SecureTrack Aurora GraphQL API Documentation R21-3

Below you can find examples and references for our GraphQL schema

Link to SecureTrack REST API Documentation

Link to SecureTrack GraphQL Overview

Queries

`auth`

Query over all 'auth' related information in session

Returns an AuthQuery

Example

Query

query auth {
  auth {
    sessionUser {
      ...SessionUserFragment
    }
  }
}

Response

{"data": {"auth": {"sessionUser": SessionUser}}}

Queries

`devices`

Query over Device objects.

Returns a DeviceQuery

Name	Description
`filter` - `String`	TQL query to filter for matching Device entities. Please refer to the TQL documentation. Default = `""`

Example

Query

query devices($filter: String) {
  devices(filter: $filter) {
    count
    values(first: $first, offset: $offset) {
      ...DeviceFragment
    }
  }
}

Variables

{
  "filter": "Generated Argument example for devices filter"
}

Response

{
  "data": {
    "devices": {
      "count": Long,
      "values": [Device]
    }
  }
}

Queries

`devicesStatus`

Query over DeviceStatus objects.

Returns a DeviceStatusQuery

Name	Description
`filter` - `String`	TQL query to filter for matching DeviceStatus entities. Please refer to the TQL documentation. Default = `""`

Example

Query

query devicesStatus($filter: String) {
  devicesStatus(filter: $filter) {
    count
    values(first: $first, offset: $offset) {
      ...DeviceStatusFragment
    }
  }
}

Variables

{
  "filter": "Generated Argument example for devicesStatus filter"
}

Response

{
  "data": {
    "devicesStatus": {
      "count": Long,
      "values": [DeviceStatus]
    }
  }
}

Queries

`domains`

Query over Domain objects.

Returns a DomainQuery

Name	Description
`filter` - `String`	TQL query to filter for matching Domain entities. Please refer to the TQL documentation. Default = `""`

Example

Query

query domains($filter: String) {
  domains(filter: $filter) {
    count
    values(first: $first, offset: $offset) {
      ...DomainFragment
    }
  }
}

Variables

{
  "filter": "Generated Argument example for domains filter"
}

Response

{
  "data": {
    "domains": {
      "count": Long,
      "values": [Domain]
    }
  }
}

Queries

`getUsps`

Returns [Usp]

Example

Query

query getUsps {
  getUsps {
    appliedToAnyDomain
    changed
    description
    differentZonesDefaultRestrictions {
      ...UspRestrictionsFragment
    }
    domain {
      ...DomainFragment
    }
    id
    name
    requirements(first: $first, offset: $offset) {
      ...UspRequirementFragment
    }
    sameZoneDefaultRestrictions {
      ...UspRestrictionsFragment
    }
    securityZones(first: $first, offset: $offset) {
      ...SecurityZoneFragment
    }
  }
}

Response

{
  "data": {
    "getUsps": [
      {
        "appliedToAnyDomain": true,
        "changed": DateTime,
        "description": "abc123",
        "differentZonesDefaultRestrictions": UspRestrictions,
        "domain": Domain,
        "id": ID,
        "name": "abc123",
        "requirements": [UspRequirement],
        "sameZoneDefaultRestrictions": UspRestrictions,
        "securityZones": [SecurityZone]
      }
    ]
  }
}

Queries

`interfaces`

Query over Interface objects.

Returns an InterfaceQuery

Name	Description
`filter` - `String`	TQL query to filter for matching Interface entities. Please refer to the TQL documentation. Default = `""`

Example

Query

query interfaces($filter: String) {
  interfaces(filter: $filter) {
    count
    values(first: $first, offset: $offset) {
      ...InterfaceFragment
    }
  }
}

Variables

{
  "filter": "Generated Argument example for interfaces filter"
}

Response

{
  "data": {
    "interfaces": {
      "count": Long,
      "values": [Interface]
    }
  }
}

Queries

`opmAgents`

Query over OPMAgent objects.

Returns an OPMAgentQuery

Name	Description
`filter` - `String`	TQL query to filter for matching OPMAgent entities. Please refer to the TQL documentation. Default = `""`

Example

Query

query opmAgents($filter: String) {
  opmAgents(filter: $filter) {
    count
    values(first: $first, offset: $offset) {
      ...OPMAgentFragment
    }
  }
}

Variables

{
  "filter": "Generated Argument example for opmAgents filter"
}

Response

{
  "data": {
    "opmAgents": {
      "count": Long,
      "values": [OPMAgent]
    }
  }
}

Queries

`rules`

Query over Rule objects.

Returns a RuleQuery

Name	Description
`filter` - `String`	TQL query to filter for matching Rule entities. Please refer to the TQL documentation. Default = `""`

Example

Query

query rules($filter: String) {
  rules(filter: $filter) {
    count
    counts(first: $first, groupBy: $groupBy, offset: $offset, orderBy: $orderBy, orderDirection: $orderDirection) {
      ...CountsResultFragment
    }
    values(first: $first, offset: $offset) {
      ...RuleFragment
    }
  }
}

Variables

{
  "filter": "Generated Argument example for rules filter"
}

Response

{
  "data": {
    "rules": {
      "count": Long,
      "counts": [CountsResult],
      "values": [Rule]
    }
  }
}

Queries

`securityZones`

Query over SecurityZone objects.

Returns a SecurityZoneQuery

Name	Description
`filter` - `String`	TQL query to filter for matching SecurityZone entities. Please refer to the TQL documentation. Default = `""`

Example

Query

query securityZones($filter: String) {
  securityZones(filter: $filter) {
    count
    values(first: $first, offset: $offset) {
      ...SecurityZoneFragment
    }
  }
}

Variables

{
  "filter": "Generated Argument example for securityZones filter"
}

Response

{
  "data": {
    "securityZones": {
      "count": Long,
      "values": [SecurityZone]
    }
  }
}

Queries

`systems`

Query over System objects.

Returns a SystemQuery

Name	Description
`filter` - `String`	TQL query to filter for matching System entities. Please refer to the TQL documentation. Default = `""`

Example

Query

query systems($filter: String) {
  systems(filter: $filter) {
    count
    values(first: $first, offset: $offset) {
      ...SystemFragment
    }
  }
}

Variables

{
  "filter": "Generated Argument example for systems filter"
}

Response

{
  "data": {
    "systems": {
      "count": Long,
      "values": [System]
    }
  }
}

Queries

`userWorkflows`

Query over UserWorkflow objects.

Returns a UserWorkflowsQuery!

Example

Query

query userWorkflows {
  userWorkflows {
    resultStatus {
      ...ResultStatusFragment
    }
    values {
      ...UserWorkflowFragment
    }
  }
}

Response

{
  "data": {
    "userWorkflows": {
      "resultStatus": ResultStatus,
      "values": [UserWorkflow]
    }
  }
}

Queries

`users`

Query over User objects.

Returns a UserQuery

Name	Description
`filter` - `String`	TQL query to filter for matching User entities. Please refer to the TQL documentation. Default = `""`

Example

Query

query users($filter: String) {
  users(filter: $filter) {
    count
    values(first: $first, offset: $offset) {
      ...UserFragment
    }
  }
}

Variables

{
  "filter": "Generated Argument example for users filter"
}

Response

{
  "data": {
    "users": {
      "count": Long,
      "values": [User]
    }
  }
}

Queries

`uspAlertConfigs`

Query over UspAlertConfig objects.

Returns an UspAlertConfigQuery

Name	Description
`filter` - `String`	TQL query to filter for matching UspAlertConfig entities. Please refer to the TQL documentation. Default = `""`

Example

Query

query uspAlertConfigs($filter: String) {
  uspAlertConfigs(filter: $filter) {
    count
    values(first: $first, offset: $offset) {
      ...UspAlertConfigFragment
    }
  }
}

Variables

{
  "filter": "Generated Argument example for uspAlertConfigs filter"
}

Response

{
  "data": {
    "uspAlertConfigs": {
      "count": Long,
      "values": [UspAlertConfig]
    }
  }
}

Queries

`uspExceptions`

Query over UspException objects.

Returns an UspExceptionQuery

Name	Description
`filter` - `String`	TQL query to filter for matching UspException entities. Please refer to the TQL documentation. Default = `""`

Example

Query

query uspExceptions($filter: String) {
  uspExceptions(filter: $filter) {
    count
    values(first: $first, offset: $offset) {
      ...UspExceptionFragment
    }
  }
}

Variables

{
  "filter": "Generated Argument example for uspExceptions filter"
}

Response

{
  "data": {
    "uspExceptions": {
      "count": Long,
      "values": [UspException]
    }
  }
}

Queries

`uspRiskAnalysisTask`

Query over UspRiskAnalysisTask objects.

Returns an UspRiskAnalysisTaskQuery

Name	Description
`filter` - `String`	TQL query to filter for matching UspRiskAnalysisTask entities. Please refer to the TQL documentation. Default = `""`

Example

Query

query uspRiskAnalysisTask($filter: String) {
  uspRiskAnalysisTask(filter: $filter) {
    count
    values(first: $first, offset: $offset) {
      ...UspRiskAnalysisTaskFragment
    }
  }
}

Variables

{
  "filter": "Generated Argument example for uspRiskAnalysisTask filter"
}

Response

{
  "data": {
    "uspRiskAnalysisTask": {
      "count": Long,
      "values": [UspRiskAnalysisTask]
    }
  }
}

Queries

`usps`

Query over Usp objects.

Returns an UspQuery

Name	Description
`filter` - `String`	TQL query to filter for matching Usp entities. Please refer to the TQL documentation. Default = `""`

Example

Query

query usps($filter: String) {
  usps(filter: $filter) {
    count
    values(first: $first, offset: $offset) {
      ...UspFragment
    }
  }
}

Variables

{
  "filter": "Generated Argument example for usps filter"
}

Response

{
  "data": {
    "usps": {
      "count": Long,
      "values": [Usp]
    }
  }
}

Queries

`zones`

Returns [Zone!]!

Example

Query

query zones {
  zones {
    changed
    comment
    device {
      ...BasicDeviceFragment
    }
    id
    name
    system {
      ...BasicSystemFragment
    }
    version
    zoneType
  }
}

Response

{
  "data": {
    "zones": [
      {
        "changed": DateTime,
        "comment": "abc123",
        "device": BasicDevice,
        "id": ID,
        "name": "xyz789",
        "system": BasicSystem,
        "version": 987,
        "zoneType": ZoneType
      }
    ]
  }
}

Mutations

`riskAnalysis`

Returns a RiskAnalysisMutation!

Example

Query

mutation riskAnalysis {
  riskAnalysis {
    createUspRiskAnalysisTask(input: $input) {
      ...CreateUspRiskAnalysisTaskResultFragment
    }
  }
}

Response

{
  "data": {
    "riskAnalysis": {
      "createUspRiskAnalysisTask": CreateUspRiskAnalysisTaskResult
    }
  }
}

Mutations

`ruleOperations`

Returns a RuleOperationsMutation!

Example

Query

mutation ruleOperations {
  ruleOperations {
    createTicketDraft(input: $input) {
      ...CreateTicketDraftResultFragment
    }
  }
}

Response

{
  "data": {
    "ruleOperations": {
      "createTicketDraft": CreateTicketDraftResult
    }
  }
}

Mutations

`ruleUserData`

Returns a RuleUserDataMutation!

Example

Query

mutation ruleUserData {
  ruleUserData {
    createTicket(input: $input) {
      ...CreateTicketResultFragment
    }
    deleteTickets(input: $input) {
      ...DeleteTicketsResultFragment
    }
    updateRuleAutomationAttribute(input: $input) {
      ...UpdateRuleAutomationAttributeResultFragment
    }
    updateRuleDescription(input: $input) {
      ...UpdateRuleDescriptionResultFragment
    }
    updateRuleTechnicalOwner(input: $input) {
      ...UpdateRuleTechnicalOwnerResultFragment
    }
    updateTicket(input: $input) {
      ...UpdateTicketResultFragment
    }
  }
}

Response

{
  "data": {
    "ruleUserData": {
      "createTicket": CreateTicketResult,
      "deleteTickets": DeleteTicketsResult,
      "updateRuleAutomationAttribute": UpdateRuleAutomationAttributeResult,
      "updateRuleDescription": UpdateRuleDescriptionResult,
      "updateRuleTechnicalOwner": UpdateRuleTechnicalOwnerResult,
      "updateTicket": UpdateTicketResult
    }
  }
}

Mutations

`system`

Returns a SystemMutation!

Example

Query

mutation system {
  system {
    createSystem(input: $input) {
      ...CreateSystemResultFragment
    }
    deleteSystem(input: $input) {
      ...DeleteSystemResultFragment
    }
    updateSystem(input: $input) {
      ...UpdateSystemResultFragment
    }
  }
}

Response

{
  "data": {
    "system": {
      "createSystem": CreateSystemResult,
      "deleteSystem": DeleteSystemResult,
      "updateSystem": UpdateSystemResult
    }
  }
}

Mutations

`usp`

Returns an UspMutation!

Example

Query

mutation usp {
  usp {
    addSecurityZonesToUsp(input: $input) {
      ...AddSecurityZonesToUspResultFragment
    }
    createPredefinedUsp(input: $input) {
      ...CreatePredefinedUspResultFragment
    }
    createUsp(input: $input) {
      ...CreateUspResultFragment
    }
    deleteUsp(input: $input) {
      ...DeleteUspResultFragment
    }
    removeSecurityZonesFromUsp(input: $input) {
      ...RemoveSecurityZonesFromUspResultFragment
    }
    updateUsp(input: $input) {
      ...UpdateUspResultFragment
    }
    updateUspRequirement(input: $input) {
      ...UpdateUspRequirementResultFragment
    }
  }
}

Response

{
  "data": {
    "usp": {
      "addSecurityZonesToUsp": AddSecurityZonesToUspResult,
      "createPredefinedUsp": CreatePredefinedUspResult,
      "createUsp": CreateUspResult,
      "deleteUsp": DeleteUspResult,
      "removeSecurityZonesFromUsp": RemoveSecurityZonesFromUspResult,
      "updateUsp": UpdateUspResult,
      "updateUspRequirement": UpdateUspRequirementResult
    }
  }
}

Mutations

`uspAlertConfig`

Returns an AlertConfigMutation!

Example

Query

mutation uspAlertConfig {
  uspAlertConfig {
    createUspAlertConfig(input: $input) {
      ...CreateUspAlertConfigResultFragment
    }
    deleteAlertConfig(input: $input) {
      ...DeleteAlertConfigResultFragment
    }
    updateUspAlertConfig(input: $input) {
      ...UpdateUspAlertConfigResultFragment
    }
  }
}

Response

{
  "data": {
    "uspAlertConfig": {
      "createUspAlertConfig": CreateUspAlertConfigResult,
      "deleteAlertConfig": DeleteAlertConfigResult,
      "updateUspAlertConfig": UpdateUspAlertConfigResult
    }
  }
}

Mutations

`uspException`

Returns an UspExceptionMutation!

Example

Query

mutation uspException {
  uspException {
    createUspRuleException(input: $input) {
      ...CreateUspRuleExceptionResultFragment
    }
    createUspTrafficException(input: $input) {
      ...CreateUspTrafficExceptionResultFragment
    }
    deleteUspExceptions(input: $input) {
      ...DeleteUspExceptionResultFragment
    }
    updateUspTrafficException(input: $input) {
      ...UpdateUspTrafficExceptionResultFragment
    }
  }
}

Response

{
  "data": {
    "uspException": {
      "createUspRuleException": CreateUspRuleExceptionResult,
      "createUspTrafficException": CreateUspTrafficExceptionResult,
      "deleteUspExceptions": DeleteUspExceptionResult,
      "updateUspTrafficException": UpdateUspTrafficExceptionResult
    }
  }
}

Mutations

`zoneMapping`

Returns a ZoneMappingMutation!

Example

Query

mutation zoneMapping {
  zoneMapping {
    updateDeviceInclusionInCalculation(input: $input) {
      ...UpdateDeviceInclusionInCalculationResultFragment
    }
    updateMappings(input: $input) {
      ...ZoneManualMappingResultFragment
    }
    updateProtectionMode(input: $input) {
      ...UpdateProtectionModeResultFragment
    }
  }
}

Response

{
  "data": {
    "zoneMapping": {
      "updateDeviceInclusionInCalculation": UpdateDeviceInclusionInCalculationResult,
      "updateMappings": ZoneManualMappingResult,
      "updateProtectionMode": UpdateProtectionModeResult
    }
  }
}

Types

`AccessRequestActionType`

The action of the access request. Equivalent to a security rule action.

Enum Value	Description
`ALLOW`	Allow all traffic.
`DENY`	Deny all traffic.

Types

`AccessRequestApplicationInput`

Input Field	Description
`name` - `String!`
`services` - `[ServiceExpressionString!]`

Example

{"name": "abc123", "services": [ServiceExpressionString]}

Types

`AccessRequestApplicationPredefinedValue`

Enum Value	Description
`ANY_APPLICATION`

Types

`AccessRequestDomainInput`

Input Field	Description
`id` - `IdString`
`runCalculationOnAppliedToAnyDomainUsps` - `Boolean!`

Example

{
  "id": IdString,
  "runCalculationOnAppliedToAnyDomainUsps": true
}

Types

`AccessRequestError`

Field Name	Description
`accessRequestId` - `String`
`errorType` - `ErrorType`
`message` - `String`

Example

{
  "accessRequestId": "xyz789",
  "errorType": ErrorType,
  "message": "abc123"
}

Types

`AccessRequestInput`

Represents a traffic access request to be checked for violation of any of the configured USPs.

