subtract from IKE rekey/reauth times. Is used to avoid both peers initiating the process simultaneously." "phase2_random_unit": required: false type: string description: "Determines the units for phase2_random_time." "phase2_life_time": required: false type: integer description: "The maximum lifetime before an IPsec SA gets closed. The default value is 110% of phase2_rekey_time. The expiry of an IPsec SA is equivalent to this value." "phase2_life_unit": required: false type: string description: "Determines the units for phase2_life_time." "proposal": type: string description: "Algorithm to be used for Key Exchange for establishing this tunnel" (deprecatedProperty): since: 03/2021 "phase1_proposal": type: string description: "Algorithms to be used for Key Exchange (Phase 1) for establishing this tunnel" "phase2_proposal": type: string description: "Algorithms to be used for IPsec/Child SA (Phase 2) for this tunnel" "phase2_proposal_type": description: "IPsec/Child SA proposal type. ESP protocol or AH protocol can be selected" type: string enum: [ "esp", "ah" ] "local_id": type: string description: "Local IKE identity to use for authentication." "remote_id": type: string description: "Remote IKE identity to expect for authentication." "local_address": required: false type: string description: "Local address to be used for this IPsec tunnel. If left blank, this address will be automatically filled during key negotiation." "remote_address": required: false type: string description: "Remote address to be used for this IKE negotiation of this tunnel. If the local device does not initiate the tunnel, incoming requests must match this address." "encap": required: false type: boolean description: "Force encapsulation" "local_subnet": type: string description: "Local subnet traffic selector to be used for this tunnel. When left blank, this will be replaced by the outer local address of the tunnel upon negotiation." "remote_subnet": type: string description: "Remote subnet traffic selector to be used for this tunnel. When left blank, this will be replaced by the outer remote address of the tunnel upon negotiation." "auth_mode": type: string description: "Authentication type for this tunnel, 'psk' (Pre-Shared Key) or 'pki' (Public Key Infrastructure). If this field is not provided then 'psk' mode will be selected." enum: [ "psk", "pki", ] default: "psk" "shared_secret": required: false type: string description: | For the pre-shared key authentication mode, both ends of the tunnel must use the same key. This is required when auth_mode is set to 'psk'. [sensitive] "runtime_status": type: object properties: "established": type: boolean description: "This value is reported as true when the tunnel has been negotiated successfully and is currently active." postX509CertFileItem: type: object description: "This object contains information for an IPsec x509 certificate file." properties: "name": description: "The file's name." type: string required: true "content": description: "The content of the file stored either in plaintext PEM format or base64 encoded binary." type: string required: true postPrivateKeyItem: type: object description: "This object contains information for an IPsec private key file that may be encrypted with a password." properties: "name": description: "The file's name." type: string required: true "content": description: | The content of the file stored either in plaintext PEM format or base64 encoded binary. [sensitive] type: string required: true "password": description: | An optional password that can be used to decrypt the file. [sensitive] type: string required: false postX509BundleFileItem: type: object description: "This object contains information for an IPsec bundle file which is encrypted with a password (default is None)." properties: "name": description: "The file's name." type: string required: true "content": description: | The base64 encoded binary content of the file. [sensitive] type: string required: true "password": description: | An optional password that can be used to decrypt the file. [sensitive] type: string required: false postIPsecTunnelItem: type: object description: "This object contains configuration information for an IPsec tunnel." properties: "name": type: string description: "Each IPsec tunnel must have a unique symbolic name. The name can contain letters, digits, and hyphens. It will appear in log messages when the tunnel is being established. Use this to distinguish between multiple tunnels on the device." "enabled": type: boolean description: "Enables or disables the IPSec VPN Tunnel connection." "initiate": type: boolean required: true description: "When true, the device will actively initiate the tunnel by sending IKE negotiation packets to the remote end. If false, the tunnel will only be activated when an IKE negotiation is initiated by the remote end." "version": type: string enum: [ "IKEv2", "IKEv1", "IKEv1-aggressive", ] required: true description: "An IPsec tunnel can use either the IKEv1 or IKEv2 protocol. IKEv1 also provides the ability to run in aggressive mode which is not applicable to IKEv2" "keying_tries": required: false type: integer default: 0 description: "The number of attempts that should be made to negotiate a connection before giving up. The default value of 0 means 'never give up'." "dpd_enabled": required: false type: boolean default: false description: "Enables or disables Dead Peer Detection." "dpd_action": required: false type: string enum: [ "clear", "trap", "restart", ] default: restart description: | Determines the action to perform on timeout for Dead Peer Detection. [visible:dpd_enabled:=:true] "dpd_delay": required: false type: integer minimum: 0 default: 60 description: | Defines the time interval between keep-alive exchanges sent to the peer for Dead Peer Detection. [visible:dpd_enabled:=:true] "dpd_timeout": required: false type: integer minimum: 0 default: 90 description: | Defines the connection timeout period for Dead Peer Detection. [visible:dpd_enabled:=:true] "phase1_rekey_time": required: false type: integer minimum: 0 default: 4 description: "Controls the time between key material refreshes for the IKE. This is only valid for IKEv2 and 0s translates to disabled." "phase1_rekey_unit": required: false type: string enum: [ "seconds", "minutes", "hours", "days", "weeks", ] default: hours description: "Determines the units for phase1_rekey_time." "phase1_reauth_time": required: false type: integer minimum: 0 default: 0 description: "Controls the time between IKE reauthentication. 0s translates to disabled." "phase1_reauth_unit": required: false type: string enum: [ "seconds", "minutes", "hours", "days", "weeks", ] default: seconds description: "Determines the units for phase1_reauth_time." "phase1_random_time": required: false type: integer minimum: 0 description: "Time range from which to choose a random value to subtract from IKE rekey/reauth times. Is used to avoid both peers initiating the process simultaneously." "phase1_random_unit": required: false type: string enum: [ "seconds", "minutes", "hours", "days", "weeks", ] description: "Determines the units for phase1_random_time." "phase1_over_time": required: false type: integer minimum: 0 description: "The hard IKE SA lifetime if rekey/reauth does not complete. The default value is 10% of phase1_rekey_time or phase1_reauth_time, whichever is greater. The expiry of an IKE SA is calculated using this value plus phase1_rekey_time or phase1_reauth_time." "phase1_over_unit": required: false type: string enum: [ "seconds", "minutes", "hours", "days", "weeks", ] description: "Determines the units for phase1_over_time." "phase2_rekey_time": required: false type: integer minimum: 0 default: 1 description: "Controls the time between key material refreshes for the CHILD_SA. 0s translates to disabled." "phase2_rekey_unit": required: false type: string enum: [ "seconds", "minutes", "hours", "days", "weeks", ] default: hours description: "Determines the units for phase2_rekey_time." "phase2_random_time": required: false type: integer minimum: 0 description: "Time range from which to choose a random value to subtract from IKE rekey/reauth times. Is used to avoid both peers initiating the process simultaneously." "phase2_random_unit": required: false type: string enum: [ "seconds", "minutes", "hours", "days", "weeks", ] description: "Determines the units for phase2_random_time." "phase2_life_time": required: false type: integer minimum: 0 description: "The maximum lifetime before an IPsec SA gets closed. The default value is 110% of phase2_rekey_time. The expiry of an IPsec SA is equivalent to this value." "phase2_life_unit": required: false type: string enum: [ "seconds", "minutes", "hours", "days", "weeks", ] description: "Determines the units for phase2_life_time." "proposal": required: false type: string description: | Algorithm to be used for Key Exchange for establishing this tunnel. Note that this property is deprecated and the following properties should be used instead: - phase1_proposal - phase2_proposal [visible:never] (deprecatedProperty): replaceWith: { "phase1_proposal": "ike_proposals", "phase2_proposal": "ipsec_proposals", } since: 03/2021 "phase1_proposal": type: string description: | Algorithm proposals to be used for Key Exchange (Phase 1) for establishing this tunnel. A proposal is a set of algorithms. For non-AEAD algorithms, this includes for IKE an encryption algorithm, an integrity algorithm, a pseudo random function and a Diffie-Hellman group. For AEAD algorithms, instead of encryption and integrity algorithms, a combined algorithm is used. See the following pages to check which algorithms are supported by strongswan. - IKEv1 Cipher Suites: https://wiki.strongswan.org/projects/strongswan/wiki/IKEv1CipherSuites - IKEv2 Cipher Suites: https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites Multiple proposals may be provided through a comma-separated string. - example: aes128-sha256-ecp256,aes128-sha256-modp2048 Multiple algorithm types may be present in a single proposal (natively supported in IKEv2 and our backend will split it for IKEv1 cases). - example: aes128-aes256-sha256-sha384-ecp256-modp2048 (single proposal with 2 encryption algorithms, 2 integrigity algorithms and 2 DH groups) See also swanctl.conf connections..proposals field: https://wiki.strongswan.org/projects/strongswan/wiki/Swanctlconf required: false default: default "phase2_proposal": type: string description: | Algorithm proposals to be used for IPsec/Child SA (Phase 2) for this tunnel. See phase1_proposal's description to for more information about proposals. See also swanctl.conf ah_proposals and esp_proposals fields: https://wiki.strongswan.org/projects/strongswan/wiki/Swanctlconf required: false default: default "phase2_proposal_type": description: "IPsec/Child SA proposal type. ESP protocol (encryption + authentication) or AH protocol (authentication only) can be selected" type: string enum: [ "esp", "ah" ] default: "esp" required: false "local_id": required: false type: string description: "Local IKE identity to use for authentication." "remote_id": required: false type: string description: "Remote IKE identity to expect for authentication." "local_address": required: false type: string description: "Local address to be used for this IPsec tunnel. If left blank, this address will be automatically filled during key negotiation." "remote_address": required: false type: string description: | Remote address to be used for this IKE negotiation of this tunnel. If the local device does not initiate the tunnel, incoming requests must match this address. [required:initiate:=:true] "encap": required: false type: boolean default: false description: "Force UDP encapsulation for ESP packets. This is used for NAT traversal." "local_subnet": required: false type: string description: "Local subnet traffic selector to be used for this tunnel. When left blank, this will be replaced by the outer local address of the tunnel upon negotiation." "remote_subnet": required: false type: string description: "Remote subnet traffic selector to be used for this tunnel. When left blank, this will be replaced by the outer remote address of the tunnel upon negotiation." "auth_mode": required: false type: string description: "Authentication type for this tunnel, 'psk' (Pre-Shared Key) or 'pki' (Public Key Infrastructure). If this field is not provided then 'psk' mode will be selected." enum: [ "psk", "pki", ] default: "psk" "shared_secret": required: false type: string description: | For the pre-shared key authentication mode, both ends of the tunnel must use the same key. This is required when auth_mode is set to 'psk'. When the secret starts with "0s", base64 encoding is expected for the rest of the password. Example: 0sZGVmYXVsdA== Likewise, when the secret starts with "0x", hexadecimal encoding is expected for the rest of the password. Example: 0x64656661756c74 [sensitive,visible:auth_mode:=:psk,required:auth_mode:=:psk] getCaCertificateListResponse: type: object properties: "x509_ca_certificates": type: array items: type: getX509CertFileItem getCaCertificateResponse: type: object properties: "x509_ca_certificate": type: getX509CertFileItem postCaCertificateBody: type: object properties: "x509_ca_certificate": type: postX509CertFileItem getCrlFileListResponse: type: object properties: "x509_crls": type: array items: type: getX509CertFileItem getCrlFileResponse: type: object properties: "x509_crl": type: getX509CertFileItem postCrlFileBody: type: object properties: "x509_crl": type: postX509CertFileItem getX509BundleListResponse: type: object properties: "x509_bundles": type: array items: type: getX509BundleFileItem getX509BundleResponse: type: object properties: "x509_bundle": type: getX509BundleFileItem postX509BundleBody: type: object properties: "x509_bundle": type: postX509BundleFileItem getX509CertificateListResponse: type: object properties: "x509_certificates": type: array items: type: getX509CertFileItem getX509CertificateResponse: type: object properties: "x509_certificate": type: getX509CertFileItem postX509CertificateBody: type: object properties: "x509_certificate": type: postX509CertFileItem getPrivateKeyListResponse: type: object properties: "private_keys": type: array items: type: getPrivateKeyItem getPrivateKeyResponse: type: object properties: "private_key": type: getPrivateKeyItem postPrivateKeyBody: type: object properties: "private_key": type: postPrivateKeyItem getTunnelListResponse: type: object properties: "ipsec_tunnels": type: array items: type: getIPsecTunnelItem getTunnelResponse: type: object properties: "ipsec_tunnel": type: getIPsecTunnelItem putTunnelBody: type: object properties: "ipsec_tunnel": type: postIPsecTunnelItem networkInterfaceMap: type: object properties: "interface": type: string description: | Reference to a physif ID [computed_options:physif_no_master] "attributes": description: A list of attributes to monitor type: array items: type: string enum: [ "address", "broadcast", "carrier", "carrier_changes", "family", "flags", "group", "ifi_type", "ifname", "index", "ipaddr", "ipdb_priority", "ipdb_scope", "kind", "linkmode", "mtu", "neighbours", "num_rx_queues", "num_tx_queues", "operstate", "ports", "promiscuity", "qdisc", "txqlen", ] getAutoResponseBeaconListItem: description: "An Auto-Response Beacon" type: object properties: "id": type: string description: "Database ID for this Auto-Response Beacon." "name": type: string description: "Each Auto-Response Beacon must have a unique symbolic name. Use this to distinguish between multiple beacons on the device." "description": type: string required: false description: "Each Auto-Response Beacon may have an optional description." "module": type: string required: true description: "The corresponding 'salt' Auto-Response module this Beacon will use." enum: [ "btmp", "cell_connection", "cell_signal_strength", "curl", "custom_cmd", "load", "mem", "network", "ping", "serial_login", "serial_pattern", "serial_signal", "cell_message", "wtmp" ] "interval": type: number description: "Interval in seconds between running the Auto-Response Beacon" required: false "enable": type: boolean description: "Turn on this Auto-Response Beacon" "cell_signal_strength": type: object description: | The Playbook will be triggered if the cellular signal strength moves below the given threshold [visible:module:=:cell_signal_strength,required:module:=:cell_signal_strength] required: false properties: "threshold": type: number minimum: 0 maximum: 99 "on_change_only": type: boolean "emit_at_startup": type: boolean "cell_message": type: object description: | The Playbook will be triggered when an SMS message that matches the message pattern is received from any of the configured phone numbers. [visible:module:=:cell_message,required:module:=:cell_message] required: false properties: "message_pattern": type: string "phone_numbers": type: array "curl": type: object description: | Periodically attempts to perform a HTTP request using curl and triggers the Playbook based on the results [visible:module:=:curl,required:module:=:curl] required: false properties: "urls": type: array "request": type: string "on_change_only": type: boolean default: true "data": type: string required: false "max_time": type: number required: false "custom_cmd": type: object description: | Periodically run a custom command and trigger the Playbook on failure. [visible:module:=:custom_cmd] required: false properties: "shell_command": type: string "timeout": type: number "load": type: object description: | Monitors the system load average and triggers the Playbook if it breaches the acceptable range in any period [visible:module:=:load] required: false properties: "one_minute": type: object properties: "low": type: number format: float minimum: 0 maximum: 100 "high": type: number format: float minimum: 0 maximum: 100 "five_minute": type: object properties: "low": type: number format: float minimum: 0 maximum: 100 "high": type: number format: float minimum: 0 maximum: 100 "fifteen_minute": type: object properties: "low": type: number format: float minimum: 0 maximum: 100 "high": type: number format: float minimum: 0 maximum: 100 "emit_at_startup": type: boolean "on_change_only": type: boolean "mem": type: object description: | The Playbook is triggered if the system memory usage exceeds the given threshold [visible:module:=:mem] required: false properties: "percent": type: number format: float minimum: 0 maximum: 100 "on_change_only": type: boolean "network": type: object description: | Monitor network interfaces for specific attributes and trigger when they change [visible:module:=:network] required: false properties: "coalesce": type: string "interfaces": type: array items: type: networkInterfaceMap "ping": type: object description: | Periodically ping an address and trigger on failure [visible:module:=:ping] required: false properties: "interface": type: string description: | "Reference to a physif ID" [computed_options:physif_no_master|physifs_no_loopbacks] "destination": type: string "on_change_only": type: boolean "serial_login": type: object description: | Monitor the serial ports and trigger on user login and logout events [visible:module:=:serial_login] required: false properties: "check_login": type: boolean default: true "check_logout": type: boolean default: true "ports": type: array items: type: string description: | Reference to a port ID [computed_options:port_consoleservers] "serial_signal": type: object description: | Monitor the given serial ports and trigger when signals are changed [visible:module:=:serial_signal] required: false properties: "ports": type: array items: type: string description: | Reference to a port ID [computed_options:port_consoleservers] "signals": type: array items: type: string enum: [cts, dcd, dsr, dtr, rts] description: "List of serial signal types to filter events on" "serial_patterns": type: array required: false description: | Monitor the serial ports and trigger when data matching a pattern is received on specific ports [visible:module:=:serial_pattern] items: type: object required: false properties: "pattern": type: string "disconnect": type: boolean default: false "trigger_rx": type: boolean default: true "trigger_tx": type: boolean default: true "ports": type: array items: type: string description: | Reference to a port ID [computed_options:port_consoleservers] "wtmp": type: object description: | Monitor the terminal and trigger on user login and logout events. [visible:module:=:wtmp] required: false properties: "login": type: boolean "logout": type: boolean "actions": type: array description: "The list of references to actions along with the resolution values to use for that action" items: type: object properties: "action": type: string description: | [reference:auto_response/reaction:name] "resolution_values": type: array required: false default: [] description: | [visible:parent.module:in:cell_signal_strength|curl|custom_cmd|ping,required:parent.module:in:cell_signal_strength|curl|custom_cmd|ping] items: type: string enum: [ "resolve", "trigger" ] "dependant_keys_any": type: array required: false description: | "A list of keys that are or'd to determine the Auto-Response Beacon state" [visible:never] "dependant_keys_all": type: array required: false description: | "A list of keys that are and'd to determine the Auto-Response Beacon state" [visible:never] getAutoResponseBeaconListResponse: description: "A list of Auto-Response Beacons" type: object properties: "beacons": type: array items: type: getAutoResponseBeaconListItem meta: metaResponse bulkDeleteAutoResponseBeaconList: description: "A list of auto-response beacon ids" type: object properties: "auto_response_beacon": type: array items: type: string setAutoResponseBeacon: description: "A single Auto-Response Beacon" type: object properties: "auto_response_beacon": type: object properties: "name": type: string description: "Each Auto-Response Beacon must have a unique symbolic name. Use this to distinguish between multiple beacons on the device." "description": type: string required: false description: "Each Auto-Response Beacon may have an optional description." "module": type: string required: true description: "The corresponding 'salt' Auto-Response module this Beacon will use." enum: [ "btmp", "cell_connection", "cell_signal_strength", "curl", "custom_cmd", "load", "mem", "network", "ping", "serial_login", "serial_pattern", "serial_signal", "cell_message", "wtmp" ] "interval": type: number description: "Interval in seconds between running the Auto-Response Beacon" required: false "enable": type: boolean description: "Turn on this Auto-Response Beacon" required: false default: false "cell_signal_strength": type: object required: false description: | The Playbook will be triggered if the cellular signal strength moves below the given threshold [visible:module:=:cell_signal_strength] properties: "threshold": type: number minimum: 1 maximum: 99 "on_change_only": type: boolean required: false default: true "emit_at_startup": type: boolean required: false default: true "cell_message": type: object required: false description: | The Playbook will be triggered when an SMS message that matches the message pattern is received from any of the configured phone numbers. [visible:module:=:cell_message] properties: "message_pattern": type: string "phone_numbers": type: array "curl": type: object required: false description: | Periodically attempts to perform a HTTP request using curl and triggers the Playbook based on the results [visible:module:=:curl] properties: "urls": type: array "request": type: string required: false default: "GET" "on_change_only": type: boolean required: false default: true "data": type: string required: false "max_time": type: number required: false "custom_cmd": type: object required: false description: | Periodically run a custom command and trigger the Playbook on failure. [visible:module:=:custom_cmd] properties: "shell_command": type: string "timeout": type: number required: false default: 10 minimum: 1 "load": type: object required: false description: | Monitors the system load average and triggers the Playbook if it breaches the acceptable range in any period [visible:module:=:load] properties: "one_minute": type: object properties: "low": type: number format: float minimum: 0 maximum: 100 "high": type: number format: float minimum: 0 maximum: 100 "five_minute": type: object properties: "low": type: number format: float minimum: 0 maximum: 100 "high": type: number format: float minimum: 0 maximum: 100 "fifteen_minute": type: object properties: "low": type: number format: float minimum: 0 maximum: 100 "high": type: number format: float minimum: 0 maximum: 100 "emit_at_startup": type: boolean required: false default: true "on_change_only": type: boolean required: false default: false "mem": type: object required: false description: | The Playbook is triggered if the system memory usage exceeds the given threshold [visible:module:=:mem] properties: "percent": type: number format: float minimum: 0 maximum: 100 "on_change_only": type: boolean required: false default: false "network": type: object required: false description: | Monitor network interfaces for specific attributes and trigger when they change [visible:module:=:network] properties: "interfaces": type: array items: type: networkInterfaceMap "coalesce": type: boolean "ping": type: object required: false description: | Periodically ping an address and trigger on failure [visible:module:=:ping,required:module:=:ping] properties: "interface": type: string description: | "Reference to a physif ID" [computed_options:physif_no_master|physifs_no_loopbacks] "destination": type: string "on_change_only": type: boolean required: false default: true "serial_login": type: object required: false description: | Monitor the serial ports and trigger on user login and logout events [visible:module:=:serial_login] properties: "check_login": type: boolean required: false default: true "check_logout": type: boolean required: false default: true "ports": type: array items: type: string description: | Reference to a port ID [computed_options:port_consoleservers_all] "serial_signal": type: object required: false description: | Monitor the given serial ports and trigger when signals are changed [visible:module:=:serial_signal] properties: "ports": type: array items: type: string description: | Reference to a port ID" [computed_options:port_consoleservers_all] "signals": type: array items: type: string enum: [cts, dcd, dsr, dtr, rts] description: "List of serial signal types to filter events on" "serial_patterns": type: array required: false description: | Monitor the serial ports and trigger when data matching a pattern is received on specific ports [visible:module:=:serial_pattern] items: type: object required: false properties: "pattern": type: string "disconnect": type: boolean required: false default: false "trigger_rx": type: boolean required: false default: true "trigger_tx": type: boolean required: false default: true "ports": type: array items: type: string description: | Reference to a port ID [computed_options:port_consoleservers_all] "wtmp": type: object required: false description: | Monitor the terminal and trigger on user login and logout events. [visible:module:=:wtmp] properties: "login": type: boolean default: true "logout": type: boolean default: true "actions": type: array description: "The list of references to actions along with the resolution values to use for that action" items: type: object properties: "action": type: string description: | [reference:auto_response/reaction:name] "resolution_values": type: array required: false default: [] description: | [visible:parent.module:in:cell_signal_strength|curl|custom_cmd|ping,required:parent.module:in:cell_signal_strength|curl|custom_cmd|ping] items: type: string enum: [ "resolve", "trigger" ] "dependant_keys_any": type: array required: false description: | "A list of keys that are or'd to determine the Auto-Response Beacon state" [visible:never] "dependant_keys_all": type: array required: false description: | "A list of keys that are and'd to determine the Auto-Response Beacon state" [visible:never] getAutoResponseBeaconResponse: description: "A single Auto-Response Beacon" type: object properties: "auto_response_beacon": type: getAutoResponseBeaconListItem getAutoResponseReactionListItem: description: "An Auto-Response Reaction" type: object properties: "id": type: string description: "Database ID for this Auto-Response Reaction." "name": type: string description: "Each Auto-Response Reaction has a non-unique name to help distinguish it." "sub_type": type: string description: "The type of Auto-Response Reaction." enum: [ "cell_message_react", "custom_command", "serial_text", "slack", "snmp", ] "custom_command": type: object description: | [visible:sub_type:=:custom_command,required:sub_type:=:custom_command] required: false properties: "shell_command": type: string "timeout": type: number "cell_message_react": type: object description: | [visible:sub_type:=:cell_message_react,required:sub_type:=:cell_message_react] required: false properties: "phone_numbers": type: array "message": type: string "serial_text": type: object description: | [visible:sub_type:=:serial_text,required:sub_type:=:serial_text] required: false properties: "port": type: string description: | Reference to a port ID [computed_options:port_consoleservers_all] "command": type: string "response": type: string "timeout": type: number minimum: 0 "slack": type: object description: | [visible:sub_type:=:slack,required:sub_type:=:slack] required: false properties: "channels": type: array "message": type: string "from_name": type: string "api_key": type: string "snmp": type: object description: | [visible:sub_type:=:snmp,required:sub_type:=:snmp] required: false properties: "oid": type: string "timeout": type: number "var_binds": type: array items: type: object properties: "mib_oid": type: string "mib_type": type: string "mib_value": type: string getAutoResponseReactionListResponse: description: "A list of Auto-Response Reactions" type: object properties: "reactions": type: array required: false items: type: getAutoResponseReactionListItem meta: metaResponse setAutoResponseReaction: description: "A single Auto-Response Reaction" type: object properties: "auto_response_reaction": type: object properties: "name": type: string description: "Each Auto-Response Reaction must have a unique symbolic name. Use this to distinguish between multiple Auto-Response Reaction's on the device." "sub_type": type: string description: "The type of Auto-Response Reaction." enum: [ "cell_message_react", "custom_command", "serial_text", "slack", "snmp", ] "custom_command": type: object required: false description: | [visible:sub_type:=:custom_command,required:sub_type:=:custom_command] properties: "shell_command": type: string "timeout": type: number required: false default: 10 minimum: 1 "cell_message_react": type: object required: false description: | [visible:sub_type:=:cell_message_react,required:sub_type:=:cell_message_react] properties: "phone_numbers": type: array "message": type: string "serial_text": type: object required: false description: | [visible:sub_type:=:serial_text,required:sub_type:=:serial_text] properties: "port": type: string description: | Reference to a port ID [computed_options:port_consoleservers] "command": type: string "response": type: string "timeout": type: number required: false default: 10 minimum: 1 "slack": type: object required: false description: | [visible:sub_type:=:slack,required:sub_type:=:slack] properties: "channels": type: array "message": type: string "from_name": type: string "api_key": type: string "snmp": type: object required: false description: | [visible:sub_type:=:snmp,required:sub_type:=:snmp] properties: "oid": type: string "timeout": type: number default: 10 minimum: 1 "var_binds": type: array items: type: object properties: "mib_oid": type: string "mib_type": type: string "mib_value": type: string getAutoResponseReactionResponse: description: "A single Auto-Response Reaction" type: object properties: "auto_response_reaction": type: getAutoResponseReactionListItem bulkDeleteAutoResponseReactionList: description: "A list of auto-response reaction ids" type: object properties: "auto_response_reaction": type: array items: type: string getAutoResponseBeaconStatusItem: description: "The Auto-Response Status of a Beacon" type: object properties: "id": type: string description: "Database ID for this Auto-Response Beacon." "name": type: string description: "Each Auto-Response Beacon must have a unique symbolic name. Use this to distinguish between multiple beacons on the device." "module": type: string description: "The corresponding 'salt' Auto-Response module this Beacon is using." enum: [ "btmp", "cell_connection", "cell_signal_strength", "curl", "custom_cmd", "load", "mem", "network", "ping", "serial_login", "serial_pattern", "serial_signal", "cell_message", "wtmp" ] "trigger_count": type: integer description: "The number of Auto-Response Beacon events that were triggered, includes resolved events" "last_triggered": type: string required: false description: "The date and timestamp when the last Auto-Response Beacon event occurred" "beacon_data": type: object required: false description: "The data the Auto-Response Beacon was triggered with" "events": type: array required: false description: "The Auto-Response Beacon events since last boot" getAutoResponseStatus: description: "The Auto-Response Status" type: object properties: "auto_response_status": type: object properties: "beacons": type: array description: "Status for all Beacons" items: type: getAutoResponseBeaconStatusItem getAutoResponseBeaconStatus: description: "A single Auto-Response Beacon Status" type: object properties: "auto_response_status": type: getAutoResponseBeaconStatusItem getAutoResponseBeaconStatusBeaconModules: description: "The Auto-Response Status of all the Beacon Modules" type: object properties: "module": type: string required: true description: "The corresponding 'salt' Auto-Response beacon module." enum: [ "btmp", "cell_connection", "cell_signal_strength", "curl", "custom_cmd", "load", "mem", "network", "ping", "serial_login", "serial_pattern", "serial_signal", "cell_message", "wtmp" ] "resolution_values": type: array required: false default: [] description: | "The list of resolution values to filter on for a reaction for this beacon module." [visible:module:in:cell_signal_strength|curl|custom_cmd|ping,required:module:in:cell_signal_strength|curl|custom_cmd|ping] items: type: string enum: [ "resolve", "trigger" ] getAutoResponseStatusBeaconByModule: description: "Auto-Response status by id." type: object properties: "beacon-module": type: getAutoResponseBeaconStatusBeaconModules getAutoResponseStatusBeaconModules: description: "The Auto-Response Status for all Beacon Modules." type: object properties: "beacon-modules": type: array description: "Status for all Beacon Modules" items: type: getAutoResponseBeaconStatusBeaconModules snmpPduSettings: description: "The SNMP configuration to access the PDU." type: object properties: "protocol": type: string description: | The protocol that is used to access this PDU via SNMP. The default protocol is UDP. enum: [ "UDP", "TCP", ] default: "UDP" "address": type: string description: | The network address of this PDU to be accessed via SNMP. "port": type: integer description: | The port to be used to access this PDU via SNMP. minimum: 1 maximum: 65535 required: false "version": type: string description: | The version of SNMP used to access this PDU. enum: [ "1", "2c", "3", ] "community": type: string required: false description: | The community string used to access this PDU via SNMP. [visible:version:in:1|2c,required:version:in:1|2c] "auth_protocol": type: string enum: [ "SHA", "MD5", ] required: false description: | The authentication protocol used to access this PDU via SNMPv3. [visible:version:=:3,visible:security_level:in:authNoPriv|authPriv] "auth_password": type: string description: | The authentication password to access this PDU via SNMPv3. [sensitive,visible:version:=:3,visible:security_level:in:authNoPriv|authPriv] required: false "security_name": type: string required: false description: | The security name used to access this PDU via SNMPv3. [visible:version:=:3,required:version:=:3] "engine_id": type: string required: false description: | The unique identifier string of the SNMP agent of this PDU. [visible:version:=:3] "privacy_protocol": type: string enum: [ "AES", "DES", ] required: false description: | The privacy protocol used to access this PDU via SNMPv3. [visible:version:=:3,visible:security_level:=:authPriv] "privacy_password": type: string required: false description: | The privacy password used to access this PDU via SNMPv3. [sensitive,visible:version:=:3,visible:security_level:=:authPriv] "security_level": type: string enum: [ "noAuthNoPriv", "authNoPriv", "authPriv", ] required: false default: "authPriv" description: | The security level to access this PDU via SNMPv3. [visible:version:=:3] snmpPduSettingsID: description: "The SNMP configuration to access the PDU." type: snmpPduSettings properties: "id": type: string description: | The unique identifier for this SNMP PDU. serialPduSettings: description: "The serial configuration for a PDU." type: object properties: "username": type: string required: false description: | The user account on the PDU that will be used for access over serial connection. "password": type: string required: false description: | The password to be used to access this PDU over serial connection. [sensitive] "port": type: string description: | The port ID that is associated with this PDU. [computed_options:port_consoleservers_all] serialPduSettingsID: description: "The serial configuration for a PDU." type: serialPduSettings properties: "id": type: string description: | The unique identifier of this serial PDU configuration. pduOutlet: description: "An outlet on a power distribution unit." type: object properties: "number": type: integer description: The outlet number of this PDU. (read only) "name": type: string description: The name associated with this PDU outlet. required: false "port": type: string required: false description: | The serial port ID that is associated with this PDU outlet. [computed_options:port_consoleservers_all] "status": type: string required: false description: | [visible:never] "status_timestamp": type: string required: false description: | [visible:never] "last_action": type: string required: false