Input Field	Description
`actionType` - `AccessRequestActionType!`	`AccessRequestActionType` of the access request.
`applicationPredefinedValue` - `AccessRequestApplicationPredefinedValue`	Predefined value of `ApplicationPredefinedValue` type for the access request applications. If this value is set, the list of applications should not be configured.
`applications` - `[AccessRequestApplicationInput!]`	List of `AccessRequestApplication` that represents the access request applications.
`destinationDomain` - `AccessRequestDomainInput`	The access request destination `AccessRequestDomain`.
`destinationPredefinedValue` - `AccessRequestNetworkPredefinedValue`	Predefined value of `NetworkPredefinedValue` type for the access request destination. If this value is set, the list of destinations should not be configured.
`destinationZones` - `[IdString!]`	List of SecureTrack zones that represent the access request destination zones.
`destinations` - `[NetworkObjectTrafficInput!]`	List of `NetworkObjectTraffic` that represents the access request destinations.
`id` - `FreeText!`
`servicePredefinedValue` - `AccessRequestServicePredefinedValue`	Predefined value of `ServicePredefinedValue` type for the access request services. If this value is set, the list of services should not be configured.
`services` - `[ServiceExpressionString!]`	List of `ServiceTraffic` that represents the access request services.
`sourceDomain` - `AccessRequestDomainInput`	The access request source `AccessRequestDomain`.
`sourcePredefinedValue` - `AccessRequestNetworkPredefinedValue`	Predefined value of `NetworkPredefinedValue` type for the access request source. If this value is set, the list of sources should not be configured.
`sourceZones` - `[IdString!]`	List of SecureTrack zones that represent the access request source zones.
`sources` - `[NetworkObjectTrafficInput!]`	List of `NetworkObjectTraffic` that represents the access request sources.

Example

{
  "actionType": AccessRequestActionType,
  "applicationPredefinedValue": AccessRequestApplicationPredefinedValue,
  "applications": [AccessRequestApplicationInput],
  "destinationDomain": AccessRequestDomainInput,
  "destinationPredefinedValue": AccessRequestNetworkPredefinedValue,
  "destinationZones": [IdString],
  "destinations": [NetworkObjectTrafficInput],
  "id": FreeText,
  "servicePredefinedValue": AccessRequestServicePredefinedValue,
  "services": [ServiceExpressionString],
  "sourceDomain": AccessRequestDomainInput,
  "sourcePredefinedValue": AccessRequestNetworkPredefinedValue,
  "sourceZones": [IdString],
  "sources": [NetworkObjectTrafficInput]
}

Types

`AccessRequestNetworkPredefinedValue`

Enum Value	Description
`ANY`
`ANY_IPV4`
`ANY_IPV6`

Types

`AccessRequestServicePredefinedValue`

Enum Value	Description
`ANY_SERVICE`

Types

`AccessRole`

Set of permitted objects

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`networksPredefinedValue` - `NetworkPredefinedValue`	Could be any network, IPv4 only network or IPv6 only network
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`usersPredefinedValue` - `UserPredefinedValue`	Predefined values to define well known user behavior
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "xyz789",
  "device": BasicDevice,
  "id": ID,
  "name": "abc123",
  "networksPredefinedValue": NetworkPredefinedValue,
  "system": BasicSystem,
  "usersPredefinedValue": UserPredefinedValue,
  "version": 987
}

Types

`AddSecurityZonesToUspInput`

Adding SecureTrack network zones to an existing USP.

Input Field	Description
`securityZonesIds` - `[IdString!]!`	SecureTrack network zones IDs.
`uspId` - `IdString!`	USP ID.

Example

{
  "securityZonesIds": [IdString],
  "uspId": IdString
}

Types

`AddSecurityZonesToUspResult`

Returns the status results when adding SecureTrack network zones to an existing USP.

Field Name	Description
`resultStatus` - `ResultStatus!`	Status of request to add SecureTrack network zones to an existing USP.

Example

{"resultStatus": ResultStatus}

Types

`AlertConfigMutation`

The AlertConfigMutation entity lets you create, update or delete USP alerts. For a full list of configuration options see the createUspAlertConfig and updateUspAlertConfig entities.

Field Name	Description
`createUspAlertConfig` - `CreateUspAlertConfigResult!`	Create a USP alert.
Arguments `input` - `CreateUspAlertConfigInput!`
`deleteAlertConfig` - `DeleteAlertConfigResult!`	Delete a USP alert.
Arguments `input` - `DeleteAlertConfigInput!`
`updateUspAlertConfig` - `UpdateUspAlertConfigResult!`	Update a USP alert.
Arguments `input` - `UpdateUspAlertConfigInput!`

Example

{
  "createUspAlertConfig": CreateUspAlertConfigResult,
  "deleteAlertConfig": DeleteAlertConfigResult,
  "updateUspAlertConfig": UpdateUspAlertConfigResult
}

Types

`Application`

Network application.

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "abc123",
  "device": BasicDevice,
  "id": ID,
  "name": "abc123",
  "system": BasicSystem,
  "version": 987
}

Types

`ApplicationPredefinedValue`

Predefined values to define Any application

Enum Value	Description
`ANY_APPLICATION`	Any application

Types

`ApplicationString`

An application string. Must be a predefined application. Input as a String literal, for example, 'Facebook'

Example

object

Types

`ApplicationUsage`

Object which represents usage information of applications on the rule

Field Name	Description
`timeLastHit` - `DateTime`	Represents time when traffic was recorded for the application

Example

{"timeLastHit": DateTime}

Types

`AppliedToObjectsPredefinedValue`

Predefined values for "AppliedToObjects"

Enum Value	Description
`ANY`	Any object
`NONE`	No object

Types

`AuthQuery`

A container for authentication-related information (such as principles) from the current session context.

Field Name	Description
`sessionUser` - `SessionUser`	The current principle user in session.

Example

{"sessionUser": SessionUser}

Types

`AutomationAttribute`

Determines the way that Designer and Verifier will relate to the legacy rule that is being modified.

Enum Value	Description
`LEGACY`	Designer and Verifier will treat the specified legacy rule as a shadowed rule when making recommendations or verifying access.
`STEALTH`	Designer and Verifier will treat the specified rule as a stealth rule when making recommendations or verifying access.

Types

`BasicDevice`

A dependent device. Each device is assigned to a unique System device.

Field Name	Description
`cannotHaveRules` - `Boolean`	`True` indicates that the device has no rules
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`deviceType` - `DeviceType`	Type of this device
`displayName` - `String`	Name of this device
`domain` - `Domain`	The domains of the device
`id` - `ID!`	The internal unique identifier for this entity
`model` - `ModelName`	Model of this device
`name` - `String`	The name of the entity
`parent` - `Device`	Device or system parent device
`root` - `Boolean`	`True` indicates that this device is the topmost device in the hierarchy
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`vendor` - `VendorName`	Vendor type of this device
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "cannotHaveRules": true,
  "comment": "xyz789",
  "device": BasicDevice,
  "deviceType": DeviceType,
  "displayName": "abc123",
  "domain": Domain,
  "id": ID,
  "model": ModelName,
  "name": "abc123",
  "parent": Device,
  "root": true,
  "system": BasicSystem,
  "vendor": VendorName,
  "version": 987
}

Types

`BasicRuleUspExceptionInfo`

The UspException entity shows the current configuration of a USP exception. UspException exempts RuleViolations of flow and traffic types, according to the different conditions. UspException must contain at least one configured condition. An empty condition is treated as 'all'. Traffic violations are affected by source, destination, service\application and usp conditions. Flow violations are affected by source, destination and USP conditions. All affecting conditions must be satisfied for a RuleViolation to be exempted (logical AND between conditions).

Field Name	Description
`description` - `String`	UspException description.
`id` - `ID!`	The internal unique identifier for this entity.
`name` - `String`	UspException unique name.

Example

{"description": "abc123", "id": ID, "name": "xyz789"}

Types

`BasicSystem`

Root device that manages the dependent devices

Field Name	Description
`id` - `ID!`	The internal unique identifier for this entity
`model` - `ModelName`	Model of this device
`modelDisplayName` - `String`	Model name of this device
`monitoredByOPMAgent` - `Boolean`	True indicates that the system monitored by OPM agent
`name` - `String`	The name of the entity
`vendor` - `VendorName`	Vendor type of this device

Example

{
  "id": ID,
  "model": ModelName,
  "modelDisplayName": "abc123",
  "monitoredByOPMAgent": true,
  "name": "xyz789",
  "vendor": VendorName
}

Types

`BasicUspExceptionInfo`

Field Name	Description
`description` - `String`	UspException description.
`id` - `ID!`	The internal unique identifier for this entity.
`name` - `String`	UspException unique name.

Example

{"description": "xyz789", "id": ID, "name": "abc123"}

Types

`BasicUspExceptionInfoForRiskAnalysis`

Field Name	Description
`description` - `String`	UspException description.
`id` - `ID!`	The internal unique identifier for this entity.
`name` - `String`	UspException unique name.

Example

{"description": "abc123", "id": ID, "name": "abc123"}

Types

`BasicUspInfo`

The Usp entity shows the configuration of a USP. A USP requirement consists of matched entities, typically a source zone and a destination zone, that have a restriction. For example, a requirement could be based on the matched entities "Source Zone = Administrators" and "Destination Zone = Marketing", with a restriction of "Allow only HTTPS". A rule that violates any of the USP requirements will be reported as a rule violation.

Field Name	Description
`appliedToAnyDomain` - `Boolean`
`description` - `String`	Description of the USP.
`differentZonesDefaultRestrictions` - `UspRestrictions`	Configures default restrictions on security rules for different zones in source and destination.
`domain` - `Domain`	Domain of the USP.
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	Name of the USP.
`sameZoneDefaultRestrictions` - `UspRestrictions`	Configures default restrictions on security rules for the same zone in source and destination.

Example

{
  "appliedToAnyDomain": true,
  "description": "xyz789",
  "differentZonesDefaultRestrictions": UspRestrictions,
  "domain": Domain,
  "id": ID,
  "name": "xyz789",
  "sameZoneDefaultRestrictions": UspRestrictions
}

Types

`BasicUspInfoForRiskAnalysis`

Field Name	Description
`description` - `String`	Description of the USP.
`differentZonesDefaultRestrictions` - `UspRestrictions`	Configures default restrictions on security rules for different zones in source and destination.
`domain` - `Domain`	Domain of the USP.
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	Name of the USP.
`sameZoneDefaultRestrictions` - `UspRestrictions`	Configures default restrictions on security rules for the same zone in source and destination.

Example

{
  "description": "xyz789",
  "differentZonesDefaultRestrictions": UspRestrictions,
  "domain": Domain,
  "id": ID,
  "name": "xyz789",
  "sameZoneDefaultRestrictions": UspRestrictions
}

Types

`Boolean`

The Boolean scalar type represents true or false.

Example

false

Types

`Certification`

Field Name	Description
`status` - `CertificationStatus`	The status of the rule (certified, decertified)
`timeCertified` - `DateTime`	The date the rule certification expires, after which, it must be reviewed and recertified
`timeExpiration` - `DateTime`	The date that the certification decision was implemented

Example

{
  "status": CertificationStatus,
  "timeCertified": DateTime,
  "timeExpiration": DateTime
}

Types

`CertificationStatus`

The status of the rule (certified/decertified)

Enum Value	Description
`CERTIFIED`	Rule status is certified (has a business justification)
`DECERTIFIED`	Rule status is not certified (does not have a business justification)

Types

`CountsResult`

The number of entities matching a filter, grouped by selected fields.

Field Name	Description
`count` - `Long`	Number of entities returned for the group.
`group` - `[String!]`	Parameters used to group the entity.

Example

{"count": Long, "group": ["abc123"]}

Types

`CreateDraftInvalidRuleReason`

The possible reasons for rules to be invalid for creating a SecureChange ticket

Enum Value	Description
`RULE_ALREADY_HAS_TICKET_IN_PROGRESS`	The rule already has a ticket in progress
`RULE_NOT_FOUND`	The requested rule ID is not found
`UNSET`

Types

`CreatePredefinedUspInput`

Create a predefined USP from known regulation templates. The supported regulations are:

PCI
NERC CIPV5
ISO 27001
NIST 800-53
Tufin's Best Practices
Tufin's Advanced Best Practices

Input Field	Description
`appliedToAnyDomain` - `Boolean!`
`description` - `FreeText`	USP description.
`domain` - `IdString`
`name` - `Name!`	USP name.
`type` - `PredefinedUspType!`	Regulation type.
`zoneMappings` - `[ZoneMappingInput!]!`	Mapping between the regulation zones from the template to the SecureTrack network zones to be enforced by the created USP.

Example

{
  "appliedToAnyDomain": false,
  "description": FreeText,
  "domain": IdString,
  "name": Name,
  "type": PredefinedUspType,
  "zoneMappings": [ZoneMappingInput]
}

Types

`CreatePredefinedUspResult`

Returns the status results when creating a new predefined USP.

Field Name	Description
`id` - `ID`	Newly created USP ID.
`resultStatus` - `ResultStatus!`	Status of request to create a new USP.

Example

{
  "id": ID,
  "resultStatus": ResultStatus
}

Types

`CreateSystemInput`

Create system request input

Input Field	Description
`appliedToAnyDomain` - `Boolean`	This property is not currently supported
`domain` - `IdString`	This property is not currently supported
`ipAddress` - `IpAddressString`	IP address
`model` - `ModelName!`	Model of this device
`modelDisplayName` - `FreeText!`	Model name of this device
`name` - `Name!`	System name
`opmAgentId` - `FreeText!`	Open policy management (OPM) agent ID
`properties` - `[SystemFieldValueInput!]`	System properties
`vendor` - `VendorName!`	Vendor type of this device

Example

{
  "appliedToAnyDomain": true,
  "domain": IdString,
  "ipAddress": IpAddressString,
  "model": ModelName,
  "modelDisplayName": FreeText,
  "name": Name,
  "opmAgentId": FreeText,
  "properties": [SystemFieldValueInput],
  "vendor": VendorName
}

Types

`CreateSystemResult`

Create system request output

Field Name	Description
`id` - `ID`	Application internal ID of created system
`resultStatus` - `ResultStatus!`	Result of the operation

Example

{
  "id": ID,
  "resultStatus": ResultStatus
}

Types

`CreateTicketDraftInput`

Create a ticket draft in SecureChange

Input Field	Description
`decommissionRulesAction` - `DecommissionRulesAction`	Supported actions are: “disable rules” and “remove rules”
`dryRun` - `Boolean`	If set to True, SecureChange will not create a ticket draft, will only return the result of input validation
`ruleUids` - `[IdString!]!`	List of rule UIDs to create the ticket for
`subject` - `Name`	The subject for the ticket draft
`workflowName` - `Name`	The name of SecureChange workflow used to create the ticket
`workflowType` - `WorkFlowType!`	The type of workflow (RECERTIFY_RULES, DECOMMISSION_RULES or MODIFY_RULES)

Example

{
  "decommissionRulesAction": DecommissionRulesAction,
  "dryRun": false,
  "ruleUids": [IdString],
  "subject": Name,
  "workflowName": Name,
  "workflowType": WorkFlowType
}

Types

`CreateTicketDraftResult`

Returns the status results when creating a ticket draft

Field Name	Description
`invalidRules` - `[InvalidRule!]!`	List of the rules that are invalid for creating a ticket, and the reason that they are invalid
`resultStatus` - `ResultStatus!`	Status of the request to create ticket draft
`validRuleUids` - `[ID!]`	List of the rules that are valid for creating a ticket, out of the rules in the request

Example

{
  "invalidRules": [InvalidRule],
  "resultStatus": ResultStatus,
  "validRuleUids": [ID]
}

Types

`CreateTicketInput`

Create a ticket for a rule.

Input Field	Description
`businessOwner` - `FreeText`	Business owner name for a rule.
`comment` - `FreeText`	Comment for a ticket.
`email` - `EmailAddress`	Business owner Email address for a rule.
`expirationDate` - `DateTime`	Expiration date for a ticket.
`externalUrl` - `URL`	External URL for a ticket.
`originTicketId` - `FreeText!`	ID information for a ticket.
`ruleIds` - `[IdString!]!`	List of affected rule IDs.
`secureChangeTicket` - `Boolean`

Example

{
  "businessOwner": FreeText,
  "comment": FreeText,
  "email": EmailAddress,
  "expirationDate": DateTime,
  "externalUrl": URL,
  "originTicketId": FreeText,
  "ruleIds": [IdString],
  "secureChangeTicket": true
}

Types

`CreateTicketResult`

Returns the status results when creating a ticket for a rule.

Field Name	Description
`modifiedRules` - `[ModifiedRule!]!`	List of affected rules.
`resultStatus` - `ResultStatus!`	Result of the create ticket operation.

Example

{
  "modifiedRules": [ModifiedRule],
  "resultStatus": ResultStatus
}

Types

`CreateUspAlertConfigInput`

Create a USP alert.

Input Field	Description
`allDevices` - `Boolean!`	If set to True, the devicesIds field is ignored and this alert applies to all devices.
`allUsps` - `Boolean!`	If set to True, the uspId field is ignored and this alert applies to all USPs.
`appliedToAnyDomain` - `Boolean!`	If set to True, the domain field should be empty and this alert applies to all domains.
`description` - `FreeText`	Alert description.
`devicesIds` - `[IdString!]`	This alert applies only for the specified devices. Add a list Device IDs.
`disabled` - `Boolean!`	Set to true to disable this alert.
`domain` - `IdString`	This alert will be configured in the specified domain. Add a single domain ID only.
`externalRecipientsEmails` - `[EmailAddress!]`	Add list of 1 or more valid email addresses that will receive this alert. Leave this field empty if you do not want to send email to non-SecureTrack users.
`name` - `Name!`	Alert name.
`recipientsIds` - `[IdString!]`	Add a list of 1or more SecureTrack User IDs that should receive this alert. Leave this field empty if you do not want to send the alert to a SecureTrack user.
`severities` - `[ViolationSeverity!]!`	This alert is sent for violations of all the selected severities.
`syslogEnabled` - `Boolean!`	Set to True if syslog the alert should also be sent via syslog.
`uspId` - `IdString`	This alert applies only to the specified USP. Add a single USP ID only.

Example

{
  "allDevices": false,
  "allUsps": true,
  "appliedToAnyDomain": true,
  "description": FreeText,
  "devicesIds": [IdString],
  "disabled": true,
  "domain": IdString,
  "externalRecipientsEmails": [EmailAddress],
  "name": Name,
  "recipientsIds": [IdString],
  "severities": [ViolationSeverity],
  "syslogEnabled": true,
  "uspId": IdString
}

Types

`CreateUspAlertConfigResult`

Returns the status results when creating a new USP alert .

Field Name	Description
`id` - `ID`	ID of the new alert.
`resultStatus` - `ResultStatus!`	Status of request to create a new USP alert.

Example

{
  "id": ID,
  "resultStatus": ResultStatus
}

Types

`CreateUspInput`

Create a USP.

Input Field	Description
`appliedToAnyDomain` - `Boolean!`
`description` - `FreeText`	USP description.
`domain` - `IdString`
`name` - `Name!`	USP name.
`securityZonesIds` - `[IdString!]`	SecureTrack network zones IDs to be used by the USP.

Example

{
  "appliedToAnyDomain": false,
  "description": FreeText,
  "domain": IdString,
  "name": Name,
  "securityZonesIds": [IdString]
}

Types

`CreateUspResult`

Returns the status results when creating a new USP.

Field Name	Description
`id` - `ID`	Newly created USP ID.
`resultStatus` - `ResultStatus!`	Status of request to create a new USP.

Example

{
  "id": ID,
  "resultStatus": ResultStatus
}

Types

`CreateUspRiskAnalysisTaskInput`

Create a new UspRiskAnalysisTask for risk analysis calculation.

Input Field	Description
`accessRequests` - `[AccessRequestInput!]!`	List of `AccessRequestInput`s for risk analysis calculations.
`runCalculationOnAllUsps` - `Boolean!`	If true, calculation will run only on USPs configured on 'All Domains' context, else, will run on USPs that are configured on the specified source and destination domains.

Example

{
  "accessRequests": [AccessRequestInput],
  "runCalculationOnAllUsps": true
}

Types

`CreateUspRiskAnalysisTaskResult`

Returns the status results when creating a new UspRiskAnalysisTask.

Field Name	Description
`resultStatus` - `ResultStatus!`	`ResultStatus` of the request to create a new risk analysis task.
`taskId` - `ID`	The created task ID. The ID is used for querying for the calculation result of `UspRiskAnalysisTask`.

Example

{
  "resultStatus": ResultStatus,
  "taskId": ID
}

Types

`CreateUspRuleExceptionInput`

Create a rule UspException.

Input Field	Description
`appliedToAnyDomain` - `Boolean!`	`True` indicates that the exception affects All Domains. `False` indicates that the exception affects only the specified domain.
`approver` - `FreeText`	User that approved the rule `UspException`.
`creator` - `FreeText`	User that created the rule `UspException` .
`description` - `FreeText`	Rule UspException description.
`disabled` - `Boolean!`	Set to true to disable this rule `UspException`. When disabled, rule `UspException` will have no impact on `RuleViolation`s.
`domain` - `IdString`	The ID of the domain that the exception will be created for. Note: If `appliedToAnyDomain` is set to `True` this value is ignored.
`endDate` - `Date`	Last date that the rule UspException is active.
`name` - `Name!`	Rule UspException name.
`rules` - `RuleExceptionConditionInput!`	`RulesConditionInput` of the UspException.
`startDate` - `Date`	First date that the rule `UspException` is active.
`ticketId` - `FreeText`	SecureChange ticket ID.
`usps` - `[UspExceptionConditionInput!]`	List of `UspExceptionConditionInput`.

Example

{
  "appliedToAnyDomain": false,
  "approver": FreeText,
  "creator": FreeText,
  "description": FreeText,
  "disabled": false,
  "domain": IdString,
  "endDate": "2021-07-14T11:16:09.875Z",
  "name": Name,
  "rules": RuleExceptionConditionInput,
  "startDate": "2021-07-14T11:16:09.875Z",
  "ticketId": FreeText,
  "usps": [UspExceptionConditionInput]
}

Types

`CreateUspRuleExceptionResult`

Returns the status results when creating a new rule UspException.

Field Name	Description
`id` - `ID`	Newly created rule `UspException` ID.
`resultStatus` - `ResultStatus!`	Status of request to create a new rule `UspException`.

Example

{
  "id": ID,
  "resultStatus": ResultStatus
}

Types

`CreateUspTrafficExceptionInput`

Create a traffic UspException.

Input Field	Description
`appliedToAnyDomain` - `Boolean!`	`True` indicates that the exception affects All Domains. `False` indicates that the exception affects only the specified domain.
`approver` - `FreeText`	User that approved the traffic `UspException`.
`creator` - `FreeText`	User that created the traffic `UspException` .
`description` - `FreeText`	Traffic UspException description.
`destinations` - `[IpAddressString!]`	Destination condition - list of network objects.
`disabled` - `Boolean!`	Set to true to disable this traffic `UspException`. When disabled, traffic `UspException` will have no impact on `RuleViolation`s.
`domain` - `IdString`	The ID of the domain that the exception will be created for. Note: If `appliedToAnyDomain` is set to `True` this value is ignored.
`endDate` - `Date`	Last date that the traffic UspException is active.
`name` - `Name!`	Traffic UspException name.
`servicesAndApplications` - `ServiceAndApplicationConditionInput`	List of `ServiceAndApplicationConditionInput`.
`sources` - `[IpAddressString!]`	Source condition - list of network objects.
`startDate` - `Date`	First date that the traffic `UspException` is active.
`ticketId` - `FreeText`	SecureChange ticket ID.
`usps` - `[UspExceptionConditionInput!]`	List of `UspExceptionConditionInput`.

Example

{
  "appliedToAnyDomain": false,
  "approver": FreeText,
  "creator": FreeText,
  "description": FreeText,
  "destinations": [IpAddressString],
  "disabled": true,
  "domain": IdString,
  "endDate": "2021-07-14T11:16:09.875Z",
  "name": Name,
  "servicesAndApplications": ServiceAndApplicationConditionInput,
  "sources": [IpAddressString],
  "startDate": "2021-07-14T11:16:09.875Z",
  "ticketId": FreeText,
  "usps": [UspExceptionConditionInput]
}

Types

`CreateUspTrafficExceptionResult`

Returns the status results when creating a new traffic UspException.

Field Name	Description
`id` - `ID`	Newly created traffic `UspException` ID.
`resultStatus` - `ResultStatus!`	Status of request to create a new traffic `UspException`.

Example

{
  "id": ID,
  "resultStatus": ResultStatus
}

Types

`Date`

An RFC-3339 compliant Full Date Scalar

Example

2021-01-14T12:16:09.875Z

Types

`DateTime`

An RFC-3339 compliant DateTime Scalar

Example

object

Types

`DecommissionRulesAction`

Enum Value	Description
`DISABLE_RULES`
`REMOVE_RULES`

Types

`DeleteAlertConfigInput`

Delete a USP alert.

Input Field	Description
`ids` - `[IdString!]!`	IDs of the alerts you want to delete.

Example

{"ids": [IdString]}

Types

`DeleteAlertConfigResult`

Returns the status results when deleting USP alerts.

Field Name	Description
`ids` - `[String!]`
`resultStatus` - `ResultStatus!`	Status of request to delete USP alerts.

Example

{"ids": ["xyz789"], "resultStatus": ResultStatus}

Types

`DeleteSystemInput`

Delete systems request input

Input Field	Description
`ids` - `[IdString!]!`	Systems IDs to delete

Example

{"ids": [IdString]}

Types

`DeleteSystemResult`

Delete system request output

Field Name	Description
`resultStatus` - `ResultStatus!`	Result of the operation

Example

{"resultStatus": ResultStatus}

Types

`DeleteTicketsInput`

Delete tickets.

Input Field	Description
`ids` - `[IdString!]!`	IDs of the tickets to be deleted.

Example

{"ids": [IdString]}

Types

`DeleteTicketsResult`

Returns the status results when deleting tickets.

Field Name	Description
`ids` - `[ID!]`	IDs of the deleted tickets.
`resultStatus` - `ResultStatus!`	Status of request to delete tickets.

Example

{
  "ids": [ID],
  "resultStatus": ResultStatus
}

Types

`DeleteUspExceptionInput`

Delete one or more UspExceptions.

Input Field	Description
`ids` - `[IdString!]!`	`UspException` IDs.

Example

{"ids": [IdString]}

Types

`DeleteUspExceptionResult`

Returns the status results when deleting UspExceptions.

Field Name	Description
`ids` - `[ID!]`
`resultStatus` - `ResultStatus!`	Status of request to delete `UspException`s.

Example

{
  "ids": [ID],
  "resultStatus": ResultStatus
}

Types

`DeleteUspInput`

Delete one or multiple USPs.

Input Field	Description
`ids` - `[IdString!]!`	USP IDs.

Example

{"ids": [IdString]}

Types

`DeleteUspResult`

Returns the status results when deleting USPs.

Field Name	Description
`resultStatus` - `ResultStatus!`	Status of request to delete USPs.

Example

{"resultStatus": ResultStatus}

Types

`Device`

A dependent device. Each device is assigned to a unique System device.

Field Name	Description
`cannotHaveRules` - `Boolean`	`True` indicates that the device has no rules Permission requires
`changed` - `DateTime`	The most recent time that this entity was directly modified Permission requires
`comment` - `String`	A text comment associated with this entity Permission requires
`device` - `BasicDevice`	The device that this entity belongs to Permission requires
`deviceType` - `DeviceType`	Type of this device
`displayName` - `String`	Name of this device
`domain` - `Domain`	The domains of the device
`domainDeviceConf` - `[DomainDeviceConf!]`	List of device domain configurations which are excluded from violation calculations and protection mode Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`id` - `ID!`	The internal unique identifier for this entity
`model` - `ModelName`	Model of this device Permission requires
`modelDisplayName` - `String`	Model name of this device Permission requires
`name` - `String`	The name of the entity
`nameOnDevice` - `String`	Context name of this device Permission requires
`parent` - `Device`	Device or system parent device Permission requires
`root` - `Boolean`	`True` indicates that this device is the topmost device in the hierarchy
`swVersion` - `String`	Software version of this device Permission requires
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`vendor` - `VendorName`	Vendor type of this device Permission requires
`vendorDisplayName` - `String`	Vendor name of this device Permission requires
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "cannotHaveRules": true,
  "changed": DateTime,
  "comment": "xyz789",
  "device": BasicDevice,
  "deviceType": DeviceType,
  "displayName": "abc123",
  "domain": Domain,
  "domainDeviceConf": [DomainDeviceConf],
  "id": ID,
  "model": ModelName,
  "modelDisplayName": "xyz789",
  "name": "xyz789",
  "nameOnDevice": "abc123",
  "parent": Device,
  "root": true,
  "swVersion": "xyz789",
  "system": BasicSystem,
  "vendor": VendorName,
  "vendorDisplayName": "xyz789",
  "version": 123
}

Types

`DeviceQuery`

Query for Device objects. These objects can be filtered with a TQL query.

Field Name	Description
`count` - `Long!`	The total count of Device objects matching the specified filter.
`values` - `[Device!]!`	A list of Device objects matching the specified filter.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{"count": Long, "values": [Device]}

Types

`DeviceStatus`

The progress status of the device version processing and calculations (IN_PROGRESS, COMPLETED, or ERROR).

Field Name	Description
`apiV1DeviceId` - `String`	The internal unique identifier of the device in the legacy API.
`changed` - `DateTime`	The most recent time that this entity was directly modified Permission requires
`device` - `Device`	The device that the status applies to. Permission requires
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	This property is not supported. Permission requires
`versions` - `[VersionStatus!]`	The versions of the changes on the device. Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "apiV1DeviceId": "xyz789",
  "changed": DateTime,
  "device": Device,
  "id": ID,
  "name": "xyz789",
  "versions": [VersionStatus]
}

Types

`DeviceStatusQuery`

Query for DeviceStatus objects. These objects can be filtered with a TQL query.

Field Name	Description
`count` - `Long!`	The total count of DeviceStatus objects matching the specified filter.
`values` - `[DeviceStatus!]!`	A list of DeviceStatus objects matching the specified filter.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "count": Long,
  "values": [DeviceStatus]
}

Types

`DeviceType`

Type of dependant device.

Enum Value	Description
`CLOUD_VIRTUAL_NETWORK`	Public or private cloud virtual network. For example: Microsoft Azure public cloud virtual network.
`CLUSTER`	Cluster of devices
`FIREWALL`	Firewall
`FIREWALL_GLOBAL_CONTEXT`	Device of this type holds global firewall information, like global policy
`FIREWALL_VIRTUAL_CONTEXT`	Virtual firewall managed by root management device
`MANAGEMENT`	Device manages other devices.
`MANAGEMENT_DOMAIN`	Device that represents management domain or scope.
`MANAGEMENT_GLOBAL_DOMAIN`	Device that represents global domain or scope.

Types

`Direction`

Direction.

Enum Value	Description
`BOTH`	Inbound-Outbound direction.
`INBOUND`	Inbound direction.
`OUTBOUND`	Outbound direction.

Types

`Domain`

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`default` - `Boolean`
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity

Example

{
  "changed": DateTime,
  "default": false,
  "id": ID,
  "name": "xyz789"
}

Types

`DomainAccessLevel`

Enum Value	Description
`FULL_READ`
`FULL_READ_WRITE`
`PARTIAL_READ`

Types

`DomainDeviceConf`

List of device domain configurations which are excluded from violation calculations and protection mode

Field Name	Description
`appliedToAnyDomain` - `Boolean`	`True` indicates that the configuration applies to `All Domain`. `False` indicates that the configuration applies to a specific domain. Permission requires
`enableProtectionModeChange` - `Boolean`	Permission requires
`excludedForViolation` - `Boolean`	`True` indicates that the application will not calculate security risks for this device Permission requires
`protectionMode` - `ProtectionMode`	Identifies how to select network zones available for checking security risks, whether the mode is Connected (the IP address is directly connected) or Routable (the connection is via route table) Permission requires

Example

{
  "appliedToAnyDomain": false,
  "enableProtectionModeChange": false,
  "excludedForViolation": false,
  "protectionMode": ProtectionMode
}

Types

`DomainQuery`

Query for Domain objects. These objects can be filtered with a TQL query.

Field Name	Description
`count` - `Long!`	The total count of Domain objects matching the specified filter.
`values` - `[Domain!]!`	A list of Domain objects matching the specified filter.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{"count": Long, "values": [Domain]}

Types

`EmailAddress`

An email address

Example

object

Types

`Error`

Field Name	Description
`errorCode` - `String`	Internal code of error message that indicates that request did not successfully complete.
`errorMessage` - `String`	Text of message that indicates that request did not successfully complete

Example

{"errorCode": "abc123", "errorMessage": "xyz789"}

Types

`ErrorType`

Enum Value	Description
`IP_TYPE_MISMATCH`
`RUNTIME_ERROR`

Types

`FlowRestrictionType`

The required format of the source and the destination in a rule.

Enum Value	Description
`HOST_TO_HOST`	Rule requirement that both the source and destination are defined by host objects.
`HOST_TO_SUBNET`	Rule requirement that the source of the traffic flow is defined by host and the destination is defined by subnet objects.
`SUBNET_TO_HOST`	Rule requirement that the source of the traffic flow is defined by subnet objects and the destination is defined by host.

Types

`FlowUspRestriction`

A condition that defines the allowed flow type from one SecureTrack network zone to another (Host to Host, Subnet to Host, or Host to Subnet).

Field Name	Description
`flowType` - `FlowRestrictionType`	The flow type.
`restrictionType` - `RestrictionType`	Restriction type.

Example

{
  "flowType": FlowRestrictionType,
  "restrictionType": RestrictionType
}

Types

`FlowUspRestrictionInput`

Flow USP restriction.

Input Field	Description
`flowType` - `FlowRestrictionType!`	Flow type (`FlowRestrictionType`).

Example

{"flowType": FlowRestrictionType}

Types

`Fqdn`

Fully qualified domain name. Identifier that fully identifies the resource

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`domainAddress` - `String`	Fully qualified domain name
`id` - `ID!`	The internal unique identifier for this entity
`ipAddresses` - `[IpAddress!]`	List of IP addresses
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`name` - `String`	The name of the entity
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "xyz789",
  "device": BasicDevice,
  "domainAddress": "xyz789",
  "id": ID,
  "ipAddresses": [IpAddress],
  "name": "abc123",
  "system": BasicSystem,
  "version": 123
}

Types

`FreeText`

Free text

Example

object

Types

`Group`

Network objects group. Contains other network objects

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`groupType` - `GroupType!`	Group type. For example: NETWORK_WITH_EXCLUSION. See `GroupType` definition
`id` - `ID!`	The internal unique identifier for this entity
`membersPredefinedValue` - `NetworkPredefinedValue`	Members of type "Any"
`membershipCriteria` - `String`
`name` - `String`	The name of the entity
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "xyz789",
  "device": BasicDevice,
  "groupType": GroupType,
  "id": ID,
  "membersPredefinedValue": NetworkPredefinedValue,
  "membershipCriteria": "xyz789",
  "name": "abc123",
  "system": BasicSystem,
  "version": 123
}

Types

`GroupType`

Network objects group type.

Enum Value	Description
`APPLICATION`	The group containing network applications.
`LOCATION`
`MICRO_SEGMENTED_GROUP`	The group containing vendor specific objects. For example: network interface cards (NIC).
`NETWORK`	The group containing networks.
`NETWORK_WITH_EXCLUSION`	The group containing networks with exclusions.
`SECURITY_PROFILE`	The group containing security profiles.
`SERVICE`	The group containing TCP/IP services.
`USER`	The group containing users.
`ZONE_INTERSECTABLE_MICRO_SEGMENTED_GROUP`

Types

`Host`

Computer or other device connected to a computer network.

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`ip` - `String`	The IP address. It will either take the form of an IPv4 (as speficied in RFC 794) or IPv6 (as specified in RFC 4291).
`ipAddresses` - `[IpAddress!]`	List of additional IP addresses
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`ipType` - `IpType`	The IP address this host has can be of different types (e.g. IPv4, IPv6). This field specifies which type it is.
`name` - `String`	The name of the entity
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "abc123",
  "device": BasicDevice,
  "id": ID,
  "ip": "abc123",
  "ipAddresses": [IpAddress],
  "ipType": IpType,
  "name": "abc123",
  "system": BasicSystem,
  "version": 123
}

Types

`ID`

The ID scalar type represents a unique identifier, often used to refetch an object or as key for a cache. The ID type appears in a JSON response as a String; however, it is not intended to be human-readable. When expected as an input type, any string (such as "4") or integer (such as 4) input value will be accepted as an ID.