description: | [visible:never] "last_action_timestamp": type: string required: false description: | [visible:never] pduOutletID: description: "An outlet on a power distribution unit." type: pduOutlet properties: "id": type: string description: | The unique identifier for the PDU outlet. pduDriver: description: "A PDU driver." type: object properties: "id": type: string description: | The identifier of the PDU driver to use. [computed_options:driver_list] "name": type: string required: false description: | The name of the PDU driver. [visible:never,required:never] PDU: description: "Get a PDU specified by ID." type: object properties: "name": type: string description: "A unique user specified name for the PDU." "driver": type: pduDriver required: true description: | The driver to use to control and monitor the PDU. "method": type: string description: "The method to used to access the PDU, can be 'snmp', 'powerman' or 'shell'." enum: [ "powerman", "shell", "snmp" ] "monitor": type: boolean description: "If true the pdu outlets are monitored for any change in status." "id": type: string description: "The unique id of the PDU." "outlet_count": required: false type: integer description: "The number of outlets on the PDU." "powerman": type: serialPduSettingsID required: false description: | The configuration for the powerman PDU method. [visible:method:=:powerman] "shell": type: serialPduSettingsID required: false description: | The configuration for the shell PDU method. [visible:method:=:shell] "snmp": type: snmpPduSettingsID required: false description: | The configuration for the SNMP PDU method. [visible:method:=:snmp] "outlets": type: array required: false description: The list of power outlets controlled by this PDU. items: type: pduOutletID setPDU: description: "Set a pdu specified by ID." type: object properties: "pdu": "type": object properties: "name": type: string description: "A unique user specified name for the PDU." "driver": type: pduDriver description: | "The driver to use to control and monitor the PDU." [visible:method:in:powerman|shell|snmp] "method": type: string description: "The method to used to access the PDU, can be 'snmp', 'powerman' or 'shell'." enum: [ "powerman", "shell", "snmp" ] "monitor": type: boolean description: "If true the pdu outlets are monitored for any change in status." "powerman": type: serialPduSettings required: false description: | The configuration for the powerman PDU method. [visible:method:=:powerman] "shell": type: serialPduSettings required: false description: | The configuration for the shell PDU method. [visible:method:=:shell] "snmp": type: snmpPduSettings required: false description: | The configuration for the SNMP PDU method. [visible:method:=:snmp] "outlets": type: array required: false description: The list of power outlets controlled by this PDU. items: type: pduOutlet PDUId: type: object properties: "pdu": type: PDU PDUList: description: "Get the list of configured PDUs." type: object properties: "pdus": type: array items: type: PDU ipPassthrough: description: "The IP Passthrough settings" type: object properties: "ip_passthrough": type: object properties: "enabled": type: boolean description: Enable or disable IP Passthrough. "passthrough_physif": type: string description: | The network interface port used for ethernet connection to the downstream device. [**Optional when IP Passthrough is disabled**, computed_options:physifs_no_loopbacks] "mac_address": type: string description: | The downstream device's MAC address that is connected to the NetOps Console Server. If mac_address is not specified, the NetOps Console Server will connect to the first downstream device requesting a DHCP assigned IP address. All 3 of the standard MAC formats are accepted (00:00:00:00:00:00, 00-00-00-00-00-00, 0000.0000.0000) but the system converts to 00:00:00:00:00:00 format for storage and replies. If this field is empty when IP Passthrough is to be disabled, the stored MAC address will be removed. required: false "service_intercepts": type: object description: > Service intercepts allow specific protocols to be accessed on the NetOps Console Server in addition to those found on the downstream device. required: true properties: "https": type: integer description: | Choose an unused port number, so that the HTTPS server on the NetOps Console Server can be accessed. This will not impede traffic bound for the downstream device's configured HTTPS port. If _https_ is an empty field, omitted entirely, or set to 0, incoming HTTPS connections are passed through to the downstream device by default, and the NetOps Console Server's HTTPS server will be inaccessible via incoming connections through the cellular interface. required: false "ssh": type: integer description: | Choose an unused port number, so that the SSH server on the NetOps Console Server can be accessed. This will not impede traffic bound for the downstream device's configured SSH port. If _ssh_ is an empty field, omitted entirely, or set to 0, incoming SSH connections are passed through to the downstream device by default, and the NetOps Console Server's SSH server will be inaccessible via incoming connections through the cellular interface. required: false "allowlist": description: | A list of allowed addresses (x.x.x.x) or networks (x.x.x.x/y). If this list is empty, any address that is not explicitly blocked will be allowed. type: array required: false items: type: string "blocklist": description: | A list of blocked addresses (x.x.x.x) or networks (x.x.x.x/y). type: array required: false items: type: string ipPassthroughStatus: description: "The IP Passthrough status information" type: object properties: "ip_passthrough_status": type: object properties: "status": type: string description: | A status value indicating the current state of the IP Passthrough connection with a downstream device. enum: [ "disabled", "cell_not_active", "connecting", "active" ] "downstream_ip": type: string description: | The IP address taken from the device's cellular modem and assigned to the downstream device. "downstream_mac": type: string description: | The MAC address of the downstream device that has been assigned the cellular IP address. portAutoDiscoveryParameters: description: "The Port Auto-Discovery trigger parameters" type: object properties: auto_discover: description: "The Port Auto-Discovery root object" type: object properties: ports: description: "The list of ports (as integers) to discover. Setting this value to **null** will result in all ports being set for Auto-Discovery." type: integer[] | nil username: required: false type: string description: | The username that port discovery will use when attempting to login password: required: false type: string description: | The password that port discovery will use when attempting to login [sensitive] apply_config: required: false type: boolean default: true description: | Port discovery will store the discovered settings when this flag is true auth_timeout: required: false type: integer minimum: 0 maximum: 600 default: 0 description: | Authentication Timeout in seconds. When the value is 0, port discovery will use it's default timeout settings hostname_pattern: required: false type: string default: "" example: ".+" description: | Regex Pattern to match on a hostname label. When empty, port_discovery will use it's default hostname pattern settings (".+") portAutoDiscoveryState: description: "The Port Auto-Discovery state object" type: object properties: auto_discover: description: "The Port Auto-Discovery root object" type: object properties: status: description: "The status, as returned by the Port Auto-Discover process" type: string portAutoDiscoverySchedule: description: "The Port Auto-Discovery Scheduling object" type: object properties: auto_discover_schedule: description: "The Port Auto-Discovery scheduling root object" properties: enabled: type: boolean description: Controls if periodic port auto-discovery is active. default: false username: required: false type: string description: | The username that port discovery will use when attempting to login password: required: false type: string description: | The password that port discovery will use when attempting to login [sensitive] apply_config: required: false type: boolean default: true description: | Port discovery will store the discovered settings when this flag is true auth_timeout: required: false type: integer minimum: 0 maximum: 600 default: 0 description: | Authentication Timeout in seconds. When the value is 0, port discovery will use it's default timeout settings hostname_pattern: required: false type: string default: "" example: ".+" description: | Regex Pattern to match on a hostname label. When empty, port_discovery will use it's default hostname pattern settings (".+") period: type: string description: Specify the frequency type for the schedule. enum: [ "daily", "weekly", "monthly" ] day_of_month: type: integer description: | The day of the month to perform discovery on. Valid values are 1 to 31. Be aware that values over 28 means discovery will not run on some months. [visible:period:=:monthly,required:period:=:monthly] minimum: 1 maximum: 31 required: false day_of_week: description: | The day of the week to perform discovery on. Valid values are 0 (Sunday) to 6 (Saturday). [visible:period:=:weekly,required:period:=:weekly] type: integer minimum: 0 maximum: 6 required: false hour: type: integer description: | The hour of the day to perform discovery on. Valid values are 0 to 23. minimum: 0 maximum: 23 minute: type: integer description: | The minute of the hour to perform discovery on. Valid values are 0 to 59. minimum: 0 maximum: 59 ports: description: | The list of ports (as devices) to discover. [computed_options:port_consoleservers_all] type: string[] | number[] portAutoDiscoveryLogList: description: List of auto discovery logs filter from syslog. type: object properties: auto_discover_log: type: object properties: no_of_log_lines: integer log_lines: type: array items: type: string portAutoDiscoveryLastRunLogList: description: List of auto discovery logs filter from syslog. type: object properties: auto_discover_last_run_log: type: object properties: no_of_log_lines: integer log_lines: type: array items: type: string staticRouteItem: description: "The static route data item" type: object properties: destination_address: type: string description: "The destination network/host that the route provides access to." destination_netmask: type: integer description: "Netmask for IPv4/IPv6 (CIDR format)." minimum: 0 maximum: 128 gateway_address: type: string required: false description: | The IPv4/IPv6 address of the router gateway that will route packets to the destination address. If this property is not provided, the interface property must be given. interface: type: string required: false description: | The network interface to be associated with the route. If this property is not provided, the gateway_address property must be given. [computed_options:physifs_no_loopbacks] metric: type: integer required: false description: | The route metric, which represents the cost of routing packets via this route. Lower metric routes will be used in preference to higher metric routes minimum: 0 staticRouteItemWithId: description: "The static route data item with id" type: staticRouteItem properties: id: type: string description: "Unique id of item" multi_field_identifier: type: string description: "A string which can be used to uniquely identify this static route" getStaticRoutesList: description: "The static routes list object" type: object properties: static_routes: description: "The root object" type: array items: type: staticRouteItemWithId putStaticRoutesList: description: "The static routes object put object" type: object properties: static_routes: description: "The root object" type: array items: type: staticRouteItem getStaticRouteItem: description: "The static route get object" type: object properties: static_route: description: "The root object" type: staticRouteItemWithId putStaticRouteItem: description: "The static route put object" type: object properties: static_route: description: "The root object" type: staticRouteItem postStaticRouteItem: description: "The static routes post object" type: object properties: static_route: description: "The root object" type: staticRouteItem postStaticRouteItemResult: description: "The static routes post object result" type: object properties: static_route: description: "The root object" type: staticRouteItemWithId tftpGet: type: object properties: tftp: type: object properties: enabled: type: boolean description: Enable the TFTP service. path: type: string description: | The storage location of the TFTP server on disk. The default location is `/mnt/nvram/srv`. [regexerr:A '/' at the beginning of the filepath followed by at least one alphanumeric character] pattern: ^\/([A-Za-z0-9]){1}(.)*$ ntpKey: type: object properties: value: required: false type: string description: | The key value [optional:always,sensitive] index: required: false type: integer minimum: 1 description: | The key ID [optional:always] format: required: false type: string enum: [ "ASCII", "HEX", ] description: | The key value can be specified as a string of ASCII characters or as a hexadecimal number [optional:always] algorithm: required: false type: string enum: [ "MD5", "SHA1", "SHA256", "SHA384", "SHA512", "SHA3-224", "SHA3-256", "SHA3-384", "SHA3-512", "AES128", "AES256", ] description: | The algorithm is a name of a cryptographic hash function or cipher which is used to generate and verify the MAC [optional:always] ntpObject: type: object properties: enabled: type: boolean description: Enables or disables the NTP daemon. servers: type: array required: false description: | List of NTP servers. [required:enabled:=:true] items: type: ntpServerObject ntpObjectGet: type: ntpObject properties: id: type: string description: The unique identifier for this NTP server. ntpServerObject: description: "The definition of an NTP server" type: object properties: value: type: string description: "The IPv4/IPv6 address or hostname of an NTP server" key: type: ntpKey required: false description: "The authentication key used to securely access this NTP server." ntpGet: type: object description: NTP configuration settings properties: ntp: type: ntpObjectGet ntpPut: type: object description: NTP configuration settings properties: ntp: type: ntpObject ntpSyncStatus: type: object description: NTP synchronization status properties: ntp_status: type: object properties: status: type: string description: "General status string about the current NTP synchronization state" last_sync_utc: type: string description: "UTC time at which we last synchronized with NTP" sync_server: type: string description: "Identifier of the server we last synchronized to" webuiSessionTimeout: type: object properties: "system_webui_session_timeout": type: object properties: timeout: type: integer cliSessionTimeout: type: object properties: "system_cli_session_timeout": type: object properties: timeout: type: integer sessionTimeout: type: object properties: "system_session_timeout": type: object properties: cli_timeout: type: number description: | The timeout (in minutes) for local console, web terminal, and ssh sessions. Maximum value is 1440. Set this to 0 to disable the timeout. format: float minimum: 0 maximum: 1440 webui_timeout: type: integer description: | The timeout (in minutes) for web UI and REST API sessions. Maximum value is 1440. minimum: 1 maximum: 1440 serial_port_timeout: type: number description: | The timeout (in minutes) for serial port sessions. Maximum value is 1440. required: true format: float minimum: 0 maximum: 1440 serverList: type: array items: type: object description: A single server use for authentication or accounting. properties: hostname: type: string description: "An IP address for the server. Supports IPv4, IPv6 or a name that can be resolved using DNS." port: type: integer description: "Set this to use a non-standard port when connecting to the server." required: false authObj: type: object properties: mode: type: string description: The service to use for authentication of users. enum: [ "local", "radius", "tacacs", "ldap", ] policy: description: | The auth policy determines whether to always check local credentials after a remote authentication failure or to only check the local credentials if the remote authentication server is unreachable. [visible:mode:!=:local] type: string enum: [ "remotedownlocal", "remotelocal", ] # these fields are only valid when mode == radius radiusAuthenticationServers: type: serverList description: | A list of RADIUS servers to use for authentication. [visible:mode:=:radius,required:mode:=:radius] required: false radiusAccountingServers: type: serverList description: | A list of RADIUS servers to use for accounting. [visible:mode:=:radius,required:mode:=:radius] required: false # these fields are only valid when mode == tacacs tacacsMethod: type: string description: | The login method to use with the TACACS server. [visible:mode:=:tacacs] enum: [ "pap", "chap", "login", ] required: false default: pap tacacsService: type: string description: | The service to use with the TACACS server. [visible:mode:=:tacacs] required: false default: raccess tacacsAuthenticationServers: type: serverList description: | A list of TACACS servers to use. [visible:mode:=:tacacs, required:mode:=:tacacs] required: false tacacsAccountingEnabled: type: boolean description: | Enable accounting for TACACS+. Accounting logs are sent to the first active TACACS+ Authentication Server. [visible:mode:=:tacacs, required:mode:=:tacacs] required: false default: true # these fields are only valid when mode == ldap ldapBaseDN: type: string description: | The Base DN to use with the LDAP server. [visible:mode:=:ldap, required:mode:=:ldap] required: false ldapBindDN: type: string description: | The Bind DN to use with the LDAP server. [visible:mode:=:ldap] required: false ldapIgnoreReferrals: type: boolean description: | Should referrals from the LDAP server be ignored? [visible:mode:=:ldap] required: false default: false ldapUsernameAttribute: type: string description: | The attribute that should be used for the user name. [visible:mode:=:ldap, required:mode:=:ldap] ldapGroupMembershipAttribute: type: string description: | The attribute that should be used for the group name. [visible:mode:=:ldap] required: false ldapAuthenticationServers: type: serverList description: | A list of LDAP servers to use. [visible:mode:=:ldap, required:mode:=:ldap] required: false authGet: type: object properties: auth: type: authObj authPut: type: object properties: auth: type: authObj properties: radiusPassword: type: string description: | The password to use when accessing the RADIUS server. [sensitive, visible:mode:=:radius, required:mode:=:radius] required: false tacacsPassword: type: string description: | The password to use when accessing the TACACS server. [sensitive, visible:mode:=:tacacs, required:mode:=:tacacs] required: false ldapBindPassword: type: string description: | The password to use when accessing the LDAP server. [sensitive, visible:mode:=:ldap] required: false localPasswordComplexityObj: type: object properties: local_password_policy: type: object properties: password_expiry_interval_enabled: type: boolean description: | Setting this to true causes passwords to expire after an interval. password_expiry_interval_days: type: integer description: | The number of days after which a password should expire. This only applies if password expiry is enabled. [visible:password_expiry_interval_enabled:=:true] password_complexity_enabled: type: boolean description: | Setting this to true causes password complexity to be enforced. This requires that a password is not exactly the same as the previous password. All local users, including root, are subject to the complexity requirements. password_minimum_length: type: integer description: | Specify the minimum required length for passwords. Cannot be set to less than 6. This only applies if password complexity is enabled. [visible:password_complexity_enabled:=:true] password_must_contain_upper_case: type: boolean description: | Set this to true to require that at least one uppercase character (A-Z) is included in passwords. This only applies if password complexity is enabled. [visible:password_complexity_enabled:=:true] password_must_contain_special: type: boolean description: | Set this to true to require that at least one special character (anything other than A-Z or 0-9) is included in passwords. This only applies if password complexity is enabled. [visible:password_complexity_enabled:=:true] password_must_contain_number: type: boolean description: | Set this to true to require that at least one numeric character (0-9) is included in passwords. This only applies if password complexity is enabled. [visible:password_complexity_enabled:=:true] password_disallow_username: type: boolean description: | Set this to true to check whether the password (with possible modifications) contains the user name in some form. It is not performed for user names shorter than 3 characters. This only applies if password complexity is enabled. [visible:password_complexity_enabled:=:true] httpsGet: type: object properties: https: type: object description: "Properties relating to the current HTTPS certificate" properties: "common_name": type: string description: "Common Name (e.g. server FQDN or YOUR name)" "org_unit": type: string description: "Organizational Unit (eg, division)" "organization": type: string description: "Organization Name (eg, company)" "locality": type: string description: "Locality Name (eg, city)" "state": type: string description: "State or Province Name (full name)" "country": type: string description: "Country Name (2 letter code)" "email": type: string description: "Email Address" "valid_from": type: string description: "The date from which the current HTTPS certificate became valid" "valid_to": type: string description: "The date at which the current HTTPS certificate expires" "cert": type: string description: "The current HTTPS certificate" "key_length": type: integer description: "The length of the current HTTPS private key" "key": type: string description: | The current HTTPS private key [sensitive] "csr": type: object description: "CSR details" properties: "common_name": type: string required: false description: "Common Name (e.g. server FQDN or YOUR name)" "org_unit": type: string required: false description: "Organizational Unit (eg, division)" "organization": type: string required: false description: "Organization Name (eg, company)" "locality": type: string required: false description: "Locality Name (eg, city)" "state": type: string required: false description: "State or Province Name (full name)" "country": type: string required: false description: "Country Name (2 letter code)" "email": type: string required: false description: "Email Address" "key_length": type: integer required: false description: "The length of the private key that will be generated (unless a private key was uploaded)" "csr": type: string required: false description: | This will only be set if there is a pending CSR. Contains the path part of a link to the pending CSR, needs to be combined with the hostname. eg. "https://localhost" (hostname) + "/link" (csr) examples: example1: description: Default certificate, no CSR details. value: { "https": { "common_name": "default", "org_unit": "", "organization": "", "locality": "", "state": "", "country": "US", "email": "", "key_length": 2048, "valid_from": "Oct 26 22:09:02 2022 GMT", "valid_to": "Oct 27 22:09:02 2023 GMT", "cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----", "key": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----", "csr": {}, } } example2: description: Default certificate, pending CSR. value: { "https": { "common_name": "default", "org_unit": "", "organization": "", "locality": "", "state": "", "country": "US", "email": "", "key_length": 2048, "valid_from": "Oct 26 22:09:02 2022 GMT", "valid_to": "Oct 27 22:09:02 2023 GMT", "cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----", "key": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----", "csr": { "common_name": "common", "org_unit": "unit", "organization": "org", "locality": "bne", "state": "qld", "country": "AT", "email": "me@example.com", "key_length": 2048, "csr": "/api/v2.2/...", }, } } example3: description: Default certificate, CSR details but no pending CSR (ie. after pending CSR is deleted). value: { "https": { "common_name": "default", "org_unit": "", "organization": "", "locality": "", "state": "", "country": "US", "email": "", "key_length": 2048, "valid_from": "Oct 26 22:09:02 2022 GMT", "valid_to": "Oct 27 22:09:02 2023 GMT", "cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----", "key": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----", "csr": { "common_name": "common", "org_unit": "unit", "organization": "org", "locality": "bne", "state": "qld", "country": "AT", "email": "me@example.com", "key_length": 2048 }, } } example4: description: After a new certificate has been uploaded. value: { "https": { "common_name": "common", "org_unit": "unit", "organization": "org", "locality": "bne", "state": "qld", "country": "AT", "email": "me@example.com", "key_length": 2048, "valid_from": "Oct 27 23:39:34 2022 GMT", "valid_to": "Oct 27 23:39:34 2023 GMT", "cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----", "key": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----", "csr": { "common_name": "common", "org_unit": "unit", "organization": "org", "locality": "bne", "state": "qld", "country": "AT", "email": "me@example.com", "key_length": 2048 }, } } httpsPut: type: object properties: https: type: object properties: "cert": type: string required: false description: | Set this to apply the CA-signed certificate. Removes the pending CSR. NOTE that csr.csr must also be set to null. [multi-line-string] "key": type: string required: false description: | Setting both cert and key allows replacing the current HTTPS cert. This is useful if a CSR was manually generated, or for config export/import purposes. Does nothing if the certificate matches the current certificate. NOTE that csr.csr must also be set to null. NOTE that this does not work if a CSR has never been generated. [sensitive,multi-line-string] "csr": type: object required: false properties: "csr": type: string | nil description: | Set this to 'new' to create a new CSR. The CSR will need to be fetched separately (URL provided in csr.csr field in the response). Set this to null (or 'delete') to remove the pending CSR. No other values are accepted. "common_name": type: string required: false description: | Common Name (e.g. server FQDN or YOUR name) Required if csr is set to 'new'. [required:csr:=:new] "org_unit": type: string required: false description: | Organizational Unit (eg, division) Required if csr is set to 'new'. [required:csr:=:new] "organization": type: string required: false description: | Organization Name (eg, company) Required if csr is set to 'new'. [required:csr:=:new] "locality": type: string required: false description: | Locality Name (eg, city) Required if csr is set to 'new'. [required:csr:=:new] "state": type: string required: false description: | State or Province Name (full name) Required if csr is set to 'new'. [required:csr:=:new] "country": type: string required: false description: | Country Name (2 letter code) Required if csr is set to 'new'. [required:csr:=:new] enum: [ "AE", "AL", "AM", "AR", "AT", "AU", "AW", "AZ", "BA", "BB", "BD", "BE", "BG", "BH", "BL", "BN", "BO", "BR", "BY", "BZ", "CA", "CH", "CL", "CN", "CO", "CR", "CY", "CZ", "DE", "DK", "DO", "DZ", "EC", "EE", "EG", "ES", "FI", "FR", "GB", "GD", "GE", "GL", "GR", "GT", "GU", "HK", "HN", "HR", "HT", "HU", "ID", "IE", "IL", "IN", "IR", "IS", "IT", "JM", "JO", "JP", "KE", "KH", "KP", "KR", "KW", "KZ", "LB", "LI", "LK", "LT", "LU", "LV", "MA", "MC", "MK", "MO", "MT", "MX", "MY", "NL", "NO", "NP", "NZ", "OM", "PA", "PE", "PG", "PH", "PK", "PL", "PR", "PT", "QA", "RO", "RU", "SA", "SE", "SG", "SI", "SK", "SV", "SY", "TH", "TN", "TR", "TT", "TW", "UA", "US", "UY", "UZ", "VE", "VN", "YE", "ZA", "ZW" ] "email": type: string required: false description: | Email Address Required if csr is set to 'new'. [required:csr:=:new] "key_length": type: integer required: false description: | The length of the generated private key (ignored if private_key is set). This argument is passed to OpenSSL which creates a new RSA key pair. It is recommended to set the key length to at least 2048 bits. Required if csr is set to 'new'. [required:csr:=:new] minimum: 512 maximum: 16384 "challenge_password": type: string required: false description: | The CA may require a challenge password to be set. "private_key": type: string required: false description: | A private key can be provided rather than letting the system generate one. [multi-line-string] csrDownload: type: object properties: csr: type: object properties: csr: type: string getAccessRight: type: object description: > This object describes a specific access right which is a permit granting the holder access to a feature or collection of related features. properties: name: type: string description: Name of the access right. label: type: string description: Suggested text/label to display in place of the name. description: type: string description: A description of the access right. getAccessRights: description: A list of access rights. type: object properties: "access_rights": type: array items: type: getAccessRight getAccessRightSingle: description: A single access right that is retrieved by name. type: object properties: "access_right": type: getAccessRight wireguardPeerItem: type: object description: "This object contains configuration information for a wireguard interface." properties: "endpoint_address": type: string required: false description: | A publicly accessible address (hostname or IP) for a remote peer. [required:endpoint_port:!=:] "endpoint_port": type: integer minimum: 1 maximum: 65535 required: false description: | The port the remote wireguard peer is listening on. [required:endpoint_address:!=:] "public_key": type: string description: "The public key to used to authenticate this wireguard peer." "allowed_ips": type: array description: "The IPv4 network ranges that wireguard can route to this peer." items: type: string description: | The IPv4 network ranges that wireguard can route to this peer. [regexerr:An IPv4 address in a.b.c.d/ format] pattern: ^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?){1}(\/(3[0-2]|2[0-9]|1[0-9]|[0-9])){1}$ "keep_alive": type: integer description: "The persistent keep alive interval in seconds." required: false wireguardItem: type: object description: "This object contains configuration information for a wireguard interface." properties: "name": type: string description: | The name of the wireguard interface. Names must be unique, max 15 characters and only contain letters, numbers, hyphens or underscores. [regexerr:Uppercase and lowercase letters, regexerr:Numbers, regexerr:"_", regexerr:"-"] pattern: '^[a-zA-Z0-9_-]+$' maxLength: 15 required: true "description": type: string description: "A description of the purpose of this wireguard configuration." required: false "enabled": type: boolean "port": type: integer minimum: 1 maximum: 65535 description: | The port the local instance of wireguard will listen on. Valid values are 1 to 65535. required: false "private_key": type: string description: "The private key to use to authenticate the local wireguard interface." "public_key": type: string description: "The public key that corresponds your private key, which wireguard peers will authenticate with." required: false "addresses": type: array description: "The IPv4 CIDR addresses of the local wireguard interface." items: type: string description: | The IPv4 CIDR addresses of the local wireguard interface. [regexerr:An IPv4 address in a.b.c.d/ format] pattern: ^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?){1}(\/(3[0-2]|2[0-9]|1[0-9]|[1-9])){1}$ "mtu": type: integer minimum: 1200 maximum: 1472 default: 1420 description: | The MTU for the local wireguard interface. Valid values are 1200 to 1472. 1420 is default if left unspecified. required: false "table": type: string description: | The routing table for the wireguard routes. Can be a table number, 'off' or 'auto'. [regexerr:'auto', regexerr:'off', regexerr:a routing table number] pattern: ^([0-9]|[1-9][0-9]{1,8}|[1-3][0-9]{9}|4[01][0-9]{8}|42[0-8][0-9]{7}|429[0-3][0-9]{6}|4294[0-8][0-9]{5}|42949[0-5][0-9]{4}|429496[0-6][0-9]{3}|4294967[01][0-9]{2}|42949672[0-8][0-9]|429496729[0-5]|auto|off)$ required: false "pre_down_hooks": type: array description: "The commands to execute before closing a wireguard interface." items: type: string required: false "pre_up_hooks": type: array description: "The commands to execute before starting a wireguard interface." items: type: string required: false "post_down_hooks": type: array description: "The commands to execute after closing a wireguard interface." items: type: string required: false "post_up_hooks": type: array description: "The commands to execute after starting a wireguard interface." items: type: string required: false "peers": type: array description: "The wireguard peers for this wireguard interface." items: type: wireguardPeerItem "managed_by": type: string description: | The user or system responsible for management of this object. If managed_by is set to a non-empty string then client interfaces (like the web ui or config shell) will prevent users from editing this object. Managed_by should be an intelligible string as client interfaces may display it to users. [visible:managed_by:!=::stored] required: false getWireguardList: description: A list of wireguard configurations. type: object properties: "wireguards": type: array items: type: wireguardItem wireguardResponse: description: "A single wireguard configuration" type: object properties: "wireguard": type: wireguardItem putWireguardRequest: description: "A single wireguard configuration" type: object properties: "wireguard": type: wireguardItem ospfConfigurationInterfaceAuthicationKeysItem: type: object description: > This object contains the details for a individual authenication id/key pair. properties: "id": type: string description: The id of the associated key. "key": type: string description: The actual key value. ospfConfigurationInterfaceItem: type: object description: This object contains the details for a individual OSPF interface item. properties: "name": type: string description: > The name of the interface these settings apply to. This should match the name of an interface on the device. "cost": description: > The link cost of the interface used in OSPF route calculations. This is in the range of 1 to 65535. required: false type: integer minimum: 1 maximum: 65535 "hello_interval": type: integer minimum: 1 maximum: 65535 description: > The interval (in seconds) between sending OSPF hello packets over this interface. [required:dead_interval:!=:] required: false "dead_interval": type: integer minimum: 1 maximum: 65535 description: > The interval (in seconds) to elapse after receiving the last OSPF hello packet and declaring the neighbor dead. [required:hello_interval:!=:] required: false "priority": type: integer minimum: 0 maximum: 255 description: > The priority is used to determine which OSPF router should be the designated router (DR) for a OSPF network. The priority can be in the range of 0 to 255. A higher priority will always win the DR election process. required: false "area": description: > A numerical identifier assigned to a specific OSPF area on an interface. The area determines the boundaries and scope of OSPF routing on that interface. Enter in the dotted decimal notation format(a.b.c.d) or a postive integer. [regexerr:An area code in a.b.c.d dotted decimal notation format or a positive integer] pattern: (^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$)|^[0-9]+$|^$ type: string required: false "non_broadcast": type: boolean description: > Whether or not the interface should be marked as non broadcast for OSPF purposes. Enabling this would mean OSPF would not use multicast on this link. "passive": type: boolean description: > Whether or not the interface should be marked as passive for OSPF purposes. Enabling this would mean LSAs are not traded on this link. "auth_method": type: string enum: [ "no_auth", "cleartext", "md5", ] description: > The authentication method to use for communications on this interface. Should be one of 'no_auth', 'cleartext' or 'md5' "auth_keys": type: array description: | The authentication keys for the associated method. [visible:auth_method:in:cleartext|md5,required:auth_method:in:cleartext|md5] items: type: ospfConfigurationInterfaceAuthicationKeysItem ospfConfigurationNeighborItem: type: object description: This object contains the details for a individual adjacent RIP neighbor item. properties: "address": description: > A IPv4 host address of the neighbor. [regexerr:An IPv4 address in a.b.c.d dotted decimal notation format] pattern: ^((25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?){1}$ type: string ospfConfigurationNetworkItem: type: object description: This object contains the details for a individual OSPF network item. properties: "address_with_mask": type: string pattern: ^([0-9]{1,3}\.){3}[0-9]{1,3}\/([1-9]|[1-2][0-9]|3[0-2])$ description: | An IPv4 network address with CIDR subnet mask to enable OSPF for. No host bits should be set. [regexerr:An IPv4 address in a.b.c.d/ format] "area": description: > A numerical identifier assigned to a specific OSPF area within a network. The area determines the boundaries and scope of OSPF routing. Enter in the dotted decimal notation format(a.b.c.d) or a postive integer. [regexerr:An area code in a.b.c.d dotted decimal notation format or a positive integer] pattern: (^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$)|^[0-9]+$|^$ type: string required: false resourceTypes: base-type: get?: securedBy: [ token ] headers: Authorization: displayName: Authorization example: Token {{sessionUid}} responses: 400: body: application/json: type: error 401: description: Authentication failure body: application/json: type: error examples: example1: value: { "error": [ { type: 7, "code": 42, "level": 1, "text": "Invalid session ID", "args": {} } ] } example2: value: { "error": [ { type: 7, "code": 46, "level": 1, "text": "Permission denied", "args": {} } ] } post?: securedBy: [ token ] headers: Authorization: displayName: Authorization example: Token {{sessionUid}} responses: 400: body: application/json: type: error 401: description: Authentication failure body: application/json: type: error example: { "error": [ { type: 7, "code": 42, "level": 1, "text": "Invalid session ID", "args": {} } ] } put?: securedBy: [ token ] headers: Authorization: displayName: Authorization example: Token {{sessionUid}} responses: 400: body: application/json: type: error 401: description: Authentication failure body: application/json: type: error example: { "error": [ { type: 7, "code": 42, "level": 1, "text": "Invalid session ID", "args": {} } ] } 404: description: Not found body: application/json: type: error 500: description: Internal error body: application/json: type: error delete?: securedBy: [ token ] headers: Authorization: displayName: Authorization example: Token {{sessionUid}} responses: 400: description: Incomplete data body: application/json: type: error 401: description: Authentication failure body: application/json: type: error example: { "error": [ { type: 7, "code": 42, "level": 1, "text": "Invalid session ID", "args": {} } ] } patch?: securedBy: [ token ] headers: Authorization: displayName: Authorization example: Token {{sessionUid}} responses: 400: body: application/json: type: error 401: description: Authentication failure body: application/json: type: error example: { "error": [ { type: 7, "code": 42, "level": 1, "text": "Invalid session ID", "args": {} } ] } /sessions: description: > The sessions endpoint is used to authenticate the user and create a session token for accessing all other NetOps Console Server endpoints. # Auth.session_create post: displayName: createSession description: Create a new authenticated session. body: application/json: type: credentials examples: example1: {"username":"root","password":"OGTest1"} example2: {"username":"root","password":"OGTest1","new_password":"abcdefg","confirm_password":"abcdefg"} responses: 400: description: Failed to initiate session creation due to error in post body. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'username' was not provided in the request", "args": { "param": "username" }, "level": 1 }, { type: 4, "code": 40, "text": "Required field 'password' was not provided in the request", "args": { "param": "password" }, "level": 1 } ] } 401: body: application/json: examples: example1: description: Authentication failed due to invalid credentials or session. value: { "error": [ { type: 7, "code": 42, "text": "Invalid login credentials", "args": {}, "level": 1 } ] } example2: description: Authentication failed due to expired credentials. value: { "error": [ { type: 7, "code": 113, "text": "You are required to change your password immediately", "args": {}, "level": 1 } ] } example3: description: Warning that you have HTTPS protection enabled for Brute Force Protection and you may be banned. value: { "error": [ { type: 7, "code": 42, "text": "Invalid login credentials", "args": {}, "level": 1 }, { type: 7, "code": 333, "text": "3 incorrect login attempts in 1 minute(s) will result in a ban of 60 seconds", "args": {}, "level": 1 } ] } 303: description: Redirect to new authentication session body: application/json: example: { "sid": "71dcba707b6c177644ede1b224f69096", "message": "Redirecting to new session at {redirect-url}" } 200: body: application/json: type: getSessionResponse example: { "state": "authenticated", "session": "71dcba707b6c177644ede1b224f69096", "user": "root" } /self: type: base-type # Auth.session_get get: displayName: getSession description: > Retrieve the state of an authentication session. responses: 200: description: Session exists body: application/json: type: getSessionResponse example: { "state": "authenticated", "session": "71dcba707b6c177644ede1b224f69096", "user": "root" } 404: description: Session does not exist # Auth.session_apply_response put: body: application/json: type: responseToSessionChallenge displayName: responseToSessionChallenge description: Apply a challenge response to a session responses: 200: description: Response applied. Next challenge in {challenge} if required. body: application/json: type: responseToSessionChallenge 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 403: description: Authentication failed. No more attempts allowed. 404: description: Authentication failed. # Auth.session_delete delete: displayName: deleteSession description: Log out of and delete a session responses: 200: description: Session deleted body: application/json: type: deleteSessionResponse 404: description: Session did not exist /ports: type: base-type description: > Configuring and viewing ports information [no_sorting_required] get: displayName: getPorts description: > Gets ports attached to the NetOps Console Server appliance. responses: 200: description: The array of ports, either a full array or as requested by parameters body: application/json: type: getPortList example: { "ports": [ { "parity": "none", "label": "Port-1", "id": "ports-1", "escape_char": "~", "control_code": null, "stopbits": "1", "status": "ok", "portnum": 1, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": null, "pdu_outlets": null, "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "localConsole", "logging_level": "disabled", "databits": "8", "single_session": false, "raw_tcp": false, "terminal_emulation": "linux", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port01', "name": 'port01' }, { "parity": "none", "label": "Port-2", "id": "ports-2", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "portnum": 2, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "single_session": false, "raw_tcp": false, "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port02', "name": 'port02' }, { "parity": "none", "label": "Port-3", "id": "ports-3", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "portnum": 3, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [ { "id": "ipalias-1", "port": "serial/by-opengear-id/port03", "ipaddress": "192.168.33.11/24", "interface": "net1", } ], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "single_session": false, "raw_tcp": false, "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port03', "name": 'port03' }, { "parity": "none", "label": "Port-4", "id": "ports-4", "escape_char" : "~", "control_code": null, "stopbits": "1", "status": "ok", "portnum": 4, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": null, "pdu_outlets": null, "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "localConsole", "logging_level": "disabled", "databits": "8", "single_session": false, "raw_tcp": false, "terminal_emulation": "vt220", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port04', "name": 'port04' }, { "parity": "none", "label": "Port-5", "id": "ports-5", "escape_char" : "~", "control_code": null, "stopbits": "1", "status": "ok", "portnum": 5, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": null, "pdu_outlets": null, "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "disabled", "logging_level": "disabled", "databits": "8", "single_session": false, "raw_tcp": false, "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port05', "name": 'port05' }, { "parity": "none", "label": "Port-6", "id": "ports-6", "escape_char" : "~", "control_code": null, "stopbits": "1", "status": "ok", "portnum": 6, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": null, "pdu_outlets": null, "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "pduDevice", "logging_level": "disabled", "databits": "8", "single_session": false, "raw_tcp": false, "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port06', "name": 'por06' }, { "parity": "none", "label": "Port-7", "id": "ports-7", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "portnum": 7, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "pdu_outlets": [ { "id": "ports-7_pdus_outlets-1", "outlet_name": "Test-PDU-Outlet-1", "outlet_number": 1, "outlet_on": false, "pdu_id": "pdus-1", "pdu_location": "Port 6", "pdu_name": "Test-PDU", "status": "unreachable", }, { "id": "ports-7_pdus_outlets-2", "outlet_name": "Test-PDU-Outlet-2", "outlet_number": 2, "outlet_on": true, "pdu_id": "pdus-1", "pdu_location": "Port 6", "pdu_name": "Test-PDU", "status": "on", } ], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "single_session": false, "raw_tcp": false, "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port07', "name": 'port07' }, { "parity": "none", "label": "Port-8", "id": "ports-8", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "portnum": 8, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "single_session": false, "raw_tcp": false, "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port08', "name": 'port08' }, { "parity": "none", "label": "Port-9", "id": "ports-9", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "portnum": 9, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "single_session": false, "raw_tcp": false, "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port09', "name": 'port09' }, { "parity": "none", "label": "USB A", "id": "USB-A", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "disconnected", "portnum": 10, "pinout": "USB", "available_pinouts": ["USB"], "ip_alias": [], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "single_session": false, "raw_tcp": false, "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/USB-A', "name": 'USB-A' } ] } 400: description: Invalid request body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {} } ] } 404: description: Invalid request, Incomplete data, Port not found, Failure during retrieval of ports body: application/json: type: error 500: description: Failed to read ports. body: application/json: type: error put: displayName: putPorts description: > Update properties for all ports attached to the NetOps Console Server appliance. body: application/json: type: putPortList example: { "ports": [ { "parity": "none", "label": "Port-1", "escape_char": "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [ { "ipaddress": "192.168.33.201/24", "interface": "net1", } ], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", }, { "parity": "none", "label": "Port-2", "escape_char" : "~", "stopbits": "1", "pinout": "X2", "baudrate": "9600", "mode": "localConsole", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": true, }, { "parity": "none", "label": "Port-3", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [ { "ipaddress": "192.168.33.11/24", "interface": "net1", } ], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", }, { "parity": "none", "label": "Port-4", "escape_char" : "~", "stopbits": "1", "pinout": "X2", "baudrate": "9600", "mode": "localConsole", "logging_level": "disabled", "databits": "8", "terminal_emulation": "vt220", "kernel_debug": false, }, { "parity": "none", "label": "Port-5", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", }, { "parity": "none", "label": "Port-6", "escape_char" : "~", "stopbits": "1", "pinout": "X2", "baudrate": "9600", "mode": "disabled", "logging_level": "disabled", "databits": "8", }, { "parity": "none", "label": "Port-7", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", }, { "parity": "none", "label": "Port-8", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", }, { "parity": "none", "label": "Port-9", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "X2", "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", }, { "parity": "none", "label": "USB A", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "pinout": "USB", "ip_alias": [], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", } ] } responses: 200: description: The array of ports, either a full array or as requested by parameters body: application/json: type: getPortList example: { "ports": [ { "parity": "none", "label": "Port-1", "id": "ports-1", "escape_char": "", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "portnum": 1, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [ { "id": "ipalias-1", "port": "serial/by-opengear-id/port01", "ipaddress": "192.168.33.201/24", "interface": "net1", } ], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port01', "name": 'port01' }, { "parity": "none", "label": "Port-2", "id": "ports-2", "escape_char" : "~", "control_code": null, "stopbits": "1", "status": "ok", "portnum": 2, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": null, "pdu_outlets": null, "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "localConsole", "logging_level": "disabled", "databits": "8", "terminal_emulation": "linux", "kernel_debug": true, "sessions": [], "device": 'serial/by-opengear-id/port02', "name": 'port02' }, { "parity": "none", "label": "Port-3", "id": "ports-3", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "portnum": 3, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [ { "id": "ipalias-1", "port": "serial/by-opengear-id/port03", "ipaddress": "192.168.33.11/24", "interface": "net1", } ], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port03', "name": 'port03' }, { "parity": "none", "label": "Port-4", "id": "ports-4", "escape_char" : "~", "control_code": null, "stopbits": "1", "status": "ok", "portnum": 4, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": null, "pdu_outlets": null, "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "localConsole", "logging_level": "disabled", "databits": "8", "terminal_emulation": "vt220", "kernel_debug": false, "sessions": [], "device": 'serial/by-opengear-id/port04', "name": 'port04' }, { "parity": "none", "label": "Port-5", "id": "ports-5", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "portnum": 5, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port05', "name": 'port05' }, { "parity": "none", "label": "Port-6", "id": "ports-6", "escape_char" : "~", "control_code": null, "stopbits": "1", "status": "ok", "portnum": 6, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": null, "pdu_outlets": null, "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "disabled", "logging_level": "disabled", "databits": "8", "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port06', "name": 'port06' }, { "parity": "none", "label": "Port-7", "id": "ports-7", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "portnum": 7, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port07', "name": 'port07' }, { "parity": "none", "label": "Port-8", "id": "ports-8", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "portnum": 8, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port08', "name": 'port08' }, { "parity": "none", "label": "Port-9", "id": "ports-9", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "portnum": 9, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port09', "name": 'port09' }, { "parity": "none", "label": "USB A", "id": "USB-A", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "disconnected", "portnum": 10, "pinout": "USB", "available_pinouts": ["USB"], "ip_alias": [], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/USB-A', "name": 'USB-A' } ] } 400: description: Invalid request body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {} } ] } 404: description: Invalid request, Incomplete data, Port not found, Failure during retrieval of ports body: application/json: type: error 500: description: Failed to read ports. body: application/json: type: error /{id}: type: base-type description: > Viewing and deleting of any active session on a specific port. get: description: Retrieve a single port by ID. responses: 200: description: Port has been updated. body: application/json: type: getPortType example: { "port": { "parity": "none", "label": "Port-1", "id": "ports-1", "escape_char" : "~", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "portnum": 1, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [ { "id": "ipalias-1", "port": "serial/by-opengear-id/port01", "ipaddress": "192.168.33.201/24", "interface": "net1", }, { "id": "ipalias-2", "port": "serial/by-opengear-id/port01", "ipaddress": "192.168.33.9/24", "interface": "net1", } ], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port01', "name": 'port01' } } put: description: Set the properties for a single port. body: application/json: type: putPortType example: { "port": { "parity": "none", "label": "Port-1", "stopbits": "1", "pinout": "X2", "ip_alias": [ { "ipaddress": "192.168.33.201/24", "interface": "net1", }, { "ipaddress": "192.168.33.9/24", "interface": "net1", } ], "baudrate": "9600", "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "escape_char": "!", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, } } responses: 200: description: Port has been updated. body: application/json: type: getPortType example: { "port": { "parity": "none", "label": "Port-1", "id": "ports-1", "escape_char": "!", "control_code": { "break": "b", "portlog": "l", "power": "p", "chooser": "c", "quit": "q", "pmhelp": "h", }, "stopbits": "1", "status": "ok", "portnum": 1, "pinout": "X2", "available_pinouts": ["X2", "X1"], "ip_alias": [ { "id": "ipalias-1", "port": "serial/by-opengear-id/port01", "ipaddress": "192.168.33.201/24", "interface": "net1", }, { "id": "ipalias-2", "port": "serial/by-opengear-id/port01", "ipaddress": "192.168.33.9/24", "interface": "net1", } ], "pdu_outlets": [], "baudrate": "9600", "available_baudrates": ["9600", "115200"], "mode": "consoleServer", "logging_level": "disabled", "databits": "8", "terminal_emulation": null, "kernel_debug": null, "sessions": [], "device": 'serial/by-opengear-id/port01', "name": 'port01' } } /sessions: type: base-type get: description: Retrieve all active sessions on this port. responses: 200: body: application/json: type: getPortSessionList example: { "port_sessions": [ { "username": "alice", "client_pid": 123 } ] } 404: description: Port does not exist. delete: description: > Disconnect active sessions on this port. Use query parameters to select a subset of sessions for disconnection. If no query parameters are given, all sessions on this port will be disconnected. queryParameters: username: description: Only disconnect active sessions belonging to this user. type: string required: false responses: 200: description: > Request succeeded. Note that if there were no active sessions to be disconnected, the request is nevertheless successful. Check the 'disconnected_session_count' field of the response body to determine how many sessions were disconnected. body: application/json: type: deleteMultiplePortSessionsResponse example: { "disconnected_session_count": 1 } 404: description: Port does not exist. /{pid}: type: base-type get: description: Retrieve an active session on this port. responses: 200: body: application/json: type: getPortSessionType example: { "port_session": { "username": "alice", "client_pid": 123 } } 404: description: > Port does not exist, or active session with the given pid does not exist. delete: description: Disconnect the session. responses: 204: description: Request succeeded. 404: description: > Port does not exist, or active session with the given pid does not exist. /power: type: base-type put: description: Control power for a console device. body: application/json: type: putPortPowerAction example: { "cmd": { "action": "cycle", } } responses: 200: description: Power command executed. body: application/json: type: putPortPowerActionResponse example: { "cmd": "/usr/bin/ogpowergroup 'port16' cycle" } 400: description: Power command failed. body: application/json: type: error example: { "error": [ { type: 2, "code": 307, "level": 1, "text": "ogpower failed running command '/usr/bin/ogpowergroup 'port02' cycle'", "args": {} } ] } /reset_counters: type: base-type post: description: > Reset the tx/rx counters for a particular serial port. responses: 200: description: > The counter reset was successfully performed. body: application/json: type: postPortCountersResetResponse example: { "reset_port": { "port_id": "ports-1", "tx": 0, "rx": 0 } } 400: description: Resetting tx/rx data counters for serial port failed. body: application/json: type: error example: { "error": [ { type: 2, "code": 307, "level": 1, "text": "The device encountered an issue while attempting to reset TX/RX data counters on port 16", "args": {} } ] } /auto_discover: type: base-type description: > Manage Port Auto-Discovery post: description: > Trigger the port Auto-Discovery process displayName: trigger port discovery body: application/json: type: portAutoDiscoveryParameters examples: example1: description: Run Port Auto-Discover on all available ports value: { "auto_discover": { "ports": null } } example2: description: Run Port Auto-Discover on all available ports value: { "auto_discover": { "ports": [] } } example3: description: Run Auto-Disover on ports 1, 10, 33, and 42 value: { "auto_discover": { "ports": [1, 10, 33, 42] } } responses: 200: description: Port Auto-Discovery was triggered body: application/json: type: portAutoDiscoveryParameters delete: description: > Cancel an Auto-Discovery job displayName: stop port discovery responses: 202: description: Accepted. Request sent for the job to stop. 204: description: No Content. Auto-Discovery job is stopped. get: description: > Get Port Auto-Discovery state displayName: get port auto discovery state responses: 200: description: The Port Auto-Discovery script state body: application/json: type: portAutoDiscoveryState example: { "auto_discover": { "status": "running" } } /schedule: type: base-type description: > Manage Port Auto-Discovery Scheduling put: description: > Schedule the Port Auto-Discovery process displayName: schedule port discovery body: application/json: type: portAutoDiscoverySchedule examples: example1: description: Schedule Port Auto-Discover for selected ports on daily basis value: { "auto_discover_schedule": { "enabled": true, "period": "daily", "hour": 2, "minute": 30, "ports": [11, 33, 4 ,20] } } example2: description: Schedule Port Auto-Discover for selected ports on weekly basis value: { "auto_discover_schedule": { "enabled": true, "period": "weekly", "day_of_week": 4, "hour": 2, "minute": 30, "ports": [11, 33, 4 ,20] } } responses: 200: description: Port Auto-Discovery was scheduled body: application/json: type: portAutoDiscoverySchedule get: description: > Get the Port Auto-Discovery schedule displayName: get port auto discovery scheduling responses: 200: description: The Port Auto-Discovery scheduling information body: application/json: type: portAutoDiscoverySchedule example: { "auto_discover_schedule": { "enabled": true, "period": "daily", "hour": 2, "minute": 30, "ports": [1, 10, 33, 42] } } /current_log: type: base-type description: > Get auto_discovery logs. get: description: > Get auto_discovery logs. responses: 200: body: application/json: type: portAutoDiscoveryLogList example: { "auto_discover_log": { "no_of_log_lines": 35, "log_lines": [ "2022-09-24T16:46:49.406058+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-24T16:46:49.406058+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-24T16:47:35.582573+00:00 localhost port_discovery[port3] No device discovered", "2022-09-24T16:47:35.585981+00:00 localhost port_discovery[main] Starting discovery with 19200 baud and X2 pinout", "2022-09-24T16:47:39.517707+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-24T16:47:39.518306+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-24T16:48:25.682977+00:00 localhost port_discovery[port3] No device discovered", "2022-09-24T16:48:25.685997+00:00 localhost port_discovery[main] Starting discovery with 57600 baud and X2 pinout", "2022-09-24T16:48:29.433400+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-24T16:48:29.434052+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-24T16:49:15.608420+00:00 localhost port_discovery[port3] No device discovered", "2022-09-24T16:49:18.500765+00:00 localhost port_discovery[main] Done", "2022-09-25T16:45:08.168877+00:00 localhost port_discovery[main] Starting discovery with 9600 baud and X2 pinout on preconfigured port 3", "2022-09-25T16:45:09.634127+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-25T16:45:09.634750+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-25T16:45:55.817628+00:00 localhost port_discovery[port3] No device discovered", "2022-09-25T16:45:55.818848+00:00 localhost port_discovery[main] Starting discovery with 9600 baud and X2 pinout", "2022-09-25T16:45:57.399608+00:00 localhost port_discovery[main] Skipping duplicate test: port 3, baud 9600, pinout X2", "2022-09-25T16:45:57.400335+00:00 localhost port_discovery[main] Starting discovery with 115200 baud and X2 pinout", "2022-09-25T16:46:01.288232+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-25T16:46:01.289081+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-25T16:46:47.465976+00:00 localhost port_discovery[port3] No device discovered", "2022-09-25T16:46:47.469899+00:00 localhost port_discovery[main] Starting discovery with 38400 baud and X2 pinout", "2022-09-25T16:46:51.276526+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-25T16:46:51.276526+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-25T16:47:37.443170+00:00 localhost port_discovery[port3] No device discovered", "2022-09-25T16:47:37.446873+00:00 localhost port_discovery[main] Starting discovery with 19200 baud and X2 pinout", "2022-09-25T16:47:41.255224+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-25T16:47:41.255845+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-25T16:48:27.426588+00:00 localhost port_discovery[port3] No device discovered", "2022-09-25T16:48:27.429800+00:00 localhost port_discovery[main] Starting discovery with 57600 baud and X2 pinout", "2022-09-25T16:48:31.242395+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-25T16:48:31.242826+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-25T16:49:17.413508+00:00 localhost port_discovery[port3] No device discovered", "2022-09-25T16:49:20.253166+00:00 localhost port_discovery[main] Done" ] } } 400: body: application/json: type: error example: { "error": [ { "type": 4, "code": 49, "level": 1, "args": { "param": "logLines" }, "text": "Invalid parameter 'logLines' was provided" } ] } /last_run_log: type: base-type description: > Get logs for the last auto_discovery run. get: description: > Get logs for the last auto_discovery run. responses: 200: body: application/json: type: portAutoDiscoveryLastRunLogList example: { "auto_discover_last_run_log": { "no_of_log_lines": 35, "log_lines": [ "2022-09-24T16:46:49.406058+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-24T16:46:49.406058+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-24T16:47:35.582573+00:00 localhost port_discovery[port3] No device discovered", "2022-09-24T16:47:35.585981+00:00 localhost port_discovery[main] Starting discovery with 19200 baud and X2 pinout", "2022-09-24T16:47:39.517707+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-24T16:47:39.518306+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-24T16:48:25.682977+00:00 localhost port_discovery[port3] No device discovered", "2022-09-24T16:48:25.685997+00:00 localhost port_discovery[main] Starting discovery with 57600 baud and X2 pinout", "2022-09-24T16:48:29.433400+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-24T16:48:29.434052+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-24T16:49:15.608420+00:00 localhost port_discovery[port3] No device discovered", "2022-09-24T16:49:18.500765+00:00 localhost port_discovery[main] Done", "2022-09-25T16:45:08.168877+00:00 localhost port_discovery[main] Starting discovery with 9600 baud and X2 pinout on preconfigured port 3", "2022-09-25T16:45:09.634127+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-25T16:45:09.634750+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-25T16:45:55.817628+00:00 localhost port_discovery[port3] No device discovered", "2022-09-25T16:45:55.818848+00:00 localhost port_discovery[main] Starting discovery with 9600 baud and X2 pinout", "2022-09-25T16:45:57.399608+00:00 localhost port_discovery[main] Skipping duplicate test: port 3, baud 9600, pinout X2", "2022-09-25T16:45:57.400335+00:00 localhost port_discovery[main] Starting discovery with 115200 baud and X2 pinout", "2022-09-25T16:46:01.288232+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-25T16:46:01.289081+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-25T16:46:47.465976+00:00 localhost port_discovery[port3] No device discovered", "2022-09-25T16:46:47.469899+00:00 localhost port_discovery[main] Starting discovery with 38400 baud and X2 pinout", "2022-09-25T16:46:51.276526+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-25T16:46:51.276526+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-25T16:47:37.443170+00:00 localhost port_discovery[port3] No device discovered", "2022-09-25T16:47:37.446873+00:00 localhost port_discovery[main] Starting discovery with 19200 baud and X2 pinout", "2022-09-25T16:47:41.255224+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-25T16:47:41.255845+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-25T16:48:27.426588+00:00 localhost port_discovery[port3] No device discovered", "2022-09-25T16:48:27.429800+00:00 localhost port_discovery[main] Starting discovery with 57600 baud and X2 pinout", "2022-09-25T16:48:31.242395+00:00 localhost port_discovery[port3] Discovery starting", "2022-09-25T16:48:31.242826+00:00 localhost port_discovery[port3] Checking port readiness", "2022-09-25T16:49:17.413508+00:00 localhost port_discovery[port3] No device discovered", "2022-09-25T16:49:20.253166+00:00 localhost port_discovery[main] Done" ] } } 400: body: application/json: type: error example: { "error": [ { "type": 4, "code": 49, "level": 1, "args": { "param": "logLines" }, "text": "Invalid parameter 'logLines' was provided" } ] } /ports_status: type: base-type description: > Provides information about the serial pin status and Tx & Rx counters for each of this device's serial ports [no_sorting_required] get: displayName: get ports_status description: > Gets the list of active pin status for all serial port signals and the Tx and RX byte counters. responses: 200: description: An object containing an array of ports with their corresponding signal values body: application/json: type: getPortStatusList example: { "port_status": [ { "id" : "ports-1", "label" : "port01", "status" : "ok", "rts" : true, "cts" : true, "dtr" : true, "dsr" : true, "dcd" : true, "tx" : 0, "rx" : 0 }, { "id" : "ports-2", "label" : "port02", "status" : "disconnected", "rts" : true, "cts" : false, "dtr" : true, "dsr" : false, "dcd" : false, "tx" : 0, "rx" : 0 }, ] } 400: description: Invalid request body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } 500: description: Error encountered while attempting to obtain ports status body: application/json: type: error /{id}: type: base-type description: > Provides information about the serial pin status and Tx & Rx counters for each of this device's serial ports get: displayName: get ports_status description: > Gets the list of active pin status for all serial port signals and the Tx and RX byte counters. responses: 200: description: An object containing an array of ports with their corresponding signal values body: application/json: type: getPortStatus example: { "port_status": { "id" : "ports-1", "label" : "port01", "status" : "ok", "rts" : true, "cts" : true, "dtr" : true, "dsr" : true, "dcd" : true, "tx" : 0, "rx" : 0 } } 400: description: Invalid request body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } 500: description: Error encountered while attempting to obtain ports status body: application/json: type: error /managementports: type: base-type description: > Used for working with local management console information. get: displayName: get managementports description: > Gets the local management console ports attached to the NetOps Console Server appliance. responses: 200: description: The array of management ports, either a full array or as requested by parameters body: application/json: type: getMgmtPortByIdResponseList example: { "managementports": [ { "id" : "mgmtPorts-1", "device" : "ttyS0", "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "available_bauds": ["9600", "115200"], "databits" :"8", "parity" : "none", "stopbits" : "1" }, { "id" : "mgmtPorts-2", "device" : "ttyS1", "enabled" : true, "kerneldebug" : true, "termemulation" : "vt100", "baud" : "115200", "available_bauds": ["9600", "115200"], "databits" :"8", "parity" : "none", "stopbits" : "1" }, ], "meta": {} } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } 404: description: Invalid request, Incomplete data, management port not found, Failure during retrieval of management ports body: application/json: type: error 500: description: Failed to read management ports. body: application/json: type: error put: description: Set the properties for local management console ports. body: application/json: type: putMgmtPortList example: { "managementports": [ { "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "databits" :"8", "parity" : "none", "stopbits" : "1" }, { "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "databits" :"8", "parity" : "none", "stopbits" : "1" }, ] } responses: 200: description: Management Ports have been updated. body: application/json: type: getMgmtPortByIdResponseList example: { "managementports": [ { "id" : "mgmtPorts-1", "device" : "ttyS0", "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "available_bauds": ["9600", "115200"], "databits" : "8", "parity" : "none", "stopbits" : "1" }, { "id" : "mgmtPorts-2", "device" : "ttyS1", "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "available_bauds": ["9600", "115200"], "databits" : "8", "parity" : "none", "stopbits" : "1" } ], "meta": {} } /{id}: type: base-type description: > Used for working with a specific management port. get: description: Retrieve a single local management console port by ID. responses: 200: description: management port has been updated. body: application/json: type: getMgmtPortByIdResponse example: { "managementport": { "id" : "mgmtPorts-1", "device" : "ttyS0", "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "available_bauds": ["9600", "115200"], "databits" : "8", "parity" : "none", "stopbits" : "1" } } put: description: Set properties for a single local management console port. body: application/json: type: putMgmtPortById example: { "managementport": { "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "databits" :"8", "parity" : "none", "stopbits" : "1" } } responses: 200: description: Management Port has been updated. body: application/json: type: getMgmtPortByIdResponse example: { "managementport": { "id" : "mgmtPorts-1", "device" : "ttyS0", "enabled" : true, "kerneldebug" : false, "termemulation" : "vt100", "baud" : "115200", "available_bauds": ["9600", "115200"], "databits" : "8", "parity" : "none", "stopbits" : "1" } } /logs: description: > Used for working with the logs on the system. /syslog: type: base-type get: description: Fetch last n log lines in syslog. queryParameters: logLines: description: The number of lines to fetch - max 1000, min 10. type: integer required: false default: 100 responses: 200: description: Returns the last n lines in the syslog body: application/json: type: getSyslogLinesResponse example: { "syslog": { "id": "3fe0c4281c994a34225db3224b0cf4b4", "log_lines": [ "2018-04-23T16:49:35.285554+00:00 qemux86-64 sshd[20111]: Disconnected from 192.168.33.101", "2018-04-23T16:49:35.285625+00:00 qemux86-64 sshd[20111]: pam_unix(sshd:session): session closed for user root", "2018-04-23T16:49:35.379184+00:00 qemux86-64 sshd[20139]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.33.101 user=root", "2018-04-23T16:49:37.937315+00:00 qemux86-64 sshd[20139]: Accepted publickey for root from 192.168.33.101 port 57058 ssh2: RSA SHA256:6ED9MiX/6QXhSLN5g25V4T0okuO9o0aQl0ONT9BCxKE", "2018-04-23T16:49:37.938147+00:00 qemux86-64 sshd[20139]: pam_unix(sshd:session): session opened for user root by (uid=0)", "2018-04-23T16:49:43.308764+00:00 qemux86-64 sshd[20139]: Received disconnect from 192.168.33.101: 11: disconnected by user", "2018-04-23T16:49:43.308798+00:00 qemux86-64 sshd[20139]: Disconnected from 192.168.33.101", "2018-04-23T16:49:43.308887+00:00 qemux86-64 sshd[20139]: pam_unix(sshd:session): session closed for user root", "2018-04-23T17:20:51.938418+00:00 qemux86-64 udhcpc[1660]: Sending renew...", "2018-04-23T17:20:51.941182+00:00 qemux86-64 udhcpc[1660]: Lease of 192.168.33.207 obtained, lease time 7200" ], "no_of_log_lines": 10 } } /portlog: /{id}: type: base-type get: description: Fetch last n log lines in portlog. queryParameters: logLines: description: The number of lines to fetch - max 1000, min 10. type: integer required: false maximum: 1000 minimum: 10 default: 100 responses: 200: description: Returns the last n lines in the portlog body: application/json: type: getPortLogLinesResponse example: { "portlog": { "id": "portlogports-1771bed6129488a69764d064ed7e6086d", "log_lines": [ "2018-04-19T21:59:42.475157+00:00 TXDATA ", "2018-04-19T21:59:43.720286+00:00 TXDATA ^C", "2018-04-19T21:59:44.004623+00:00 TXDATA ^C", "2018-04-19T21:59:49.053138+00:00 TXDATA ^C", "2018-04-19T21:59:49.739765+00:00 TXDATA ^C", "2018-04-19T21:59:50.349753+00:00 LOGOUT root", "2018-04-19T21:59:50.373627+00:00 RXDATA ", "2018-04-19T21:59:50.402295+00:00 RXDATA asdfasdf", "2018-04-19T22:00:18.216623+00:00 LOGIN root", "2018-04-19T22:00:21.386050+00:00 TXDATA rootrootakjdfaksjdf", "2018-04-19T22:00:25.145561+00:00 TXDATA rootrootakjdfaksjdfkjasdkjfakdjf", "2018-04-19T22:00:26.473879+00:00 TXDATA rootrootakjdfaksjdfkjasdkjfakdjf ", "2018-04-19T22:00:42.660939+00:00 TXDATA rootrootakjdfaksjdfkjasdkjfakdjf ^C", "2018-04-19T22:00:45.472921+00:00 TXDATA rootrootakjdfaksjdfkjasdkjfakdjf ^C~", "2018-04-19T22:00:46.456493+00:00 TXDATA rootrootakjdfaksjdfkjasdkjfakdjf ^C~.", "2018-04-19T22:00:46.887685+00:00 TXDATA rootrootakjdfaksjdfkjasdkjfakdjf ^C~.", "2018-04-19T22:00:47.057797+00:00 TXDATA ", "2018-04-19T22:00:47.236891+00:00 TXDATA ", "2018-04-19T22:00:47.413115+00:00 TXDATA ", "2018-04-19T22:00:48.328447+00:00 LOGOUT root" ], "no_of_log_lines": 20 } } /portlog_settings: type: base-type description: > logs/portlog_settings endpoint is to check and update port log settings. get: description: Retrieve the current settings. responses: 200: description: > Returns the current failover settings.