Example

object

Types

`IcmpService`

ICMP service

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`icmpCode` - `Int`	ICMP code number for a particular ICMP type
`id` - `ID!`	The internal unique identifier for this entity
`maxIcmpType` - `Int`	The last ICMP type number in range, including
`minIcmpType` - `Int`	The first ICMP type number in range, including
`name` - `String`	The name of the entity
`negated` - `Boolean`	Rule will use all ICMP types, except specified in `minIcmpType` and `maxIcmpType` in case this value is true
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "abc123",
  "device": BasicDevice,
  "icmpCode": 123,
  "id": ID,
  "maxIcmpType": 987,
  "minIcmpType": 123,
  "name": "xyz789",
  "negated": false,
  "system": BasicSystem,
  "version": 987
}

Types

`IdString`

ID type

Example

object

Types

`InstallationTargetPredefinedValue`

Predefined values for installation target of type Any

Enum Value	Description
`ANY_IT`	Any installation target

Types

`Int`

The Int scalar type represents non-fractional signed whole numeric values. Int can represent values between -(2^31) and 2^31 - 1.

Example

Types

`Interface`

The Interface entity shows the current configuration of an interface and the information received from the device.

Field Name	Description
`autoMappingDirectlyConnectedZones` - `[SecurityZone!]`	List of SecureTrack network zone IDs that are directly connected to the interface. These zones were calculated automatically by SecureTrack and includes both specific domains and All Domains. Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`autoMappingRouteableZones` - `[SecurityZone!]`	List of SecureTrack network zone IDs that are connected through a route to the interface. These zones were calculated automatically by SecureTrack and includes both specific domains and All Domains. Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`changed` - `DateTime`	The time and date the interface was last changed. Permission requires
`comment` - `String`	This property is not supported. Permission requires
`device` - `BasicDevice`	The Device ID that the interface is connected to. Interfaces are only associated with gateways. Permission requires
`id` - `ID!`	The interface ID.
`ipAddresses` - `[IpAddress!]`	The IP addresses of the interface. Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`manualAddedDirectlyConnectedZones` - `[SecurityZone!]`	List of SecureTrack network zone IDs that are directly connected to the interface. These zones were added manually and includes both specific domains and All Domains. Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`manualAddedRouteableZones` - `[SecurityZone!]`	List of SecureTrack network zone IDs that are connected through a route to the interface. These zones were added manually and includes both specific domains and All Domains. Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`manualExcludedDirectlyConnectedZones` - `[SecurityZone!]`	List of SecureTrack network zone IDs that are directly connected to the interface and were manually excluded and includes both specific domains and All Domains. Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`manualExcludedRouteableZones` - `[SecurityZone!]`	List of SecureTrack network zone IDs that are connected through a route to the interface and were manually excluded and includes both specific domains and All Domains. Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`name` - `String`	The interface name.
`system` - `BasicSystem`	The system ID that the interface is related to. Permission requires
`version` - `Int!`	The last version ID that was received for the interface.
`zone` - `Zone`	The ID of the SecureTrack network zone that the interface is associated with. Permission requires

Example

{
  "autoMappingDirectlyConnectedZones": [SecurityZone],
  "autoMappingRouteableZones": [SecurityZone],
  "changed": DateTime,
  "comment": "abc123",
  "device": BasicDevice,
  "id": ID,
  "ipAddresses": [IpAddress],
  "manualAddedDirectlyConnectedZones": [SecurityZone],
  "manualAddedRouteableZones": [SecurityZone],
  "manualExcludedDirectlyConnectedZones": [SecurityZone],
  "manualExcludedRouteableZones": [SecurityZone],
  "name": "abc123",
  "system": BasicSystem,
  "version": 123,
  "zone": Zone
}

Types

`InterfaceDirection`

Direction of interface traffic from the interface point of view.

Enum Value	Description
`IN`	Traffic is inbound. Interface receives the traffic.
`OUT`	Traffic is outbound. Interface sends the traffic outside.

Types

`InterfaceQuery`

Query for Interface objects. These objects can be filtered with a TQL query.

Field Name	Description
`count` - `Long!`	The total count of Interface objects matching the specified filter.
`values` - `[Interface!]!`	A list of Interface objects matching the specified filter.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "count": Long,
  "values": [Interface]
}

Types

`InternetService`

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "xyz789",
  "device": BasicDevice,
  "id": ID,
  "name": "abc123",
  "system": BasicSystem,
  "version": 987
}

Types

`InvalidRule`

Rule that is invalid for creating a ticket

Field Name	Description
`reason` - `CreateDraftInvalidRuleReason!`	The reason that the rule is invalid
`ruleUid` - `ID`	The rule UID

Example

{
  "reason": CreateDraftInvalidRuleReason,
  "ruleUid": ID
}

Types

`IpAddress`

IP address

Field Name	Description
`ip` - `String`	IP address
`ipType` - `IpType`	The IP address can be of different types (e.g. IPv4, IPv6). This field specifies which type it is.
`precedence` - `Precedence`	IP address placement definition
`subnetMask` - `String`	Sub-network mask
`visibility` - `Visibility`	IP address visibility definition

Example

{
  "ip": "abc123",
  "ipType": IpType,
  "precedence": Precedence,
  "subnetMask": "abc123",
  "visibility": Visibility
}

Types

`IpAddressString`

The IP address. It will either take the form of an IPv4 (as specified in RFC 794) or IPv6 (as specified in RFC 4291).

Example

object

Types

`IpMaskString`

IP netmask (IPv4 or IPv6)

Example

object

Types

`IpRange`

Set of IP addresses defined by first and last IP address.

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`ipType` - `IpType`	The IP addresses this range has can be of different types (e.g. IPv4, IPv6). This field specifies which type they are.
`maxIp` - `String`	The last IP address, including.
`minIp` - `String`	The first IP address, including.
`name` - `String`	The name of the entity
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "abc123",
  "device": BasicDevice,
  "id": ID,
  "ipType": IpType,
  "maxIp": "abc123",
  "minIp": "abc123",
  "name": "abc123",
  "system": BasicSystem,
  "version": 987
}

Types

`IpService`

TCP/IP service

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`maxProtocol` - `Int`	The last protocol number in range, including
`minProtocol` - `Int`	The first protocol number in range, including
`name` - `String`	The name of the entity
`negated` - `Boolean`	Rule will use all service protocols, except specified in `minProtocol` and `maxProtocol` in case this value is true
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "abc123",
  "device": BasicDevice,
  "id": ID,
  "maxProtocol": 987,
  "minProtocol": 987,
  "name": "abc123",
  "negated": false,
  "system": BasicSystem,
  "version": 987
}

Types

`IpType`

The IP type.

Enum Value	Description
`IPV4`	IPv4 IP type.
`IPV4_IPV6`	Either IPv4 or IPv6.
`IPV6`	IPv6 IP type.
`OTHER`	Neither IPV4 nor IPV6

Types

`LdapUser`

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`dn` - `String`	LDAP user identifier
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "xyz789",
  "device": BasicDevice,
  "dn": "abc123",
  "id": ID,
  "name": "abc123",
  "system": BasicSystem,
  "version": 987
}

Types

`LocalUser`

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "xyz789",
  "device": BasicDevice,
  "id": ID,
  "name": "abc123",
  "system": BasicSystem,
  "version": 987
}

Types

`Location`

Locations identify the various networks from which your organization sends its internet traffic. When an organization forwards its traffic to the Zscaler service through a GRE or IPSec tunnel, Zscaler provisions your organization's IP addresses, which you then add as locations in the ZIA Admin Portal.

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`ipAddresses` - `[IpAddress!]`	List of IP addresses
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`name` - `String`	The name of the entity
`ports` - `[Int!]`	Proxy ports
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "xyz789",
  "device": BasicDevice,
  "id": ID,
  "ipAddresses": [IpAddress],
  "name": "xyz789",
  "ports": [987],
  "system": BasicSystem,
  "version": 123
}

Types

`LogProfile`

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "abc123",
  "device": BasicDevice,
  "id": ID,
  "name": "xyz789",
  "system": BasicSystem,
  "version": 987
}

Types

`Long`

Long type

Example

object

Types

`ModelName`

Device model name.

Enum Value	Description
`ASA`	Cisco ASA
`AWS_ACCOUNT`	Amazon AWS public cloud management, contains account information
`AWS_VPC`	Amazon AWS public cloud "virtual public cloud"
`AZURE_ACCOUNT`	Microsoft Azure public cloud management, contains account information
`AZURE_VNET`	Microsoft Azure public cloud virtual network
`CMA`	Check Point CMA.
`FMC`
`FORTIGATE`	Fortinet firewall
`FORTIMANAGER`	Fortinet management device
`FTD`
`MDS`	Check Point MDS
`NETSCREEN`	Netscreen
`NEXUS`	Cisco Nexus
`PANORAMA`	Palo Alto management device
`PANOS`	Palo Alto Firewall
`ROUTER`	Cisco router
`SMART_CENTER`	Check Point Smart center
`SRX`	Srx
`UNKNOWN`	Unknown, not supported, device.
`VMWARE_NSX_DISTRIBUTED_FIREWALL`	VMware NSX distributed firewall
`VMWARE_NSX_EDGE`	VMware NSX Edge
`VMWARE_NSX_MANAGEMENT`	VMware NSX management
`ZSCALER_INTERNET_ACCESS`	Zscaler Internet Access

Types

`ModifiedRule`

The rule that is associated with the ticket that is created.

Field Name	Description
`createdTicketId` - `ID!`	ID of the created ticket.
`ruleId` - `ID!`	ID of the affected rule.

Example

{
  "createdTicketId": ID,
  "ruleId": ID
}

Types

`NIC`

The emulation of a physical network adapter (NIC)

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`ipAddresses` - `[IpAddress!]`	List of IP addresses
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`name` - `String`	The name of the entity
`subnet` - `Subnet`	Sub-network that this NIC belongs to
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "abc123",
  "device": BasicDevice,
  "id": ID,
  "ipAddresses": [IpAddress],
  "name": "abc123",
  "subnet": Subnet,
  "system": BasicSystem,
  "version": 987
}

Types

`Name`

An entity name

Example

object

Types

`NetworkObjectTraffic`

Field Name	Description
`ip` - `String`

Example

{"ip": "abc123"}

Types

`NetworkObjectTrafficInput`

Represents a traffic network object.

Input Field	Description
`ip` - `IpAddressString!`

Example

{"ip": IpAddressString}

Types

`NetworkPredefinedValue`

Definition for network of type Any.

Enum Value	Description
`ANY_IPV4_NETWORK`	Any IPv4 network.
`ANY_IPV6_NETWORK`	Any IPv6 network.
`ANY_NETWORK`	Any IPv4 or IPv6 network.

Types

`OPMAgent`

Open policy management (OPM) agent definition Permission requires

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`opmAgentId` - `String`	OPM agent ID
`systemProperties` - `[SystemProperties!]`	System specific text fields
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`vendor` - `VendorName`	Vendor type of this device
`vendorDisplayName` - `String`	Vendor name of this device

Example

{
  "changed": DateTime,
  "id": ID,
  "name": "abc123",
  "opmAgentId": "xyz789",
  "systemProperties": [SystemProperties],
  "vendor": VendorName,
  "vendorDisplayName": "abc123"
}

Types

`OPMAgentQuery`

Query for OPMAgent objects. These objects can be filtered with a TQL query.

Field Name	Description
`count` - `Long!`	The total count of OPMAgent objects matching the specified filter.
`values` - `[OPMAgent!]!`	A list of OPMAgent objects matching the specified filter.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "count": Long,
  "values": [OPMAgent]
}

Types

`OtherObject`

Network object that does not have TOS known type.

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`objectType` - `String`	Custom type textual representation.
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "xyz789",
  "device": BasicDevice,
  "id": ID,
  "name": "abc123",
  "objectType": "xyz789",
  "system": BasicSystem,
  "version": 987
}

Types

`OtherService`

Service that does not have TOS known type

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`serviceType` - `String`	Custom type textual representation
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "abc123",
  "device": BasicDevice,
  "id": ID,
  "name": "abc123",
  "serviceType": "abc123",
  "system": BasicSystem,
  "version": 987
}

Types

`Permission`

A system function grant

Field Name	Description
`name` - `String`	The unique name of the grant
`type` - `String`	The type of the grant - READ \| WRITE \| RESOURCE

Example

{"name": "abc123", "type": "abc123"}

Types

`PermissivenessScoreLevel`

Permissiveness level of rule's data.

Enum Value	Description
`HIGH`	High permissiveness level. Rule allows access for too much network traffic.
`LOW`	Low permissiveness level. Rule allows very small network traffic.
`MEDIUM`	Medium permissiveness level. Rule allows not much network traffic.

Types

`Precedence`

Placement definition

Enum Value	Description
`SECONDARY`	Secondary IP address

Types

`PredefinedUspType`

The set of predefined templates of USP definitions. Each predefined template type is aimed at a different compliance setting and defines a different set of zone roles.

Enum Value	Description
`ADVANCED_BEST_PRACTICES`	Defines the following zones: Corporate DMZ Internet
`BEST_PRACTICES`	Defines the following zones: Internet DataCenter PM RnD Sales
`ISO_27001`	Information security standards published jointly by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Provides best practice recommendations on information security management—the management of information risks through information security controls. Defines the following zones: Corporate NOC-MGMT DMZ-DB DMZ-NOC DMZ-PUB Extranet-Partners DMZ-Partners Internet Int-IP
`NERC_CIPv5`	The NERC CIP (North American Electric Reliability Corporation Critical Infrastructure Protection) version 5 standards are designed to secure the assets required for operating North America’s Bulk Electric System (BES). Defines the following zones: EACMS PACS Control Center Substation Corporate DMZ Internet
`NIST_800_53`
`PCI`	The Payment Card Industry Data Security Standard (PCI DSS). An information security standard for organizations that handle credit cards from the major card schemes. Defines the following zones: Corporate DMZ Internet PCI Applications PCI Data PCI Web Wireless Networks

Types

`ProgressStatus`

Progress status

Enum Value	Description
`COMPLETED`	Completed
`ERROR`	Error
`IN_PROGRESS`	In progress

Types

`PropertyUspRestriction`

A condition that defines rules related properties of RestrictionTypes:

MANDATORY_COMMENT
MANDATORY_LOG
LAST_HIT_MAX_VAL
SOURCE_IPS_MAX_COUNT
DESTINATION_IPS_MAX_COUNT
SERVICES_MAX_COUNT
EXPLICIT_SOURCE
EXPLICIT_DESTINATION
EXPLICIT_SERVICE

Field Name Description

restrictionType - RestrictionType

Restriction type.

value - Int

A field that defines numeric related properties, of RestrictionTypes:

LAST_HIT_MAX_VAL
SOURCE_IPS_MAX_COUNT
DESTINATION_IPS_MAX_COUNT
SERVICES_MAX_COUNT

Example

{"restrictionType": RestrictionType, "value": 987}

Types

`PropertyUspRestrictionInput`

Property USP restriction (PropertyUspRestriction).

Input Field	Description
`value` - `Int`	The numeric related property.

Example

{"value": 123}

Types

`ProtectionMode`

Describes how to select network zones available for checking security risks.

Enum Value	Description
`CONNECTED_ZONES`	Violation will be calculated on zones that are directly connected to the interface
`ROUTABLE_ZONES`	Violation will be calculated on zones that have routes through the interface.

Types

`RemoveSecurityZonesFromUspInput`

Removes one or more SecureTrack network zones from an existing USP.

Input Field	Description
`securityZonesIds` - `[IdString!]!`	SecureTrack network zones IDs to be added.
`uspId` - `IdString!`	USP ID to remove zones from.

Example

{
  "securityZonesIds": [IdString],
  "uspId": IdString
}

Types

`RemoveSecurityZonesFromUspResult`

Returns the status results when removing SecureTrack network zones from an existing USP.

Field Name	Description
`resultStatus` - `ResultStatus!`	Status of request to remove SecureTrack network zones from an existing USP.

Example

{"resultStatus": ResultStatus}

Types

`RestrictionType`

Enumeration of valid restriction types.

Enum Value	Description
`DESTINATION_IPS_MAX_COUNT`	Maximum number of IP address allowed in the destination.
`EXPLICIT_DESTINATION`	Rules must have an explicit destination, not the ANY value.
`EXPLICIT_SERVICE`	Rules must have an explicit service, not the ANY value.
`EXPLICIT_SOURCE`	Rules must have an explicit source, not the ANY value.
`FLOWS`	The required format of the source and the destination in a rule (HOST_TO_HOST, SUBNET_TO_HOST, or HOST_TO_SUBNET).
`LAST_HIT_MAX_VAL`	Maximum number of days in which the rule must have had a hit.
`MANDATORY_COMMENT`	Rules must have text in the comment field.
`MANDATORY_LOG`	Rules must be configured to create log entries.
`SERVICES_MAX_COUNT`	Maximum number of services allowed.
`SOURCE_IPS_MAX_COUNT`	Maximum number of IP address allowed in the source.
`TRAFFIC`	Traffic access permitted from a source zone to a destination zone (Allow only, Block only, Allow all, Block all).

Types

`ResultStatus`

Status result of the operation.

Field Name	Description
`errorMessage` - `String`
`errors` - `[Error!]`	List of error codes and messages.
`successful` - `Boolean`	True indicates that request successfully completed

Example

{
  "errorMessage": "xyz789",
  "errors": [Error],
  "successful": true
}

Types

`RiskAnalysisFlowsViolationData`

Information regarding violations of type Flow.

Field Name	Description
`flowUspRestriction` - `FlowUspRestriction`	`FlowUspRestriction` that was violated by the access request.
`violatedFlowType` - `FlowRestrictionType`	The flow restriction type `FlowRestrictionType` that was violated by the access request.
`violatingDestPredefinedValue` - `NetworkPredefinedValue`	The violating `NetworkPredefinedValue` of the access request's destination.
`violatingDestinationNetworkObjects` - `[RiskAnalysisNetworkObject!]`	List of `NetworkObjectTraffic` that represent the violating objects in the access request's destination.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`violatingSourceNetworkObjects` - `[RiskAnalysisNetworkObject!]`	List of `NetworkObjectTraffic` that represent the violating objects in the access request's source.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`violatingSourcePredefinedValue` - `NetworkPredefinedValue`	The violating `NetworkPredefinedValue` of the access request's source.

Example

{
  "flowUspRestriction": FlowUspRestriction,
  "violatedFlowType": FlowRestrictionType,
  "violatingDestPredefinedValue": NetworkPredefinedValue,
  "violatingDestinationNetworkObjects": [
    RiskAnalysisNetworkObject
  ],
  "violatingSourceNetworkObjects": [
    RiskAnalysisNetworkObject
  ],
  "violatingSourcePredefinedValue": NetworkPredefinedValue
}

Types

`RiskAnalysisMutation`

The RiskAnalysisMutation entity enables to create a task of AccessRequests for risk calculation.

Field Name	Description
`createUspRiskAnalysisTask` - `CreateUspRiskAnalysisTaskResult!`	Create a `UspRiskAnalysisTask`.
Arguments `input` - `CreateUspRiskAnalysisTaskInput!`

Example

{
  "createUspRiskAnalysisTask": CreateUspRiskAnalysisTaskResult
}

Types

`RiskAnalysisNetworkObject`

A violating network object entity, in a defined SecureTrack zone.

Field Name	Description
`networkObjectTraffic` - `NetworkObjectTraffic`	The raw traffic representation of the violating network object.
`zone` - `SecurityZone`	The SecureTrack zone that violates the network object traffic.

Example

{
  "networkObjectTraffic": NetworkObjectTraffic,
  "zone": SecurityZone
}

Types

`RiskAnalysisTrafficViolationData`

Information regarding violations of type Traffic.

Field Name	Description
`trafficUspRestriction` - `TrafficUspRestriction`	`TrafficUspRestriction` that was violated by the access request.
`violatedApplicationPredefinedValue` - `ApplicationPredefinedValue`	The violating `ApplicationPredefinedValue` of the access request's applications.
`violatedServicePredefinedValue` - `ServicePredefinedValue`	The violating `ServicePredefinedValue` of the access request's service.
`violatingApplications` - `[String!]`	List of application names that represent the violating applications in the access request.
`violatingServices` - `[String!]`	List of services expressions that represent the violating services in the access request.

Example

{
  "trafficUspRestriction": TrafficUspRestriction,
  "violatedApplicationPredefinedValue": ApplicationPredefinedValue,
  "violatedServicePredefinedValue": ServicePredefinedValue,
  "violatingApplications": ["xyz789"],
  "violatingServices": ["xyz789"]
}

Types

`RiskAnalysisViolation`

The RiskAnalysisViolation entity represents information regarding violations of an access request. Permission requires

Field Name	Description
`accessRequestId` - `String`	Access request ID.
`changed` - `DateTime`	The date that the `RiskAnalysisViolation` entity was last changed.
`creationDate` - `DateTime`	Creation date of the violation.
`exceptions` - `[BasicUspExceptionInfoForRiskAnalysis!]`	Exceptions IDs that were applied to the violation.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`flowViolationData` - `RiskAnalysisFlowsViolationData`	The flow violation `RiskAnalysisFlowsViolationData`.
`fromZoneMatchingObjects` - `[RiskAnalysisNetworkObject!]`	List of `NetworkObjectTraffic` that are matching the from-zone of the `ZoneToZoneMatcher`. Set in case the access request sources are specific (`matchingSourcePredefinedValue` not set).
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`id` - `ID!`	Violation ID.
`matchingDestinationPredefinedValue` - `NetworkPredefinedValue`	Set in case the access request destination is a predefined value of `NetworkPredefinedValue`.
`matchingSourcePredefinedValue` - `NetworkPredefinedValue`	Set in case the access request source is a predefined value of `NetworkPredefinedValue`.
`name` - `String`	This property is not supported.
`requirement` - `UspRequirement`	Violated `UspRequirement`.
`severity` - `ViolationSeverity`	Severity of the violation.
`toZoneMatchingObjects` - `[RiskAnalysisNetworkObject!]`	List of `NetworkObjectTraffic` that are matching the to-zone of the `ZoneToZoneMatcher`. Set in case the access request destinations are specific (`matchingDestinationePredefinedValue` not set).
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`trafficViolationData` - `RiskAnalysisTrafficViolationData`	The traffic violation `RiskAnalysisTrafficViolationData`.
`usp` - `BasicUspInfoForRiskAnalysis`	Violated `USP`.
`zoneToZoneUspRequirementMatcher` - `ZoneToZoneUspRequirementMatcher`	Violated from zone - to zone `ZoneToZoneMatcher`.

Example

{
  "accessRequestId": "xyz789",
  "changed": DateTime,
  "creationDate": DateTime,
  "exceptions": [BasicUspExceptionInfoForRiskAnalysis],
  "flowViolationData": RiskAnalysisFlowsViolationData,
  "fromZoneMatchingObjects": [RiskAnalysisNetworkObject],
  "id": ID,
  "matchingDestinationPredefinedValue": NetworkPredefinedValue,
  "matchingSourcePredefinedValue": NetworkPredefinedValue,
  "name": "xyz789",
  "requirement": UspRequirement,
  "severity": ViolationSeverity,
  "toZoneMatchingObjects": [RiskAnalysisNetworkObject],
  "trafficViolationData": RiskAnalysisTrafficViolationData,
  "usp": BasicUspInfoForRiskAnalysis,
  "zoneToZoneUspRequirementMatcher": ZoneToZoneUspRequirementMatcher
}

Types

`Role`

Field Name	Description
`uid` - `ID`
`name` - `String`
`permissions` - `[Permission]`

Example

{
  "uid": ID,
  "name": "xyz789",
  "permissions": [Permission]
}

Types

`Rule`

A rule in a security policy

Field Name	Description
`action` - `RuleActionType`	Action that will be performed by firewall if network traffic matches this rule
`actionDisplayName` - `String`	Action name
`application` - `RuleApplicationTraffic`	Definition of the network applications
`applicationsUsage` - `[ApplicationUsage!]`	Last time traffic was recorded for a specific application on this rule
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`appliedTo` - `[String!]`	Devices that the rule is installed on
`appliedToObjects` - `RuleAppliedToObjects`	Network objects that this rule is applied to
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`destination` - `RuleNetworkTraffic`	Definition of the destination network objects
`destinationZone` - `RuleZoneTraffic`	Definition of the destination network zones
`device` - `BasicDevice`	The device that this entity belongs to
`direction` - `Direction`	Direction of this rule (inbound or outbound)
`disabled` - `Boolean`	True indicates that this rule is disabled on the device
`exceptions` - `[BasicRuleUspExceptionInfo!]`
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`goToTarget` - `SecurityPolicy`	Target security policy for GOTO rule action
`id` - `ID!`	The internal unique identifier for this entity
`idOnDevice` - `String`	Device specific rule identifier. Usually identifies the rule order in the security policy.
`installedOn` - `RuleInstallationTargetTraffic`	Devices that the rule is installed on
`isExemptedFromUsp` - `Boolean`	True indicates that the rule will be excluded from violation calculations
`location` - `String`	The level of the rule within the rule hierarchy
`logging` - `RuleLogging`	Rule logging definition
`name` - `String`	The name of the entity
`permissivenessLevel` - `PermissivenessScoreLevel`	The permissiveness level (high/medium/low). The permissiveness level is an indication of how widely a rule is defined. Rules with high permissiveness can be a security risk because they allow too much access through the firewall. For example: A rule with one source host, one destination host, and one service is low permissiveness A rule with Source "ANY", Destination "ANY", and Protocol "ANY" is high permissiveness
`policy` - `SecurityPolicy`	The security policy the rule belongs to
`policyIndex` - `Int`
`ruleUsageStatus` - `RuleUsageStatus`	Status of last hit check
`ruleUserData` - `RuleUserData`	Additional information such as a description that can be customized by administrators
`sectionTitle` - `String`	Title of the section that rule belongs to
`service` - `RuleServiceTraffic`	Definition of the network service objects
`shadowed` - `ShadowedStatus`	Indicates whether the rule is shadowed by a previous rule which handles traffic before it gets to this rule, This may indicate that the rule is redundant.
`source` - `RuleNetworkTraffic`	Definition of the source network objects
`sourceZone` - `RuleZoneTraffic`	Definition of the source network zones
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`tags` - `[String!]`	List of tags
`time` - `RuleTimeTraffic`	Time and date that the rule is scheduled
`timeLastHit` - `DateTime`	The last time traffic that passed through the device matched either the rule, user, or application identity details
`timeLastModified` - `DateTime`	The most recent time that this rule was directly modified or there was a change in a related object which impacted the rule
`urlCategory` - `RuleUrlCategory`	The category of the URL as determined by the device
`user` - `RuleUserTraffic`	Definition of the network user objects
`usersUsage` - `[UserUsage!]`	Last time traffic was recorded for a specific user on this rule
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made
`violationHighestSeverity` - `ViolationSeverity`	Maximum security risk severity
`violations` - `[RuleViolation!]`	A list of all security risks found in this rule
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`vpn` - `RuleVpnTraffic`	Definition of the VPN communities. A VPN community is a collection of VPN enabled gateways capable of communicating via VPN tunnels.
`zonesRelation` - `ZonesRelation`	Zone relation definition on the device
`expirationDate` - `DateTime`

Example

{
  "action": RuleActionType,
  "actionDisplayName": "xyz789",
  "application": RuleApplicationTraffic,
  "applicationsUsage": [ApplicationUsage],
  "appliedTo": ["xyz789"],
  "appliedToObjects": RuleAppliedToObjects,
  "changed": DateTime,
  "comment": "abc123",
  "destination": RuleNetworkTraffic,
  "destinationZone": RuleZoneTraffic,
  "device": BasicDevice,
  "direction": Direction,
  "disabled": false,
  "exceptions": [BasicRuleUspExceptionInfo],
  "goToTarget": SecurityPolicy,
  "id": ID,
  "idOnDevice": "xyz789",
  "installedOn": RuleInstallationTargetTraffic,
  "isExemptedFromUsp": false,
  "location": "abc123",
  "logging": RuleLogging,
  "name": "abc123",
  "permissivenessLevel": PermissivenessScoreLevel,
  "policy": SecurityPolicy,
  "policyIndex": 987,
  "ruleUsageStatus": RuleUsageStatus,
  "ruleUserData": RuleUserData,
  "sectionTitle": "abc123",
  "service": RuleServiceTraffic,
  "shadowed": ShadowedStatus,
  "source": RuleNetworkTraffic,
  "sourceZone": RuleZoneTraffic,
  "system": BasicSystem,
  "tags": ["xyz789"],
  "time": RuleTimeTraffic,
  "timeLastHit": DateTime,
  "timeLastModified": DateTime,
  "urlCategory": RuleUrlCategory,
  "user": RuleUserTraffic,
  "usersUsage": [UserUsage],
  "version": 123,
  "violationHighestSeverity": ViolationSeverity,
  "violations": [RuleViolation],
  "vpn": RuleVpnTraffic,
  "zonesRelation": ZonesRelation,
  "expirationDate": DateTime
}

Types

`RuleActionType`

Type of action that will be performed by firewall if network traffic matches this rule

Enum Value	Description
`ALLOW`	Traffic specified by the rule will be allowed
`DENY`	Traffic specified by the rule will not be allowed
`GOTO`	Traffic specified by the rule must be checked by other policy. See `goToTarget` parameter in `Rule`
`UNSUPPORTED`	This usages is just a fallback for not supported data

Types

`RuleApplicationTraffic`

Field Name	Description
`negated` - `Boolean`	Whether this object represents traffic that is the negated value of the details specified in its other properties.
`predefinedValue` - `ApplicationPredefinedValue`	Predefined value for Any application
`typeDisplay` - `String`	`RuleApplicationTraffic` will always be of type "Application"

Example

{
  "negated": true,
  "predefinedValue": ApplicationPredefinedValue,
  "typeDisplay": "xyz789"
}

Types

`RuleAppliedToObjects`

"Applied to objects" definition for rule

Field Name	Description
`predefinedValue` - `AppliedToObjectsPredefinedValue`	Value for predefined type (Any or No object)
`typeDisplay` - `String`	`RuleAppliedToObjects` will always be of type "Applied to objects"

Example

{
  "predefinedValue": AppliedToObjectsPredefinedValue,
  "typeDisplay": "xyz789"
}

Types

`RuleExceptionConditionInput`

Condition on Rules

Input Field	Description
`rules` - `[IdString!]!`	List of Rule's ID.

Example

{"rules": [IdString]}

Types

`RuleFlowsViolationData`

The RuleFlowsViolationData entity holds data of the flows that are being violated by the rule

Field Name	Description
`flowRestriction` - `FlowUspRestriction`	The `FlowUspRestriction` that was violated by this rule
`negatedViolatingDestination` - `Boolean`	True if `violatingDestinationNetworkObjects` is a negated value
`negatedViolatingSource` - `Boolean`	True if `violatingSourceNetworkObjects` is a negated value
`violatedFlowType` - `FlowRestrictionType`	The `FlowRestrictionType` that was violated by this rule
`violatingDestPredefinedValue` - `NetworkPredefinedValue`	The `NetworkPredefinedValue` of the destination`NetworkObjects` that are violated by the rule
`violatingSourcePredefinedValue` - `NetworkPredefinedValue`	The `NetworkPredefinedValue` of the source `NetworkObjects` that are violated by the rule

Example

{
  "flowRestriction": FlowUspRestriction,
  "negatedViolatingDestination": true,
  "negatedViolatingSource": true,
  "violatedFlowType": FlowRestrictionType,
  "violatingDestPredefinedValue": NetworkPredefinedValue,
  "violatingSourcePredefinedValue": NetworkPredefinedValue
}

Types

`RuleInstallationTargetTraffic`

Installation targets definition for rule

Field Name	Description
`predefinedValue` - `InstallationTargetPredefinedValue`	Value for installation target of type Any
`typeDisplay` - `String`	`RuleInstallationTargetTraffic` will always be of type "Install On"

Example

{
  "predefinedValue": InstallationTargetPredefinedValue,
  "typeDisplay": "abc123"
}

Types

`RuleLogging`

Rule logging definition

Field Name	Description
`logProfile` - `LogProfile`	Logging profile name
`logged` - `Boolean`	If true, the rule logged on device
`timing` - `RuleLoggingTiming`	Specify when rule logging should start
`trackInterval` - `Int`	Interval (vendor specific)
`trackLevel` - `RuleTrackLevel`	Rule logging track level

Example

{
  "logProfile": LogProfile,
  "logged": true,
  "timing": RuleLoggingTiming,
  "trackInterval": 987,
  "trackLevel": RuleTrackLevel
}

Types

`RuleLoggingTiming`

Specify when rule logging should start

Enum Value	Description
`BOTH_START_AND_END`	Log rule usage on both, session start and end
`SESSION_END`	Log rule usage on session end
`SESSION_START`	Log rule usage on session start

Types

`RuleMatchCriterionType`

Rule matching criterion. TOS uses this to match rule for a particular traffic risks discovery.

Enum Value	Description
`APPLICATION`	Match network application defined in rule.
`APPLIED_TO_OBJECTS`
`DESTINATION`
`DEST_ZONE`
`INSTALLATION_TARGET`
`SCHEDULE`
`SERVICE`
`SOURCE`
`SOURCE_SERVICE`
`SOURCE_USER`
`SOURCE_ZONE`
`URL_CATEGORY`
`VPN`

Types

`RuleNetworkTraffic`

Network objects definition for rule source and destination fields

Field Name	Description
`negated` - `Boolean`	Whether this object represents traffic that is the negated value of the details specified in its other properties.
`predefinedValue` - `NetworkPredefinedValue`	Definition for network of type Any
`typeDisplay` - `String`	Network traffic direction in rule (Source, Destination)

Example

{
  "negated": false,
  "predefinedValue": NetworkPredefinedValue,
  "typeDisplay": "abc123"
}

Types

`RuleOperationsMutation`

Lets you create SecureChange tickets for rules modification, recertification or decommission

Field Name	Description
`createTicketDraft` - `CreateTicketDraftResult!`	Create a ticket draft in SecureChange
Arguments `input` - `CreateTicketDraftInput!`

Example

{"createTicketDraft": CreateTicketDraftResult}

Types

`RuleQuery`

Query for Rule objects. These objects can be filtered with a TQL query.