body: application/json: type: portlogSettings example: { "portlog_settings": { "facility": "daemon", "severity": "info" } } put: description: Set the port log settings. body: application/json: type: portlogSettings example: { "portlog_settings": { "facility": "cron", "severity": "critical" } } responses: 200: description: Returns the current failover settings. body: application/json: type: portlogSettings example: { "portlog_settings": { "facility": "cron", "severity": "critical" } } /pots_modems: get: description: Query the configuration of POTS modems available on the system responses: 200: description: The configuration of the POTS modems on this system body: application/json: type: potsModemList example: { "pots_modems": [ { "id" : "pots-modems-1", "device" : "ttyUSB0", "baud" : "115200", "mode" : "disabled", "command_sequence" : "", "runtime_status": { "status": "connected", } } ] } put: description: Configure the POTS modems available on the system body: application/json: type: potsModemPutList example: { "pots_modems": [ { "device" : "ttyUSB0", "baud" : "115200", "mode" : "disabled" } ] } responses: 200: description: The configuration of the POTS modems on this system body: application/json: type: potsModemList example: { "pots_modems": [ { "id" : "pots-modems-1", "device" : "ttyUSB0", "baud" : "115200", "mode" : "disabled", "command_sequence" : "", "runtime_status": { "status": "listening", } } ] } /{id}: get: description: request POTS modem settings responses: 200: description: Return a specific pots modem configuration body: application/json: type: potsModem example: { "pots_modem": { "id" : "pots-modems-1", "device" : "ttyUSB0", "baud" : "115200", "mode" : "dialin", "command_sequence" : "AT!GSTATUS?", "runtime_status": { "status": "listening", } } } put: description: Defines POTS modem settings body: application/json: type: potsModemPut example: { "pots_modem": { "device" : "ttyUSB0", "baud" : "115200", "mode" : "dialin", "command_sequence" : "AT!GSTATUS?" } } responses: 200: description: POTS modem configuration data body: application/json: type: potsModem example: { "pots_modem" : { "id" : "pots-modems-1", "device" : "ttyUSB0", "baud" : "115200", "mode" : "dialin", "command_sequence" : "AT!GSTATUS?", "runtime_status": { "status": "listening", } } } 400: description: Invalid request body: application/json: type: error example: error: - type: 4 code: 40 text: "Required field 'pots_modem.mode' was not provided in the request" args: param: pots_modem.mode level: 1 404: description: Pots modem does not exist body: application/json: example: { "error": [ { "type": 5, "code": 29, "text": "Could not find element with UUID 'pots-modems-2'", "args": { "uuid": "pots-modems-2" }, "level": 1 } ] } /sessions: delete: description: Disconnect all active sessions on POTS modem responses: 204: description: POTS terminal session was removed successfully. 404: description: POTS modem does not exist. /monitor: description: > Used for monitoring the state of the various services running on the system. /lldp: description: | Used for monitoring the state of the various network discovery (LLDP/CDP) protocols running on the system. /chassis: type: base-type description: | Get the current status of the network discovery (LLDP/CDP) protocols on this device. get: description: | Get the current status of the network discovery (LLDP/CDP) protocols on this device. responses: 200: description: | Returns the current status of the network discovery (LLDP/CDP) protocols on this device. body: application/json: type: lldpChassis example: { "lldpstat": { "mac":"00:13:c6:08:07:ab", "Wlan":false, "name":"platypus", "Router":true, "Station":false, "Bridge":true, "mgmt_ip": [ "10.250.242.110", "fdcd:41a4:5559:faf2:213:c6ff:fe08:7ab" ], "descr":"description 1" } } /neighbor: type: base-type description: | Get the list of neighboring devices (peers) that have been discovered by the LLDP protocol. get: description: | Get the list of neighboring devices (peers) that have been discovered by the LLDP protocol. responses: 200: description: Returns the list of LLDP neighbors. body: application/json: type: lldpNeighborList example: { "lldp-status-neighbor": [ { "remote_name":"NGCS-Switch", "port_name":"Port #1", "name":"enp3s0f1", "id":1, "port":"1", "mgmt_ip":[ "192.168.1.13" ], "remote_mac":"ec:9a:74:bc:57:e0" }, { "remote_name":"foobar.hostname", "port_name":"net1", "name":"tap1", "id":2, "port":"52:54:00:76:27:fc", "mgmt_ip": [ "192.168.0.1", "fe80::5054:ff:fe76:27fc" ], "remote_mac":"52:54:00:76:27:fc" } ] } /{id}: type: base-type description: | Retrieve a single LLDP neighbor status by ID. Used for working with a specific LLDP neighbor status item. get: description: Retrieve a single LLDP neighbor status by ID. responses: 200: description: LLDP neighbor status item body: application/json: type: getLLDPNeighborById /brute_force_protection: /bans: type: base-type description: > Used for monitoring addresses banned by Brute Force Protection. get: description: Retrieves information about IP addresses banned by Brute Force Protection responses: 200: description: Returns information about currently banned IP addresses body: application/json: type: bruteForceProtectionResponseBans example: { "brute_force_protection_bans": [ { "jail":"sshd", "address":"1.1.1.1", "time_of_ban":1628630619, "ban_time":60, "multi_field_identifier": "sshd|1.1.1.1" }, { "jail":"nginx-login", "address":"2.2.2.2", "time_of_ban":1628630618, "ban_time":60, "multi_field_identifier": "nginx-login|2.2.2.2" }, ] } /{id}: type: base-type description: > Used for working with a specific ban. get: description: Retrieve a single ban by ID. responses: 200: description: ban item body: application/json: type: bruteForceProtectionBanItemById example: { "brute_force_protection_ban": { "jail":"sshd", "address":"1.1.1.1", "time_of_ban":1628630619, "ban_time":60, "multi_field_identifier": "sshd|1.1.1.1" } } /static_routes: /status: type: base-type description: Used for monitoring the status of static routes. Only IPv4 static routes are supported. get: description: Retrieves information about the status of static routes. responses: 200: description: Returns information about the status of static routes. body: application/json: type: staticRoutesStatus example: { "static_routes_status": [ { "route": "system_net_static_routes-1", "status": "installed", "error": "", }, { "route": "system_net_static_routes-2", "status": "error", "error": "Error: Nexthop has invalid gateway.", }, ] } /{id}: type: base-type description: > Used for working with a specific static route status. get: description: Retrieve a single static route status by ID. responses: 200: description: ban item body: application/json: type: staticRoutesStatusById /services: description: > Used for working with the properties of the various services running on the system. /brute_force_protection: type: base-type description: > Provides access to the Brute Force Protection configuration on the system. When this service is enabled, the system watches for multiple failed login attempts and temporarily bans the offending IP Address for the configured amount of time. get: description: Retrieves the Brute Force Protection configuration responses: 200: description: Returns the current Brute Force Protection configuration body: application/json: type: bruteForceProtection example: { "brute_force_protection": { "ssh_enabled": true, "https_enabled": true, "max_retry": 5, "ban_time": 600, "find_time": 10 } } put: description: Set the Brute Force Protection configuration body: application/json: type: bruteForceProtection example: { "brute_force_protection": { "ssh_enabled": true, "https_enabled": true, "max_retry": 5, "ban_time": 600, "find_time": 10 } } responses: 200: description: Returns the current Brute Force Protection configuration body: application/json: type: bruteForceProtection example: { "brute_force_protection": { "ssh_enabled": true, "https_enabled": true, "max_retry": 5, "ban_time": 600, "find_time": 10 } } 400: description: Invalid request body: application/json: type: error example: error: - type: 4 code: 40 text: "Required field 'brute_force_protection.ssh_enabled' was not provided in the request" args: param: brute_force_protection.ssh_enabled level: 1 /https: type: base-type description: > Provides access to the SSL certificate used by web services on the device. get: description: Returns the current HTTPS certificate, CSR details and indicate if a pending CSR exists. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: description: Returns the current HTTPS certificate, CSR details and indicate if a pending CSR exists. body: application/json: type: httpsGet put: description: Create a new CSR, delete the pending CSR or upload the certificate for the pending CSR. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: httpsPut examples: example1: description: Create a new CSR (generating a new private key) value: { "https": { "csr": { "csr": "new", "common_name": "common", "org_unit": "unit", "organization": "org", "locality": "bne", "state": "qld", "country": "AT", "email": "me@example.com", "key_length": 2048 } } } example2: description: Create a new CSR (specifying a private key and CA-required challenge password) value: { "https": { "csr": { "csr": "new", "common_name": "common", "org_unit": "unit", "organization": "org", "locality": "bne", "state": "qld", "country": "AT", "email": "me@example.com", "key_length": 2048, "private_key": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----", "challenge_password": "password" }, } } example3: description: Delete the pending CSR value: { "https": { "csr": { "csr": null } } } example4: description: Upload the certificate for the pending CSR. value: { "https": { "cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----", "csr": { "csr": null } } } example5: description: | Upload a new certificate and private key pair. NOTE that this does not work if a CSR has never been generated. value: { "https": { "cert": "-----BEGIN CERTIFICATE-----...-----END CERTIFICATE-----", "key": "-----BEGIN PRIVATE KEY-----...-----END PRIVATE KEY-----", "csr": { "csr": null } } } responses: 200: description: Returns the current HTTPS certificate, CSR details and indicate if a pending CSR exists. body: application/json: type: httpsGet 500: description: Returns an error after the operation failed. body: application/json: example: { "error": [ { type: 2, "code": 14, "text":" String did not conform to the expected format.", "args": { "uuid": "root-1-services_https_csr_email" }, "level":1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } 400: description: Returns an error after the operation failed due to invalid user input. body: application/json: example: { "error": [ { type: 2, "code": 14, "text":" String did not conform to the expected format.", "args": { "uuid": "root-1-services_https_csr_email" }, "level":1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } /csr: type: base-type /download: type: base-type get: description: This entity is used to download the CSR object. responses: 200: body: application/json: type: csrDownload /tftp: type: base-type description: > Trivial File Transfer Protocol (TFTP) is a service that allows files to be transferred to or from the NetOps Console Server appliance. This entity provides access to the TFTP server configuration on the system. get: description: Retrieves the TFTP server configuration. responses: 200: description: Returns the current TFTP configuration. body: application/json: type: tftpGet example: { "tftp": { "enabled": true, "path": "/mnt/nvram/srv" } } put: description: Set the TFTP server configuration. body: application/json: type: tftpGet example: { "tftp": { "enabled": true, "path": "/mnt/nvram/srv" } } responses: 200: description: Returns the current TFTP configuration. body: application/json: type: tftpGet example: { "tftp": { "enabled": true, "path": "/mnt/nvram/srv" } } 400: description: > Returns an error after the operation failed due to invalid request. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'enabled' was not provided in the request", "args": { "param": "services_tftp_enabled-1" }, "level": 1 } ] } /ntp: type: base-type description: > Provides access to the NTP client configuration on the system. get: description: Fetch NTP client configuration. responses: 200: description: Returns the current NTP configuration. body: application/json: type: ntpGet example: { "ntp": { "enabled": true, "servers": [ { "value": "0.pool.ntp.org", }, { "value": "1.pool.ntp.org", }, { "value": "10.10.10.10", }, { "value": "10.10.10.11", "key": { "value": "7EA62AE64D190114D46D5A082F948EC1", "index": 30, "format": "HEX", "algorithm": "AES128", }, }, ], "id": "root-1-services_ntp" } } put: description: Set the NTP client configuration, including enabling/disabling the NTP service. body: application/json: type: ntpPut example: { "ntp": { "enabled": true, "servers": [ { "value": "0.pool.ntp.org" }, { "value": "1.pool.ntp.org" }, { "value": "2.pool.ntp.org" }, { "value": "3.pool.ntp.org" }, { "value": "10.20.30.40", "key": { "value": "crocus", "index": 20, "format": "ASCII", "algorithm": "MD5", } }, { "value": "10.20.30.41", "key": { "value": "933F62BE1D604E68A81B557F18CFA200483F5B70", "index": 25, "format": "HEX", "algorithm": "SHA1", } }, { "value": "ntp.example.com", "key": { "value": "37DDCBC67BB902BCB8E995977FAB4D2B5642F5B32EBCEEE421921D97E5CBFE39", "index": 31, "format": "HEX", "algorithm": "AES256", } }, ], } } responses: 200: description: > Returns the updated NTP configuration. body: application/json: type: ntpGet example: { "ntp": { "enabled": true, "servers": [ { "value": "0.pool.ntp.org" }, { "value": "1.pool.ntp.org" }, { "value": "2.pool.ntp.org" }, { "value": "3.pool.ntp.org" }, { "value": "10.20.30.40", "key": { "value": "crocus", "index": 20, "format": "ASCII", "algorithm": "MD5", } }, { "value": "10.20.30.41", "key": { "value": "933F62BE1D604E68A81B557F18CFA200483F5B70", "index": 25, "format": "HEX", "algorithm": "SHA1", } }, { "value": "ntp.example.com", "key": { "value": "37DDCBC67BB902BCB8E995977FAB4D2B5642F5B32EBCEEE421921D97E5CBFE39", "index": 31, "format": "HEX", "algorithm": "AES256", } }, ], "id": "root-1-services_ntp" } } 500: description: > Error saving NTP configuration. body: application/json: example: { "error": [ { type: 2, "code": 25, "text": "'' is not a valid hostname", "args": { "address": "", "uuid": "services_ntp_servers-0" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } 400: description: > Returns an error after the operation failed due to invalid request. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'services_syslog_servers-1' was not provided in the request", "args": { "param": "services_syslog_servers-1" }, "level": 1 } ] } /status: type: base-type description: > Provides information the current synchronization state of NTP get: displayName: get ntp/status description: > Gets the current sync status for NTP responses: 200: description: An object containing an array of ports with their corresponding signal values body: application/json: type: ntpSyncStatus example: { "ntp_status": { "status": "attempting-to-sync", "last_sync_utc": "Fri Feb 3 15:00:29 2012 UTC", "sync_server": "1.2.3.4 (a.b.c)" } } 400: description: Invalid request body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } 500: description: Error encountered while attempting to obtain ntp status body: application/json: type: error /lldp: type: base-type description: > Provides access to the Network Discovery Protocols (LLDP/CDP) configuration. get: description: Fetch the Network Discovery Protocols configuration. responses: 200: description: Returns the current Network Discovery Protocols configuration. body: application/json: type: lldp example: { "lldp": { "enabled": true, "platform": "platform 1", "description": "description 1", "physifs": ["net1", "net2"] } } put: description: Modify Network Discovery Protocols configuration. body: application/json: type: lldp example: { "lldp": { "enabled": true, "platform": "platform 1", "description": "description 1", "physifs": ["net1", "net2"] } } responses: 200: description: Created the Network Discovery Protocols configuration. body: application/json: type: lldp example: { "lldp": { "enabled": true, "platform": "platform 1", "description": "description 1", "physifs": ["net1", "net2"] } } /syslog: type: base-type description: > Provides access to the remote syslog server configuration. get: description: Fetch remote syslog server configuration list. responses: 200: description: Returns the current syslog server configuration. body: application/json: type: getSyslogServerListResponse example: { "syslogServers": [ { "id": "services_syslog_servers-31", "multi_field_identifier": "0.au.pool.rsyslog.org:601/UDP", "port": 601, "protocol": "UDP", "address": "0.au.pool.rsyslog.org", "description": "Remote logging server", "port_logging_enabled": true, "min_severity": "info" }, { "id": "services_syslog_servers-32", "multi_field_identifier": "2001:b:c:d::8329:602/UDP", "port": 602, "protocol": "UDP", "address": "2001:b:c:d::8329", "description": "Remote port logging server", "port_logging_enabled": false, "min_severity": "alert" } ], } post: description: Create a new syslog server data in the configuration. body: application/json: type: putSyslogServer example: { "syslogServer" : { "port": 1000, "protocol": "UDP", "address": "192.168.33.199", "description": "Remote logging server", "port_logging_enabled": true, "min_severity": "info" } } responses: 200: description: Created syslog server configuration body: application/json: type: getSyslogServerResponse example: { "syslogServer" : { "id": "services_syslog_servers-2", "multi_field_identifier": "192.168.33.199:1000/UDP", "port": 1000, "protocol": "UDP", "address": "192.168.33.199", "description": "Remote logging server", "port_logging_enabled": true, "min_severity": "info" } } 400: description: Failed to initiate syslog server creation due to error in post body. body: application/json: example: { "error": [ { "type": 2, "code": 22, "text": "Element [protocol] is of the wrong type", "args": { "uuid": "protocol" }, "level": 1 } ] } /{syslog_server_id}: type: base-type uriParameters: syslog_server_id: description: unique identifier for syslog servers displayName: syslog_server_id get: description: Fetch a configured syslog server by id. responses: 200: description: > Returns the requested syslog server configuration. body: application/json: type: getSyslogServerResponse example: { "syslogServer": { "id": "services_syslog_servers-1", "multi_field_identifier": "192.168.33.200:705/UDP", "port": 705, "protocol": "UDP", "address": "192.168.33.200", "description": "Remote logging server", "port_logging_enabled": false, "min_severity": "warning" } } 500: description: > Error saving syslog configuration. body: application/json: example: { "error": [ { type: 2, "code": 25, "text": "'' is not a valid hostname", "args": { "address": "", "uuid": "services_syslog_servers-1" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } 400: description: > Returns an error after the operation failed due to invalid request. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'services_syslog-1' was not provided in the request", "args": { "param": "services_syslog_servers-1" }, "level": 1 } ] } put: description: Set the syslog server configuration body: application/json: type: putSyslogServer example: { "syslogServer" : { "address": "192.168.33.199", "port": 1000, "protocol": "UDP", "description": "Remote logging server", "port_logging_enabled": false, "min_severity": "debug" } } responses: 200: description: > Returns the updated syslog server configuration. body: application/json: type: getSyslogServerResponse example: { "syslogServer": { "id": "services_syslog_servers-1", "multi_field_identifier": "192.168.33.200:705/UDP", "port": 705, "protocol": "UDP", "address": "192.168.33.200", "description": "Remote logging server", "port_logging_enabled": false, "min_severity": "debug" } } 500: description: > Error saving syslog configuration. body: application/json: example: { "error": [ { type: 2, "code": 25, "text": "'' is not a valid hostname", "args": { "address": "", "uuid": "services_syslog_servers-1" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } 400: description: > Returns an error after the operation failed due to invalid request. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'services_syslog-1' was not provided in the request", "args": { "param": "services_syslog_servers-1" }, "level": 1 } ] } delete: description: Delete a syslog server. responses: 204: description: syslog server deleted 400: description: > Returns an error after the operation failed due to invalid request. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'services_syslog-1' was not provided in the request", "args": { "param": "services_syslog_servers-1" }, "level": 1 } ] } 404: description: syslog server does not exist body: application/json: example: { "error": [ { "type": 5, "code": 29, "text": "Could not find element with UUID 'services_syslog_servers-2'", "args": { "uuid": "services_syslog_servers-2" }, "level": 1 } ] } /snmp_manager: (deprecated): replaceWith: /services/snmp_alert_managers since: 10/2020 type: base-type description: > Retrieve and configure the SNMP TRAP/INFORM settings. get: description: Get the snmp manager legacy configuration. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "masked" ] default: "cleartext" required: false responses: 200: body: application/json: type: snmpManagerResponse example: { "snmp_manager": { "id": "snmp_manager_1", "multi_field_identifier": "snmp.example.com:167/UDP", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } put: description: Set the snmp manager legacy configuration. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: snmpManager example: { "snmp_manager": { "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "auth_password": "secret123", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version" : "v3", "privacy_protocol": "DES", "privacy_password": "secret123", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } responses: 200: body: application/json: type: snmpManagerResponse example: { "snmp_manager": { "id": "snmp_manager_1", "multi_field_identifier": "snmp.example.com:167/UDP", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version" : "v3", "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } /snmp_alert_managers: type: base-type description: > SNMP Alert Managers are used to receive and log SNMP TRAP and INFORM messages sent by the NetOps Console Server. To receive SNMP alerts generated by the system at least one SNMP Alert Manager must be configured. get: description: Get the snmp manager configuration. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "masked" ] default: "cleartext" required: false responses: 200: body: application/json: type: getSnmpAlertManagerList example: { "snmp_alert_managers": [ { "id": "snmp_manager_1", "multi_field_identifier": "snmp.example.com:167/UDP", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } ] } post: description: Add a new snmp manager. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: snmpAlertManager example: { "snmp_alert_manager": { "name": "A SNMP Alert Manager", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } responses: 200: description: The snmp manager was added. body: application/json: type: snmpAlertManagerResponse example: { "snmp_alert_manager": { "id": "snmp_manager_1", "multi_field_identifier": "snmp.example.com:167/UDP", "name": "A SNMP Alert Manager", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } /{id}: type: base-type description: | Retrieve and update information for a specific SNMP Alert Manager. # snmp_alert_managers.get get: description: Get the configuration of an SNMP Manager queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "masked" ] default: "cleartext" required: false responses: 200: body: application/json: type: snmpAlertManagerResponse example: { "snmp_alert_manager": { "id": "snmp_manager_1", "multi_field_identifier": "snmp.example.com:167/UDP", "name": "A SNMP Alert Manager", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } # snmp_alert_managers.put put: description: > Update settings for SNMP Managers on the NetOps Console Server appliance. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: snmpAlertManager example: { "snmp_alert_manager": { "name": "Existing SNMP Alert Manager", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "user1", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } responses: 200: body: application/json: type: snmpAlertManagerResponse example: { "snmp_alert_manager": { "id": "snmp_manager_1", "multi_field_identifier": "snmp.example.com:167/UDP-v3-TRAP", "name": "A SNMP Alert Manager", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "username": "michaelf", "engine_id": "0x80001f8803555000000000", "version": v3, "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "msg_type": "TRAP", "address": "snmp.example.com", "port": 167, } } # snmp_alert_managers.delete delete: displayName: deleteSnmpManager description: > Delete an snmp manager responses: 204: description: snmp manager deleted /snmpd: type: base-type description: > Simple Network Management Protocol (SNMP) is an Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behaviour. This entity allows configuration of the SNMP service. get: description: Get the snmpd configuration. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "masked" ] default: "cleartext" required: false responses: 200: body: application/json: type: snmpd example: { "snmpd": { "port": 161, "protocol": "UDP", "enable_legacy_versions": true, "rocommunity": "public", "rwcommunity": "private", "enable_secure_snmp": true, "security_level": "priv", "security_name": "newuser", "engine_id": "0x80001f8803555000000000", "auth_protocol": "MD5", "auth_use_plaintext": true, "auth_password": "authPassword", "auth_localized_key": "0x123456789ABCDEF", "priv_protocol": "DES", "priv_use_plaintext": true, "priv_password": "privPassword", "priv_localized_key": "0xFEDCBA987654321", } } put: description: Set the snmpd configuration. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: snmpd example: { "snmpd": { "port": 161, "protocol": "UDP", "enable_legacy_versions": true, "rocommunity": "public", "rwcommunity": "private", "enable_secure_snmp": true, "security_level": "priv", "security_name": "newuser", "engine_id": "0x80001f8803555000000000", "auth_protocol": "MD5", "auth_use_plaintext": true, "auth_password": "authPassword", "auth_localized_key": "0x123456789ABCDEF", "priv_protocol": "DES", "priv_use_plaintext": true, "priv_password": "privPassword", "priv_localized_key": "0xFEDCBA987654321", } } responses: 200: body: application/json: type: snmpd example: { "snmpd": { "port": 161, "protocol": "UDP", "enable_legacy_versions": true, "rocommunity": "public", "rwcommunity": "private", "enable_secure_snmp": true, "security_level": "priv", "security_name": "newuser", "engine_id": "0x80001f8803555000000000", "auth_protocol": "MD5", "auth_use_plaintext": true, "auth_password": "authPassword", "auth_localized_key": "0x123456789ABCDEF", "priv_protocol": "DES", "priv_use_plaintext": true, "priv_password": "privPassword", "priv_localized_key": "0xFEDCBA987654321", } } 500: description: Failed to save the configuration. body: application/json: type: error 400: description: > Returns an error after the operation failed due to incomplete data. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'priv_localized_key' was not provided in the request", "args": { "param": "priv_localized_key" }, "level": 1 } ] } /ssh: type: base-type description: | Configure the Secure Shell Protocol (SSH) service. get: description: | Fetch configuration for the SSH service. responses: 200: body: application/json: type: sshResponse example: { "ssh": { "ssh_url_delimiter": "+", "maxstartups_rate": 30, "maxstartups_start": 10, "maxstartups_full": 100, "unauthenticated_serial_port_access": false } } put: description: | Set configuration for the SSH service. body: application/json: type: sshPut example: { "ssh": { "ssh_url_delimiter": ":", "maxstartups_rate": 30, "maxstartups_start": 10, "maxstartups_full": 100, "unauthenticated_serial_port_access": false } } responses: 200: body: application/json: type: sshResponse example: { "ssh": { "ssh_url_delimiter": ":", "maxstartups_rate": 30, "maxstartups_start": 10, "maxstartups_full": 100, "unauthenticated_serial_port_access": false } } /routing: type: base-type description: > Retrieve and configure routing services on the NetOps Console Server appliance. get: description: Fetch the configuration for the available routing daemons. responses: 200: body: application/json: type: routingDaemon examples: example1: { "routing": { "bgpd": { "enabled": true }, "isisd": { "enabled": false }, "ripd": { "enabled": true }, "ospfd": { "enabled": false, "router_id": "", "redistribute_connected": false, "redistribute_static": false, "redistribute_kernel": false, "interfaces": [], "neighbors": [], "networks": [], } } } example2: { "routing": { "bgpd": { "enabled": true }, "isisd": { "enabled": true }, "ripd": { "enabled": false }, "ospfd": { "enabled": true, "router_id": "10.0.0.2", "redistribute_connected": false, "redistribute_static": true, "redistribute_kernel": false, "interfaces": [{ "name": "net2", "cost": 10, "non_broadcast": false, "passive": true, "auth_method": "no_auth", "auth_keys": [], },{ "name": "net1", "non_broadcast": true, "passive": false, "auth_method": "md5", "auth_keys": [{ "id": "2", "key": "2AAA8335FD030E054A98E3B2C5852B34", },{ "id": "4", "key": "3A6BD16D50D2DA27B07DAA2088E56CE6", }] }], "neighbors": [{ "address": "10.0.0.1", }], "networks": [{ "address_with_mask": "5.5.5.0/24", "area": "40", },{ "address_with_mask": "10.0.0.0/8", "area": "0.0.0.0", }], } } } put: description: Set the configuration for the available routing daemons. body: application/json: type: routingDaemon examples: example1: { "routing": { "bgpd": { "enabled": true }, "isisd": { "enabled": false }, "ripd": { "enabled": true }, "ospfd": { "enabled": false } } } example2: { "routing": { "bgpd": { "enabled": true }, "isisd": { "enabled": false }, "ripd": { "enabled": false }, "ospfd": { "enabled": true, "router_id": "10.0.1.2", "redistribute_connected": true, "redistribute_static": false, "redistribute_kernel": false, "interfaces": [{ "name": "net1", "cost": 1, "non_broadcast": false, "passive": false, "auth_method": "cleartext", "auth_keys": [{ "id": "0", "key": "my_awesome_password", }], }], "neighbors": [{ "address": "16.17.0.1", },{ "address": "10.0.1.1", }], "networks": [{ "address_with_mask": "16.17.0.0/16", "area": "0.0.0.0", },{ "address_with_mask": "10.0.0.0/8", "area": "0.0.0.0", }], } } } responses: 200: body: application/json: type: routingDaemon examples: example1: { "routing": { "bgpd": { "enabled": true }, "isisd": { "enabled": false }, "ripd": { "enabled": true }, "ospfd": { "enabled": false, "router_id": "", "redistribute_connected": false, "redistribute_static": false, "redistribute_kernel": false, "interfaces": [], "neighbors": [], "networks": [], } } } example2: { "routing": { "bgpd": { "enabled": true }, "isisd": { "enabled": false }, "ripd": { "enabled": false }, "ospfd": { "enabled": true, "router_id": "10.0.1.2", "redistribute_connected": true, "redistribute_static": false, "redistribute_kernel": false, "interfaces": [{ "name": "net1", "cost": 1, "non_broadcast": false, "passive": false, "auth_method": "cleartext", "auth_keys": [{ "id": "0", "key": "my_awesome_password", }], }], "neighbors": [{ "address": "16.17.0.1", },{ "address": "10.0.1.1", }], "networks": [{ "address_with_mask": "16.17.0.0/16", "area": "0.0.0.0", },{ "address_with_mask": "10.0.0.0/8", "area": "0.0.0.0", }], } } } 500: description: Failed to save the configuration. body: application/json: type: error 400: description: > Returns an error after the operation failed due to incomplete data. body: application/json: example: { "error": [ { type: 4, "code": 40, "text": "Required field 'bgpd' was not provided in the request", "args": { "param": "bgpd" }, "level": 1 } ] } /alerts: type: base-type description: > Used to configure various types of alerts /authentication: (deprecated): replaceWith: /monitoring/alerts/system since: 12/2020 type: base-type description: Retrieve and configure Authentication Trap Group settings. get: description: Get the authentication trap group settings. responses: 200: body: application/json: type: authenticationAlert example: { "authentication_trap_group": { "enabled": true } } put: description: Set the authentication trap group settings. body: application/json: type: authenticationAlert example: { "authentication_trap_group": { "enabled": true } } responses: 200: body: application/json: type: authenticationAlert example: { "authentication_trap_group": { "enabled": true } } /system: (deprecated): replaceWith: /monitoring/alerts/power since: 12/2020 type: base-type description: Retrieve and configure System Trap Group settings. get: description: Get the system trap group settings. responses: 200: body: application/json: type: systemAlert example: { "system_trap_group": { "enabled": true, "power_supply_millivolt_lower": 11000, "power_supply_millivolt_upper": 13000 } } put: description: Set the system trap group settings. body: application/json: type: systemAlert example: { "system_trap_group": { "enabled": true, "power_supply_millivolt_lower": 11000, "power_supply_millivolt_upper": 13000 } } responses: 200: body: application/json: type: systemAlert example: { "system_trap_group": { "enabled": true, "power_supply_millivolt_lower": 11000, "power_supply_millivolt_upper": 13000 } } /networking: (deprecated): replaceWith: /monitoring/alerts/networking since: 12/2020 type: base-type description: Retrieve and configure Networking Trap Group settings. get: description: Get the networking trap group settings. responses: 200: body: application/json: type: networkingAlert examples: example1: description: With a cell modem value: { "networking_trap_group": { "enabled": true, "signal_strength_threshold_lower": 33, "signal_strength_threshold_upper": 66 } } example2: description: Without a cell modem value: { "networking_trap_group": { "enabled": true } } put: description: Set the networking trap group settings. body: application/json: type: networkingAlert examples: example1: description: With a cell modem value: { "networking_trap_group": { "enabled": true, "signal_strength_threshold_lower": 33, "signal_strength_threshold_upper": 66 } } example2: description: Without a cell modem value: { "networking_trap_group": { "enabled": true } } responses: 200: body: application/json: type: networkingAlert examples: example1: description: With a cell modem value: { "networking_trap_group": { "enabled": true, "signal_strength_threshold_lower": 33, "signal_strength_threshold_upper": 66 } } example2: description: Without a cell modem value: { "networking_trap_group": { "enabled": true } } /config_change: (deprecated): replaceWith: /monitoring/alerts/system since: 12/2020 type: base-type description: Retrieve and configure config change trap group settings. get: description: Get the config change trap group settings. responses: 200: body: application/json: type: configChangeAlert example: { "config_change_trap_group": { "enabled": true } } put: description: Set the config trap group settings. body: application/json: type: configChangeAlert example: { "config_change_trap_group": { "enabled": true } } responses: 200: body: application/json: type: configChangeAlert example: { "config_change_trap_group": { "enabled": true } } /monitoring: type: base-type description: > Used to configure various types of monitoring systems /alerts: type: base-type description: > Used to configure various types of alerts /networking: type: base-type description: Retrieve and configure Networking Alert Group settings. get: description: Get the networking alert group settings. responses: 200: body: application/json: type: networkingAlertGroup examples: example1: description: All network alerts enabled. value: { "networking_alert_group": { "cell_signal_strength_alert": { "enabled": true, "threshold_lower": 33, "threshold_upper": 66 } } } example2: description: All network alerts enabled when there is no cell modem (Network link state is enabled under cell_signal_strength_alert). value: { "networking_alert_group": { "cell_signal_strength_alert": { "enabled": true } } } put: description: Set the networking alert group settings. body: application/json: type: networkingAlertGroup examples: example1: description: Enable all network alerts. value: { "networking_alert_group": { "cell_signal_strength_alert": { "enabled": true, "threshold_lower": 33, "threshold_upper": 66 } } } example2: description: Enable all network alerts when there is no cell modem (Enables network link state under cell_signal_strength_alert). value: { "networking_alert_group": { "cell_signal_strength_alert": { "enabled": true } } } example3: description: Disable all network alerts. value: { "networking_alert_group": {} } responses: 200: body: application/json: type: networkingAlertGroup examples: example1: description: All network alerts enabled. value: { "networking_alert_group": { "cell_signal_strength_alert": { "enabled": true, "threshold_lower": 33, "threshold_upper": 66 } } } example2: description: All network alerts enabled when there is no cell modem (Network link state is enabled under cell_signal_strength_alert). value: { "networking_alert_group": { "cell_signal_strength_alert": { "enabled": true, } } } /power: type: base-type description: Retrieve and configure Power Alert Group settings. get: description: Get the power alert group settings. responses: 200: body: application/json: type: powerAlertGroup example: { "power_alert_group": { "power_supply_voltage_alert": { "millivolt_lower": 11000, "millivolt_upper": 13000, "snmp": { "enabled": true }, "syslog": { "enabled": true, "alert_active_severity": "error", "alert_inactive_severity": "info", } } } } put: description: Set the power alert group settings. body: application/json: type: powerAlertGroup examples: example1: description: Enable all power alerts. value: { "power_alert_group": { "power_supply_voltage_alert": { "millivolt_lower": 11000, "millivolt_upper": 13000, "snmp": { "enabled": true }, "syslog": { "enabled": true, "alert_active_severity": "error", "alert_inactive_severity": "info", } } } } responses: 200: body: application/json: type: powerAlertGroup example: { "power_alert_group": { "power_supply_voltage_alert": { "millivolt_lower": 11000, "millivolt_upper": 13000, "snmp": { "enabled": true }, "syslog": { "enabled": true, "alert_active_severity": "error", "alert_inactive_severity": "info", } } } } /system: type: base-type description: Retrieve and configure System Alert Group settings. get: description: Get the system alert group settings. responses: 200: body: application/json: type: systemAlertGroup example: { "system_alert_group": { "authentication_alert": { "enabled": true }, "config_change_alert": { "enabled": true }, "temperature_alert": { "enabled": true, "threshold_lower": 35, "threshold_upper": 67 } } } put: description: Set the system alert group settings. body: application/json: type: systemAlertGroup examples: example1: description: Enable all system alerts. value: { "system_alert_group": { "authentication_alert": { "enabled": true }, "config_change_alert": { "enabled": true }, "temperature_alert": { "enabled": true, "threshold_lower": 35, "threshold_upper": 67 } } } example2: description: Disable all system alerts. value: { "system_alert_group": {} } responses: 200: body: application/json: type: systemAlertGroup example: { "system_alert_group": { "authentication_alert": { "enabled": true }, "config_change_alert": { "enabled": true }, "temperature_alert": { "enabled": true, "threshold_lower": 35, "threshold_upper": 67 } } } /physifs: description: > Read and manipulate the network physical interfaces on the NetOps Console Server appliance. type: base-type # Interface.getList get: description: > Get a list of the network interfaces on the NetOps Console Server appliance. displayName: getPhysifs queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: body: application/json: type: getPhysifList example: { "physifs": [ { "enabled": true, "id": "system_net_physifs-1", "name": "init_net1", "media": "ethernet", "mtu" : 1500, "device": "net1", "mac_address": "00:00:de:ad:be:f1", "dns": { "nameservers": [], "search_domains": [], }, "runtime_status": { "status": "UP", "id": "system_net_physifs-1" }, "ethernet_setting": { "id": "system_net_physifs-1", "link_speed": "auto" }, "description": "NET1 - 10G SFP+" }, { "enabled": true, "id": "system_net_physifs-2", "name": "init_net2", "media": "ethernet", "mtu": 1400, "device": "net2", "mac_address": "00:00:de:ad:be:f1", "dns": { "nameservers": [], "search_domains": [], }, "runtime_status": { "status": "UP", "id": "system_net_physifs-2" }, "ethernet_setting": { "id": "system_net_physifs-2", "link_speed": "auto" }, "description": "NET2 - 1G Copper/SFP" }, { "enabled": false, "id": "system_net_physifs-3", "name": "init_cellular", "media": "cellular", "device": "wwan0", "mac_address": "00:00:de:ad:be:f3", "dns": { "nameservers": [], "search_domains": [], }, "runtime_status": { "id": "system_net_physifs-3_runtime_status", "status": "ENABLED" }, "cellular_setting": { "id": "system_net_physifs-3_cellular_setting", "active_sim": 2, "sim_failover_policy": "never", "sim_failback_policy": "never", "sims": [{ "id": "system_net_physifs-3_cellular_setting_sims-1", "slot": 1, "apn": "vzwinternet", "iptype": "IPv4v6", "mtu": 1500, "runtime_status": { "id": "system_net_physifs-3_cellular_setting_sims-1_runtime_status", "status": "DISABLED", }, },{ "id": "system_net_physifs-3_cellular_setting_sims-2", "slot": 2, "apn": "i2gold", "iptype": "IPv4v6", "ipv4_netmask": "255.255.255.252", "mtu": 1492, "runtime_status": { "id": "system_net_physifs-3_cellular_setting_sims-2_runtime_status", "status": "ENABLED", }, }], }, "description": "Cellular Interface (LTE)" } ] } post: description: Add a new interface to the NetOps Console Server appliance. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: postPhysif examples: example1: { "physif": { "enabled": true, "media": "bridge", "slaves": ["net1", "net2"], "dns": { "nameservers": [], "search_domains": [], }, } } example2: { "physif": { "enabled": true, "media": "bond", "slaves": ["net1", "net2"], "bond_setting": { "mode": "balance-rr" }, "device": "bnd2" } } responses: 200: description: The new physif is returned. body: application/json: type: physifItem example: { "physif": { "id": "system_net_physifs-5", "enabled": true, "name": "init_br0", "media": "bridge", "device": "br0", "mac_address": "00:00:de:ad:be:f1", "description": "BR0 - Aggregate", "slaves": ["net1", "net2"], "dns": { "nameservers": [], "search_domains": [], }, "runtime_status": { "status": "UP", "id": "system_net_physifs-5" } } } 400: description: > Validation failure. For example, invalid or missing fields. Slave interfaces not valid. put: description: > Update a list of the network interfaces on the NetOps Console Server appliance. body: application/json: type: putPhysifList example: { "physifs": [ { "enabled": true, "media": "ethernet", "mtu" : 1500, "device": "net1", "ethernet_setting": { "link_speed": "auto" }, "description": "NET1 - 10G SFP+" }, { "enabled": true, "media": "ethernet", "mtu": 1400, "device": "net2", "ethernet_setting": { "link_speed": "auto" }, "description": "NET2 - 1G Copper/SFP" }, { "enabled": false, "media": "cellular", "device": "wwan0", "cellular_setting": { "active_sim": 2, "sim_failover_policy": "never", "sim_failback_policy": "never", "sims": [{ "slot": 1, "apn": "vzwinternet", "ipv4_netmask": "255.255.255.255", "iptype": "IPv4v6", "mtu": 1500, }, { "slot": 2, "apn": "i2gold", "iptype": "IPv4v6", "mtu": 1492, }], }, "description": "Cellular Interface (LTE)" }, { "enabled": true, "media": "bridge", "slaves": ["net1", "net2"] } ] } responses: 200: body: application/json: type: getPhysifList 400: description: > Validation failure. For example, invalid or missing fields. Slave interfaces not valid. /{id}: type: base-type description: | Retrieve and update configuration for a specific network interface on the NetOps Console Server. get: description: > Get a network interface on the NetOps Console Server appliance by id. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: body: application/json: type: physifItem example: { "physif": { "enabled": true, "id": "system_net_physifs-2", "name": "init_net2", "media": "ethernet", "device": "net2", "mac_address": "00:00:de:ad:be:f0", "dns": { "nameservers": ["9.9.9.9", "8.8.8.8"], "search_domains": ["iot", "foobar.iot"], }, "runtime_status": { "status": "UP", "id": "system_net_physifs-2" }, "ethernet_setting": { "id": "system_net_physifs-2", "link_speed": "auto" }, "description": "NET2 - 1G Copper/SFP" } } put: description: > Update settings for a network interface on the NetOps Console Server appliance. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: putPhysif example: { "physif": { "enabled": true, "ethernet_setting":{ "link_speed":"auto", }, } } responses: 200: description: > The physif {id} settings was updated. body: application/json: type: physifItem example: { "physif": { "enabled": true, "id": "system_net_physifs-2", "name": "init_net2", "media": "ethernet", "device": "net2", "mac_address": "00:00:de:ad:be:f0", "dns": { "nameservers": [], "search_domains": [], }, "runtime_status": { "status": "UP", "id": "system_net_physifs-2" }, "ethernet_setting": { "id": "system_net_physifs-2", "link_speed": "auto" }, "description": "NET2 - 1G Copper/SFP" } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: physif id parameter missing. 404: description: > physif {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. delete: description: > Delete a network interface by id. Currently only aggregate interfaces can be deleted. responses: 204: description: > The aggregate physif {id} was deleted. 404: description: > physif {id} does not exist. physif {id} is not an aggregate interface. /conns: description: > Read and manipulate the network connections on the NetOps Console Server appliance. type: base-type # Conn.getList get: description: > Get a list of the network connections on the server. displayName: getConns responses: 200: body: application/json: type: connGetList example: { "conns": [ { "id": "system_net_conns-1", "name": "default-conn-1", "description": "IPv4 static network connection", "physif": "net1", "mode": "static", "ipv4_static_settings": { "netmask": "255.255.255.0", "address": "192.168.87.156", "gateway": "192.168.87.100", "broadcast": "192.168.87.255", }, "runtime_status": { "status": "running", "last_status_change": 1471506633, "addresses": [ { "id": "system_net_conns-address-1", "address": "192.168.87.156", "netmask": "255.255.255.0", } ], "gateway":"192.168.87.254", "dns1":"8.8.8.8", "dns2":"192.168.33.254" }, }, { "id": "system_net_conns-3", "name": "default-conn-2", "description": "IPv6 static network connection", "physif": "net1", "mode": "ipv6_static", "ipv6_static_settings": { "address": "2001:b:c:d::8329", "prefix_length": 64, "gateway": "2001:b:c:d::254", }, "runtime_status": { "status": "running", "last_status_change": 1471506633, "addresses": [ { "id": "system_net_conns-2-address-1", "address": "2001:b:c:d::8329", "prefix_length": 64, }, { "id": "system_net_conns-2-address-2", "address": "2001:b:c:d::8320", "netmask": "64", } ], "gateway":"192.168.87.254", "dns1":"DDDD:0002:3008:8CFD:00AB:0002:3008:AAAA", "dns2": "DDDD:0002:3008:8CFD:00AB:0002:3008:BBBB", }, } ], } #conns.post post: description: Add a new network connection to the NetOps Console Server appliance. displayName: postConn body: application/json: type: connPost example: { "conn": { "ipv4_static_settings": { "netmask": "255.255.255.0", "address": "192.168.87.156", "gateway": "192.168.87.100", "broadcast": "192.168.87.255", }, "mode": "static", "physif": "net1" } } responses: 200: description: The conn \{id} settings was updated. body: application/json: type: connGet example: { "conn": { "id": "system_net_conns-9", "mode": "static", "physif": "net1", "name": "default-conn-2", "ipv4_static_settings": { "netmask": "255.255.255.0", "address": "192.168.87.156", "gateway": "192.168.87.100", "broadcast": "192.168.87.255", }, "runtime_status": { "status": "reloading", "addresses": [ { } ], "last_status_change": 1536209633, } } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: conn id parameter missing. 404: description: > Conn {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. # Conn.putList put: description: > Put a list of the network connections on the server. displayName: putConns body: application/json: type: connPutList example: { "conns": [ { "name": "conn-66", "mode": "static", "physif": "net1", "ipv4_static_settings": { "netmask": "255.255.255.0", "address": "192.168.87.156", "gateway": "192.168.87.100", "broadcast": "192.168.87.255", }, }, { "name": "conn-67", "mode": "static", "physif": "net2", "ipv4_static_settings": { "netmask": "255.255.255.0", "address": "192.168.7.16", "gateway": "192.168.7.1", "broadcast": "192.168.7.255", }, } ] } responses: 200: body: application/json: type: connGetList 400: description: > Validation failure. For example, invalid or missing fields. Duplicate conn names. /{id}: type: base-type description: | Retrieve and update configuration for a specific network connection on the NetOps Console Server. # Conn.get get: description: > Get the configuration of a network connection on the NetOps Console Server appliance. responses: 200: body: application/json: type: connGet example: { "conn": { "name": "default-conn-1", "ipv4_static_settings": { "netmask": "255.255.255.0", "address": "192.168.87.156", "gateway": "192.168.87.100", "broadcast": "192.168.87.255", }, "id": "system_net_conns-1", "mode": "static", description: "Default static network connection", "physif": "net1", "runtime_status": { "status": "reloading", "addresses": [ { } ], "last_status_change": 1536210047, } } } # Conn.put put: description: > Update settings for a network connection on the NetOps Console Server appliance. body: application/json: type: connPut example: { "conn": { "ipv4_static_settings": { "netmask": "255.255.255.0", "address": "192.168.87.156", "gateway": "192.168.87.100", "broadcast": "192.168.87.255", }, "mode": "static", "physif": "net1" } } responses: 200: description: The conn settings were updated. body: application/json: type: connGet example: { "conn": { "name": "default-conn-2", "ipv4_static_settings": { "broadcast": "192.168.87.255", "gateway": "192.168.87.100", "address": "192.168.87.156", "netmask": "255.255.255.0", }, "id": "system_net_conns-2", "mode": "static", "physif": "net1", "runtime_status": { "status": "reloading", "addresses": [ { } ], "last_status_change": 1536210052, } } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: conn id parameter missing. 404: description: > Conn {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. #conns.delete delete: displayName: deleteConn description: > Delete a network connection on the NetOps Console Server appliance. responses: 204: description: Conn deleted 404: description: User did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find conn with name or id 'system_net_conns-1'", "args": { "uuid": "system_net_conns-1" }, "level": 1 } ] } /static_routes: description: > Configuring and viewing static routes type: base-type get: description: Get list of static routes responses: 200: body: application/json: type: getStaticRoutesList examples: example1: description: Gets two static routes value: { "static_routes": [ { "id": "system_net_static_routes-1", "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100, "multi_field_identifier": "192.168.10.0/24-100" }, { "id": "system_net_static_routes-2", "destination_address": "192.168.20.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net2", "multi_field_identifier": "192.168.20.0/24" } ] } example2: description: No static routes present value: { "static_routes": [] } put: description: Create a list of static routes. Overwrite existing routes body: application/json: type: putStaticRoutesList examples: example1: description: Sets two routes value: { "static_routes": [ { "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100 }, { "destination_address": "192.168.20.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net2", "metric": 100 } ] } responses: 200: description: List of static routes body: application/json: type: getStaticRoutesList example: { "static_routes": [ { "id": "system_net_static_routes-1", "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100, "multi_field_identifier": "192.168.10.0/24-100" }, { "id": "system_net_static_routes-2", "destination_address": "192.168.20.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net2", "metric": 100, "multi_field_identifier": "192.168.20.0/24-100" } ] } post: description: Add a static route body: application/json: type: postStaticRouteItem example: { "static_route": { "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100 } } responses: 200: description: Static route was created body: application/json: type: postStaticRouteItemResult example: { "static_route": { "id": "system_net_static_routes-1", "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100, "multi_field_identifier": "192.168.10.0/24-100" } } 400: description: Failed to create static route delete: description: Delete all static routes responses: 204: description: Static routes were removed /{id}: type: base-type description: | Retrieve and update configuration for a specific static route. get: description: Get the configuration of a static route by its id. responses: 200: description: The requested static route configuration. body: application/json: type: getStaticRouteItem example: { "static_route": { "id": "system_net_static_routes-1", "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100, "multi_field_identifier": "192.168.10.0/24-100" }, } 404: description: The static route doesn't exist. body: application/json: type: error example: { "error": [ { "type": 5, "code": 29, "text": "Could not find static_route with multi_field_identifier or id 'system_net_static_routes-1'", "args": { "uuid": "system_net_static_routes-1" }, "level": 1 } ] } put: description: Set the properties of a static route. body: application/json: type: putStaticRouteItem example: { "static_route": { "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100 } } responses: 200: description: The updated static route configuration. body: application/json: type: getStaticRouteItem example: { "static_route": { "id": "system_net_static_routes-1", "destination_address": "192.168.10.0", "destination_netmask": 24, "gateway_address": "192.168.0.1", "interface": "net1", "metric": 100, "multi_field_identifier": "192.168.10.0/24-100", }, } 400: description: > Invalid request: Body is not json or does not conform to required json schema. 404: description: The static route doesn't exist. body: application/json: type: error example: { "error": [ { "type": 5, "code": 29, "text": "Could not find static_route with multi_field_identifier or id 'system_net_static_routes-1'", "args": { "uuid": "system_net_static_routes-1" }, "level": 1 } ] } delete: description: Delete a static route responses: 204: description: Static route deleted 400: description: Static route does not exist /lighthouse_enrollments: description: > View and control enrollment to a lighthouse type: base-type get: description: Get the information about the lighthouse enrollments responses: 200: body: application/json: type: lighthouseEnrollmentsList example: { "lighthouse-enrollments": [ { "port": 443, "address": "192.168.0.1", "id": "lighthouse_enrollments-1", "bundle": "bundle", "status": "Enrolling" } ] } post: description: Create a new lighthouse enrollment body: application/json: type: lighthouseEnrollmentPost example: { "lighthouse_enrollment": { "address": "192.168.0.1", "token": "password", "bundle": "bundle-1", "port": 8443 } } responses: 201: description: The new lighthouse enrollment was successfully created and callhome enrollment was started. body: application/json: type: lighthouseEnrollmentItem example: { "lighthouse_enrollment": { "id": "lighthouse_enrollments-1", "port": 8443, "status": "Enrolling", "address": "192.168.0.1" } } 400: description: > Invalid request: body is not json or does not conform to required json schema. /{id}: type: base-type description: | Retrieve or remove configuration for a specific Lighthouse enrollment. uriParameters: id: description: ID of the lighthouse-enrollment to fetch displayName: id example: lighthouse_enrollment-2 get: description: Get lighthouse-enrollment information by id. responses: 200: body: application/json: type: lighthouseEnrollmentItem example: { "lighthouse_enrollment": { "id": "lighthouse_enrollments-2", "port": 443, "status": "Connected", "address": "192.168.0.1" } } 404: description: The lighthouse-enrollment doesn't exist. body: application/json: type: object example: { "error": [ { "type": 5, "code": 29, "text": "Could not find lighthouse_enrollment with address or id 'lighthouse_enrollments-6'", "args": { "uuid": "lighthouse_enrollments-6" }, "level": 1 } ] } delete: description: Delete lighthouse enrollment object and begin unenrollment responses: 200: body: application/json: type: object example: { "message": "OK" } 404: body: application/json: type: object example: { "error": [ { "type": 5, "code": 29, "text": "Could not find lighthouse_enrollment with address or id 'lighthouse_enrollments-20'", "args": { "uuid": "lighthouse_enrollments-20" }, "level": 1 } ] } /registration: description: Registration endpoint accessed by a Lighthouse to start Lighthouse driven enrollment type: base-type post: description: Initial contact from Lighthouse to start the Enrollment process body: application/json: type: registrationItem example: { "id": "nodes-1", "server": "192.168.0.1", "server_api_port": 8443, "package_password": "password", "lh_ext_eps": [ { "server": "162.168.0.1", "server_api_port" : 8443, "server_vpn_port" : 1121 }, { "server" : "162.168.0.2", "server_api_port" : 601, "server_vpn_port" : 1121 } ] } responses: 201: body: application/json: type: object example: { "message": "OK" } 400: description: > Invalid request: body is not json or does not conform to required json schema. body: application/json: type: object example: { "error": [ { "type": 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } delete: description: Remove connection to this lighthouse responses: 200: body: application/json: type: object example: { "message": "OK" } 500: description: Internal Server Error /{id}: type: base-type description: Remove a connection to a given Lighthouse by ID uriParameters: id: description: The lighthouse system name displayName: id example: lighthouse-5633-1563 delete: responses: 200: description: Lighthouse connection removed successfully body: application/json: example: { "message":"OK" } 400: description: Invalid request body: application/json: type: object example: { "error": "Parameter 'id' not provided." } 404: description: Not found body: application/json: 500: description: Internal server error body: application/json: /{id}/server_address: type: base-type description: Update the lhvpn_tunnel server address uriParameters: id: description: The lighthouse system name displayName: id example: lighthouse-5633-1563 put: body: application/json: type: registrationAddress example: { "address": "192.168.0.1" } responses: 200: body: application/json: type: object example: { "message": "OK" } 400: description: > Invalid request: body is not json or does not conform to required json schema. body: application/json: type: object example: { "error": [ { "type": 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 404: body: application/json: type: object example: { "error": [ { "type": 5, "code": 29, "text": "Could not find element with UUID 'nodes-1'", "args": { "uuid": "nodes-1" }, "level": 1 } ] } /system: description: > System endpoints are related to configuring and accessing information about the NetOps Console Server appliance itself. /diskspace: type: base-type description: Retrieve the system's Disk Space usage get: responses: 200: body: application/json: type: systemDiskSpace example: { system_disk_space: [ { path: "/etc", total_space: 511044485120, free_space: 401935421440 }, { path: "/tmp", total_space: 511044485120, free_space: 401935421440 }, { path: "/mnt/nvram", total_space: 511044485120, free_space: 401935421440 }, ] } /{path}: type: base-type get: responses: 200: body: application/json: type: systemDiskSpaceByPath example: { system_disk_space_item: { path: "/etc", total_space: 511044485120, free_space: 401935421440 } } /hostname: type: base-type description: Retrieve or change the NetOps Console Server appliance system's hostname. get: description: Get the NetOps Console Server appliance hostname. responses: 200: body: application/json: type: systemHostname example: { system_hostname: { hostname: "OM2000" } } put: description: Set the NetOps Console Server appliance hostname. body: application/json: type: systemHostname example: { system_hostname: { hostname: "OM2000" } } responses: 200: body: application/json: type: systemHostname example: { system_hostname: { hostname: "OM2000" } } /banner: type: base-type description: Retrieve or change the NetOps Console Server appliance system's banner text. get: description: Get the NetOps Console Server appliance banner text. responses: 200: body: application/json: type: systemBanner example: { system_banner: { banner: "********************************************************************************\nUNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED\nYou must have explicit, authorized permission to access or configure this\n device. Unauthorized attempts and actions to access or use this system may\n result in civil and/or criminal penalties. All activities performed on this\n device are logged and monitored.\n********************************************************************************" } } put: description: Set the NetOps Console Server appliance banner text. body: application/json: type: systemBanner example: { system_banner: { banner: "********************************************************************************\nUNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED\nYou must have explicit, authorized permission to access or configure this\n device. Unauthorized attempts and actions to access or use this system may\n result in civil and/or criminal penalties. All activities performed on this\n device are logged and monitored.\n********************************************************************************" } } responses: 200: body: application/json: type: systemBanner example: { system_banner: { banner: "A new banner\nWith 2 lines" } } /cloud_connect: type: base-type description: Retrieve or change the NetOps Console Server appliance system's cloud connect configuration. get: description: Get the NetOps Console Server appliance cloud connect configuration. responses: 200: body: application/json: type: systemCloudConnect example: { system_cloud_connect: { cloud_connect_url: "tm1.digi.com", cloud_callhome_enabled: true } } put: description: Set the NetOps Console Server appliance cloud connect configuration. body: application/json: type: systemCloudConnect example: { system_cloud_connect: { cloud_connect_url: "tm2.digi.com", cloud_callhome_enabled: false } } responses: 200: body: application/json: type: systemCloudConnect example: { system_cloud_connect: { cloud_connect_url: "tm2.digi.com", cloud_callhome_enabled: false } } /webui_session_timeout: (deprecated): replaceWith: /system/session_timeout since: 01/2022 type: base-type description: Retrieve or change the NetOps Console Server appliance WebUI session timeout. get: description: Retrieve the WebUI session timeout (in minutes). responses: 200: body: application/json: type: webuiSessionTimeout example: { system_webui_session_timeout: { timeout: 20 } } put: description: Set the WebUI session timeout (in minutes). body: application/json: type: webuiSessionTimeout example: { system_webui_session_timeout: { timeout: 20 } } responses: 200: body: application/json: type: webuiSessionTimeout example: { system_webui_session_timeout: { timeout: 20 } } /cli_session_timeout: (deprecated): replaceWith: /system/session_timeout since: 01/2022 type: base-type description: Retrieve or change the NetOps Console Server appliance CLI. get: description: Retrieve the CLI session timeout (in minutes). responses: 200: body: application/json: type: cliSessionTimeout example: { system_cli_session_timeout: { timeout: 0 } } put: description: Set the CLI session timeout (in minutes). body: application/json: type: cliSessionTimeout example: { system_cli_session_timeout: { timeout: 20 } } responses: 200: body: application/json: type: cliSessionTimeout example: { system_cli_session_timeout: { timeout: 20 } } /session_timeout: type: base-type description: Retrieve or change the NetOps Console Server appliance session timeouts. get: description: Retrieve session timeouts (in minutes). responses: 200: body: application/json: type: sessionTimeout example: { system_session_timeout: { cli_timeout: 0, webui_timeout: 20, serial_port_timeout: 0 } } put: description: Set the session timeouts (in minutes). body: application/json: type: sessionTimeout example: { system_session_timeout: { cli_timeout: 20, webui_timeout: 20, serial_port_timeout: 20 } } responses: 200: body: application/json: type: sessionTimeout example: { system_session_timeout: { cli_timeout: 20, webui_timeout: 20, serial_port_timeout: 20 } } 400: description: > Invalid request: body is not json or does not conform to required json schema. body: application/json: type: object example: { "error": [ { "type": 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } /system_authorized_keys: type: base-type description: Configure the SSH authorized keys for all users. get: description: Retrieve ssh authorized keys for all users responses: 200: body: application/json: type: allUsersSSHAuthorizedKeys examples: example1: description: System that has 2 SSH keys belonging to 2 different users value: { "system_authorized_keys": [ { id: "users_ssh_authorized_keys-1", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF /home/root/.ssh/id_rsa\n", key_fingerprint: "2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 /home/root/.ssh/id_rsa\n (RSA)", username: "root", multi_field_identifier: "root 2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 /home/root/.ssh/id_rsa\n (RSA)", }, { id: "users_ssh_authorized_keys-2", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCb/1mDgaqjrBq1Mnyt1oOxFkmSm6HOCUlETW0KCGpSTpaKppb35I2ec7Pka8H4u40FFUcVQeAtHl2R1JIWo5d+Avb1+W/+uhEiJ2TI9GQTeLiHEJYD0QwhwJLUYXk0FkLPkpvVBag3MwUIh3atun0Aq/2C42EeIhFkcniGQFZsgjDaASw7QEYUTyIYr5AARA2cM1OXWNneJOKsOlOxVwQJPeTBa1tFKjg0cw5ISBXHyqUvUJfwZkI8FCfAyJ2Q7OEjJcKCydL500ZmpmDre+gth3qkgGIiteMvbN3OBmFBLq8pZdzsX7tkT28eyJ7FJTSkvsRkHkHQkZW/gaXPp5PR admin@admin-1", key_fingerprint: "2048 SHA256:KXoalyRQfYNhKr3stn3YPvvxuWS7L3LWqsHPInvRgqY admin@admin-1 (RSA)", username: "admin", multi_field_identifier: "admin 2048 SHA256:KXoalyRQfYNhKr3stn3YPvvxuWS7L3LWqsHPInvRgqY admin@admin-1 (RSA)", } ] } example2: description: System that has no SSH keys value: { "system_authorized_keys": [] } post: description: Add an SSH key for the specified user body: application/json: type: allUsersSSHAuthorizedKeyPost example: { "system_authorized_key": { "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test", username: "root" } } responses: 200: body: application/json: type: allUsersSSHAuthorizedKeyGet example: { "system_authorized_key": { "id": "users_ssh_authorized_keys-3", "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test", "key_fingerprint": "2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 test (RSA)", username: "root", multi_field_identifier: "root 2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 test (RSA)", } } 400: description: Invalid SSH key. body: application/json: example: { "error": [ { "type": 2, "code": 317, "text": "Invalid SSH key", "args": {}, "level": 1 } ] } 403: description: Duplicate SSH key. body: application/json: example: { "error":[ { "type": 2, "code": 314, "level": 1, "args": { "element_name": "ssh.authorized_keys", "duplicate_value": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test" }, "text": "List 'ssh.authorized_keys' contains duplicate entry 'ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test'." } ] } /{key-id}: type: base-type delete: description: Delete an SSH key. responses: 204: description: SSH key deleted. 403: description: Failed due to not having permission to delete key. body: application/json: example: { "error": [ { "type": 7, "code": 47, "text": "Permission denied", "args": {}, "level": 1 } ] } 404: description: SSH key does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find element with UUID 'users_ssh_authorized_keys-9'", "args": { "uuid": "users_ssh_authorized_keys-9" }, "level": 1 } ] } get: description: Get an SSH key by key-id responses: 200: body: application/json: type: allUsersSSHAuthorizedKeyGet example: { "system_authorized_key": { "id": "users_ssh_authorized_keys-3", "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test", "key_fingerprint": "2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 test (RSA)", username: "root", multi_field_identifier: "root 2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 test (RSA)", } } /ssh_port: type: base-type description: The SSH port used in Direct SSH links. get: description: Retrieve the system SSH port. responses: 200: body: application/json: type: systemSSHPort example: { "system_ssh_port": { "port":22 } } put: description: Set the system SSH port. body: application/json: type: systemSSHPort example: { "system_ssh_port": { "port":22 } } responses: 200: body: application/json: type: systemSSHPort example: { "system_ssh_port": { "port":22 } } /timezone: type: base-type description: Retrieve and update the system's timezone. get: description: Retrieves the system timezone. responses: 200: body: application/json: type: systemTimezone example: { system_timezone: { timezone: "Australia/Brisbane" } } put: description: Set the system timezone. body: application/json: type: systemTimezone example: { system_timezone: { timezone: "Australia/Brisbane" } } responses: 200: body: application/json: type: systemTimezone example: { system_timezone: { timezone: "Australia/Brisbane" } } /time: type: base-type description: Retrieve and update the NetOps Console Server's time. get: description: Retrieve the NetOps Console Server current time. responses: 200: body: application/json: type: systemTime example: { time: { time: "16:22 Sep 23, 2016" } } put: description: Set the NetOps Console Server current time. body: application/json: type: systemTime example: { time: { time: "16:22 Sep 23, 2016" } } responses: 200: body: application/json: type: systemTime example: { time: { time: "16:22 Sep 23, 2016" } } /config: type: base-type # System.reset delete: description: > Delete the configuration effectively performing a system reset. The will reset to factory settings and reboot. responses: 200: description: > The factory reset process was started successfully. /reboot: type: base-type # System.reboot post: description: > Wait 10 seconds then perform a system reboot. responses: 200: description: > The factory reboot process was started successfully. /admin_info: type: base-type description: > Retrieve or change the NetOps Console Server appliance system's information (hostname, contact and location). get: description: Get the NetOps Console Server appliance system information. responses: 200: body: application/json: type: systemAdminInfo example: { "system_admin_info": { "hostname": "myhost1", "contact": "admin@example.com", "location": "USA" } } put: description: Set the NetOps Console Server appliance system information. body: application/json: type: systemAdminInfo example: { "system_admin_info": { "hostname": "myhost1", "contact": "admin@example.com", "location": "USA" } } responses: 200: body: application/json: type: systemAdminInfo example: { "system_admin_info": { "hostname": "myhost1", "contact": "admin@example.com", "location": "USA" } } /cellular_logging: type: base-type description: | Cellular logging provides the ability to capture the RRC connection messages from the cellular module. This entity allows configuration of cellular logging and is only to be used during compliance testing. get: description: Retrieves configuration for cellular logging. responses: 200: body: application/json: type: systemCellularLogging example: { "system_cellular_logging": { "enabled": true, "filter": "/usr/libexec/sierra/filters/RRC_OTA_0xB0C0.sqf", "device": "/dev/ttyUSB0" } } put: description: Set the configuration for cellular logging. body: application/json: type: systemCellularLogging example: { "system_cellular_logging": { "enabled": true, "filter": "/usr/libexec/sierra/filters/RRC_OTA_0xB0C0.sqf", "device": "/dev/ttyUSB0" } } responses: 200: body: application/json: type: systemCellularLogging example: { "system_cellular_logging": { "enabled": true, "filter": "/usr/libexec/sierra/filters/RRC_OTA_0xB0C0.sqf", "device": "/dev/ttyUSB0" } } /cell_reliability_test: type: base-type get: description: > Retrieve configuration items related to running the cell reliability test. responses: 200: description: Cell reliability test configuration retrieved successfully. body: application/json: type: cellReliabilityTestConfiguration example: { "cell_reliability_test" : { "enabled": true, "period": 120, "test_url": ["https://www.opengear.com/","http://[684D:1111:222:3333:4444:5555:6:77]/"], "signal_strength_threshold" : { "lower": 25, "upper": 75 } } } put: description: > Update configuration items related to running the cell reliability test. This allows the user to enable and disable the test, change how frequently it executes, configure the URL to use in the test and configure the alert threshold for signal strength. body: application/json: type: cellReliabilityTestConfiguration example: { "cell_reliability_test" : { "enabled": true, "period": 120, "test_url": ["https://www.opengear.com/","http://[684D:1111:222:3333:4444:5555:6:77]/"], "signal_strength_threshold" : { "lower": 25, "upper": 75 } } } responses: 200: description: The configuration has been updated. body: application/json: type: cellReliabilityTestConfiguration example: { "cell_reliability_test" : { "enabled": true, "period": 120, "test_url": ["https://www.opengear.com/","http://[684D:1111:222:3333:4444:5555:6:77]/"], "signal_strength_threshold" : { "lower": 25, "upper": 75 } } } /firmware_upgrade: type: base-type description: | This entity is used to upgrade the system firmware of the NetOps Console Server appliance. # Firmware.postFirmwareUpgrade post: description: > Upgrade the system firmware either by uploading a file or providing a url to download the file from. This endpoint will always return success if the firmware upgrade job was started - it occurs in the background and the state of which should be retrieved from the GET /system/firmware_upgrade_status endpoint. At least 'file' or 'firmware_url' are required. body: multipart/form-data: properties: file: description: The file to be uploaded. required: false type: file firmware_url: description: A url for the file to download. required: false type: string firmware_options: description: | Options for the firmware upgrade tool. Supported options include: -I (ignore version), -E (erase config), -R (reboot after installation) required: false type: string responses: 200: description: The firmware upgrade process was started. body: application/json: type: firmwareUpgradeStatus example: { "system_firmware_upgrade_status": { "state": "running" } } /firmware_upgrade_status: # Firmware.getFirmwareUpgradeStatus type: base-type description: This entity provides the status of the most recent firmware upgrade job. get: description: Retrieve the status of the most recent firmware upgrade job. responses: 200: description: The factory reset process was started successfully. body: application/json: type: firmwareUpgradeStatus example: { "system_firmware_upgrade_status": { "state": "error", "error_message": "download_error" } } /version: type: base-type description: Retrieve the NetOps Console Server's most recent firmware and REST API version. get: description: Get the version information. responses: 200: body: application/json: type: systemVersion example: { "system_version": { "rest_api_version": "v2", "firmware_version": "18.Q3.0" } } /serial_number: type: base-type description: Retrieve the NetOps Console Server appliance's serial number. get: description: Get the serial number information. responses: 200: body: application/json: type: systemSerialNumber example: { "system_serial_number": { "serial_number": "409155v03.0001" } } /model_name: type: base-type description: Retrieve the NetOps Console Server appliance's model name. get: description: Get the model name information. responses: 200: body: application/json: type: systemModelName example: { "system_model_name": { "model_name": "OM2248-DAC" } } /info: type: base-type description: Retrieve basic system information get: description: Retrieve basic system information responses: 200: body: application/json: type: systemInfo example: { "system_info" : { "model_name": "OM2216-L", "serial_number": "22161912071736", "cellfw_info": { "firmware": { "amss_version": "SWI9X50C_01.07.02.00", "boot_version": "SWI9X50C_01.07.02.00", "carrier_id": "4", "config_version": "002.008_004", "model": "EM7565", "package_id": "unknown", "sku_id": "1104207" }, "operating_mode": { "hw_restricted": "no", "mode": "online" } }, "has_cellular": true, "system_versions": { "firmware_version": "23.03.0-dev", "rest_api_version": "v2" } } } /fips: type: base-type description: | This system configuration option allows users to set whether the OpenSSL package uses only FIPS 140-2 compliant cryptographic modules. get: description: | Retrieves the system configuration of FIPS 140-2 compliance for the OpenSSL package. responses: 200: body: application/json: type: fipsResponse example: { "fips": { "enabled": false, } } put: description: | Set whether the OpenSSL packages only uses FIPS 140-2 compliant cryptographic modules. body: application/json: type: fipsResponse example: { "fips": { "enabled": false, } } responses: 200: body: application/json: type: fipsResponse example: { "fips": { "enabled": false, } } # SupportReport /support_report: description: > A report which will provide information about the state of the NetOps Console Server appliance. This information can be used to help analyse and understand the state of the system. The report is large and may take in the order of a minute to obtain. type: base-type # SupportReport.get get: description: Retrieve the support report data. responses: 200: description: > System report was successfully generated and returned including a url to a corresponding zip file. body: application/json: type: getSupportReport example: { "support_report": { "contents": "*** System time ***\nMon Aug 22 11:27:29 2016\n\n\n*** Firmware Version ***\n$ sysflash_info\nsysflash info\ncurrent copy name: 'root1'\ncurrent config dev: '/dev/sda6'\ncurrent root dev: '/dev/sda5'\ncurrent boot dev: '/dev/sda2'\nother (upgradable) copy name: 'root2'\nother (upgradable) config dev: '/dev/sda8'\nother (upgradable) root dev: '/dev/sda7'\nother (upgradable) boot dev: '/dev/sda3'\nboard name: 'OM-2000'\nboard rev: '1.0'\ncurrent software vendor: 'opengear'\ncurrent software product: 'operations manager'\ncurrent software version: '1.0.0'\ncurrent software variant: 'dev'\n\n*** Uptime ***\n359140.57 715606.84\n\n*** IP Configuration ***\n$ ifconfig\nnet1 Link encap:Ethernet HWaddr 08:00:27:d7:1c:38 \n ", "zip_file": "/api/v2/support_report?zip=1" } } # Remote Authentication Config /auth: description: > Configure remote authentication, authorization, accounting (AAA) servers. type: base-type get: description: Retrieve information on AAA servers. responses: 200: description: > A JSON object containing the AAA config is returned. body: application/json: type: authGet example: { "auth" : { "mode" : "tacacs", "policy" : "remotedownlocal", "radiusAuthenticationServers" : [ { "hostname" : "192.168.250.1.2" } ], "radiusAccountingServers" : [ { "hostname" : "192.168.250.1.2" } ], "tacacsService" : "raccess", "tacacsMethod" : "pap", "tacacsAccountingEnabled" : false, "tacacsAuthenticationServers" : [ { "hostname" : "192.168.1.2", } ], "ldapAuthenticationServers" : [ { "hostname" : "192.168.1.2" } ], "ldapBaseDN" : "cn=Users,dc=example,dc=com", "ldapBindDN" : "cn=Administrator,cn=Users,dc=example,dc=com", "ldapUsernameAttribute" : "sAMAccountName", } } put: description: Set the AAA config. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: authPut example: { "auth" : { "mode" : "radius", "policy" : "remotelocal", "radiusPassword" : "hunter2", "radiusAuthenticationServers" : [ { "hostname" : "192.168.250.2" } ], "radiusAccountingServers" : [ { "hostname" : "192.168.250.2" } ], "tacacsAuthenticationServers":[], "tacacsPassword": "", "ldapBaseDN": "", "ldapUsernameAttribute": "", "ldapBindPassword": "", "ldapAuthenticationServers":[], } } responses: 200: description: > A JSON object containing the AAA config is returned. body: application/json: type: authGet example: { "auth" : { "tacacsAuthenticationServers":[], "ldapBaseDN": "", "ldapUsernameAttribute": "", "ldapIgnoreReferrals": false, "ldapAuthenticationServers":[], "mode" : "radius", "policy" : "remotelocal", "radiusAuthenticationServers" : [ { "port": 1812, "hostname" : "192.168.250.2" } ], "radiusAccountingServers" : [ { "port": 1813, "hostname" : "192.168.250.2" } ] } } # Local password policy (expiry and complexity) /local_password_policy: description: | Configure the password policy for local users. This includes expiry and complexity settings. type: base-type get: description: Retrieve the local password policy. responses: 200: description: > A JSON object containing the local password policy is returned. body: application/json: type: localPasswordComplexityObj example: { "local_password_policy" : { "password_expiry_interval_enabled": true, "password_expiry_interval_days": 1, "password_complexity_enabled": true, "password_minimum_length": 10, "password_must_contain_upper_case": true, "password_must_contain_special": false, "password_must_contain_number": true, "password_disallow_username": false, } } put: description: Set the local password policy. body: application/json: type: localPasswordComplexityObj example: { "local_password_policy" : { "password_expiry_interval_enabled": false, "password_expiry_interval_days": 10, "password_complexity_enabled": false, "password_minimum_length": 10, "password_must_contain_upper_case": false, "password_must_contain_special": true, "password_must_contain_number": true, "password_disallow_username": true, } } responses: 200: description: > A JSON object containing the local password policy is returned. body: application/json: type: localPasswordComplexityObj example: { "local_password_policy" : { "password_expiry_interval_enabled": false, "password_expiry_interval_days": 10, "password_complexity_enabled": true, "password_minimum_length": 6, "password_must_contain_upper_case": true, "password_must_contain_special": true, "password_must_contain_number": false, "password_disallow_username": true, } } /users: description: Retrieve and update user information. type: base-type get: description: Retrieve a list of users. responses: 200: description: A JSON object containing Users Config is returned. body: application/json: type: getUserList example: { "users": [ { "username": "root", "description": "System wide SuperUser account", "enabled": true, "id": "users-1", "no_password": false, "ssh_password_enabled": true, "hashed_password": "$5$vqpQsIj./5/2OOBo$tTUYAJaEqbZYf4aipKicPF5bpkkGSEqtBy3t4dylp0/", "rights": { "delete": true, "modify": true }, "groups": ["usergrp"], "groupNames": ["g1"] }, { "username": "tu0", "description": "", "enabled": true, "id": "users-2", "no_password": false, "ssh_password_enabled": true, "hashed_password": "$5$vqpQsIj./5/2OOBo$tTUYAJaEqbZYf4aipKicPF5bpkkGSEqtBy3t4dylp0/", "rights": { "delete": true, "modify": true }, "groups": ["usergrp"], "groupNames": ["g1"] } ], meta: { total_pages: "1" } } put: description: Replace current user list with a new one. Used by Lighthouse Template push queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: putUserList example: { "users":[ { "username": "user1", "description": "An admin user", "password": "OGTest1", "groups": ["g1", "g2", "g3"] }, { "username": "user2", "description": "Another user", "password": "OGTest1", "groups": ["g1"] } ] } responses: 200: description: A JSON object containing Users Config is returned. body: application/json: type: getUserList example: { "users": [ { "username": "root", "enabled": true, "id": "users-1", "no_password": false, "ssh_password_enabled": true, "hashed_password": "$5$vqpQsIj./5/2OOBo$tTUYAJaEqbZYf4aipKicPF5bpkkGSEqtBy3t4dylp0/", "rights": { "delete": true, "modify": true }, "groups": ["usergrp", "admin"], "groupNames": ["g1","g2"] }, { "username": "user1", "enabled": true, "description": "An admin user", "id": "users-2", "no_password": false, "ssh_password_enabled": true, "hashed_password": "$5$697qmlbgz79fbNhl$Px.GuCYD1pEdUZUZR9aBKC14OlhQfYldn79tVluNCtD", "rights": { "delete": true, "modify": true }, "groups": ["usergrp", "admin", "my_group"], "groupNames": ["g1","g2", "g3"] }, { "username": "user2", "enabled": true, "description": "Another user", "id": "users-3", "no_password": false, "ssh_password_enabled": true, "hashed_password": "$5$697qmlbgz79fbNhl$Px.GuCYD1pEdUZUZR9aBKC14OlhQfYldn79tVluNCtD", "rights": { "delete": true, "modify": true }, "groups": ["usergrp"], "groupNames": ["g1"] } ], meta: { total_pages: "1" } } 400: description: Failed to initiate user creation due to error in post body. body: application/json: type: errorString example: { "error": "Failed to parse request data" } post: description: Create a new User data in the config. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: postUserType example: { "user": { "username": "tu1", "description": "testupdated", "enabled": true, "no_password": true, "groups": ["admin"] } } responses: 200: body: application/json: type: getUserType example: { "user": { "username": "tu1", "description": "testupdated", "enabled": true, "id": "users-5", "no_password": true, "ssh_password_enabled": true, "hashed_password": "$5$vqpQsIj./5/2OOBo$tTUYAJaEqbZYf4aipKicPF5bpkkGSEqtBy3t4dylp0/", "rights": { "delete": true, "modify": true }, "groups": ["admin"], "groupNames": ["g2"] } } 400: description: Failed to initiate user creation due to error in post body. body: application/json: example: { "error": [ { type: 2, "code": 12, "text": "Element is below the minimum allowed length of 1 character(s)", "args": { "min": "1", "uuid": "{60e2b0a-aafa-11e6-aca7-cb7fd0646002" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } /{user-id}: type: base-type description: > Retrieve and update information for a specific user. # User.get get: displayName: getUser description: Retrieve the User information by ID. responses: 200: description: User exists body: application/json: type: getUserType example: { "user": { "username": "tu0", "description": "", "enabled": true, "id": "users-2", "no_password": false, "ssh_password_enabled": true, "hashed_password": "$5$vqpQsIj./5/2OOBo$tTUYAJaEqbZYf4aipKicPF5bpkkGSEqtBy3t4dylp0/", "rights": { "delete": true, "modify": true }, "groups": ["usergrp"], "groupNames": ["g1"] } } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { type: 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } 404: description: User does not exist. User Not Found. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find user with username or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } put: description: Set a user's properties in the config. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: putUserType example: { "user": { "description": "testupdated", "enabled": true, "no_password": true, "ssh_password_enabled": true, "groups": [ "admin" ], } } responses: 200: description: User has been Updated. body: application/json: type: getUserType example: { "user": { "username": "tu1", "description": "testupdated", "enabled": true, "no_password": true, "ssh_password_enabled": true, "hashed_password": "$5$vqpQsIj./5/2OOBo$tTUYAJaEqbZYf4aipKicPF5bpkkGSEqtBy3t4dylp0/", "id": "users-5", "rights": { "delete": true, "modify": true }, "groups": ["admin"], "groupNames": ["g2"] } } 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } delete: displayName: deleteUser description: Delete a User responses: 204: description: User deleted 404: description: User did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find user with username or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } /ssh: type: base-type /authorized_keys: type: base-type description: Configure the SSH authorized keys for a specific user. get: description: Retrieve ssh authorized keys for a user responses: 200: body: application/json: type: userSSHAuthorizedKeys examples: example1: description: User with 2 keys value: { "authorized_keys": [ { id: "users_ssh_authorized_keys-1", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF /home/lincolnr/.ssh/id_rsa\n", key_fingerprint: "2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 /home/lincolnr/.ssh/id_rsa\n (RSA)" }, { id: "users_ssh_authorized_keys-2", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDcsp/AQJKLsinT822ZXAnyXpSykeRXPlOvvOH3zi7QkYLz4+VBbTqJO/R2AJp8Cd0MrGMwuzzbwM25bAb7mesni+RRUAcNPqDD8/z8PKKKRzU1aKRqi/Za3FDRxPAOPJ/Wy1F1lGG6BSKe3gH9QHkPpy5ZPkDcs0S9+qoUYwNCAaB2tcK1jp/L6RXuJ3yLhRBIMpYicRwYcXDOX7QFt4BhnKMrR1ufcU08CGRLYLxnsd2RuiPn2jAz8OHJN7GUvrQ6VK+k47vEj0YLBuP27ZbFKwAJd3dhdezlhjlDDGrVrrXZgwxR+LeOuTnkqUVHOXkYVuiWQZqGS/hC76wJEt2xHinW5+4GuN69qBeY//jCYT+DHe9qJ0MEB5xNjVoWXxb9C7Pc1+/3y+p84X2Oa2nYJm3Vsn8u/S2Mbu1epf16i2qnLEInXkbBF/3T06NZAR+8in51MYE+kQkWq7dlkX20b5l28Ugu8VYYrcxxg0AREfqaL5FbyPS1OHaEb5zvabN23JTPpG8LBnXSjNu8AIpbfM8PaXT+7c5nSSQ+y0G1kZsP9MberstvExJOOYl8eviShb41RuApZL3ik/gY1pZKhBNQbx7eD84q1f2cXtyAw554WWrnM4BlFZB86/M7rrX+GkHRbgv57dc/j5pID08MZ5w/52Tj9KpApYKcQkNFSQ== root@root-1", key_fingerprint: "4096 SHA256:a3MIQdLMB/kOUYcHSnlqHagOfHdlv4A/RCaTUr8o6MY root@root-1 (RSA)" } ] } example2: description: User with no keys value: { "authorized_keys": [] } post: description: Add an SSH key for a user body: application/json: type: userSSHAuthorizedKeyPost example: { "authorized_key": { "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test" } } responses: 200: body: application/json: type: userSSHAuthorizedKeyGet example: { "authorized_key": { "id": "users_ssh_authorized_keys-3", "key": "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDTRO6c/1JnaA/Mi3MKONqQJUe75rZC36Z0tH+BefpR2li3F/x7TWQnW0aBSA4y7bGOxS5B+nFd86m6+QWqZMxqIpraG11KKVh2c+ElIliVvPbpN7cL9QKbzDZPCn5TZ28znHDuUSzc7Kt0+33On+7HkMhapKiXkA2ardK89DlpKbE4mSiIZoWG0zepyWsXa86fiKTORqEN8FhRtxnBMcl+WODjQfuBzPNr/zYv75eLaZ0LwUOz6/xm8RkwEhd/kF1ntrXYrwOqhFsR7g0cfqQ5T9vLcUXqe+VDvD16KBkooSL92OTxC907F7HPk7XvQaY4bEWK7ca/vbVhsVzdDhbF test", "key_fingerprint": "2048 SHA256:CNem+rkDme6jInbmuzNxmHz46TP3mA37I2XfEGUuDs8 test (RSA)" } } 400: description: Invalid SSH key. body: application/json: example: { "error": [ { "type": 2, "code": 317, "text": "Invalid SSH key", "args": {}, "level": 1 } ] } /{key-id}: type: base-type get: description: Retrieve ssh authorized keys for a user responses: 200: body: application/json: type: userSSHAuthorizedKeyGet examples: example1: description: User key value: { "authorized_key": { id: "users_ssh_authorized_keys-2", key: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDcsp/AQJKLsinT822ZXAnyXpSykeRXPlOvvOH3zi7QkYLz4+VBbTqJO/R2AJp8Cd0MrGMwuzzbwM25bAb7mesni+RRUAcNPqDD8/z8PKKKRzU1aKRqi/Za3FDRxPAOPJ/Wy1F1lGG6BSKe3gH9QHkPpy5ZPkDcs0S9+qoUYwNCAaB2tcK1jp/L6RXuJ3yLhRBIMpYicRwYcXDOX7QFt4BhnKMrR1ufcU08CGRLYLxnsd2RuiPn2jAz8OHJN7GUvrQ6VK+k47vEj0YLBuP27ZbFKwAJd3dhdezlhjlDDGrVrrXZgwxR+LeOuTnkqUVHOXkYVuiWQZqGS/hC76wJEt2xHinW5+4GuN69qBeY//jCYT+DHe9qJ0MEB5xNjVoWXxb9C7Pc1+/3y+p84X2Oa2nYJm3Vsn8u/S2Mbu1epf16i2qnLEInXkbBF/3T06NZAR+8in51MYE+kQkWq7dlkX20b5l28Ugu8VYYrcxxg0AREfqaL5FbyPS1OHaEb5zvabN23JTPpG8LBnXSjNu8AIpbfM8PaXT+7c5nSSQ+y0G1kZsP9MberstvExJOOYl8eviShb41RuApZL3ik/gY1pZKhBNQbx7eD84q1f2cXtyAw554WWrnM4BlFZB86/M7rrX+GkHRbgv57dc/j5pID08MZ5w/52Tj9KpApYKcQkNFSQ== root@root-1", key_fingerprint: "4096 SHA256:a3MIQdLMB/kOUYcHSnlqHagOfHdlv4A/RCaTUr8o6MY root@root-1 (RSA)" } } delete: description: Delete an SSH key for a user. responses: 204: description: SSH key deleted. 403: description: Failed due to not having permission to delete key. body: application/json: example: { "error": [ { "type": 7, "code": 47, "text": "Permission denied", "args": {}, "level": 1 } ] } 404: description: SSH key does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ssh/authorized_key with key or id 'users_ssh_authorized_keys-9'", "args": { "uuid": "users_ssh_authorized_keys-9" }, "level": 1 } ] } /groups: description: Retrieve or update group information. type: base-type get: description: Retrieve a list of groups. # Group.getList responses: 200: description: A JSON object containing Groups config is returned. body: application/json: type: getGroupList example: { "groups": [ { "id": "groups-1", "enabled": true, "groupname": "usergrp", "mode": "scoped", "role": "ConsoleUser", "access_rights": ["web_ui", "pmshell"], "description": "The ConsoleUser group", "members": ["root", "tu0"], "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"], "rights": { "delete": true, "modify": false} }, { "id": "groups-2", "enabled": true, "groupname": "admin", "mode": "global", "role": "Administrator", "access_rights": ["admin"], "description": "Administrator", "members": ["root", "tu0"], "rights": { "delete": true, "modify": true } } ], meta: { total_pages: "1" } } put: description: Replace current groups list with a new one. Used by Lighthouse Template push body: application/json: type: putGroupList example: { "groups": [ { "name": "group1", "description": "an admin group", "roles": [ "admin" ], "ports":[ ] },{ "name": "group2", "description": "an unrestricted consoleUser", "roles": [ "all_ports_user", "pmshell_user" ], "ports":[ ] }, { "name": "group3", "description": "a restricted consoleUser", "roles": [ "basic_webui_user", "pmshell_user" ], "ports":[ "port01", "port03", "port04" ] } ] } responses: 200: description: A JSON object containing Groups Config is returned. body: application/json: type: getGroupList example: { "groups": [ { "enabled": true, "id": "groups-1", "groupname": "usergrp", "description": "The consoleUser group", "mode": "scoped", "role": "ConsoleUser", "access_rights": ["web_ui", "pmshell"], "members": ["root", "tu0"], "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"], "rights": { "delete": true, "modify": true } }, { "enabled": true, "id": "groups-2", "groupname": "admin", "description": "Administrator", "mode": "global", "role": "Administrator", "access_rights": ["admin"], "members": ["root", "tu0"], "rights": { "delete": true, "modify": true } } ], meta: { total_pages: "1" } } 400: description: Failed to initiate user creation due to error in post body. body: application/json: type: errorString example: { "error": "Failed to parse request data" } post: # Group.create description: Create a new Group in the config. body: application/json: type: putGroupType examples: group_for_admin: { "group": { "groupname": "local_admin", "enabled": true, "access_rights": ["admin"], } } group_for_users: { "group": { "groupname": "my_group", "enabled": true, "access_rights": ["web_ui", "pmshell"], "members": ["tu0", "tu1"], "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"], } } responses: 201: body: application/json: type: getGroupType examples: admin_group: { "group": { "id": "groups-1", "enabled": true, "groupname": "local-admin", "mode": "global", "role": "Administrator", "access_rights": ["admin"], "members": [], "ports": [], "rights": { "delete": true, "modify": true } } } ConsoleUser_group: { "group": { "id": "groups-3", "enabled": true, "groupname": "my_group", "mode": "scoped", "role": "ConsoleUser", "access_rights": ["web_ui", "pmshell"], "description": "Group for ConsoleUser", "members": ["tu0", "tu1"], "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"], "rights": { "delete": true, "modify": false} } } 400: description: Failed to initiate group creation due to error in post body. body: application/json: example: { "error": [ { "type": 2, "code": 26, "level": 1, "text": "Duplicate 'groupname' fields with value 'netgrp'", "args": { "value": "netgrp", "uuid": "root-1-@groups", "field": "groupname" } }, { "type": 1, "code": 33, "level": 1, "text": "Push command failed", "args": {} } ] } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { "type": 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } /{id}: # Group.get type: base-type description: Retrieve or update information for a specific group. get: displayName: getGroupResponse description: Retrieve the Group information by ID. responses: 200: description: Group exists body: application/json: type: getGroupType example: { "group": { "id": "groups-6", "enabled": true, "groupname": "netgrp2", "mode": "scoped", "role": "ConsoleUser", "access_rights": ["web_ui", "pmshell"], "members": ["root", "tu0"], "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"], "rights": { "delete": true, "modify": false} } } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { "type": 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } 404: description: Group does not exist. Group Not Found. body: application/json: example: { "error": [ { "type": 5, "code": 29, "text": "Could not find group with groupname or id 'group59'", "args": { "uuid": "group59" }, "level": 1 } ] } put: # Group.update description: Update a Group data in the config. body: application/json: type: putGroupType example: { "group": { "enabled": true, "groupname": "netgrp2", "access_rights": ["web_ui", "pmshell"], "description": "Group for ConsoleUser role", "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"] } } responses: 200: description: Group has been updated. body: application/json: type: getGroupType example: { "group": { "id": "groups-6", "enabled": true, "groupname": "netgrp2", "mode": "scoped", "role": "ConsoleUser", "access_rights": ["web_ui", "pmshell"], "description": "Group for ConsoleUser role", "members": ["root", "tu0"], "ports": ["serial/by-opengear-id/port01", "serial/by-opengear-id/port02", "serial/by-opengear-id/port03"], "rights": { "delete": true, "modify": false} } } 400: description: Invalid request body: application/json: example: { "error": [ { "type": 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } delete: displayName: deleteGroup description: Delete a Group responses: 204: description: Group deleted 404: description: Group did not exist body: application/json: example: { "error": [ { "type": 5, "code": 29, "text": "Could not find group with groupname or id 'group6'", "args": { "uuid": "group6" }, "level": 1 } ] } /scripts: type: base-type description: > The scripts endpoint is used to upload and execute custom user scripts on the NetOps Console Server appliance and to retrieve the status of currently executing scripts. post: description: Upload a shell script to be executed on the node body: multipart/form-data: properties: script_metadata: description: JSON object containing script_timeout in minutes and the script_checksum (SHA1). type: script_metadata file: description: The file to be uploaded. type: file responses: 400: description: Invalid request body: application/json: type: object example: { "error": "Invalid script metadata" } 200: description: Successful request body: application/json: type: script_info example: { "info": "Script execution started successfully", "execution_id": "ASE12" } get: description: Retrieve the status of a script executing on the node, as in GET /scripts?execution_id={id}, where id is the value for execution_id returned in the 200 response to the POST /scripts request. queryParameters: execution_id: type: string description: The execution_id returned from a /scripts POST request responses: 200: description: Successful request body: application/json: type: script_execution_status example: { "script_status": "in_progress" } 400: description: Invalid request body: application/json: type: object example: { "error": "Script execution ID not provided" } 500: description: Unexpected error body: application/json: example: { "error": "Script exit code not found" } /firewall: description: > Firewall endpoints are related to configuring and accessing information about the firewall running on the NetOps Console Server appliance. /services: type: base-type description: > Collection of custom services defined for the NetOps Console Server appliance's firewall. A service is a named grouping of one or more TCP or UDP ports for a particular networking protocol. For example, the 'https' service refers to TCP port 443. The appliance includes many predefined services for common protocols (see /firewall/predefined_services). This collection contains only custom services which have been defined by the administrator. get: description: Retrieve a list of custom services defined for the NetOps Console Server appliance. responses: 200: description: The list of custom services. body: application/json: type: getFirewallServicesListResponse example: { "firewall_services": [ { "id": "firewall-services-0", "name": "http", "label": "HTTP", "ports": [ { "protocol": "tcp", "port": 80 } ] }, { "id": "firewall-services-1", "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": 443 } ] } ], meta: { total_pages: "1" } } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } post: description: Create a new custom service in the config. body: application/json: type: setFirewallService example: { "firewall_service": { "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": 443 } ] } } responses: 200: description: Service was added. body: application/json: type: getFirewallServiceResponse example: { "firewall_service": { "id": "firewall-services-1", "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": 443 } ] } } 400: description: Failed due to error in post body. body: application/json: example: { "error": [ { type: 2, "code": 12, "text": "Element is below the minimum allowed length of 1 character(s)", "args": { "min": "1", "uuid": "{60e2b0a-aafa-11e6-aca7-cb7fd0646002" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } /{id}: type: base-type description: | Retrieve or update a specific custom firewall service. get: description: Retrieve the custom service by ID. responses: 200: description: Service exists. body: application/json: type: getFirewallServiceResponse example: { "firewall_service": { "id": "firewall-services-1", "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": 443 } ] } } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { type: 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } 404: description: Service does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find user with username or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } put: description: Set the configuration for an existing firewall service. body: application/json: type: setFirewallService example: { "firewall_service": { "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": 443 } ] } } responses: 200: description: Service has been updated. body: application/json: type: getFirewallServiceResponse example: { "firewall_service": { "id": "firewall-services-1", "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": 443 } ] } } 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 404: description: Service does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/service with name or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } delete: description: Delete a service. responses: 204: description: Service deleted. 404: description: Service does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/service with name or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } /zones: type: base-type description: > Collection of zones defined for the NetOps Console Server appliance's firewall. A zone includes 1 or more interfaces. get: description: Retrieve a list of zones defined for the NetOps Console Server appliance. responses: 200: description: The list of zones. body: application/json: type: getFirewallZonesListResponse example: { "firewall_zones": [ { "id": "firewall-zones-0", "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "wireguards": [], "permit_all_traffic": false, "masquerade": false, "port_forwarding_rules": [ { protocol: "tcp", from_port: "33", to_port: 44 } ], "custom_rules": [ { rule_content: "rule family='ipv4' source address='192.168.67.101/32' service name='telnet' accept", description: "allow rule"} ], "address_filters": [ { source_address: "0.0.0.0/0", services: [ "ssh", "https"] }, { source_address: "::/0", services: [ "ssh", "https"] } ] }, { "id": "firewall-zones-1", "name": "lan2", "label": "LAN 2", "description": "Backup Network", "physifs": [], "permit_all_traffic": false, "masquerade": false, "port_forwarding_rules": [], "custom_rules": [], "address_filters": [ { source_address: "0.0.0.0/0", services: [ "ssh", "https"] }, { source_address: "::/0", services: [ "ssh", "https"] } ] }, { "id": "firewall-zones-2", "name": "smf-1", "label": "SMF-1", "description": "OSPF Network", "wireguards": [ "wg0" ], "permit_all_traffic": false, "masquerade": false, "port_forwarding_rules": [], "custom_rules": [], "address_filters": [ { source_address: "0.0.0.0/0", services: [ "ospf" ] }, { source_address: "::/0", services: [ "ospf" ] } ] } ], meta: { total_pages: "1" } } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } post: description: Create a new zone in the config. body: application/json: type: setFirewallZone example: { "firewall_zone": { "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "address_filters": [ { source_address: "0.0.0.0/0", services: [ "ssh", "https"] }, { source_address: "::/0", services: [ "ssh", "https"] } ] } } responses: 200: description: Zone was added. body: application/json: type: getFirewallZoneResponse example: { "firewall_zone": { "id": "firewall-zones-0", "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "port_forwarding_rules": [ { protocol: "tcp", from_port: "33", to_port: 44 } ], "custom_rules": [], "address_filters": [ { source_address: "0.0.0.0/0", services: [ "ssh", "https"] }, { source_address: "::/0", services: [ "ssh", "https"] } ] } } 400: description: Failed due to error in post body. body: application/json: example: { "error": [ { type: 2, "code": 12, "text": "Element is below the minimum allowed length of 1 character(s)", "args": { "min": "1", "uuid": "{60e2b0a-aafa-11e6-aca7-cb7fd0646002" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } put: description: Set a list of firewall zones in the config. body: application/json: type: setFirewallZonesList example: { "firewall_zones": [ { "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "port_forwarding_rules": [ { protocol: "tcp", from_port: "33", to_port: 44 } ], "custom_rules": [ { rule_content: "rule family='ipv4' source address='192.168.67.101/32' service name='telnet' accept", description: "allow rule"} ], "address_filters": [ { source_address: "0.0.0.0/0", services: [ "ssh", "https"] }, { source_address: "::/0", services: [ "ssh", "https"] } ] }, { "name": "lhvpn", "label": "LHVPN", "description": "VPN connections to Lighthouse central management", "physifs": [], "permit_all_traffic": true, "masquerade": true, "port_forwarding_rules": [], "custom_rules": [], "address_filters": [ { source_address: "0.0.0.0/0", services: [ "ssh", "https"] }, { source_address: "::/0", services: [ "ssh", "https"] } ] }, { "name": "smf1", "label": "SMF-1", "description": "OSPF network", "wireguards": [ "wg0" ], "permit_all_traffic": false, "masquerade": false, "port_forwarding_rules": [], "custom_rules": [], "address_filters": [] }, ], } responses: 200: description: The list of zones have been updated. body: application/json: type: getFirewallZonesListResponse example: { "firewall_zones": [ { "id": "firewall_zones-1", "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "port_forwarding_rules": [ { protocol: "tcp", from_port: "33", to_port: 44 } ], "custom_rules": [ { rule_content: "rule family='ipv4' source address='192.168.67.101/32' service name='telnet' accept", description: "allow rule"} ], "address_filters": [ { source_address: "0.0.0.0/0", services: [ "ssh", "https"] }, { source_address: "::/0", services: [ "ssh", "https"] } ] }, { "id": "firewall_zones-4", "name": "lhvpn", "label": "LHVPN", "description": "VPN connections to Lighthouse central management", "physifs": [], "permit_all_traffic": true, "masquerade": true, "port_forwarding_rules": [], "custom_rules": [], "address_filters": [ { source_address: "0.0.0.0/0", services: [ "ssh", "https"] }, { source_address: "::/0", services: [ "ssh", "https"] } ] }, { "id": "firewall_zones-6", "name": "smf-1", "label": "SMF-1", "description": "OSPF network", "physifs": [], "permit_all_traffic": false, "masquerade": false, "port_forwarding_rules": [], "custom_rules": [], "address_filters": [] }, ], meta: { total_pages: "1" } } 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 404: description: Zone does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/zone with name or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } /{id}: type: base-type description: | Retrieve or update a specific firewall zone. get: description: Retrieve the zone by ID. responses: 200: description: Zone exists. body: application/json: type: getFirewallZoneResponse example: { "firewall_zone": { "id": "firewall-zones-0", "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "port_forwarding_rules": [ { protocol: "tcp", from_port: "33", to_port: 44 } ], "custom_rules": [], "address_filters": [ { source_address: "0.0.0.0/0", services: [ "ssh", "https"] }, { source_address: "::/0", services: [ "ssh", "https"] } ] } } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { type: 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } 404: description: Zone does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/zone with name or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } put: description: Set the configuration for an existing firewall zone. body: application/json: type: setFirewallZone example: { "firewall_zone": { "name": "lan", "label": "LAN", "description": "Local Network", "physifs": [ "net1" ], "permit_all_traffic": false, "masquerade": false, "address_filters": [ { source_address: "0.0.0.0/0", services: [ "ssh", "https"] }, { source_address: "::/0", services: [ "ssh", "https"] } ] } } responses: 200: description: Zone has been updated. body: application/json: type: getFirewallZoneResponse example: { "firewall_zone": { "id": "firewall-zones-1", "name": "lan2", "label": "LAN 2", "description": "Backup Network", "physifs": [ "net1" ], "permit_all_traffic": true, "masquerade": true, "port_forwarding_rules": [ { protocol: "tcp", from_port: "33", to_port: 44 } ], "custom_rules": [], "address_filters": [ { source_address: "0.0.0.0/0", services: [ "ssh", "https"] }, { source_address: "::/0", services: [ "ssh", "https"] } ] } } 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 404: description: Zone does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/zone with name or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } delete: description: Delete a zone. responses: 204: description: Zone deleted. 404: description: Zone does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/zone with name or id 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } /rules: (deprecated): replaceWith: /firewall/zones since: 12/2022 type: base-type description: > Collection of rules defined for the NetOps Console Server appliance's firewall. A rule maps a service to a zone. get: description: Retrieve a list of rules defined for the NetOps Console Server appliance. responses: 200: description: The list of rules. body: application/json: type: getFirewallRulesListResponse example: { "firewall_rules": [ { "id": "firewall-rules-0", "multi_field_identifier": "wan-http", "service": "http", "zone": "wan" }, { "id": "firewall-rules-1", "multi_field_identifier": "lan-https", "service": "https", "zone": "lan" } ] } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } post: description: Create a new rule in the config. body: application/json: type: setFirewallRule example: { "firewall_rule": { "service": "https", "zone": "wan" } } responses: 200: description: Rule was added. body: application/json: type: getFirewallRuleResponse example: { "firewall_rule": { "id": "firewall-rules-1", "multi_field_identifier": "wan-https", "service": "https", "zone": "wan" } } 400: description: Failed due to error in post body. body: application/json: example: { "error": [ { type: 2, "code": 12, "text": "Element is below the minimum allowed length of 1 character(s)", "args": { "min": "1", "uuid": "{60e2b0a-aafa-11e6-aca7-cb7fd0646002" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } delete: description: Bulk delete a list of rules defined for the NetOps Console Server appliance. body: application/json: type: bulkDeleteFirewallRuleList example: { "firewall_rules": [ "firewall_rules-1", "firewall_rules-5", ] } responses: 204: description: All rules were deleted successfully. 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } 404: description: Rule(s) do not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find element with UUID 'firewall_rules-5'", "args": { "uuid": "firewall_rules-5" }, "level": 1 } ] } /{id}: type: base-type description: | Retrieve or update a specific firewall rich rule. get: description: Retrieve the rule by ID. responses: 200: description: Rule exists. body: application/json: type: getFirewallRuleResponse example: { "firewall_rule": { "id": "firewall-rules-1", "multi_field_identifier": "wan-https", "service": "https", "zone": "wan" } } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { type: 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } 404: description: Rule does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find element with UUID 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } put: description: Set the configuration for an existing firewall rule. body: application/json: type: setFirewallRule example: { "firewall_rule": { "service": "https", "zone": "wan" } } responses: 200: description: Rule has been updated. body: application/json: type: getFirewallRuleResponse example: { "firewall_rule": { "id": "firewall-rules-1", "multi_field_identifier": "wan-https", "service": "https", "zone": "wan" } } 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 404: description: Rule does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find element with UUID 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } delete: description: Delete a rule. responses: 204: description: Rule deleted. 