Field Name	Description
`count` - `Long!`	The total count of Rule objects matching the specified filter.
`counts` - `[CountsResult!]!`	Gets the number of entities matching a filter, grouped by selected fields.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `groupBy` - `[String!]!` Groups entities by selected fields. `offset` - `Long` default = `0` Offset results for paging. `orderBy` - `countsOrderBy` default = `"GROUP"` Sorts the results by the specified field. When not explicitly set, the default field is "GROUP" `orderDirection` - `orderDirection` default = `"ASC"` Specifies whether the results should be sorted in ascending or descending order. When not explicitly set, the default order is "ASC"
`values` - `[Rule!]!`	A list of Rule objects matching the specified filter.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "count": Long,
  "counts": [CountsResult],
  "values": [Rule]
}

Types

`RuleSchedule`

Schedule values for rule

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`endTime` - `DateTime`	End time
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`scheduledDays` - `String`	Days
`scheduledMonth` - `String`	Month
`scheduledMonthDays` - `String`	Days of month
`startTime` - `DateTime`	Start time
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`timePeriods` - `[TimePeriodInDay!]`	List of time periods
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "abc123",
  "device": BasicDevice,
  "endTime": DateTime,
  "id": ID,
  "name": "xyz789",
  "scheduledDays": "xyz789",
  "scheduledMonth": "xyz789",
  "scheduledMonthDays": "xyz789",
  "startTime": DateTime,
  "system": BasicSystem,
  "timePeriods": [TimePeriodInDay],
  "version": 123
}

Types

`RuleServiceTraffic`

Network service objects definition for rule service field

Field Name	Description
`negated` - `Boolean`	Whether this object represents traffic that is the negated value of the details specified in its other properties.
`predefinedValue` - `ServicePredefinedValue`	Predefined value to define Any service
`typeDisplay` - `String`	`RuleServiceTraffic` will always be of type "Service"

Example

{
  "negated": true,
  "predefinedValue": ServicePredefinedValue,
  "typeDisplay": "xyz789"
}

Types

`RuleTimeTraffic`

Schedules definition for rule

Field Name	Description
`predefinedValue` - `SchedulePredefinedValue`	Predefined value for schedule of type Any
`typeDisplay` - `String`	`RuleTimeTraffic` will always be of type "Time"
`values` - `[RuleSchedule!]`	List of schedules
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "predefinedValue": SchedulePredefinedValue,
  "typeDisplay": "xyz789",
  "values": [RuleSchedule]
}

Types

`RuleTrackLevel`

Rule logging track level

Enum Value	Description
`ACCOUNT`	Update the log at given intervals
`ALERT`	Generate a log of type Alert and run a command
`ALERTS`	Generate a log if immediate action is required
`CRITICAL`	Generate a log if functionality is affected
`DEBUGGING`	Generate a log for debugging
`DEFAULT`	Default logging track level
`DISABLED`	Logging is disabled
`EMERGENCIES`	Generate a log if system becomes unstable.
`ERRORS`	Generate a log if there is an error condition exists and functionality could be affected
`INFORMATIONAL`	Generate a log with general information about system operations
`MAIL`	Generate a log of type Alert and send an email to the administrator
`NOTIFICATIONS`	Generate a log with information about normal events
`RTL_LOG`	This is the default Track option
`RTL_NONE`	Do not generate a log
`SNMP`	Generate a log of type Alert and send an SNMP alert
`USER_DEFINED`	Generate a log of type Alert and send customized alerts
`WARNINGS`	Generate a log if functionality could be affected

Types

`RuleTrafficViolationData`

The RuleTrafficViolationData entity holds data of the traffic values that are being violated by the rule

Field Name	Description
`trafficRestriction` - `TrafficUspRestriction`	The `TrafficUspRestriction` value that was violated by this rule
`violatedApplicationPredefinedValue` - `ApplicationPredefinedValue`	The `ApplicationPredefinedValue` that was violated by the rule
`violatedServicePredefinedValue` - `ServicePredefinedValue`	The `ServicePredefinedValue` that was violated by the rule
`violatingApplications` - `[Application!]`	A list of every `Application` that was violated by the rule
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "trafficRestriction": TrafficUspRestriction,
  "violatedApplicationPredefinedValue": ApplicationPredefinedValue,
  "violatedServicePredefinedValue": ServicePredefinedValue,
  "violatingApplications": [Application]
}

Types

`RuleUrlCategory`

URLs category with optional predefined value

Field Name	Description
`predefinedValue` - `UrlCategoryPredefinedValue`	Predefined value for URL categories of type Any
`typeDisplay` - `String`	`RuleUrlCategory` will always be of type "URL category"
`values` - `[UrlCategory!]`	List of URLs categories
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "predefinedValue": UrlCategoryPredefinedValue,
  "typeDisplay": "xyz789",
  "values": [UrlCategory]
}

Types

`RuleUsageStatus`

Status of last hit check

Enum Value	Description
`RULE_LAST_HIT_ERROR`	Last hit information has not been received for 3 days
`RULE_LAST_HIT_READY`	Last hit information is up-to-date

Types

`RuleUserData`

Additional information such as a description that can be customized

Field Name	Description
`automationAttribute` - `AutomationAttribute`	Rule type (regular or stealth)
`certification` - `Certification`	Rule recertification is used to document and verify the need for a rule, often for standards compliance and auditing.
`ruleDescription` - `String`	Rule description.
`securechangeTicketInProgressId` - `String`	SecureChange ticket in progress
`technicalOwner` - `User`	Owner for the rule
`technicalOwnerName` - `String`
`tickets` - `[Ticket!]`	List of tickets, opened for this rule.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "automationAttribute": AutomationAttribute,
  "certification": Certification,
  "ruleDescription": "abc123",
  "securechangeTicketInProgressId": "abc123",
  "technicalOwner": User,
  "technicalOwnerName": "abc123",
  "tickets": [Ticket]
}

Types

`RuleUserDataMutation`

Use this entity to update the description, technical owner, or automation attributes, or to create, delete, or update tickets associated with a single or multiple rules.

Field Name	Description
`createTicket` - `CreateTicketResult!`	Create a ticket for a rule.
Arguments `input` - `CreateTicketInput!`
`deleteTickets` - `DeleteTicketsResult!`	Delete tickets.
Arguments `input` - `DeleteTicketsInput!`
`updateRuleAutomationAttribute` - `UpdateRuleAutomationAttributeResult!`	Update an automation attribute for a rule.
Arguments `input` - `UpdateRuleAutomationAttributeInput!`
`updateRuleDescription` - `UpdateRuleDescriptionResult!`	Update description for a rule.
Arguments `input` - `UpdateRuleDescriptionInput!`
`updateRuleTechnicalOwner` - `UpdateRuleTechnicalOwnerResult!`	Update a technical owner for a rule.
Arguments `input` - `UpdateRuleTechnicalOwnerInput!`
`updateTicket` - `UpdateTicketResult!`	Update a ticket.
Arguments `input` - `UpdateTicketInput!`

Example

{
  "createTicket": CreateTicketResult,
  "deleteTickets": DeleteTicketsResult,
  "updateRuleAutomationAttribute": UpdateRuleAutomationAttributeResult,
  "updateRuleDescription": UpdateRuleDescriptionResult,
  "updateRuleTechnicalOwner": UpdateRuleTechnicalOwnerResult,
  "updateTicket": UpdateTicketResult
}

Types

`RuleUserTraffic`

Network users objects definition for rule user field

Field Name	Description
`negated` - `Boolean`	Whether this object represents traffic that is the negated value of the details specified in its other properties.
`predefinedValue` - `UserPredefinedValue`	Predefined values to define well known user behavior
`typeDisplay` - `String`	`RuleUserTraffic` will always be of type "User"

Example

{
  "negated": true,
  "predefinedValue": UserPredefinedValue,
  "typeDisplay": "abc123"
}

Types

`RuleViolatedProperty`

The RuleViolatedProperty entity holds data of the property values that are being violated by the rule

Field Name	Description
`propertyRestriction` - `PropertyUspRestriction`	The `PropertyUspRestriction` that was violated by this rule
`scalarValue` - `String`	A numeric value related to the violated property

Example

{
  "propertyRestriction": PropertyUspRestriction,
  "scalarValue": "xyz789"
}

Types

`RuleViolation`

Contains data about Rule Violations. Violations can be filtered by rule, USP, source zone, destination zone, and type (flow, property or traffic).

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`exceptions` - `[BasicUspExceptionInfo!]`
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`flowsViolationData` - `RuleFlowsViolationData`	The `RuleFlowsViolationData` of the rule violation
`id` - `ID!`	The internal unique identifier for this entity
`matchingDestinationPredefinedValue` - `NetworkPredefinedValue`	The network type of the destination zones as identified in the `zoneToZoneMatcher` entity
`matchingSourcePredefinedValue` - `NetworkPredefinedValue`	The network type of the source zones as identified in the `zoneToZoneMatcher` entity
`name` - `String`	This property is not supported
`negatedMatchingDestination` - `Boolean`	`negatedMatchingDestination` will be True if the `NetworkObject` (such as IP address) that triggered this violation was caused by a rule destination with a negated value. The `toZoneMatchingObjects` will be empty, and will not contain the list of all possible `networkobjects` that can trigger this violation.
`negatedMatchingSource` - `Boolean`	`negatedMatchingSource` will be True if the `NetworkObject` (such as IP address) that triggered this violation was caused by a rule source with a negated value. The `fromZoneMatchingObjects` will be empty, and will not contain the list of all possible `networkobjects` that can trigger this violation.
`propertyViolationData` - `RuleViolatedProperty`	A list of every `RuleViolatedProperty` that was violated by this rule
`requirement` - `UspRequirement`	A set of conditions that apply to a single pair of SecureTrack network zones relation (from-to) that will be enforced by the USP
`ruleViolationSeverity` - `ViolationSeverity`	The `ViolationSeverity` assigned to this violation by the USP
`timeCreated` - `DateTime`	The date and time that this violation first occurred
`trafficViolationData` - `RuleTrafficViolationData`	The `RuleTrafficViolationData` of the rule violation
`usp` - `BasicUspInfo`	The ID of the USP that is violated by this rule
`violationOrigin` - `[ViolationOrigin!]`	This contains a list of every `Device` (such as physical devices, virtual devices, cloud, or managed devices) that the violating `securityPolicies` are installed on and list of every `SecurityPolicy` that the rule evaluates
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`zoneToZoneMatcher` - `ZoneToZoneUspRequirementMatcher`	The `ZoneToZoneUspRequirementMatcher` entity that identifies the source and destination zones violated by this rule

Example

{
  "changed": DateTime,
  "exceptions": [BasicUspExceptionInfo],
  "flowsViolationData": RuleFlowsViolationData,
  "id": ID,
  "matchingDestinationPredefinedValue": NetworkPredefinedValue,
  "matchingSourcePredefinedValue": NetworkPredefinedValue,
  "name": "xyz789",
  "negatedMatchingDestination": true,
  "negatedMatchingSource": false,
  "propertyViolationData": RuleViolatedProperty,
  "requirement": UspRequirement,
  "ruleViolationSeverity": ViolationSeverity,
  "timeCreated": DateTime,
  "trafficViolationData": RuleTrafficViolationData,
  "usp": BasicUspInfo,
  "violationOrigin": [ViolationOrigin],
  "zoneToZoneMatcher": ZoneToZoneUspRequirementMatcher
}

Types

`RuleVpnTraffic`

VPN communities definition for rule vpn field

Field Name	Description
`predefinedValue` - `VpnPredefinedValue`	Value for VPN entity of type Any
`typeDisplay` - `String`	`RuleVpnTraffic` will always be of type "VPN"
`values` - `[VpnCommunity!]`	List of VPN communities
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "predefinedValue": VpnPredefinedValue,
  "typeDisplay": "abc123",
  "values": [VpnCommunity]
}

Types

`RuleZoneTraffic`

Network zones definition for rule sourceZone and destZone fields

Field Name	Description
`predefinedValue` - `ZonePredefinedValue`	Any zone
`typeDisplay` - `String`	Rule zone traffic direction in rule (Source, Destination)
`values` - `[Zone!]`	List of network zones
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "predefinedValue": ZonePredefinedValue,
  "typeDisplay": "abc123",
  "values": [Zone]
}

Types

`RulesCondition`

Field Name	Description
`rules` - `[Rule!]`
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{"rules": [Rule]}

Types

`SchedulePredefinedValue`

Predefined values for schedule of type Any

Enum Value	Description
`ANY_SCHEDULE`	Any schedule

Types

`SecurityPolicy`

Set of rules which define whether the traffic should be allowed access

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified Permission requires
`comment` - `String`	A text comment associated with this entity Permission requires
`defaultAction` - `RuleActionType`	Default rule action (Allow, Deny, or Goto) Permission requires
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`installedOnTarget` - `SecurityPolicyInstallationTargets`	Firewalls where this security policy has been installed Permission requires
`interZoneAction` - `RuleActionType`	Rule action (Allow, Deny, or Goto) for external network zones Permission requires
`intraZoneAction` - `RuleActionType`	Rule action (Allow, Deny, or Goto) for internal network zones Permission requires
`ipType` - `IpType`	The type of IP address (for example IPv4 or IPv6) that this security policy uses
`name` - `String`	The name of the entity
`policyTags` - `[String!]`	List of tags Permission requires
`system` - `BasicSystem`	The system (root device) that this entity belongs to Permission requires
`type` - `SecurityPolicyType!`	The type of the security policy
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "xyz789",
  "defaultAction": RuleActionType,
  "device": BasicDevice,
  "id": ID,
  "installedOnTarget": SecurityPolicyInstallationTargets,
  "interZoneAction": RuleActionType,
  "intraZoneAction": RuleActionType,
  "ipType": IpType,
  "name": "abc123",
  "policyTags": ["xyz789"],
  "system": BasicSystem,
  "type": SecurityPolicyType,
  "version": 123
}

Types

`SecurityPolicyInstallationTargets`

Firewalls and interfaces that use security policy.

Field Name	Description
`fwModules` - `[BasicDevice!]`	Firewalls that use security policy.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{"fwModules": [BasicDevice]}

Types

`SecurityPolicyType`

The type of the security policy, the policy type may be based on the device vendor

Enum Value	Description
`ACL`	Access Control List that rules are placed in. For example CISCO firewalls.
`DEVICE_GROUP`	The device group container that rules are placed in. For example, all Panorama firewalls could be placed in a group.
`INLINE_LAYER`
`POLICY`	Generic container for rules
`SECURITY_GROUP`	The Security Group that rules are placed in. For example Amazon public cloud.

Types

`SecurityProfile`

Security profile

Field Name	Description
`category` - `String`	Category of this profile
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "category": "xyz789",
  "changed": DateTime,
  "comment": "abc123",
  "device": BasicDevice,
  "id": ID,
  "name": "abc123",
  "system": BasicSystem,
  "version": 123
}

Types

`SecurityZone`

Security zone.

Field Name	Description
`appliedToAnyDomain` - `Boolean`	If true, the security zone belongs to the 'All Domains' context. Permission requires
`changed` - `DateTime`	The most recent time that this entity was directly modified Permission requires
`domain` - `Domain`	The domain on which this security zone is configured.
`id` - `ID!`	The internal unique identifier for this entity.
`name` - `String`	Name of security zone.
`sharedInDomains` - `[Domain!]`	If the zone is shared and is exported to other domains, the list contains other domains that imported this zone. Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "appliedToAnyDomain": false,
  "changed": DateTime,
  "domain": Domain,
  "id": ID,
  "name": "xyz789",
  "sharedInDomains": [Domain]
}

Types

`SecurityZoneQuery`

Query for SecurityZone objects. These objects can be filtered with a TQL query.

Field Name	Description
`count` - `Long!`	The total count of SecurityZone objects matching the specified filter.
`values` - `[SecurityZone!]!`	A list of SecurityZone objects matching the specified filter.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "count": Long,
  "values": [SecurityZone]
}

Types

`ServiceAndApplicationConditionInput`

Condition on services or applications.

Input Field	Description
`applications` - `[ApplicationString!]`	List of predefined applications names.
`services` - `[ServiceExpressionString!]`	List of services expressions.

Example

{
  "applications": [ApplicationString],
  "services": [ServiceExpressionString]
}

Types

`ServiceExpressionString`

A service expression. Can be either one of the known predefined services, or in a protocol format (TCP, UDP, Other, or ICMP).

Valid protocol input patterns:

TCP
TCP [port_number] (valid ports 0-65535)
TCP [min_port]-[max_port] (valid ports 0-65535 where max_port must be greater or equal to min_port)
Input as a String literal

Examples: 'TCP', 'TCP 20', 'TCP 30-40'.

Example

object

Types

`ServicePredefinedValue`

Predefined values to define Any service.

Enum Value	Description
`ANY_IPV4_SERVICE`	Any service to use with IPv4 sources.
`ANY_IPV6_SERVICE`	Any service to use with IPv6 sources.
`ANY_SERVICE`	Any service to use either with IPv4 or IPv6 sources.
`APPLICATION_DEFAULT_SERVICE`	Default service point for the network application.

Types

`ServicesAndApplicationsCondition`

Condition on RuleViolations' services and applications - list of services expressions and applications names. The condition is satisfied if either services or applications intersect with RuleViolation's services or applications.

Field Name	Description
`applicationNames` - `[String!]`	List of predefined application names.
`servicesExpressions` - `[String!]`	List of services expressions.

Example

{"applicationNames": ["xyz789"], "servicesExpressions": ["xyz789"]}

Types

`SessionUser`

The entity containing the details of the current principle user in session

Field Name	Description
`email` - `String`	User account details - the user's email address
`firstName` - `String`	User account details - first name
`id` - `String`	The unique immutable user identifier
`lastName` - `String`	User account details - last name
`permissions` - `[Permission]`	The set of system functions grants (by name) that are granted to the user
`username` - `String`	The unique name of the user (used for login)

Example

{
  "email": "abc123",
  "firstName": "abc123",
  "id": "abc123",
  "lastName": "xyz789",
  "permissions": [Permission],
  "username": "xyz789"
}

Types

`ShadowedStatus`

This shows whether firewall could use the rule or there is upper rule that do the same.

Enum Value	Description
`FULLY_SHADOWED`	Firewall does not use the rule because there is upper rule that do the same.
`NOT_SHADOWED`	Firewall uses the rule.
`PARTIAL_SHADOWED`	There are parts of rule that are already covered by upper rules.

Types

`StepStatus`

The status of a specific version-related calculation.

Field Name	Description
`errorMessage` - `String`	The error message that was returned from the calculation process in case of failure.
`name` - `String`	The name of the calculation.
`status` - `ProgressStatus`	The status of the calculation.
`updated` - `DateTime`	The last time the calculation step was updated.

Example

{
  "errorMessage": "xyz789",
  "name": "abc123",
  "status": ProgressStatus,
  "updated": DateTime
}

Types

`String`

The String scalar type represents textual data, represented as UTF-8 character sequences. The String type is most often used by GraphQL to represent free-form human-readable text.

Types

`Subnet`

Logical subdivision of an IP network.

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`cidr` - `Int`	Specifies bit-length of the prefix in Classless Inter-Domain Routing (CIDR) notation written as the first address of a network, followed by a slash character (/), and ending with the bit-length of the prefix.
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`ip` - `String`	The IP address. It will either take the form of an IPv4 (as speficied in RFC 794) or IPv6 (as specified in RFC 4291).
`ipType` - `IpType`	The IP address this network has can be of different types (e.g. IPv4, IPv6). This field specifies which type it is.
`name` - `String`	The name of the entity
`netmask` - `String`	Define the class and range of Internet Protocol (IP) addresses. It will either take the form of an IPv4 or IPv6.
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "cidr": 987,
  "comment": "xyz789",
  "device": BasicDevice,
  "id": ID,
  "ip": "xyz789",
  "ipType": IpType,
  "name": "xyz789",
  "netmask": "abc123",
  "system": BasicSystem,
  "version": 987
}

Types

`System`

Root device that manages the dependent devices

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified Permission requires
`deleted` - `Boolean`	Permission requires
`id` - `ID!`	The internal unique identifier for this entity
`ipAddress` - `String`	IP address of the root device Permission requires
`model` - `ModelName`	Model of this device
`modelDisplayName` - `String`	Model name of this device
`monitoredByOPMAgent` - `Boolean`	True indicates that the system monitored by OPM agent
`name` - `String`	The name of the entity
`opmAgentId` - `String`	Open policy management (OPM) agent ID Permission requires
`systemFields` - `[SystemFieldValue!]`	System specific text fields Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`vendor` - `VendorName`	Vendor type of this device

Example

{
  "changed": DateTime,
  "deleted": true,
  "id": ID,
  "ipAddress": "abc123",
  "model": ModelName,
  "modelDisplayName": "xyz789",
  "monitoredByOPMAgent": true,
  "name": "xyz789",
  "opmAgentId": "xyz789",
  "systemFields": [SystemFieldValue],
  "vendor": VendorName
}

Types

`SystemField`

Field Name	Description
`fieldType` - `SystemFieldType`	Field type
`mandatory` - `Boolean`	True indicates that the System Field is required
`name` - `String`	Field name

Example

{
  "fieldType": SystemFieldType,
  "mandatory": true,
  "name": "xyz789"
}

Types

`SystemFieldInput`

System field type definition

Input Field	Description
`fieldType` - `SystemFieldType!`	Field type
`mandatory` - `Boolean!`	True indicates that the System Field Value is required
`name` - `Name!`	Field name

Example

{
  "fieldType": SystemFieldType,
  "mandatory": false,
  "name": Name
}

Types

`SystemFieldType`

Enum Value	Description
`SECRET`	Text that will be encrypted by the application, and will be displayed as "Null" in the query results
`STRING`	Non-encrypted text

Types

`SystemFieldValue`

System field definition

Field Name	Description
`fieldType` - `SystemFieldType`	Field type
`mandatory` - `Boolean`	True indicates that the System Field Value is required
`name` - `String`	Field name
`value` - `String`	Text value

Example

{
  "fieldType": SystemFieldType,
  "mandatory": false,
  "name": "xyz789",
  "value": "abc123"
}

Types

`SystemFieldValueInput`

System field definition

Input Field	Description
`field` - `SystemFieldInput!`	Field type
`value` - `FreeText!`	Text value

Example

{
  "field": SystemFieldInput,
  "value": FreeText
}

Types

`SystemMutation`

Field Name	Description
`createSystem` - `CreateSystemResult!`	Create system
Arguments `input` - `CreateSystemInput!`
`deleteSystem` - `DeleteSystemResult!`	Delete system
Arguments `input` - `DeleteSystemInput!`
`updateSystem` - `UpdateSystemResult!`	Update system
Arguments `input` - `UpdateSystemInput!`

Example

{
  "createSystem": CreateSystemResult,
  "deleteSystem": DeleteSystemResult,
  "updateSystem": UpdateSystemResult
}

Types

`SystemProperties`

Field Name	Description
`modelDisplayName` - `String`	Device model name
`systemFields` - `[SystemField!]`	System specific text fields
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "modelDisplayName": "abc123",
  "systemFields": [SystemField]
}

Types

`SystemQuery`

Query for System objects. These objects can be filtered with a TQL query.

Field Name	Description
`count` - `Long!`	The total count of System objects matching the specified filter.
`values` - `[System!]!`	A list of System objects matching the specified filter.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{"count": Long, "values": [System]}

Types

`Ticket`

Field Name	Description
`automatic` - `Boolean`
`businessOwner` - `String`	The owner of the ticket
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`
`email` - `String`	Contact email
`externalUrl` - `String`
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`originTicketId` - `String`	Ticket identifier
`secureChangeTicket` - `Boolean`	If true, it is a ticket originated by SecureChange
`timeCreation` - `DateTime`
`timeExpiration` - `DateTime`	Ticket expiration date

Example

{
  "automatic": true,
  "businessOwner": "abc123",
  "changed": DateTime,
  "comment": "xyz789",
  "email": "xyz789",
  "externalUrl": "abc123",
  "id": ID,
  "name": "abc123",
  "originTicketId": "xyz789",
  "secureChangeTicket": false,
  "timeCreation": DateTime,
  "timeExpiration": DateTime
}

Types

`TimePeriodInDay`

Time definition

Field Name	Description
`endHour` - `Int`	End hour
`endMinute` - `Int`	End minute
`startHour` - `Int`	Start hour
`startMinute` - `Int`	Start minute

Example

{"endHour": 987, "endMinute": 123, "startHour": 123, "startMinute": 123}

Types

`TrafficUspRestriction`

A condition that defines the allowed traffic from one SecureTrack network zone to another.

Field Name	Description
`applicationNames` - `[String!]`	List of predefined applications names.
`restrictionType` - `RestrictionType`	Traffic USP restriction will always be of type "Traffic".
`servicesExpressions` - `[String!]`	List of either predefined services names or custom services defined by protocol and port ("TCP 10-20" or "UDP 80" for example). The supported protocols are: TCP UDP ICMP Other - All protocols that are not TCP, UDP and ICMP are regarded as Other.
`trafficUspRestrictionType` - `TrafficUspRestrictionType`	The traffic restriction type (Allow only, Block only, Allow all, Block all).

Example

{
  "applicationNames": ["xyz789"],
  "restrictionType": RestrictionType,
  "servicesExpressions": ["abc123"],
  "trafficUspRestrictionType": TrafficUspRestrictionType
}

Types

`TrafficUspRestrictionInput`

Traffic USP restriction (TrafficUspRestriction).

Input Field	Description
`applicationNames` - `[ApplicationString!]`	Application names.
`servicesExpressions` - `[ServiceExpressionString!]`	Services expressions.
`type` - `TrafficUspRestrictionType!`	Traffic USP restriction type (`TrafficUspRestrictionType`).

Example

{
  "applicationNames": [ApplicationString],
  "servicesExpressions": [ServiceExpressionString],
  "type": TrafficUspRestrictionType
}

Types

`TrafficUspRestrictionType`

Enumeration of valid traffic restriction types.

Enum Value	Description
`ALLOW_ALL`	All traffic is allowed.
`ALLOW_ONLY`	Traffic is permitted only for the provided services or applications.
`BLOCK_ALL`	No traffic is allowed.
`BLOCK_ONLY`	Traffic is prohibited only for the provided services or applications.

Types

`TransportService`

Service definition

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`maxPort` - `Int`	The last service port number in range, including
`minPort` - `Int`	The first service port number in range, including
`name` - `String`	The name of the entity
`negated` - `Boolean`	Rule will use all service ports, except specified in `minPort` and `maxPort` in case this value is true
`protocol` - `TransportServiceProtocol`	Service protocol name. For example: FTP
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "abc123",
  "device": BasicDevice,
  "id": ID,
  "maxPort": 123,
  "minPort": 123,
  "name": "xyz789",
  "negated": false,
  "protocol": TransportServiceProtocol,
  "system": BasicSystem,
  "version": 123
}

Types

`TransportServiceProtocol`

Division of methods in the layered architecture of protocols in the network stack in the Internet protocol suite and the OSI model.

Enum Value	Description
`SCTP`	Stream Control Transmission Protocol (SCTP).
`TCP`	Transmission Control Protocol (TCP).
`UDP`	User Datagram Protocol (UDP).

Types

`URL`

URL entity

Example

object

Types

`UpdateDeviceInclusionInCalculationInput`

Updates whether the device is included in the violation calculation

Input Field	Description
`appliedToAnyDomain` - `Boolean!`	`True` indicates that the device will be included in the violation calculations for All Domains. `False` indicates that the violation calculations will only apply to the specified domain.
`deviceId` - `IdString!`	The Device ID
`domain` - `IdString`	The ID of the domain that the violation calculation is applied to. Note: If `appliedToAnyDomain` is set to `True` this value is ignored.
`include` - `Boolean!`	Indicates whether the device is included or excluded from violation calculation

Example

{
  "appliedToAnyDomain": true,
  "deviceId": IdString,
  "domain": IdString,
  "include": true
}

Types

`UpdateDeviceInclusionInCalculationResult`

Returns the status result when updating whether the device is included in the violation calculation

Field Name	Description
`resultStatus` - `ResultStatus!`	Status of request to update whether the device is included in the violation calculation

Example

{"resultStatus": ResultStatus}

Types

`UpdateProtectionModeInput`

Updates the protection mode of the Device to the type of SecureTrack network zones that will be used in the violation calculation. Zones could be directly connected to the interface or have a route that passes through the interface.

Input Field	Description
`appliedToAnyDomain` - `Boolean!`	`True` indicates that the protection mode of the device will be updated for All Domains. `False` indicates that the protection mode will be updated only for the specified domain.
`deviceId` - `IdString!`	The Device ID
`domain` - `IdString`	The ID of the domain that the protection mode will be updated for. Note: If `appliedToAnyDomain` is set to `True` this value is ignored.
`protectionMode` - `ProtectionMode!`	The `ZoneProtectionMode` value

Example

{
  "appliedToAnyDomain": true,
  "deviceId": IdString,
  "domain": IdString,
  "protectionMode": ProtectionMode
}

Types

`UpdateProtectionModeResult`

Returns the status result when updating the protection mode of a Device to the type of SecureTrack network zones that will be used in the violation calculation

Field Name	Description
`resultStatus` - `ResultStatus!`	Status of request to update the protection mode of Device to the type of SecureTrack network zones that will be used in the violation calculation

Example

{"resultStatus": ResultStatus}

Types

`UpdateRuleAutomationAttributeInput`

Update the automation attribute for a rule.

Input Field	Description
`automationAttribute` - `AutomationAttribute`	Automation attribute to update.
`ids` - `[IdString!]!`	List of affected rule IDs.

Example

{
  "automationAttribute": AutomationAttribute,
  "ids": [IdString]
}

Types

`UpdateRuleAutomationAttributeResult`

Returns the status results when updating automation attribute for a rule.

Field Name	Description
`ids` - `[ID!]!`	IDs of the updated rules.
`resultStatus` - `ResultStatus!`	Result of the operation.

Example

{
  "ids": [ID],
  "resultStatus": ResultStatus
}

Types

`UpdateRuleDescriptionInput`

Update description for a rule.

Input Field	Description
`description` - `FreeText`	Description to update.
`ids` - `[IdString!]!`	List of affected rule IDs.

Example

{
  "description": FreeText,
  "ids": [IdString]
}

Types

`UpdateRuleDescriptionResult`

Returns the status results when updating the description for a rule.

Field Name	Description
`ids` - `[ID!]`	IDs of updated rules.
`resultStatus` - `ResultStatus!`	Result of the operation.

Example

{
  "ids": [ID],
  "resultStatus": ResultStatus
}

Types

`UpdateRuleTechnicalOwnerInput`

Update the technical owner for a rule.

Input Field	Description
`ids` - `[IdString!]!`	List of affected rule IDs.
`technicalOwnerId` - `IdString`	The ID of the technical owner to update.

Example

{
  "ids": [IdString],
  "technicalOwnerId": IdString
}

Types

`UpdateRuleTechnicalOwnerResult`

Returns the status results when updating the technical owner for a rule.

Field Name	Description
`ids` - `[ID!]!`	IDs of updated rules.
`resultStatus` - `ResultStatus!`	Result of the operation.

Example

{
  "ids": [ID],
  "resultStatus": ResultStatus
}

Types

`UpdateSystemInput`

Input Field	Description
`appliedToAnyDomain` - `Boolean`	This property is not currently supported
`domain` - `IdString`	This property is not currently supported
`id` - `IdString!`	Systems ID to update
`ipAddress` - `IpAddressString`	IP address of the root device
`name` - `Name!`	System name
`properties` - `[SystemFieldValueInput!]`	System properties

Example

{
  "appliedToAnyDomain": true,
  "domain": IdString,
  "id": IdString,
  "ipAddress": IpAddressString,
  "name": Name,
  "properties": [SystemFieldValueInput]
}

Types

`UpdateSystemResult`

Field Name	Description
`id` - `ID`	Application internal ID of updated system
`resultStatus` - `ResultStatus!`	Result of the operation

Example

{
  "id": ID,
  "resultStatus": ResultStatus
}

Types

`UpdateTicketInput`

Update a ticket for a rule.

Input Field	Description
`businessOwner` - `FreeText`	Business owner name for a rule.
`comment` - `FreeText`	Comment for a ticket.
`email` - `EmailAddress`	Business owner Email address for a rule.
`expirationDate` - `DateTime`	Expiration date for a ticket.
`externalUrl` - `URL`	External URL for a ticket.
`id` - `IdString!`	ID of the ticket to update.
`originTicketId` - `FreeText!`	ID information of the ticket to update.
`secureChangeTicket` - `Boolean`

Example

{
  "businessOwner": FreeText,
  "comment": FreeText,
  "email": EmailAddress,
  "expirationDate": DateTime,
  "externalUrl": URL,
  "id": IdString,
  "originTicketId": FreeText,
  "secureChangeTicket": true
}

Types

`UpdateTicketResult`

Returns the status results when updating a ticket for a rule.

Field Name	Description
`id` - `ID`	ID of the updated ticket.
`resultStatus` - `ResultStatus!`	Result of the operation.

Example

{
  "id": ID,
  "resultStatus": ResultStatus
}

Types

`UpdateUspAlertConfigInput`

Update a USP alert.

Input Field	Description
`allDevices` - `Boolean!`	If set to True, the devicesIds field is ignored and this alert applies to all devices.
`allUsps` - `Boolean!`	If set to True, the uspId field is ignored and this alert applies to all USPs.
`description` - `FreeText`	Alert description.
`devicesIds` - `[IdString!]`	This alert applies only for the specified devices. Add a list Device IDs.
`disabled` - `Boolean!`	Set to true to disable this alert.
`externalRecipientsEmails` - `[EmailAddress!]`	Add list of 1 or more valid email addresses that will receive this alert. Leave this field empty if you do not want to send email to non-SecureTrack users.
`id` - `IdString!`	ID of the alert you want to update.
`name` - `Name!`	Alert name.
`recipientsIds` - `[IdString!]`	Add a list of 1or more SecureTrack User IDs that should receive this alert. Leave this field empty if you do not want to send the alert to a SecureTrack user.
`severities` - `[ViolationSeverity!]!`	This alert is sent for violations of all the selected severities.
`syslogEnabled` - `Boolean!`	Set to True if syslog the alert should also be sent via syslog.
`uspId` - `IdString`	This alert applies only to the specified USP. Add a single USP ID only.

Example

{
  "allDevices": false,
  "allUsps": false,
  "description": FreeText,
  "devicesIds": [IdString],
  "disabled": false,
  "externalRecipientsEmails": [EmailAddress],
  "id": IdString,
  "name": Name,
  "recipientsIds": [IdString],
  "severities": [ViolationSeverity],
  "syslogEnabled": false,
  "uspId": IdString
}

Types

`UpdateUspAlertConfigResult`

Returns the status results when updating a new USP alert.

Field Name	Description
`id` - `ID`	ID of the updated alert.
`resultStatus` - `ResultStatus!`	Status of request to update a USP alert.

Example

{
  "id": ID,
  "resultStatus": ResultStatus
}

Types

`UpdateUspInput`

Updates an existing USP.

Input Field	Description
`description` - `FreeText`	USP description.
`id` - `IdString!`	USP ID.
`name` - `Name!`	USP name.
`securityZonesIds` - `[IdString!]!`	The USP updated SecureTrack network zones IDs. Zones that are in this list this does not exist in the USP will be added. Zones that are not in this list and appear in the USP will be deleted. Zones that are in this list and appear in the USP will remain.

Example

{
  "description": FreeText,
  "id": IdString,
  "name": Name,
  "securityZonesIds": [IdString]
}

Types

`UpdateUspRequirementInput`

Updates a USP requirement.

Input Field	Description
`description` - `FreeText`	Requirement description.
`destSecurityZoneId` - `IdString!`	Requirement's destination SecureTrack network zone (to zone).
`restrictions` - `UspRestrictionsInput!`	Requirement restriction.
`severity` - `ViolationSeverity!`	Requirement severity.
`srcSecurityZoneId` - `IdString!`	Requirement's source SecureTrack network zone (from zone).
`uspId` - `IdString!`	USP ID.

Example

{
  "description": FreeText,
  "destSecurityZoneId": IdString,
  "restrictions": UspRestrictionsInput,
  "severity": ViolationSeverity,
  "srcSecurityZoneId": IdString,
  "uspId": IdString
}

Types

`UpdateUspRequirementResult`

Returns the status results when updating a USP requirement.

Field Name	Description
`resultStatus` - `ResultStatus!`	Status of request to updating a USP requirement.

Example

{"resultStatus": ResultStatus}

Types

`UpdateUspResult`

Returns the status results when updating a USP.

Field Name	Description
`id` - `ID`	USP ID.
`resultStatus` - `ResultStatus!`	Status of request to update a USP.

Example

{
  "id": ID,
  "resultStatus": ResultStatus
}

Types

`UpdateUspTrafficExceptionInput`

Update a UspException.

Input Field	Description
`approver` - `FreeText`	User that approved the `UspException`.
`description` - `FreeText`	UspException description.
`destinations` - `[IpAddressString!]`
`disabled` - `Boolean!`	Set to true to disable this `UspException`. When disabled, `UspException` will have no impact on `RuleViolation`s.
`endDate` - `Date`	Last date that the UspException is active.
`id` - `IdString!`	UspException ID.
`name` - `Name!`	UspException name.
`servicesAndApplications` - `ServiceAndApplicationConditionInput`
`sources` - `[IpAddressString!]`
`startDate` - `Date`	First date that the `UspException` is active.
`ticketId` - `FreeText`	SecureChange ticket ID.
`usps` - `[UspExceptionConditionInput!]`

Example

{
  "approver": FreeText,
  "description": FreeText,
  "destinations": [IpAddressString],
  "disabled": false,
  "endDate": "2021-07-14T11:16:09.875Z",
  "id": IdString,
  "name": Name,
  "servicesAndApplications": ServiceAndApplicationConditionInput,
  "sources": [IpAddressString],
  "startDate": "2021-07-14T11:16:09.875Z",
  "ticketId": FreeText,
  "usps": [UspExceptionConditionInput]
}

Types

`UpdateUspTrafficExceptionResult`

Returns the status results when updating a UspException.

Field Name	Description
`id` - `ID`	Updated UspException ID.
`resultStatus` - `ResultStatus!`	Status of request to update a `UspException`.

Example

{
  "id": ID,
  "resultStatus": ResultStatus
}

Types

`UrlCategory`

The category of the URL as determined by the device

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`urls` - `[String!]`	List of URLs
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "xyz789",
  "device": BasicDevice,
  "id": ID,
  "name": "abc123",
  "system": BasicSystem,
  "urls": ["abc123"],
  "version": 987
}

Types

`UrlCategoryPredefinedValue`

Predefined values for URL categories of type Any

Enum Value	Description
`ANY_URL_CATEGORY`	Any URL category

Types

`User`

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified Permission requires
`email` - `String`	Permission requires
`firstName` - `String`
`id` - `ID!`	The internal unique identifier for this entity
`lastName` - `String`
`name` - `String`	The name of the entity

Example

{
  "changed": DateTime,
  "email": "abc123",
  "firstName": "abc123",
  "id": ID,
  "lastName": "xyz789",
  "name": "xyz789"
}

Types

`UserPredefinedValue`

Predefined values to define well known user behavior

Enum Value	Description
`ALL_IDENTIFY`	All users existed on device
`ANY_USER`	Any user
`PRE_AUTH_USER`	Already authenticated user
`UNAUTHENTICATED_GUESTS`	Guest, not authenticated user

Types

`UserQuery`

Query for User objects. These objects can be filtered with a TQL query.