404: description: Rule does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find element with UUID 'tu0'", "args": { "uuid": "tu0" }, "level": 1 } ] } /predefined_services: type: base-type description: > Collection of predefined services defined for the NetOps Console Server appliance's firewall. A service is a named grouping of one or more TCP or UDP ports for a particular networking protocol. For example, the 'https' service refers to TCP port 443. This collection contains predefined services for common protocols and doesn't include the services added by the administrator. get: description: Retrieve a list of predefined services defined for the NetOps Console Server appliance. responses: 200: description: The list of predefined services. body: application/json: type: getFirewallPredefinedServicesListResponse example: { "predefined_firewall_services": [ { "name": "http", "label": "HTTP", "ports": [ { "protocol": "tcp", "port": "80" } ] }, { "name": "https", "label": "HTTPS", "ports": [ { "protocol": "tcp", "port": "443" } ] } ], "meta": { "total_pages": "1" } } /{name}: description: Retrieve a predefined service by name. get: responses: 200: body: application/json: type: getFirewallPredefinedServiceResponse example: { "predefined_firewall_service": { "name": "http", "label": "HTTP", "ports": [ { "protocol": "tcp", "port": "80" } ] } } /policies: type: base-type description: | Collection of policies defined for the NetOps Console Server appliance's firewall. A policy applies a set of rules to traffic flowing between between zones. get: description: Retrieve a list of policies defined for the NetOps Console Server appliance. responses: 200: description: The list of policies. body: application/json: type: getFirewallPoliciesListResponse example: { "firewall_policies": [ { "id": "firewall_policies-1", "name": "lan_to_wan", "description": "LAN --> WAN", "priority": -1, "default_action": "accept", "ingress_zones": [ "lan" ], "egress_zones": [ "wan" ], "rules": [], }, { "id": "firewall_policies-2", "name": "wan_to_lan", "priority": -1, "default_action": "continue", "ingress_zones": [ "wan" ], "egress_zones": [ "lan" ], "rules": [ { "services": [ "https", "http" ], "source_address": "1.2.3.4", "destination_address": "5.6.7.8", "log_prefix": "blah: ", "priority": 0, "action": "reject", } ], } ], meta: { total_pages: "1" } } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } post: description: Create a new policy in the config. body: application/json: type: setFirewallPolicy example: { "firewall_policy": { "name": "lan_to_wan", "description": "LAN --> WAN", "priority": -1, "default_action": "continue", "ingress_zones": [ "lan" ], "egress_zones": [ "wan", "lhvpn" ], "rules": [ { "services": [ "https", "http" ], "source_address": "1.2.3.4", "destination_address": "5.6.7.8", "log_prefix": "blah: ", "priority": 0, "action": "reject", } ], } } responses: 201: description: Policy was added. body: application/json: type: getFirewallPolicyResponse example: { "firewall_policy": { "id": "firewall_policies-1", "name": "lan_to_wan", "description": "LAN --> WAN", "priority": -1, "default_action": "continue", "ingress_zones": [ "lan" ], "egress_zones": [ "wan", "lhvpn" ], "rules": [ { "services": [ "https", "http" ], "source_address": "1.2.3.4", "destination_address": "5.6.7.8", "log_prefix": "blah: ", "priority": 0, "action": "reject", } ], } } 400: description: Failed due to error in post body. body: application/json: example: { "error": [ { type: 2, "code": 12, "text": "Element is below the minimum allowed length of 1 character(s)", "args": { "min": "1", "uuid": "{60e2b0a-aafa-11e6-aca7-cb7fd0646002" }, "level": 1 }, { type: 1, "code": 33, "text": "Push command failed", "args": {}, "level": 1 } ] } /{id}: type: base-type description: | Retrieve or update a specific firewall policy. get: description: Retrieve the policy by ID. responses: 200: description: Policy exists. body: application/json: type: getFirewallPolicyResponse example: { "firewall_policy": { "id": "firewall_policies-1", "name": "lan_to_wan", "description": "LAN --> WAN", "priority": -1, "default_action": "continue", "ingress_zones": [ "lan" ], "egress_zones": [ "wan" ], "rules": [ { "services": [ "https", "http" ], "source_address": "1.2.3.4", "destination_address": "5.6.7.8", "log_prefix": "blah: ", "priority": 0, "action": "reject", } ], } } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { type: 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } 404: description: Policy does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/policy with name or id 'firewall_policies-2'", "args": { "uuid": "firewall_policies-2" }, "level": 1 } ] } put: description: Set the configuration for an existing firewall policy. body: application/json: type: setFirewallPolicy example: { "firewall_policy": { "name": "lan_to_wan", "description": "LAN --> WAN", "priority": -1, "default_action": "continue", "ingress_zones": [ "lan" ], "egress_zones": [ "wan" ], "rules": [ { "services": [ "https", "http" ], "source_address": "1.2.3.4", "destination_address": "5.6.7.8", "log_prefix": "blah: ", "priority": 0, "action": "reject", } ], } } responses: 200: description: Policy has been updated. body: application/json: type: getFirewallPolicyResponse example: { "firewall_policy": { "id": "firewall_policies-1", "name": "lan_to_wan", "description": "LAN --> WAN", "priority": -1, "default_action": "continue", "ingress_zones": [ "lan" ], "egress_zones": [ "wan" ], "rules": [ { "services": [ "https", "http" ], "source_address": "1.2.3.4", "destination_address": "5.6.7.8", "log_prefix": "blah: ", "priority": 0, "action": "reject", } ], } } 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 404: description: Policy does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/policy with name or id 'firewall_policies-2'", "args": { "uuid": "firewall_policies-2" }, "level": 1 } ] } delete: description: Delete a policy. responses: 204: description: Policy deleted. 404: description: Policy does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find firewall/policy with name or id 'firewall_policies-2'", "args": { "uuid": "firewall_policies-2" }, "level": 1 } ] } /service_translations: description: | Collection of source addresses matched with a list of services for which source nating rules will be applied. get: description: Retrieve a list of source address matched with services defined for the NetOps Console Server appliance. responses: 200: description: The list of services used in source nating rules for an address body: application/json: type: getFirewallServiceTranslations example: { "firewall_service_translations": [ { "id": "firewall_service_translations-1", "address": "1.1.1.1", "services": [ "dns", "https" ] }, { "id": "firewall_service_translations-2", "address": "2.2.2.2", "services": [ "custom_service_1" ] } ] } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } put: description: Replace current firewall service translation list with a new one. body: application/json: type: setFirewallServiceTranslations example: { "firewall_service_translations": [ { "address": "1.1.1.1", "services": [ "dns", "https" ] }, { "address": "2.2.2.2", "services": [ "custom_service_1" ] } ] } responses: 200: description: List was applied succesfully. body: application/json: type: getFirewallServiceTranslations example: { "firewall_service_translations": [ { "id": "firewall_service_translations-1", "address": "1.1.1.1", "services": [ "dns", "https" ] }, { "id": "firewall_service_translations-2", "address": "2.2.2.2", "services": [ "custom_service_1" ] } ] } 400: description: Failed due to error in post body. body: application/json: example: { "error": [ { type: 2, "code": 305, "text": "Property 'dns' is invalid as it is already being used for another firewall_service_translation", "args": { "property": "dns", "reason": "as it is already being used for another firewall_service_translation" }, "level": 1 } ] } post: description: Create a new service translation in the config. body: application/json: type: setFirewallServiceTranslation example: { "firewall_service_translation": { "address": "2.2.2.2", "services": [ "custom_service_1" ] } } responses: 201: description: Service translation was added. body: application/json: type: getFirewallServiceTranslation example: { "firewall_service_translation": { "id": "firewall_service_translations-2", "address": "2.2.2.2", "services": [ "custom_service_1" ] } } 400: description: Failed due to error in post body. body: application/json: example: { "error": [ { type: 2, "code": 305, "text": "Property 'dns' is invalid as it is already being used for another firewall_service_translation", "args": { "property": "dns", "reason": "as it is already being used for another firewall_service_translation" }, "level": 1 } ] } /{id}: type: base-type description: | Retrieve or update a specific firewall service translation. get: description: Retrieve the specific firewall service translation by ID. responses: 200: description: firewall service translation exists. body: application/json: type: getFirewallServiceTranslation example: { "firewall_service_translation": { "id": "firewall_service_translations-2", "address": "2.2.2.2", "services": [ "custom_service_1" ] } } 401: description: Authentication failed due to invalid session. body: application/json: example: { "error": [ { type: 7, "code": 42, "text": "Invalid session ID", "args": {}, "level": 1 } ] } 404: description: Firewall service translation does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find item with UUID 'firewall_service_translations-1'", "args": { "uuid": "firewall_service_translations-1" }, "level": 1 } ] } put: description: Set the configuration for an existing service translation. body: application/json: type: setFirewallServiceTranslation example: { "firewall_service_translation": { "address": "2.2.2.2", "services": [ "custom_service_1" ] } } responses: 200: description: Service translation has been updated. body: application/json: type: getFirewallServiceTranslation example: { "firewall_service_translation": { "id": "firewall_service_translations-2", "address": "2.2.2.2", "services": [ "custom_service_1" ] } } 400: description: Invalid request body: application/json: example: { "error": [ { type: 4, "code": 39, "text": "Invalid request body", "args": {}, "level": 1 } ] } 404: description: Firewall service translation does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find item with UUID 'firewall_service_translations-1'", "args": { "uuid": "firewall_service_translations-1" }, "level": 1 } ] } delete: description: Delete a service translation. responses: 204: description: Service translation deleted. 404: description: Firewall service translation does not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find item with UUID 'firewall_service_translations-1'", "args": { "uuid": "firewall_service_translations-1" }, "level": 1 } ] } /cellfw: description: > The cellfw endpoints are related to checking, upgrading and scheduling upgrades for modem firmware. /info: type: base-type description: Retrieve cellular modem version and related information. get: description: Retrieve cellular modem version and related information. responses: 200: body: application/json: type: cellFWInfo example: { "cellfw_info": { "firmware": { "amss_version": "SWI9X50C_01.07.02.00", "boot_version": "SWI9X50C_01.07.02.00", "carrier_id": "4", "config_version": "002.008_004", "model": "EM7565", "package_id": "unknown", "sku_id": "1104207" }, "operating_mode": { "hw_restricted": "no", "mode": "online" } } } /export: type: base-type description: > Retrieve system configuration for the NetOps Console Server. get: responses: 200: body: application/json: type: exportType /failover: type: base-type description: > Failover endpoint is to check failover status and retrieve / change failover settings. /settings: type: base-type description: | failover/settings endpoint is to check and update failover settings. When failover is enabled, this device will consume from 1MB to 1.6 MB of bandwidth per day on the probe_physif connection. If the probe addresses are unreachable, this device will take from 108 to 156 seconds to enter the failover state. get: description: Retrieve the current failover settings. responses: 200: description: > Returns the current failover settings.
body: application/json: type: failoverSettingsResponse example: { "failover_settings": { "enabled": true, "probe_physif": "net1", "probe_address": "8.8.8.8", "probe_address_2": "1.1.1.1", "dormant_dns": true, "failover_physif": "wwan0" } } put: description: Set the failover settings. body: application/json: type: failoverSettingsPut examples: example1: { "failover_settings": { "enabled": true, "probe_physif": "net1", "probe_address": "8.8.8.8" } } example2: { "failover_settings": { "enabled": false, "probe_physif": "net2", "probe_address": "192.168.0.1", "probe_address_2": "", "dormant_dns": true, "failover_physif": "wwan0" } } responses: 200: description: Returns the current failover settings. body: application/json: type: failoverSettingsResponse examples: example1: { "failover_settings": { "enabled": true, "probe_physif": "net1", "probe_address": "8.8.8.8", "probe_address_2": "1.1.1.1", "dormant_dns": false, "failover_physif": "wwan0" } } example2: { "failover_settings": { "enabled": false, "probe_physif": "net2", "probe_address": "192.168.0.1", "probe_address_2": "", "dormant_dns": true, "failover_physif": "wwan0" } } /status: type: base-type description: > failover/status endpoint is to check current failover status. get: description: Retrieve the current failover status. responses: 200: description: > Returns the current failover status. body: application/json: type: failoverStatus example: { "failover_status": { "status": "failover_complete" } } /cellmodem: description: Retrieve information about the cell modem. type: base-type get: description: This endpoint is used to retrieve status data about the cellular modem in the device # CellModems.getCellModemInfo responses: 200: description: A JSON object containing cellmodem information. body: application/json: type: getCellModemInfo example: { "cellmodem": { "enabled": true, "device": "wwan0", "up": true, "signalStrength": 89, "signal_quality": 89, "rssi": -67, "technology": "lte", "modem_status": "connected", "failure_reason": "none", "ipv4_addresses": ["123.127.198.4"], "ipv6_addresses": ["fe80::69dc:654f:f1e5:ff12"], "failover": { "enabled": false, "dormant": false, "active": false }, "sims": { "active_sim": 2, "failover_status": "enabled", "sim1": { "iccid": "89148000004743232368", "carrier": "Verizon Wireless", "apn": "VZWINTERNET", "ip_type": "ipv4v6", "username": "", "imsi": "", "state": "present", "last_active": 1598222515038, "last_update": 1598222515038, "signal_strength": 94 }, "sim2": { "iccid": "89014103278929156118", "carrier": "AT&T Wireless Inc", "apn": "i2gold", "ip_type": "ipv4v6", "username": "", "imsi": "310410892915611", "state": "present", "last_active": 1598222515038, "last_update": 1598222515038, "signal_strength": 93 } } } } 404: description: Cellular modem was not found. body: application/json: type: errorString example: { "error": "No Cellular Modem detected" } /sims: type: base-type description: > Cell modem SIM status get: description: Retrieve the current SIM status. responses: 200: description: > Returns the current SIM status. body: application/json: type: getCellModemSimInfo example: { "cellmodem_sims": [ { "id": "cellmodem-sim-1", "active": true, "slot": 1, "iccid": "89148000004743232368", "carrier": "Verizon Wireless", "apn": "VZWINTERNET", "ip_type": "ipv4v6", "username": "", "imsi": "", "state": "present", "last_active": 1598222515038, "last_update": 1598222515038, "signal_strength": 94 }, { "id": "cellmodem-sim-2", "active": false, "slot": 2, "iccid": "89014103278929156118", "carrier": "AT&T Wireless Inc", "apn": "i2gold", "ip_type": "ipv4v6", "username": "", "imsi": "310410892915611", "state": "present", "last_active": 1598222515038, "last_update": 1598222515038, "signal_strength": 93 } ] } 404: description: Cellular modem was not found. body: application/json: type: errorString example: { "error": "No Cellular Modem detected" } /{id}: type: base-type description: | Retrieve the status information for a specific Cell Modem SIM get: responses: 200: body: application/json: type: getCellModemSimInfoResponseById /ipsec_tunnels: description: > Read and manipulate the IPsec tunnels on the NetOps Console Server appliance. type: base-type # ipsec_tunnels.getTunnelList get: description: > Get a list of the IPsec tunnels. displayName: getTunnels queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: body: application/json: type: getTunnelListResponse example: { "ipsec_tunnels": [ { id: "0", name: "tunnel", enabled: true, initiate: false, version: "IKEv2", keying_tries: 5, dpd_enabled: true, dpd_action: "trap", dpd_delay: 20, dpd_timeout: 80, phase1_rekey_time: 4, phase1_rekey_unit: "days", phase1_reauth_time: 4, phase1_reauth_unit: "weeks", phase1_random_time: 2, phase1_random_unit: "minutes", phase1_over_time: 10, phase1_over_unit: "hours", phase2_rekey_time: 1, phase2_rekey_unit: "weeks", phase2_random_time: 70, phase2_random_unit: "seconds", phase2_life_time: 22, phase2_life_unit: "hours", proposal: "default-pfs", phase1_proposal: "default", phase2_proposal: "aes128-aes192-aes256-sha256-sha384-sha512-sha1-aesxcbc-modp2048-modp3072-modp4096-modp6144-modp8192-ecp224-ecp256-ecp384-ecp521", phase2_proposal_type: "esp", local_id: "", remote_id: "", local_address: "192.168.126.77", remote_address: "192.168.121.5", encap: true, local_subnet: "", remote_subnet: "", auth_mode: "psk", shared_secret: "default", runtime_status: { established: false } }, { id: "1", name: "remote-tunnel", enabled: false, initiate: false, version: "IKEv2", keying_tries: 15, dpd_enabled: true, dpd_action: "clear", dpd_delay: 40, dpd_timeout: 70, phase1_rekey_time: 2, phase1_rekey_unit: "days", phase1_reauth_time: 5, phase1_reauth_unit: "weeks", phase2_rekey_time: 2, phase2_rekey_unit: "weeks", proposal: "3des-sha-modp1024", phase1_proposal: "3des-sha-modp1024", phase2_proposal: "3des-sha-modp1024", phase2_proposal_type: "esp", local_id: "", remote_id: "", local_address: "", remote_address: "192.168.126.77", encap: true, local_subnet: "", remote_subnet: "", auth_mode: "psk", shared_secret: "password2", runtime_status: { established: true } }, { id: "2", name: "tunnel-pki", enabled: false, initiate: false, version: "IKEv2", keying_tries: 15, dpd_enabled: true, dpd_action: "clear", dpd_delay: 40, dpd_timeout: 70, phase1_rekey_time: 2, phase1_rekey_unit: "days", phase1_reauth_time: 5, phase1_reauth_unit: "weeks", phase2_rekey_time: 2, phase2_rekey_unit: "seconds", proposal: "3des-sha-modp1024", phase1_proposal: "3des-sha-modp1024", phase2_proposal: "3des-sha-modp1024", phase2_proposal_type: "esp", local_id: "", remote_id: "", local_address: "", remote_address: "192.168.126.78", encap: true, local_subnet: "", remote_subnet: "", auth_mode: "pki", runtime_status: { established: true } }, ] } #ipsec_tunnels.post post: description: Add a new network tunnel to the NetOps Console Server appliance. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: putTunnelBody example: { "ipsec_tunnel": { name: "tunnel", enabled: true, initiate: false, version: "IKEv1", local_address: "192.168.126.77", remote_address: "192.168.121.5", shared_secret: "default" } } responses: 200: description: The tunnel \{id} settings was updated. body: application/json: type: getTunnelResponse example: { "ipsec_tunnel": { id: "0", name: "tunnel", enabled: true, initiate: false, version: "IKEv1", keying_tries: 0, dpd_enabled: true, dpd_action: "restart", dpd_delay: 60, dpd_timeout: 90, phase1_rekey_time: 4, phase1_rekey_unit: "hours", phase1_reauth_time: 0, phase1_reauth_unit: "seconds", phase2_rekey_time: 1, phase2_rekey_unit: "hours", proposal: "default", phase1_proposal: "default", phase2_proposal: "default", phase2_proposal_type: "esp", local_id: "", remote_id: "", local_address: "192.168.126.77", remote_address: "192.168.121.5", local_subnet: "", remote_subnet: "", auth_mode: "psk", shared_secret: "default", runtime_status: { established: false } } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: tunnel id parameter missing. /{id}: type: base-type description: | Retrieve or update configuration for a specific IPsec tunnel on the NetOps Console Server. # ipsec_tunnel.get get: description: > Get the configuration of an IPsec tunnel on the NetOps Console Server appliance. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: body: application/json: type: getTunnelResponse example: { "ipsec_tunnel": { id: "0", name: "tunnel", enabled: true, initiate: false, version: "IKEv1-aggressive", keying_tries: 10, dpd_enabled: true, dpd_action: "clear", dpd_delay: 40, dpd_timeout: 100, phase1_rekey_time: 3, phase1_rekey_unit: "hours", phase1_reauth_time: 0, phase1_reauth_unit: "seconds", phase2_rekey_time: 2, phase2_rekey_unit: "hours", proposal: "3des-md5-modp768", phase1_proposal: "3des-md5-modp768", phase2_proposal: "3des-md5-modp768", phase2_proposal_type: "esp", local_id: "me@test.net", remote_id: "", local_address: "192.168.126.77", remote_address: "192.168.121.5", local_subnet: "", remote_subnet: "", auth_mode: "psk", shared_secret: "default", runtime_status: { established: false } } } # ipsec_tunnel.put put: description: > Update settings for an IPsec tunnel on the NetOps Console Server appliance. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: putTunnelBody example: { "ipsec_tunnel": { name: "tunnel", enabled: true, initiate: false, version: "IKEv1", local_address: "192.168.126.77", remote_address: "192.168.121.5", local_subnet: "", remote_subnet: "", shared_secret: "default" } } responses: 200: description: The tunnel settings were updated. body: application/json: type: getTunnelResponse example: { "ipsec_tunnel": { id: "0", name: "tunnel", enabled: true, initiate: false, version: "IKEv1", keying_tries: 0, dpd_enabled: true, dpd_action: "restart", dpd_delay: 60, dpd_timeout: 90, phase1_rekey_time: 4, phase1_rekey_unit: "hours", phase1_reauth_time: 0, phase1_reauth_unit: "seconds", phase2_rekey_time: 1, phase2_rekey_unit: "hours", proposal: "default", phase1_proposal: "default", phase2_proposal: "default", phase2_proposal_type: "esp", local_id: "", remote_id: "", local_address: "192.168.126.77", remote_address: "192.168.121.5", local_subnet: "", remote_subnet: "", auth_mode: "psk", shared_secret: "default", runtime_status: { established: false } } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: tunnel id parameter missing. 404: description: > tunnel {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. #ipsec_tunnel.delete delete: displayName: deleteTunnel description: > Delete an IPsec tunnel on the NetOps Console Server appliance. responses: 204: description: Tunnel deleted 404: description: Tunnel did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec_tunnel with name or id 'system_net_ipsec-1'", "args": { "uuid": "system_net_ipsec-1" }, "level": 1 } ] } /ipsec: type: base-type description: > Read and manipulate files that are used by IPsec tunnels using Public Key Infrastructure (PKI) for authentication. /x509_bundles: description: > An x509 bundle is a collection of certificates stored in PKCS12 format. This bundle removes the need to upload individual certificates. type: base-type get: description: Get a list of x509 bundles stored on the device. displayName: getX509BundleListResponse queryParameters: secrets: type: string description: Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: description: The list of x509 bundles. body: application/json: type: getX509BundleListResponse example: { "x509_bundles": [ { id: "system_net_ipsec_files_x509_bundles-1", name: "bundle_1.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCBmh3XIDOI0NuoYnqtWDVBA==", timestamp: "2021-05-31T22:57:25+00:00" }, { id: "system_net_ipsec_files_x509_bundles-2", name: "bundle_2.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCj3iQ7nfaHR6qU8MBGapj4g==", timestamp: "2021-05-31T22:57:25+00:00" }, ] } post: description: Configure a new x509 bundle. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: postX509BundleBody example: { "x509_bundle": { name: "bundle.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCj3iQ7nfaHR6qU8MBGapj4g==" } } responses: 201: description: The x509 bundle /{id} settings was updated. body: application/json: type: getX509BundleResponse example: { "x509_bundle": { id: "system_net_ipsec_files_x509_bundles-1", name: "bundle.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCj3iQ7nfaHR6qU8MBGapj4g==", timestamp: "2021-05-31T22:57:25+00:00" } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. Incomplete data: x509 bundle parameter missing. /{id}: type: base-type description: Retrieve or update a single configured x509 bundle. get: description: Get a single configured x509 bundle by its ID. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: description: Get an x509 bundle. body: application/json: type: getX509BundleResponse example: { "x509_bundle": { id: "system_net_ipsec_files_x509_bundles-1", name: "bundle.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCj3iQ7nfaHR6qU8MBGapj4g==", timestamp: "2021-05-31T22:57:25+00:00" } } put: description: Set the configuration for an existing x509 bundle. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: postX509BundleBody example: { "x509_bundle": { name: "bundle.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCj3iQ7nfaHR6qU8MBGapj4g==", } } responses: 200: description: The x509 bundle settings were updated. body: application/json: type: getX509BundleResponse example: { "x509_bundle": { id: "system_net_ipsec_files_x509_bundles-1", name: "bundle.p12", content: "MIIMyQIBAzCCDI8GCSqGSIb3DQEHAaCCDIAEggx8MIIMeDCCBy8GCSqGSIb3DQEHBqCCByAwggccAgEAMIIHFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeJSe0WDoL8MCAggAgIIG6C3LA4m3OrKwWUEmZm4okKJnUSydP6uMMufkhNPf2/ntbC1GqsJO9DwyjEhAsKNqoXacAnR+W4DfZ3z8xu5SQ19wV9fmCYdYpAzsLwu4eMiV7fLR0ARzN/ngytxaDbtuIGt9+2xudJ/ESGtjVs8MPzEe234gv/k3lFMtQcM2iZBANfxF31Ozyb/aidW3mUWJPNl4Wb3gCE4rxPt5hjdOP/Fd9JAPxfHqWGyeMm7FWsbOHm6zWTrNtJGoXyePF6/p0sj9tpOVuckSdceIz2RIvTFIB/S7G7v45MyTFzCyNotL4kPIchkRuURJ11mh6votK8gfnDt18e7spe8HfMgQJWrNUJPh7niEjSOUFkhttG3V4VhI+cpPTQBhFyKL3hD3d8w1ifGFZy93LnVJURTRBqjUYukCi/OfE1NfgAPAkW8G4g5Pay6NmGpmtirIs3nYEH36MKP9EVh2CUFXfrL3WP+X/WzzrfntshISuEiQcBSNWL3wMBsOuQyJGoqAJM9d4OEkV+RXI3sHYZmO2uZkT7AUEZ6okFoFpwjcbzPo1/Yr0+GWugcjltdLtxC17CmfwNorYots0y+eKUFsihHLjreGNeDtwFRfhT+cj5crWggIGi7KyCVVsgi7d8hmbgk7tOMTfvSEMkZ869rZnt+a3Ta90KTgjUbaRw5DCKw44BuC27oDitJr37fhQB5g0BrwHjB/+yHKTBtcGy2yfflC6q8cdZgrQHCZAzK92eY6/BlnQB0uxjAgAOOh59RlOpsQ1ddzlvwEBiAm+pYl5VcYjUudqVIDq/61io0q8rWgDNu+VpqPi0ITtqgOD4s+iZDRI+kztK1rleJh9OUnzk01E9uOeZ7EeenygroEgeMn6sE9MWbYHntHf8Je2ljYSz0hHUUkqQQTf1JxXXbuM7ACopgrJIMJWH6Um333VhBTCFQ995Keview/VkQhyITKQks1+ndWeVTfHuSTd2NQQ/gwZLFCG+NZrNMr9vWe7joIIShbKyO4NrosTJkYGX5DJxXBC+pRsn9ugERjKdnn5p69ovKFXYA5y9F07iqGvU5+actdaSxTGx/6LMYT/lcqm6VvpcNEn/Sc7beuvjZfsWsxQvYm2SxQToqZzKmYh1vI6/HC8bDqDvWEI9FvV43HmMyENTXERl8ADhJcTjymzxTH7ZY9k69XvbkL4W9FFgtKglbINAyQo7L4277+C/dMTZMEE59PZnNIbuzUXZ3AJZDU+j6rtvUZdbefRtVEqs0bMmApVskMr+iuSIwCHTIymnJM6d6I44t32gb18v9mQLfyvkqgHjcEFLnB3c2wB9b7y1CpKJPVxPBteL3Gd2RIlOdyg57lJa4k0B1xOuwsqYYJugWQgBIHMjqxhmYcQ71o1QCLjJ5n8euZd/KsX6MvYcgDP2EYupfnM8m6kOKHPUMQC8JxcEY/Tjm2mcUyRyEo22sRyCBH7zk+IPDFZ5ww5PWjltNUMkayWf+GxdLsmbAYawpVCriGHC7V7L2gt2dhuVzjYL05S+TsDCsGQMOQI/NLmMKbKSJjEBYU/e8GK7xGguF95b/TMediw0nGWLmLbm9NFmAoiBNILqWZLrQeZYQy2rMFWB0R+OpFyFiexpVvxN+2k0U2D9EzwDriCiyDi+mRooC7Chvoj4ldrCH6XPS/PkWvWS1gh+mShKphT7eHsWSc9irAtUfi1L11OvxSbXEPtd62hmJjE4TQ+Y5TvjNeBN2YooO2zWNak0ouLYjHufU5Bx0nE/nBYRudtRFriCmraW0ucH7Tywysez7Ckwhk3fFKuAlUgFJP3xLjeFXS8x+FfAyddwLOHLJVwDrkC1my5Y3jfn9vaab7ywHxquWTfDSWEQdDf+Yu7/D+hqsAi2qSHwPgGFGRpua3YhFoCfKF9UDhNfJBZYbiYl7duQfkiU3whF5ABCid0XMMpM1x7EUeoQsmbNd4k/E+9p1SIfZ+9Ax4oDnL/AtcfapcBQ2dPnjLuF1AswtTSHIAv5FsDGSaPCHk+pD2S77jL9ln6KIZmxzw/8pzdLSvby0ANE0m+nTNBVavjz4EU20WbUEVXVJvWHa64/QR/1WDSM6EqT/9bnC5/EtFG2MGLbyt8tNQjujUffowS1BVU/QKtO1mKP6wkqq3BFpTt4VU8nZnHnWTv9l0d11qbCOvrXbVnKu21fQF8G0cFonZGuQxCs/9O99ffn5sDN1HxPa0a2UYczhImL8K/uJT8J7JpIhKRZm4VkdJM/fM/Jaek0n+9u1pXGb0Ikl71r7iXKdwxBngcUveWBsT3p4/1ySa+qrT4AmyRoOgHNx4WBW9RMfY3fwEtvpX1UxI7I7LkWiuGJ43sF5jcdUT7SeW0cwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI1W0hhU1AvikCAggABIIEyL5K7kZIU4Vb56/FqdrS0e4di5dal6VciBwGFstJVEMORkMEUgveaSInZbQGlO9rJSfk5crFMfI0SfznEdKOBQpYvyQYntm/YrJpp5pCXpo2FZh9luseGeh2wA38Gsq59dn4OWs7UGJSKGjSNcI9bGON9L2L25pbJCEFDPbxOJwDAad1gmSLydADaA8Yc0KTb9c0XrhtT8TZ8Ez+wKT6VGTLLinPClOnpD3JMLfcnxBQCzVs20Am8t0UXgaHlenWyh36zkpl6PfxqQJ4TEoDq1kjQASV3aPe0NwR3puI7za8wW7fLggyO0fC8FVMXPR/RmRNGBLi5+OpLwhTm/DI34CEYA2v78Nsb6g0HWX58qfeDrHfkHKjKv0uPcc6W1WmiMOJnylZ2WlKGk8Y+w/ehJqgZCpa16QzlT3/TJ3s8Twm9msFzMFK/6lHmCXtOA9YvFhp/D+hhZh16hsNzS9TuQ7d3HMAb2N1O610XiMOO6i5Mf6XyH5fVCw571A0oCnE+ieZCZoYyQaOSWd0r0qkPHFr9BlACrpkdgHVKCGji1oI10+QhLeUuVJgPbATavzQxKgrk/KXG4inH/gtKbdZ2sH35uZj22JrO/LAPQ608rfvQM28v/0dbY7/Ge8Oa49t82JJNMJwxQMG3wNTraj51+CnYMx9GsMoy+NAiMVkjrVP4RiawMk2M/mAqf4gbYb6q1l8iCearG1oNAK/6zdxH8b/uLq/PhxWPaT0BniJPbasEKyrzTJB2wlswwESROfiREDUClWG1djzsKI73Bn1NAtmKZUkQEFiozE69SBYRwXC/XqP5FZSY8bXZIdMm94aOkrohjxbeRRx+52Tu+uXe3S61G6vBowzuEbkqeXeFSOpXR62MYaOsVaniB9u2TwKUFliD5jpX+Z479wX6c4rHkNIiLerIYRg5iHC7/H9BbewGCZ9rbw00mOkTpOWf6C0ni2L7kmbxLl5IaHqyavNCSQkEuelK8YOq65U9TXWwBwfb8GCZOVMOWayG/nO4c0M1LfgsprYhbJUoF1V+4amrLrJbgEouUStEEgg5gHI//+2LiHX2gU2EydB9ne6m+h6lLpNDZjVgKhuJdHBy6jf4jGEpR694z341GEv6M4HZ4p4AVAx7LIvgS4FT2++GbPVThpZvzY/EL8M/yt0wUhWpOWnqO9YGqUapxCoGttSg24skTDsUfbU2ltf2giOSqFgOMIc9DgsKKqb5L6x+FTA0JzQrrSOSdfdKHM8Vus8uEF0REDFouH7CkbmtwRdHFjQuFeWRwnxtXnkhHA3riC21JJSt9awTK3CehbvpAd6iV2emFMmXDWtRVB5JGXKsfleb8ctVbcPArqX6Hv+uBZtFRdZC2yUVMvacaSylEZdNfSLC7BMRW1bQ6U1fcxrOy2Xrl5M2SlF3CpQ1u5eAOsWhIuwKqKBCZssDXxXgnKHgMPrInwLNm+pRI+/P7choUZUmPd9w+/WjpsMWBKLlTTzCHtfA3S6QMvTJor02TyGwETga2Lfe/FUHxRqd2cS8/oe70zQNVb47Lx4Rv0p+E6JaUm3SQZ//pCK/4c5so69y5BCazHPlON6o0WV8EcQNyjdrXn5XO3ZY06kBibZfnXzXRROKMz7YsthNzElMCMGCSqGSIb3DQEJFTEWBBTsTioxPc2KkCi5ohjqjZsUFRMlCDAxMCEwCQYFKw4DAhoFAAQUGenOqzXKjdA6z0DTAwsG/40AwrgECEigJt/JI2HMAgIIAA==", password: "TkcxJAAAABDz14VOkQ5K7qU+HmxBn6BCj3iQ7nfaHR6qU8MBGapj4g==", timestamp: "2021-05-31T22:57:25+00:00" } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: x509_bundle parameter missing. 404: description: x509_bundle {id} does not exist. delete: description: Delete an x509 Bundle. responses: 204: description: x509 bundle deleted. 404: description: x509 bundle did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_bundle with name or id 'x509_bundles-1000'", "args": { "uuid": "x509_bundles-1000" }, "level": 1 } ] } /x509_ca_certificates: type: base-type description: > Read, add, modify and delete Certificate Authority (CA) certificates used by IPsec tunnels using Public Key Infrastructure (PKI) for authentication get: description: Get a list of all configured CA certificates responses: 200: body: application/json: type: getCaCertificateListResponse example: { x509_ca_certificates: [ { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_ca_certificates-1", }, { name: "512b-rsa-example-request.der", content: "-----BEGIN CERTIFICATE----- MIIEFzCCAv+gAwIBAgIUETRacm1rXeNxAVKbjv1eKzV55KowDQYJKoZIhvcNAQEL BQAwgZoxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMREwDwYDVQQH DAhCcmlzYmFuZTEZMBcGA1UECgwQT3BlbmdlYXIgUHR5IEx0ZDENMAsGA1UECwwE TkdDUzEUMBIGA1UEAwwLRGF2aWQgQnVybnMxIzAhBgkqhkiG9w0BCQEWFGRhdmlk LmJ1cm5zQGRpZ2kuY29tMB4XDTIxMDUxMTAwMDY0OFoXDTIyMDUxMTAwMDY0OFow gZoxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApRdWVlbnNsYW5kMREwDwYDVQQHDAhC cmlzYmFuZTEZMBcGA1UECgwQT3BlbmdlYXIgUHR5IEx0ZDENMAsGA1UECwwETkdD UzEUMBIGA1UEAwwLRGF2aWQgQnVybnMxIzAhBgkqhkiG9w0BCQEWFGRhdmlkLmJ1 cm5zQGRpZ2kuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5LV/ qA57gwiDGHEw1wRKqpOuprPypX4giu3RBEzW6+nrlmK/08sgNOLHbjR8nQLfanGI hQHImGpW11hWNbI9na5XSYjbiAaGaasCfm67NQu+mdQrDAQ3q6LZ7s2afdex5XOw nzQvgbfvKdCKmeMll0DHe88u/FDi5FquFE2/NLqqFNx1WkDP/YFd8ZRWcyjSEcG6 IcKErsY6iZFW6ouoUXJlFB8FztYN8/+E4w96G7GGZTxDesDYUqQr0voeo7PK/njp 7GR8zINU7Msah0TWRPymUwCgCdJ6bMtWTEpCsCmtNpil4UombiNB+zFCayHpivfP EnP8M/XFt/UE9UPXAQIDAQABo1MwUTAdBgNVHQ4EFgQUQGvvNmeHR2GY2IJxxYHm mZilZh0wHwYDVR0jBBgwFoAUQGvvNmeHR2GY2IJxxYHmmZilZh0wDwYDVR0TAQH/ BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEARXJRnC623g3IgOPwftW4bWxAtghO jmlN/b9rn1Ka5hAJ2AlqJjeuIgDMd3cAXGsZ/LvqyTz4Z6ZDEg2uqsH5BXlUYt7Q 6SB6DYbnIxhw8PgDG5Je1TQerSJcOM87oMyO28ZiaDwQsjISML9BEK783FQ2mGj+ dXizJ5O2KonxJH9hkC2k0AI9YT7Xolb1CLQTqOsE4aYMQyU39Df3dFChOKeqBW8i HCMw+NKuKRJnW11lxIVS8YODx3kiGFroWBbfN99Wl9tCSoLmX2Myy9wflFOeIocE vo3lO39INFK+WdmP5z0YJ9U3I3Mowkvlu/KcvpZF+y7hVLmt67zOhXE/Kg== -----END CERTIFICATE-----", timestamp: "2021-03-12T20:43:39+00:00", id: "system_net_ipsec_x509_ca_certificate-2", }, ], } post: description: > Configure a new CA certificate body: application/json: type: postCaCertificateBody example: { x509_ca_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", } } responses: 201: body: application/json: type: getCaCertificateResponse example: { x509_ca_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_ca_certificates-1", } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. /{id}: description: | Retrieve or update a single configured CA. get: description: > Get a single configured CA by it ID responses: 200: body: application/json: type: getCaCertificateResponse example: { x509_ca_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_ca_certificates-3", } } 404: description: CA did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_ca_certificate with name or id 'x509_ca_certificates-1000'", "args": { "uuid": "x509_ca_certificates-1000" }, "level": 1 } ] } put: description: > Update a single configured CA body: application/json: type: postCaCertificateBody example: { x509_ca_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", } } responses: 200: body: application/json: type: getCaCertificateResponse example: { x509_ca_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_ca_certificates-5", } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. 404: description: CA did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_ca_certificate with name or id 'x509_ca_certificate-1000'", "args": { "uuid": "x509_ca_certificate-1000" }, "level": 1 } ] } delete: description: > Delete a CA responses: 204: description: CA deleted 404: description: CA did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_ca_certificate with name or id 'x509_ca_certificates-1000'", "args": { "uuid": "x509_ca_certificate-1000" }, "level": 1 } ] } /x509_crls: type: base-type description: > Read, add, modify and delete Certificate Revocation Lists for use by ipsec tunnels using Public Key Infrastucture (PKI) for authentication. get: description: Get a list of all configured CRLs responses: 200: body: application/json: type: getCrlFileListResponse example: { x509_crls: [ { name: "512b-rsa-example-request.pem", content: "-----BEGIN X509 CRL----- MIIBtjCBnwIBATANBgkqhkiG9w0BAQsFADA6MQswCQYDVQQGEwJDSDETMBEGA1UE ChMKc3Ryb25nU3dhbjEWMBQGA1UEAxMNVHVubmVsIFBLSSBDQRcNMjEwNjA0MDYx MTU1WhcNMjEwNjE5MDYxMTU1WjAAoC8wLTAfBgNVHSMEGDAWgBTCsezxD76B2m0e vLTp+AX42Tw7lTAKBgNVHRQEAwIBATANBgkqhkiG9w0BAQsFAAOCAQEAkJvZSk3X cnf423IVzJC1kwM8lMZJfX8Duz+PyqjPEOGW5U2kBkJn6fStXRRh/LnyvNAABfpk /51Iz8IJTEPwlcLnFvLQqqqJDsmSlZC4V3VwctcMg77gQLAm5oD1ljgv8RGTtGgZ flu1oQjvOVst0lw8lktH0ijjEFPkTfLOb5iCRSlG7+rCPrHjnzo1S20MCB/zOSbF z0gVAmTPCA8PMvsqnnZsN+1j8dwmF4h0hqiKAoB95xaHnUmuudvaNEGAyg3D9rqE YzIVOh2Ec47fomPc6d9rWPMb/Jjz04gGHUTLtmQEY3l2LNcxaMAGXOU2eykxrF8L F5Qi0ZjK1rXcEg== -----END X509 CRL-----", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_crls-1", }, { name: "512b-rsa-example-request.der", content: "MIIBBDCBrwIBADBKMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBsZS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAm/xmkHmEQrurE/0re/jeFRLl8ZPjBop7uLHhnia7lQG/5zDtZIUC3RVpqDSwBuw/NTweGyuP+o8AG98HxqxTBwIDAQABoAAwDQYJKoZIhvcNAQEFBQADQQByOV52Y17y8xw1V/xvru3rLPrVxYAXS5SgvNpfBsj38lNVtTvuH/MgroBgmjSpnqKqBiBDkoY2YUET2qmGjAu9Cg==", timestamp: "2021-03-12T20:43:39+00:00", id: "system_net_ipsec_files_x509_crls-2", }, ], } post: description: > Configure a new CRL file body: application/json: type: postCrlFileBody example: { x509_crl: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", } } responses: 201: body: application/json: type: getCrlFileResponse example: { x509_crl: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_crls-3", } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. /{id}: description: | Retrieve or update a single configured CRL. get: description: > Get a single configured CRL by it ID responses: 200: body: application/json: type: getCrlFileResponse example: { x509_crl: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_crls-1", } } 404: description: CRL did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_crl with name or id 'x509_crls-1000'", "args": { "uuid": "x509_crls-1000" }, "level": 1 } ] } put: description: > Update a single configured CRL body: application/json: type: postCrlFileBody example: { x509_crl: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", } } responses: 200: body: application/json: type: getCrlFileResponse example: { x509_crl: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", id: "system_net_ipsec_files_x509_crls-2", } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. 404: description: CRL did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_crl with name or id 'x509_crls-1000'", "args": { "uuid": "x509_crls-1000" }, "level": 1 } ] } delete: description: > Delete a CRL responses: 204: description: CRL deleted 404: description: CRL did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_crl with name or id 'x509_crls-1000'", "args": { "uuid": "x509_crls-1000" }, "level": 1 } ] } /private_keys: type: base-type description: > Read, add, modify and delete private keys. get: description: > Get a list of the configured private keys. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask", ] default: "cleartext" required: false responses: 200: body: application/json: type: getPrivateKeyListResponse example: { "private_keys": [ { id: "system_net_ipsec_files_private_keys-1", name: "512b-rsa-example-key.der", content: "MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOrQA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DSkQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0JBO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCNA24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Ywo=", password: "myprivatekeyspassword", timestamp: "2021-03-12T20:43:39+00:00", }, { id: "system_net_ipsec_files_private_keys-2", name: "512b-rsa-example-key.pem", content: "-----BEGIN RSA PRIVATE KEY----- MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSF At0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOr QA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DS kQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce 7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0J BO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCN A24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Yw== -----END RSA PRIVATE KEY-----", timestamp: "2021-03-12T20:43:39+00:00", } ] } post: description: > Configure a new private key. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate", ] default: "cleartext" required: false body: application/json: type: postPrivateKeyBody example: { private_key: { name: "512b-rsa-example-key.der", content: "MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOrQA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DSkQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0JBO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCNA24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Ywo=", password: "myprivatekeyspassword", } } responses: 201: body: application/json: type: getPrivateKeyResponse example: { private_key: { id: "system_net_ipsec_files_private_keys-1", name: "512b-rsa-example-key.der", content: "MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOrQA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DSkQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0JBO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCNA24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Ywo=", password: "myprivatekeyspassword", timestamp: "2021-03-12T20:43:39+00:00", } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: private key parameter missing. /{id}: description: | Retrieve or update a single configured private key. get: description: > Get a single configured private key by its ID. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask", ] default: "cleartext" required: false responses: 200: body: application/json: type: getPrivateKeyResponse example: { private_key: { id: "system_net_ipsec_files_private_keys-1", name: "512b-rsa-example-key.der", content: "MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOrQA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DSkQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0JBO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCNA24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Ywo=", password: "myprivatekeyspassword", timestamp: "2021-03-12T20:43:39+00:00", } } put: description: > Update a single configured private key. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate", ] default: "cleartext" required: false body: application/json: type: postPrivateKeyBody example: { private_key: { name: "512b-rsa-example-key.der", content: "MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOrQA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DSkQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0JBO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCNA24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Ywo=", password: "myprivatekeyspassword", } } responses: 200: body: application/json: type: getPrivateKeyResponse example: { private_key: { id: "system_net_ipsec_files_private_keys-1", name: "512b-rsa-example-key.der", content: "MIIBOwIBAAJBAJv8ZpB5hEK7qxP9K3v43hUS5fGT4waKe7ix4Z4mu5UBv+cw7WSFAt0Vaag0sAbsPzU8Hhsrj/qPABvfB8asUwcCAwEAAQJAG0r3ezH35WFG1tGGaUOrQA61cyaII53ZdgCR1IU8bx7AUevmkFtBf+aqMWusWVOWJvGu2r5VpHVAIl8nF6DSkQIhAMjEJ3zVYa2/Mo4ey+iU9J9Vd+WoyXDQD4EEtwmyG1PpAiEAxuZlvhDIbbce7o5BvOhnCZ2N7kYb1ZC57g3F+cbJyW8CIQCbsDGHBto2qJyFxbAO7uQ8Y0UVHa0JBO/g900SAcJbcQIgRtEljIShOB8pDjrsQPxmI1BLhnjD1EhRSubwhDw5AFUCIQCNA24pDtdOHydwtSB5+zFqFLfmVZplQM/g5kb4so70Ywo=", password: "myprivatekeyspassword", timestamp: "2021-03-12T20:43:39+00:00", } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: Private key parameter missing. 404: description: > Private key {id} does not exist. delete: description: > Delete a private key. responses: 204: description: Private key deleted.. 404: description: Private key did not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/private_key with name or id 'private_keys-1000'", "args": { "uuid": "private_keys-1000" }, "level": 1 } ] } /x509_certificates: type: base-type description: > Read, add, modify and delete x509 certificates (also known as Entity Certificates). get: description: > Get a list of the configured x509 certificates. responses: 200: body: application/json: type: getX509CertificateListResponse example: { "x509_certificates": [ { id: "system_net_ipsec_files_x509_certificates-1", name: "512b-rsa-example-cert-base64.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUNFakNDQVhzQ0FnMzZNQTBHQ1NxR1NJYjNEUUVCQlFVQU1JR2JNUXN3Q1FZRFZRUUdFd0pLVURFT01Bd0cKQTFVRUNCTUZWRzlyZVc4eEVEQU9CZ05WQkFjVEIwTm9kVzh0YTNVeEVUQVBCZ05WQkFvVENFWnlZVzVyTkVSRQpNUmd3RmdZRFZRUUxFdzlYWldKRFpYSjBJRk4xY0hCdmNuUXhHREFXQmdOVkJBTVREMFp5WVc1ck5FUkVJRmRsCllpQkRRVEVqTUNFR0NTcUdTSWIzRFFFSkFSWVVjM1Z3Y0c5eWRFQm1jbUZ1YXpSa1pDNWpiMjB3SGhjTk1USXcKT0RJeU1EVXlOalUwV2hjTk1UY3dPREl4TURVeU5qVTBXakJLTVFzd0NRWURWUVFHRXdKS1VERU9NQXdHQTFVRQpDQXdGVkc5cmVXOHhFVEFQQmdOVkJBb01DRVp5WVc1ck5FUkVNUmd3RmdZRFZRUUREQTkzZDNjdVpYaGhiWEJzClpTNWpiMjB3WERBTkJna3Foa2lHOXcwQkFRRUZBQU5MQURCSUFrRUFtL3hta0htRVFydXJFLzByZS9qZUZSTGwKOFpQakJvcDd1TEhobmlhN2xRRy81ekR0WklVQzNSVnBxRFN3QnV3L05Ud2VHeXVQK284QUc5OEh4cXhUQndJRApBUUFCTUEwR0NTcUdTSWIzRFFFQkJRVUFBNEdCQUJTMlRMdUJlVFBtY2FUYVVXL0xDQjJOWU95OEdNZHpSMW14CjhpQkl1Mkg2L0UydGlZM1JJZXZWMk9XNjFxWTIvWFJRZzdZUHh4M2ZmZVV1Z1g5RjRKL2lQbm51MXpBeHh5QnkKMlZndUt2NFNXalJGb1JrSWZJbEhYMHFWdmlNaFNsTnkyaW9GTHk3SmNQWmIrdjNmdERHeXdVcWNCaVZEb2VhMApIbitHbXhaQQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==", timestamp: "2021-03-12T20:43:39+00:00", }, { id: "system_net_ipsec_files_x509_certificates-2", name: "512b-rsa-example-cert-base64.der", content: "MIICEjCCAXsCAg36MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwGA1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNEREMRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdlYiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIwODIyMDUyNjU0WhcNMTcwODIxMDUyNjU0WjBKMQswCQYDVQQGEwJKUDEOMAwGA1UECAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBsZS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAm/xmkHmEQrurE/0re/jeFRLl8ZPjBop7uLHhnia7lQG/5zDtZIUC3RVpqDSwBuw/NTweGyuP+o8AG98HxqxTBwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBABS2TLuBeTPmcaTaUW/LCB2NYOy8GMdzR1mx8iBIu2H6/E2tiY3RIevV2OW61qY2/XRQg7YPxx3ffeUugX9F4J/iPnnu1zAxxyBy2VguKv4SWjRFoRkIfIlHX0qVviMhSlNy2ioFLy7JcPZb+v3ftDGywUqcBiVDoea0Hn+GmxZACg==", timestamp: "2021-03-12T20:43:39+00:00", }, { id: "system_net_ipsec_files_x509_certificates-3", name: "512b-rsa-example-cert.pem", content: "-----BEGIN CERTIFICATE----- MIICEjCCAXsCAg36MA0GCSqGSIb3DQEBBQUAMIGbMQswCQYDVQQGEwJKUDEOMAwG A1UECBMFVG9reW8xEDAOBgNVBAcTB0NodW8ta3UxETAPBgNVBAoTCEZyYW5rNERE MRgwFgYDVQQLEw9XZWJDZXJ0IFN1cHBvcnQxGDAWBgNVBAMTD0ZyYW5rNEREIFdl YiBDQTEjMCEGCSqGSIb3DQEJARYUc3VwcG9ydEBmcmFuazRkZC5jb20wHhcNMTIw ODIyMDUyNjU0WhcNMTcwODIxMDUyNjU0WjBKMQswCQYDVQQGEwJKUDEOMAwGA1UE CAwFVG9reW8xETAPBgNVBAoMCEZyYW5rNEREMRgwFgYDVQQDDA93d3cuZXhhbXBs ZS5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAm/xmkHmEQrurE/0re/jeFRLl 8ZPjBop7uLHhnia7lQG/5zDtZIUC3RVpqDSwBuw/NTweGyuP+o8AG98HxqxTBwID AQABMA0GCSqGSIb3DQEBBQUAA4GBABS2TLuBeTPmcaTaUW/LCB2NYOy8GMdzR1mx 8iBIu2H6/E2tiY3RIevV2OW61qY2/XRQg7YPxx3ffeUugX9F4J/iPnnu1zAxxyBy 2VguKv4SWjRFoRkIfIlHX0qVviMhSlNy2ioFLy7JcPZb+v3ftDGywUqcBiVDoea0 Hn+GmxZA -----END CERTIFICATE-----", timestamp: "2021-03-12T20:43:39+00:00", } ] } post: description: > Configure a new x509 certificate. body: application/json: type: postX509CertificateBody example: { x509_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", } } responses: 201: body: application/json: type: getX509CertificateResponse example: { x509_certificate: { id: "system_net_ipsec_files_x509_certificates-1", name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: x509 certificate parameter missing. /{id}: description: | Retrieve or udpate a single configured x509 certificate. get: description: > Get a single configured x509 certificate by its ID. responses: 200: body: application/json: type: getX509CertificateResponse example: { x509_certificate: { id: "system_net_ipsec_files_x509_certificates-1", name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", } } put: description: > Update a single configured x509 certificate. body: application/json: type: postX509CertificateBody example: { x509_certificate: { name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", } } responses: 200: body: application/json: type: getX509CertificateResponse example: { x509_certificate: { id: "system_net_ipsec_files_x509_certificates-1", name: "512b-rsa-example-request.pem", content: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURSBSRVFVRVNULS0tLS0KTUlJQkJEQ0Jyd0lCQURCS01Rc3dDUVlEVlFRR0V3SktVREVPTUF3R0ExVUVDQXdGVkc5cmVXOHhFVEFQQmdOVgpCQW9NQ0VaeVlXNXJORVJFTVJnd0ZnWURWUVFEREE5M2QzY3VaWGhoYlhCc1pTNWpiMjB3WERBTkJna3Foa2lHCjl3MEJBUUVGQUFOTEFEQklBa0VBbS94bWtIbUVRcnVyRS8wcmUvamVGUkxsOFpQakJvcDd1TEhobmlhN2xRRy8KNXpEdFpJVUMzUlZwcURTd0J1dy9OVHdlR3l1UCtvOEFHOThIeHF4VEJ3SURBUUFCb0FBd0RRWUpLb1pJaHZjTgpBUUVGQlFBRFFRQnlPVjUyWTE3eTh4dzFWL3h2cnUzckxQclZ4WUFYUzVTZ3ZOcGZCc2ozOGxOVnRUdnVIL01nCnJvQmdtalNwbnFLcUJpQkRrb1kyWVVFVDJxbUdqQXU5Ci0tLS0tRU5EIENFUlRJRklDQVRFIFJFUVVFU1QtLS0tLQo=", timestamp: "2020-04-06 04:16:49.179388+00:00", } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: X509 certificate parameter missing. 404: description: > X509 Certificate {id} does not exist. delete: description: > Delete an x509 certificate. responses: 204: description: X509 certificate deleted. 404: description: X509 certificate did not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find ipsec/x509_certificate with name or id 'x509_certificates-1000'", "args": { "uuid": "x509_certificates-1000" }, "level": 1 } ] } /pdus: type: base-type description: > Configure, monitor and control PDUs connected to the device. get: description: > Get a list of all configured PDUs. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: body: application/json: type: PDUList example: { "pdus": [ { "id": "pdus-1", "name": "ServerTech PDU", "driver": { "id": "servertech", "name": "Servertech driver", }, "monitor": true, "method": "snmp", "outlet_count": 2, "outlets": [ { "id": "outlets-1", "number": 1, "name": "servertech outlet 1", "port": "serial/by-opengear-id/port07", "status": "on", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "on", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, { "id": "outlets-2", "number": 2, "name": "servertech outlet 2", "port": "serial/by-opengear-id/port08", "status": "off", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "off", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, ], "snmp": { "id": "snmp-1", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "engine_id": "0x80001f8803555000000000", "version": "3", "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "address": "snmp.example.com", "port": 167, } }, { "id": "pdus-2", "name": "apc PDU", "driver": { "id": "apcpdu4", "name": "APC 24 Port (AP7998) PDU" }, "monitor": true, "method": "powerman", "outlet_count": 2, "outlets": [ { "id": "outlets-3", "number": 1, "name": "apc outlet 1", "port": "serial/by-opengear-id/port08", "status": "on", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "on", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, { "id": "outlets-4", "number": 2, "name": "apc outlet 2", "port": "serial/by-opengear-id/port09", "status": "off", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "off", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, ], "powerman": { "id": "powerman-1", "username": "admin", "password": "password", "port": "serial/by-opengear-id/port01", } }, { "id": "pdus-2", "name": "shell PDU", "monitor": true, "driver": { "id": "apc_pdu", "name": "APC PDU" }, "method": "shell", "outlet_count": 2, "outlets": [ { "id": "outlets-5", "number": 1, "name": "shell outlet 1", "port": "serial/by-opengear-id/port03", "status": "on", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "on", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, { "id": "outlets-4", "number": 2, "name": "shell outlet 2", "port": "serial/by-opengear-id/port04", "status": "off", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "off", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, ], "shell": { "id": "shell-1", "username": "admin", "password": "password", "port": "serial/by-opengear-id/port02", } }, ], } post: description: > Add a new PDU. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: setPDU example: { "pdu": { "name": "example", "driver": { "id": "apc24", "name": "apc_24_port_(ap7998)", }, "monitor": true, "method": "powerman", "powerman": { "username": "user1", "password": "password", "port": "serial/by-opengear-id/port01" } } } responses: 200: body: application/json: type: PDUId example: { "pdu": { "id": "pdus-1", "name": "example", "driver": { "id": "apc_24_port_(ap7998)", "name": "APC 24 port - AP7998" }, "monitor": true, "method": "powerman", "powerman": { "id": "powerman-1", "username": "user1", "password": "password", "port": "serial/by-opengear-id/port01" }, "outlets": [ { "id": "outlets-1", "number": 1, "name": "shell outlet 1", "port": "serial/by-opengear-id/port03", "status": "on", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "on", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, { "id": "outlets-2", "number": 2, "name": "shell outlet 2", "port": "serial/by-opengear-id/port04", "status": "off", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", }, ] } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. /{id}: description: | Retrieve or update a specific PDU. get: description: > Get a PDU by id. queryParameters: secrets: type: string description: > Returns sensitive fields displayed as either cleartext, obfuscated or masked values. enum: [ "cleartext", "obfuscate", "mask" ] default: "cleartext" required: false responses: 200: body: application/json: type: PDUId example: { "pdu": { "id": "pdus-1", "name": "ServerTech PDU", "driver": { "id": "servertech", "name": "Servertech PDU", }, "monitor": true, "method": "snmp", "outlet_count": 2, "outlets": [ { "id": "outlets-1", "number": 1, "name": "servertech outlet 1", "port": "serial/by-opengear-id/port07", "status": "on", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "on", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, { "id": "outlets-2", "number": 2, "name": "servertech outlet 2", "port": "serial/by-opengear-id/port08", "status": "off", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", "last_action": "off", "last_action_timestamp": "2020-04-06 04:15:09.149994+00:00", }, ], "snmp": { "id": "snmp-1", "protocol": "UDP", "community": "secret", "auth_protocol": "SHA", "engine_id": "0x80001f8803555000000000", "version": "3", "privacy_protocol": "DES", "security_level": "noAuthNoPriv", "address": "snmp.example.com", "port": 167, }, }, } 404: description: > No PDU found with that ID. put: description: > Update an existing PDU. queryParameters: secrets: type: string description: > Accepts sensitive fields as either cleartext or obfuscated values. The response will display the sensitive fields in the same way. enum: [ "cleartext", "obfuscate" ] default: "cleartext" required: false body: application/json: type: setPDU example: { "pdu": { "name": "example", "driver": { "id": "apc24", "name": "apc_24_port_(ap7998)", }, "monitor": true, "method": "powerman", "powerman": { "username": "user1", "password": "password", "port": "serial/by-opengear-id/port01" }, } } responses: 200: body: application/json: type: PDUId example: { "pdu": { "id": "pdu-1", "name": "example", "driver": { "id": "apc_24_port_(ap7998)", "name": "APC 24 port - AP7998" }, "monitor": true, "method": "powerman", "powerman": { "id": "powerman-1", "username": "user1", "password": "passwords", "port": "serial/by-opengear-id/port01" }, "outlets": [ { "id": "outlets-1", "number": 1, "name": shell outlet 1", "port": "serial/by-opengear-id/port03", "status": "on", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", }, { "id": "outlets-2", "number": 2, "name": shell outlet 2", "port": "serial/by-opengear-id/port04", "status": "off", "status_timestamp": "2020-04-06 04:16:49.179388+00:00", }, ] } } 400: description: > Invalid request: Body is not json or does not conform to required json schema. Incomplete data: PDU id parameter missing. 404: description: PDU did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find pdu with name or id 'pdu-1'", "args": { "uuid": "pdu-1" }, "level": 1 } ] } delete: description: > Delete a PDU. responses: 204: description: PDU deleted 404: description: PDU did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find pdu with name or id 'pdu-1'", "args": { "uuid": "pdu-1" }, "level": 1 } ] } /drivers: type: base-type description: > Read PDU driver list get: description: > Get a list of the PDU drivers. [visible:never] responses: 200: body: application/json: type: getPDUDriverListResponse example: { "driver_list": { "powerman_list": [ {"id":"apcpdu4","name":"APC 24 Port (AP7998) PDU"}, {"id":"apcpdu","name":"APC 24 Port Switched Rack PDU (APPv2.6.5\/AOSv2.6.4)"}, {"id":"apcpdu3","name":"APC 24 Port Switched Rack PDU (APPv3.3.3\/AOSv3.4.4)"} ], "shell_list": [ {"id":"apc_pdu","name":"APC PDU"}, {"id":"apc_pdu_ap8953_ap8959_(appv6.4.6-aosv6.4.6)","name":"APC PDU AP8953 AP8959 (APPv6.4.6\/AOSv6.4.6)"}, {"id":"apc_pdu_ap8959_(appv5.1.6-aosv5.1.9)","name":"APC PDU AP8959 (APPv5.1.6\/AOSv5.1.9)"} ], "snmp_list": [ {"id":"apc","name":"SNMP Controlled APC PDU"}, {"id":"avocent","name":"SNMP Controlled Avocent PDU"}, ] } } /auto_response: description: > Read and manipulate information pertaining to the Auto-Response system running on the NetOps Console Server appliance. /beacons: type: base-type # auto_response_beacons.getAutoResponseBeacons description: > Read and manipulate the Auto-Response beacons on the NetOps Console Server appliance. get: description: > Get a list of the Auto-Response Beacons. # displayName: getAutoResponseBeacon responses: 200: body: application/json: type: getAutoResponseBeaconListResponse example: { "beacons": [ { id: "0", name: "wtmp-beacon", description: "Description for the wtmp beacon", module: "wtmp", interval: 60, enable: true, wtmp: { login: true, logout: true }, actions: [], dependant_keys_any: [], dependant_keys_all: [] }, { id: "1", name: "custom-beacon", module: "custom_cmd", interval: 60, enable: true, custom_cmd: { shell_command: "/usr/bin/top -n 5 | grep ssh", timeout: 5 }, actions: [ { action: "auto_response_reactions-7", resolution_values: [ "trigger", "resolve" ] }, ], dependant_keys_any: [], dependant_keys_all: [] } ], meta: { total_pages: "1" } } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } #auto_response_beacons.post post: description: Add a new Auto-Response beacon to the NetOps Console Server appliance. body: application/json: type: setAutoResponseBeacon example: { "auto_response_beacon": { name: "wtmp-beacon", description: "The description for this wtmp beacon", module: "wtmp", interval: 60, enable: true, wtmp: { login: true, logout: true }, actions: [ { action: "auto_response_reactions-7", resolution_values: [ "trigger", "resolve" ] }, ], dependant_keys_any: [], dependant_keys_all: [] } } responses: 200: description: The beacon was added. body: application/json: type: getAutoResponseBeaconResponse example: { "auto_response_beacon": { id: "0", name: "wtmp-beacon", description: "The description for this wtmp beacon", module: "wtmp", interval: 60, enable: true, wtmp: { login: true, logout: true }, actions: [], dependant_keys_any: [], dependant_keys_all: [] } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: beacon id parameter missing. 404: description: > Beacon {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. delete: description: Bulk delete a list of beacons defined for the NetOps Console Server appliance. body: application/json: type: bulkDeleteAutoResponseBeaconList example: { "auto_response_beacon": [ "auto_response_beacon-1", "auto_response_beacon-5", ] } responses: 204: description: All beacons were deleted successfully. 400: description: Invalid request body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } 404: description: Beacon(s) do not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find auto_response/beacon with name or id 'auto_response_beacon-5'", "args": { "uuid": "auto_response_beacon-5" }, "level": 1 } ] } /{id}: type: base-type description: | Retrieve or update configuration for a specific Auto-Response beacon. # auto_response_beacon.get get: description: > Get the configuration of an Auto-Response beacon on the NetOps Console Server appliance. responses: 200: body: application/json: type: getAutoResponseBeaconResponse example: { "auto_response_beacon": { id: "0", name: "wtmp-beacon", description: "The description for this wtmp beacon", module: "wtmp", interval: 60, enable: true, wtmp: { login: true, logout: true }, actions: [], dependant_keys_any: [], dependant_keys_all: [] } } # auto_response_beacon.put put: description: > Update settings for an Auto-Response beacon on the NetOps Console Server appliance. body: application/json: type: setAutoResponseBeacon example: { "auto_response_beacon": { name: "wtmp-beacon", description: "The description for this wtmp beacon", module: "wtmp", interval: 60, enable: true, wtmp: { login: true, logout: true }, actions: [], dependant_keys_any: [], dependant_keys_all: [] } } responses: 200: description: The beacon settings were updated. body: application/json: type: getAutoResponseBeaconResponse example: { "auto_response_beacon": { id: "0", name: "wtmp-beacon", description: "The description for this wtmp beacon", module: "wtmp", interval: 60, enable: true, wtmp: { login: true, logout: true }, actions: [], dependant_keys_any: [], dependant_keys_all: [] } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: beacon id parameter missing. 404: description: > beacon {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. # auto_response_beacon.delete delete: displayName: deleteBeacon description: > Delete an Auto-Response beacon on the NetOps Console Server appliance. responses: 204: description: Beacon deleted 404: description: Beacon did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find auto_response/beacon with name or id 'services_autoresponse_beacon-1'", "args": { "uuid": "services_autoresponse_beacon-1" }, "level": 1 } ] } /reactions: type: base-type # auto_response_reactions.getAutoResponseReactions description: > Read and manipulate the Auto-Response reactions on the NetOps Console Server appliance. get: description: > Get a list of the Auto-Response Reactions. # displayName: getAutoResponseReactions responses: 200: body: application/json: type: getAutoResponseReactionListResponse example: { "reactions": [ { id: "0", name: "slack-reaction", sub_type: "slack", slack: { channels: [ "#here", "#there" ], message: "Example test message", from_name: "me@here.com", api_key: "key123" } }, { id: "1", name: "cell_message-reaction", sub_type: "cell_message_react", cell_message_react: { phone_numbers: [ "15551234", "15554321" ], message: "Example SMS text" } } ], meta: { total_pages: "1" } } 400: description: Invalid request, missing or incorrect page/per_page body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } #auto_response_reactions.post post: description: Add a new Auto-Response reaction to the NetOps Console Server appliance. body: application/json: type: setAutoResponseReaction example: { "auto_response_reaction": { name: "slack-reaction", sub_type: "slack", slack: { channels: [ "#here", "#there" ], message: "Example test message", from_name: "me@here.com", api_key: "key123" } } } responses: 200: description: The reaction was added. body: application/json: type: getAutoResponseReactionResponse example: { "auto_response_reaction": { id: "0", name: "slack-reaction", sub_type: "slack", slack: { channels: [ "#here", "#there" ], message: "Example test message", from_name: "me@here.com", api_key: "key123" } } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: reaction id parameter missing. 404: description: > Reaction {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. delete: description: Bulk delete a list of reactions defined for the NetOps Console Server appliance. body: application/json: type: bulkDeleteAutoResponseReactionList example: { "auto_response_reaction": [ "auto_response_reaction-1", "auto_response_reaction-5", ] } responses: 204: description: All reactions were deleted successfully. 400: description: Invalid request body: application/json: type: error example: { "error": [ { type: 4, "code": 39, "level": 1, "text": "Invalid request body", "args": {}, } ] } 404: description: Reaction(s) do not exist. body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find auto_response/reaction with name or id 'auto_response_reaction-5'", "args": { "uuid": "auto_response_reaction-5" }, "level": 1 } ] } /{id}: type: base-type description: | Retrieve or update configuration for a specific Auto-Response reaction. # reaction.get get: description: > Get the configuration of an Auto-Response reaction on the NetOps Console Server appliance. responses: 200: body: application/json: type: getAutoResponseReactionResponse example: { "auto_response_reaction": { id: "0", name: "slack-reaction", sub_type: "slack", slack: { channels: [ "#here", "#there" ], message: "Example test message", from_name: "me@here.com", api_key: "key123" } } } # reaction.put put: description: > Update settings for an Auto-Response reaction on the NetOps Console Server appliance. body: application/json: type: setAutoResponseReaction example: { "auto_response_reaction": { name: "slack-reaction", sub_type: "slack", slack: { channels: [ "#here", "#there" ], message: "Example test message", from_name: "me@here.com", api_key: "key123" } } } responses: 200: description: The reaction settings were updated. body: application/json: type: getAutoResponseReactionResponse example: { "auto_response_reaction": { id: "0", name: "slack-reaction", sub_type: "slack", slack: { channels: [ "#here", "#there" ], message: "Example test message", from_name: "me@here.com", api_key: "key123" } } } 400: description: > Invalid request: body is not json or does not conform to required json schema. Incomplete data: reaction id parameter missing. 404: description: > reaction {id} does not exist. Attempted to change read only fields. Attempted to change unknown fields. #reaction.delete delete: displayName: deleteReaction description: > Delete an Auto-Response reaction on the NetOps Console Server appliance. responses: 204: description: Reaction deleted 404: description: Reaction did not exist body: application/json: example: { "error": [ { type: 5, "code": 29, "text": "Could not find auto_response/reaction with name or id 'services_autoresponse_reaction-1'", "args": { "uuid": "services_autoresponse_reaction-1" }, "level": 1 } ] } /status: type: base-type # auto_response.getAutoResponseStatus description: > Read the AutoResponse Status on the NetOps Console Server appliance. get: description: > Get the status of the Auto-Response Beacons. queryParameters: eventLines: description: The number of event lines to fetch - min 0. type: integer required: false default: 50 # displayName: getAutoResponseStatus responses: 200: body: application/json: type: getAutoResponseStatus example: { auto_response_status: { "beacons": [ { id: "0", name: "wtmp-beacon", module: "wtmp", trigger_count: 0, last_triggered: "", beacon_data: {}, events: [] }, { id: "1", name: "curl-beacon", module: "curl", trigger_count: 1, last_triggered: "2020-01-16T20:22:14.477327", beacon_data: { "cmd": [ "/usr/bin/curl", "--max-time", "3", "--request", "GET", "http://www.google.com" ], "exit_status": 0, "timeout": 5, "_stamp": "2020-01-16T20:22:14.477327", "id": "22161907057534", "result": "success" }, events: [ { "beacon_data": { "cmd": [ "/usr/bin/curl", "--max-time", "3", "--request", "GET", "http://www.google.com" ], "exit_status": 0, "timeout": 5, "_stamp": "2020-01-16T20:22:14.477327", "id": "22161907057534", "result": "success" }, "beacon_id": "auto_response_beacons-1", "timestamp": "2020-01-16T20:22:14.477327", "beacon_name": "curl-beacon" }, { "timestamp": "2020-01-16T20:22:14", "beacon_id": "auto_response_beacons-1", "reactor_id": "auto_response_reactions-1", "reactor_type": "custom_command", "reactor_name": "custom cmd reaction test", "beacon_tag": "salt/beacon/22481809000004/curl-beacon/", "beacon_name": "curl-beacon", "reactor_filename": "reactor_0_0.py" }, ], } ], } } 400: description: > Number of eventLines is not a positive number. /beacons: type: base-type description: > Read the status of Auto-Response beacons on the NetOps Console Server appliance. /{id}: type: base-type get: description: > Get the status of the Auto-Response Beacon queryParameters: eventLines: description: The number of event lines to fetch - min 0. type: integer required: false default: 50 responses: 200: body: application/json: type: getAutoResponseBeaconStatus example: { "auto_response_status": { id: "1", name: "curl-beacon", module: "curl", trigger_count: 1, last_triggered: "2020-01-16T20:22:14.477327", beacon_data: { "cmd": [ "/usr/bin/curl", "--max-time", "3", "--request", "GET", "http://www.google.com" ], "exit_status": 0, "timeout": 5, "_stamp": "2020-01-16T20:22:14.477327", "id": "22161907057534", "result": "success" }, events: [ { "beacon_data": { "cmd": [ "/usr/bin/curl", "--max-time", "3", "--request", "GET", "http://www.google.com" ], "exit_status": 0, "timeout": 5, "_stamp": "2020-01-16T20:22:14.477327", "id": "22161907057534", "result": "success" }, "beacon_id": "auto_response_beacons-1", "timestamp": "2020-01-16T20:22:14.477327", "beacon_name": "curl-beacon" }, { "timestamp": "2020-01-16T20:22:14", "beacon_id": "auto_response_beacons-1", "reactor_id": "auto_response_reactions-1", "reactor_type": "custom_command", "reactor_name": "custom cmd reaction test", "beacon_tag": "salt/beacon/22481809000004/curl-beacon/", "beacon_name": "curl-beacon", "reactor_filename": "reactor_0_0.py" }, ] } } 400: description: > Number of eventLines is not a positive number. 404: description: > beacon {id} does not exist. /beacon-modules: type: base-type # auto_response.getAutoResponseStatusBeaconModules description: > Read the AutoResponse Status of Beacon Modules on the NetOps Console Server appliance. get: description: > Get all the Beacon Modules and their resolution values that can be used to filter beacon events. # displayName: getAutoResponseStatusBeaconModules responses: 200: body: application/json: type: getAutoResponseStatusBeaconModules example: { "beacon-modules": [ { "module": "ping", "resolution_values": [ "trigger", "resolve" ] }, { "module": "cell_message", "resolution_values": [] }, { "module": "network", "resolution_values": [] }, { "module": "serial_signal", "resolution_values": [] }, { "module": "mem", "resolution_values": [] }, { "module": "cell_signal_strength", "resolution_values": [ "trigger", "resolve" ] }, { "module": "custom_cmd", "resolution_values": [ "trigger", "resolve" ] }, { "module": "serial_pattern", "resolution_values": [] }, { "module": "curl", "resolution_values": [ "trigger", "resolve" ] }, { "module": "cell_connection", "resolution_values": [] }, { "module": "serial_login", "resolution_values": [] }, { "module": "btmp", "resolution_values": [] }, { "module": "load", "resolution_values": [] }, { "module": "wtmp", "resolution_values": [] }, ] } /{beacon-module}: type: base-type description: | Get the status of a specific Auto-Response beacon module. get: responses: 200: body: application/json: type: getAutoResponseStatusBeaconByModule example: { "beacon-module": { "module": "ping", "resolution_values": [ "trigger", "resolve" ] } } /ip_passthrough: type: base-type description: | IP Passthrough endpoints are for retrieving / changing IP Passthrough settings. get: description: Retrieve the current IP Passthrough settings. responses: 200: description: > Returns the current IP Passthrough settings.
body: application/json: type: ipPassthrough examples: example1: { "ip_passthrough": { "enabled": false, "passthrough_physif": "net1", "mac_address": None, "service_intercepts": { "https": 0, "ssh": 0 }, } } example2: { "ip_passthrough": { "enabled": true, "passthrough_physif": "net2", "mac_address": "00:e0:4c:12:93:8d", "service_intercepts": { "https": 5511, "ssh": 0 }, } } put: description: Set the IP Passthrough settings. body: application/json: type: ipPassthrough examples: example1: { "ip_passthrough": { "enabled": true, "passthrough_physif": "net1", "mac_address": "00:e0:4c:12:93:8d", "service_intercepts": { "https": 8443, "ssh": 8222, "allowlist": ["10.0.0.0/24"], "blocklist": ["10.2.3.200"], }, } } example2: { "ip_passthrough": { "enabled": false, "passthrough_physif": "net2", "service_intercepts": { }, } } responses: 200: description: Returns the current IP Passthrough settings. body: application/json: type: ipPassthrough examples: example1: { "ip_passthrough": { "enabled": true, "passthrough_physif": "net1", "mac_address": "00:e0:4c:12:93:8d", "service_intercepts": { "https": 8443, "ssh": 8222 }, } } example2: { "ip_passthrough": { "enabled": false, "passthrough_physif": "net2", "mac_address": None, "service_intercepts": { "https": 0, "ssh": 0 }, } } /status: type: base-type description: The IP Passthrough status endpoint provides information about what part of the IP Passthrough connection process the device is currently at and information about the connected downstream device. get: description: Retrieve the current IP Passthrough status. responses: 200: description: This response object provides information about the current status of the IP Passthrough connection and the connected downstream device.
body: application/json: type: ipPassthroughStatus examples: example1: { "ip_passthrough_status": { "status": "active", "downstream_ip": "100.120.10.1", "downstream_mac": "01:02:03:04:05:06" } } example2: { "ip_passthrough_status": { "status": "connecting", "downstream_ip": '', "downstream_mac": '' } } example3: { "ip_passthrough_status": { "status": "cell_not_active", "downstream_ip": '', "downstream_mac": '' } } example4: { "ip_passthrough_status": { "status": "disabled", "downstream_ip": '', "downstream_mac": '' } } /access_rights: type: base-type description: > An access right is a permit granting the holder access to a feature or collection of related features. get: description: > Get a list of all known access rights. responses: 200: body: application/json: type: getAccessRights example: { "access_rights": [ { "description": "Administrator right providing full access.", "name": "admin", "label": "Administrator" }, { "description": "Permits access to the Web UI.", "name": "web_ui", "label": "Web UI" }, { "description": "Permits shell access.", "name": "pmshell", "label": "PM Shell" } ] } /{name}: description: Retrieve an access right by name. get: responses: 200: body: application/json: type: getAccessRightSingle example: { "access_right": { "description": "Permits shell access.", "name": "pmshell", "label": "PM Shell" } } /wireguards: type: base-type description: > Wireguard is a point-to-multipoint vpn. This entity provides access to the wireguard configurations on the system. get: description: Retrieves all wireguard configurations. responses: 200: description: Returns all current wireguard configurations. body: application/json: type: getWireguardList example: { "wireguards": [ { "name": "wg0", "description": "Our wireguard vpn", "enabled": true, "addresses": [ "172.30.0.2/32" ], "port": 51820, "private_key": "****", "public_key": "******", "mtu": 1280, "table": "1000", "pre_down_hooks": [ "echo %i stopping" ], "pre_up_hooks": [], "post_down_hooks": [], "post_up_hooks": [], "peers": [ { "endpoint_address": "1.2.3.4", "endpoint_port": 51820, "public_key": "********", "allowed_ips": [ "172.30.0.0/24" ], "keep_alive": 25 } ] }, { "name": "wg1-example2", "enabled": true, "addresses": [ "10.0.0.1/32" ], "private_key": "****", "pre_down_hooks": [], "pre_up_hooks": [], "post_down_hooks": [], "post_up_hooks": [], "peers": [ { "public_key": "********", "allowed_ips": [ "10.0.0.2/32" ], "endpoint_port": 51820 } ] } ] } post: description: Create a wireguard configuration. body: application/json: type: wireguardResponse example: { "wireguard": { "name": "wg0", "description": "Our wireguard vpn", "enabled": true, "addresses": [ "172.30.0.2/32" ], "port": 51820, "private_key": "****", "public_key": "******", "mtu": 1420, "table": "1000", "pre_down_hooks": [ "echo %i stopping" ], "pre_up_hooks": [], "post_down_hooks": [], "post_up_hooks": [], "peers": [ { "endpoint_address": "1.2.3.4", "endpoint_port": 51820, "public_key": "********", "allowed_ips": [ "172.30.0.0/24" ], "keep_alive": 25 } ] } } responses: 200: body: application/json: type: wireguardResponse example: { "wireguard": { "name": "wg0", "description": "Our wireguard vpn", "enabled": true, "addresses": [ "172.30.0.2/32" ], "port": 51820, "private_key": "****", "public_key": "******", "mtu": 1280, "table": "1000", "pre_down_hooks": [ "echo %i stopping" ], "pre_up_hooks": [], "post_down_hooks": [], "post_up_hooks": [], "peers": [ { "endpoint_address": "1.2.3.4", "endpoint_port": 51820, "public_key": "********", "allowed_ips": [ "172.30.0.0/24" ], "keep_alive": 25 } ] } } 400: body: application/json: type: error /{id}: type: base-type description: Retrieve, update or remove a specific wireguard configuration. get: description: Retrieve a wireguard configuration by id. responses: 200: body: application/json: type: wireguardResponse example: { "wireguard": { "name": "wg0", "description": "Our wireguard vpn", "enabled": true, "addresses": [ "172.30.0.2/32" ], "port": 51820, "private_key": "****", "public_key": "******", "mtu": 1280, "table": "1000", "pre_down_hooks": [ "echo %i stopping" ], "pre_up_hooks": [], "post_down_hooks": [], "post_up_hooks": [], "peers": [ { "endpoint_address": "1.2.3.4", "endpoint_port": 51820, "public_key": "********", "allowed_ips": [ "172.30.0.0/24" ], "keep_alive": 25 } ] } } 404: description: Not found, Wireguard configuration does not exist. body: application/json: type: error put: description: Update a wireguard configuration by id. body: application/json: type: putWireguardRequest example: { "wireguard": { "name": "wg0", "description": "Our wireguard vpn", "enabled": true, "addresses": [ "172.30.0.2/32" ], "port": 51820, "private_key": "****", "public_key": "******", "mtu": 1420, "table": "1000", "pre_down_hooks": [ "echo %i stopping" ], "pre_up_hooks": [], "post_down_hooks": [], "post_up_hooks": [], "peers": [ { "endpoint_address": "1.2.3.4", "endpoint_port": 51820, "public_key": "********", "allowed_ips": [ "172.30.0.0/24" ], "keep_alive": 25 } ] } } responses: 200: body: application/json: type: wireguardResponse example: { "wireguard": { "name": "wg0", "description": "Our wireguard vpn", "enabled": true, "addresses": [ "172.30.0.2/32" ], "port": 51820, "private_key": "****", "public_key": "******", "mtu": 1280, "table": "1000", "pre_down_hooks": [ "echo %i stopping" ], "pre_up_hooks": [], "post_down_hooks": [], "post_up_hooks": [], "peers": [ { "endpoint_address": "1.2.3.4", "endpoint_port": 51820, "public_key": "********", "allowed_ips": [ "172.30.0.0/24" ], "keep_alive": 25 } ] } } 400: body: application/json: type: error 404: description: Not found, Wireguard configuration does not exist. body: application/json: type: error delete: description: Delete the wireguard configuration and stop that wireguard interface. responses: 204: description: Wireguard configuration was removed. 404: description: Not found, Wireguard configuration does not exist. body: application/json: type: error