Field Name	Description
`count` - `Long!`	The total count of User objects matching the specified filter.
`values` - `[User!]!`	A list of User objects matching the specified filter.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{"count": Long, "values": [User]}

Types

`UserUsage`

Object which represents usage information of users on the rule

Field Name	Description
`timeLastHit` - `DateTime`	Represents time when traffic was recorded for the user
`usageStatus` - `UserUsageStatus`	Contains error information why traffic on user was not captured or CONFIGURED otherwise

Example

{
  "timeLastHit": DateTime,
  "usageStatus": UserUsageStatus
}

Types

`UserUsageStatus`

Enum Value	Description
`CONFIGURED`	Status of last hit for user
`LDAP_SERVER_COMMUNICATION_ERROR`	Last hit information cannot be shown because an LDAP communication error occurred
`LDAP_SERVER_NOT_CONFIGURED`	To display last hit information for users, configure LDAP in Admin -> Configuration -> User Identity
`LDAP_USER_NOT_FOUND`	This user is not found in the LDAP server configured in SecureTrack

Types

`UserWithPermissions`

Field Name	Description
`uid` - `ID`
`userName` - `String`
`firstName` - `String`
`lastName` - `String`
`email` - `String`
`roles` - `[Role]`
`permissions` - `[Permission]`

Example

{
  "uid": ID,
  "userName": "abc123",
  "firstName": "abc123",
  "lastName": "xyz789",
  "email": "abc123",
  "roles": [Role],
  "permissions": [Permission]
}

Types

`UserWorkflow`

The UserWorkflow entity describes a SecureChange workflow. A workflow is a set of steps to complete a change request. For example, rule modification, recertification, or decommission.

Field Name	Description
`description` - `String!`	The workflow description.
`name` - `String!`	The workflow name.
`type` - `WorkFlowType!`	The workflow type.

Example

{
  "description": "xyz789",
  "name": "abc123",
  "type": WorkFlowType
}

Types

`UserWorkflowsQuery`

Returns a list of all SecureChange workflows assigned to the current user.

Field Name	Description
`resultStatus` - `ResultStatus!`
`values` - `[UserWorkflow!]!`

Example

{
  "resultStatus": ResultStatus,
  "values": [UserWorkflow]
}

Types

`Usp`

Field Name	Description
`appliedToAnyDomain` - `Boolean`	Permission requires
`changed` - `DateTime`	The most recent time that this entity was directly modified Permission requires
`description` - `String`	Description of the USP.
`differentZonesDefaultRestrictions` - `UspRestrictions`	Configures default restrictions on security rules for different zones in source and destination.
`domain` - `Domain`	Domain of the USP. Permission requires
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	Name of the USP.
`requirements` - `[UspRequirement!]`	Set of conditions that apply to each USP matched entity (typically a source zone and destination zone) that will be enforced by the rule. Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`sameZoneDefaultRestrictions` - `UspRestrictions`	Configures default restrictions on security rules for the same zone in source and destination.
`securityZones` - `[SecurityZone!]`	SecureTrack zones that the USP enforces. Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "appliedToAnyDomain": true,
  "changed": DateTime,
  "description": "abc123",
  "differentZonesDefaultRestrictions": UspRestrictions,
  "domain": Domain,
  "id": ID,
  "name": "xyz789",
  "requirements": [UspRequirement],
  "sameZoneDefaultRestrictions": UspRestrictions,
  "securityZones": [SecurityZone]
}

Types

`UspAlertConfig`

The UspAlertConfig entity shows the current configuration of a USP alert. Alerts can be configured to trigger when they meet the specific conditions you desire, including: a specific USP, a list of specific devices, and specific severity levels. Alerts can be sent via one or more of the following: to SecureTrack users, to external email addresses, and via syslog. Alerts can be disabled or enabled at any time. See AlertsConfigMutation for the complete list of supported configuration options. Permission requires

Field Name	Description
`allDevices` - `Boolean`	If True, the devicesIds field is ignored and this alert applies to all devices.
`allUsps` - `Boolean`	If True, the uspId field is ignored and this alert applies to all USPs.
`appliedToAnyDomain` - `Boolean`
`changed` - `DateTime`	The most recent time that this entity was directly modified
`description` - `String`	Alert description.
`devices` - `[Device!]`	This alert applies only for the specified devices.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`disabled` - `Boolean`	If True, the alert is disabled and will not be triggered.
`domain` - `Domain`
`externalRecipientsEmails` - `[String!]`	Email addresses that will receive this alert.
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`recipients` - `[User!]`	SecureTrack User IDs that will receive this alert.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`syslogEnabled` - `Boolean`	If True, the alert will be sent via syslog.
`timeCreated` - `DateTime`	Date alert was created.
`usp` - `Usp`	This alert applies only to the specified USP.
`valid` - `Boolean`	If False, the alert is no longer valid. An alert becomes invalid if all recipients, or all specified devices, or the USP is removed from SecureTrack.
`violationSeverities` - `[ViolationSeverity!]`	This alert is sent for violations of all the selected severities.

Example

{
  "allDevices": true,
  "allUsps": false,
  "appliedToAnyDomain": true,
  "changed": DateTime,
  "description": "xyz789",
  "devices": [Device],
  "disabled": true,
  "domain": Domain,
  "externalRecipientsEmails": ["abc123"],
  "id": ID,
  "name": "abc123",
  "recipients": [User],
  "syslogEnabled": true,
  "timeCreated": DateTime,
  "usp": Usp,
  "valid": false,
  "violationSeverities": [ViolationSeverity]
}

Types

`UspAlertConfigQuery`

Query for UspAlertConfig objects. These objects can be filtered with a TQL query.

Field Name	Description
`count` - `Long!`	The total count of UspAlertConfig objects matching the specified filter.
`values` - `[UspAlertConfig!]!`	A list of UspAlertConfig objects matching the specified filter.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "count": Long,
  "values": [UspAlertConfig]
}

Types

`UspCondition`

Condition on RuleViolations' Usps and SecurityZone pairs. If no SecureTrack zone pairs are configured in the condition, condition is satisfied for all RuleViolations of the given USP.

Field Name	Description
`usp` - `Usp`	`Usp` name.
`zonePairs` - `[ZonePair!]`	Pairs of SecureTrack zones of the given `usp`.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "usp": Usp,
  "zonePairs": [ZonePair]
}

Types

`UspException`

Field Name	Description
`appliedToAnyDomain` - `Boolean`	Permission requires
`approver` - `String`	User that approved the UspException. Permission requires
`changed` - `DateTime`	The date that this `UspException` entity was last changed. Permission requires
`creator` - `String`	Username of UspException creator. Permission requires
`description` - `String`	UspException description.
`destinations` - `[String!]`	Condition on `RuleViolation`s' destinations - list of network objects. The condition is satisfied if destinations intersect with `RuleViolation` destinations. Permission requires
`disabled` - `Boolean`	If true, the UspException is disabled and will not have impact on `RuleViolation`s. Permission requires
`domain` - `Domain`	Permission requires
`id` - `ID!`	The internal unique identifier for this entity.
`invalid` - `Boolean`	If true, the USP exception is not valid. Permission requires
`name` - `String`	UspException unique name.
`rules` - `RulesCondition`	Permission requires
`servicesAndApplications` - `ServicesAndApplicationsCondition`	`ServicesAndApplicationsCondition` on `RuleViolation`s' services and applications. The condition is satisfied if either services or applications intersect with `RuleViolation`. Permission requires
`sources` - `[String!]`	Condition on `RuleViolation`s' sources - list of network objects. The condition is satisfied if sources intersect with `RuleViolation` sources. Permission requires
`ticketId` - `String`	SecureChange ticket ID. Permission requires
`timeCreated` - `DateTime`	Date UspException was created. Permission requires
`timeEnd` - `DateTime`	Last date that the UspException is active. Permission requires
`timeStart` - `DateTime`	First date that the UspException is active. Permission requires
`usps` - `[UspCondition!]`	`UspCondition` on `RuleViolation`s' `Usp`s and `SecurityZone` pairs. The condition is satisfied if `RuleViolation` violates one of the configured `UspCondition`s. Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "appliedToAnyDomain": true,
  "approver": "abc123",
  "changed": DateTime,
  "creator": "abc123",
  "description": "xyz789",
  "destinations": ["abc123"],
  "disabled": true,
  "domain": Domain,
  "id": ID,
  "invalid": true,
  "name": "abc123",
  "rules": RulesCondition,
  "servicesAndApplications": ServicesAndApplicationsCondition,
  "sources": ["abc123"],
  "ticketId": "abc123",
  "timeCreated": DateTime,
  "timeEnd": DateTime,
  "timeStart": DateTime,
  "usps": [UspCondition]
}

Types

`UspExceptionConditionInput`

Condition on USPs and SecureTrack zone pairs.

Input Field	Description
`uspId` - `IdString!`	USP ID.
`zones` - `[ZonePairInput!]`	SecureTrack zone pairs.

Example

{
  "uspId": IdString,
  "zones": [ZonePairInput]
}

Types

`UspExceptionMutation`

The UspExceptionMutation entity lets you create, update or delete UspExceptions.

Field Name	Description
`createUspRuleException` - `CreateUspRuleExceptionResult!`
Arguments `input` - `CreateUspRuleExceptionInput!`
`createUspTrafficException` - `CreateUspTrafficExceptionResult!`	Create a `UspException`.
Arguments `input` - `CreateUspTrafficExceptionInput!`
`deleteUspExceptions` - `DeleteUspExceptionResult!`	Delete one or more `UspExceptions`.
Arguments `input` - `DeleteUspExceptionInput!`
`updateUspTrafficException` - `UpdateUspTrafficExceptionResult!`	Update a `UspException`.
Arguments `input` - `UpdateUspTrafficExceptionInput!`

Example

{
  "createUspRuleException": CreateUspRuleExceptionResult,
  "createUspTrafficException": CreateUspTrafficExceptionResult,
  "deleteUspExceptions": DeleteUspExceptionResult,
  "updateUspTrafficException": UpdateUspTrafficExceptionResult
}

Types

`UspExceptionQuery`

Query for UspException objects. These objects can be filtered with a TQL query.

Field Name	Description
`count` - `Long!`	The total count of UspException objects matching the specified filter.
`values` - `[UspException!]!`	A list of UspException objects matching the specified filter.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "count": Long,
  "values": [UspException]
}

Types

`UspInput`

Field Name	Description
`id` - object
`name` - object
`changed` - object
`description` - object
`securityZones` - object
`requirements` - object

Example

{
  "id": ID,
  "name": "xyz789",
  "changed": DateTime,
  "description": "abc123",
  "securityZones": ["xyz789"],
  "requirements": ["abc123"]
}

Types

`UspMutation`

The UspMutation entity lets you create, update or delete USPs.

Field Name	Description
`addSecurityZonesToUsp` - `AddSecurityZonesToUspResult!`	Add SecureTrack network zones to an existing USP.
Arguments `input` - `AddSecurityZonesToUspInput!`
`createPredefinedUsp` - `CreatePredefinedUspResult!`	Create a USP based on a regulation template.
Arguments `input` - `CreatePredefinedUspInput!`
`createUsp` - `CreateUspResult!`	Create a USP.
Arguments `input` - `CreateUspInput!`
`deleteUsp` - `DeleteUspResult!`	Delete one or more USPs.
Arguments `input` - `DeleteUspInput!`
`removeSecurityZonesFromUsp` - `RemoveSecurityZonesFromUspResult!`	Remove SecureTrack network zones to an existing USP.
Arguments `input` - `RemoveSecurityZonesFromUspInput!`
`updateUsp` - `UpdateUspResult!`	Update a USP.
Arguments `input` - `UpdateUspInput!`
`updateUspRequirement` - `UpdateUspRequirementResult!`	Create a USP requirement.
Arguments `input` - `UpdateUspRequirementInput!`

Example

{
  "addSecurityZonesToUsp": AddSecurityZonesToUspResult,
  "createPredefinedUsp": CreatePredefinedUspResult,
  "createUsp": CreateUspResult,
  "deleteUsp": DeleteUspResult,
  "removeSecurityZonesFromUsp": RemoveSecurityZonesFromUspResult,
  "updateUsp": UpdateUspResult,
  "updateUspRequirement": UpdateUspRequirementResult
}

Types

`UspQuery`

Query for Usp objects. These objects can be filtered with a TQL query.

Field Name	Description
`count` - `Long!`	The total count of Usp objects matching the specified filter.
`values` - `[Usp!]!`	A list of Usp objects matching the specified filter.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{"count": Long, "values": [Usp]}

Types

`UspRequirement`

The requirements that apply to a specific USP matched entity (typically a source zone and a destination zone), that will be enforced by this rule.

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	This property is not supported for this entity.
`restrictions` - `UspRestrictions`	A set of properties that make up a restriction for a specific USP matched entity (typically a source zone and a destination zone). To be compliant, a rule must meet all restrictions.
`severity` - `ViolationSeverity`	The severity (low, medium, high, critical) of a rule violation.
`uspRequirementDescription` - `String`	Description of the USP requirement.
`zoneToZoneUspRequirementMatcher` - `ZoneToZoneUspRequirementMatcher`	This describes matching criteria for USP requirement.

Example

{
  "changed": DateTime,
  "id": ID,
  "name": "xyz789",
  "restrictions": UspRestrictions,
  "severity": ViolationSeverity,
  "uspRequirementDescription": "xyz789",
  "zoneToZoneUspRequirementMatcher": ZoneToZoneUspRequirementMatcher
}

Types

`UspRestrictions`

A set of properties that make up a restriction for a specific matched entity (typically a source zone and a destination zone) in a USP. To be compliant, a rule must meet all USP restrictions.

Field Name	Description
`destinationIpsMaxCountRestriction` - `PropertyUspRestriction`	Maximum number of IP address allowed in the rule's destination.
`explicitDestinationRestriction` - `PropertyUspRestriction`	Rules must have an explicit destination, not the ANY value.
`explicitServiceRestriction` - `PropertyUspRestriction`	Rules must have an explicit service, not the ANY value.
`explicitSourceRestriction` - `PropertyUspRestriction`	Rules must have an explicit source, not the ANY value.
`flowUspRestriction` - `FlowUspRestriction`	Flow restriction (Host to Host, Subnet to Host, or Host to Subnet).
`lastHitMaxValRestriction` - `PropertyUspRestriction`	Maximum number of days in which the rule must have had a hit.
`mandatoryCommentRestriction` - `PropertyUspRestriction`	Rules must have text in the comment field.
`mandatoryLogRestriction` - `PropertyUspRestriction`	Rules must be configured to create log entries.
`servicesMaxCountRestriction` - `PropertyUspRestriction`	Maximum number of services allowed.
`sourceIpsMaxCountRestriction` - `PropertyUspRestriction`	Maximum number of IP address allowed in the rule's source.
`trafficUspRestriction` - `TrafficUspRestriction`	Traffic access that is permitted from a source zone to a destination zone (Allow only, Block only, Allow all, Block all).

Example

{
  "destinationIpsMaxCountRestriction": PropertyUspRestriction,
  "explicitDestinationRestriction": PropertyUspRestriction,
  "explicitServiceRestriction": PropertyUspRestriction,
  "explicitSourceRestriction": PropertyUspRestriction,
  "flowUspRestriction": FlowUspRestriction,
  "lastHitMaxValRestriction": PropertyUspRestriction,
  "mandatoryCommentRestriction": PropertyUspRestriction,
  "mandatoryLogRestriction": PropertyUspRestriction,
  "servicesMaxCountRestriction": PropertyUspRestriction,
  "sourceIpsMaxCountRestriction": PropertyUspRestriction,
  "trafficUspRestriction": TrafficUspRestriction
}

Types

`UspRestrictionsInput`

USP restriction (UspRestriction).

Input Field	Description
`destinationIpsMaxCountRestriction` - `PropertyUspRestrictionInput`	Defines the maximum IPs addresses allowed by a rule's destination field.
`explicitDestinationRestriction` - `PropertyUspRestrictionInput`	Defines that a rule destination field must contain only explicit objects.
`explicitServiceRestriction` - `PropertyUspRestrictionInput`	Defines that a rule services field must have contain explicit objects.
`explicitSourceRestriction` - `PropertyUspRestrictionInput`	Defines that a rule source field must contain only explicit objects.
`flowUspRestriction` - `FlowUspRestrictionInput`	Flow restriction.
`lastHitMaxValRestriction` - `PropertyUspRestrictionInput`	Defines how many days a rule could not get passed by any traffic.
`mandatoryCommentRestriction` - `PropertyUspRestrictionInput`	Enforces comment in rules.
`mandatoryLogRestriction` - `PropertyUspRestrictionInput`	Enforces logging in rules.
`servicesMaxCountRestriction` - `PropertyUspRestrictionInput`	Defines the maximum services allowed in a rule's services field.
`sourceIpsMaxCountRestriction` - `PropertyUspRestrictionInput`	Defines the maximum IP addresses allowed by a rule's source field.
`trafficUspRestriction` - `TrafficUspRestrictionInput`	Traffic restriction.

Example

{
  "destinationIpsMaxCountRestriction": PropertyUspRestrictionInput,
  "explicitDestinationRestriction": PropertyUspRestrictionInput,
  "explicitServiceRestriction": PropertyUspRestrictionInput,
  "explicitSourceRestriction": PropertyUspRestrictionInput,
  "flowUspRestriction": FlowUspRestrictionInput,
  "lastHitMaxValRestriction": PropertyUspRestrictionInput,
  "mandatoryCommentRestriction": PropertyUspRestrictionInput,
  "mandatoryLogRestriction": PropertyUspRestrictionInput,
  "servicesMaxCountRestriction": PropertyUspRestrictionInput,
  "sourceIpsMaxCountRestriction": PropertyUspRestrictionInput,
  "trafficUspRestriction": TrafficUspRestrictionInput
}

Types

`UspRiskAnalysisTask`

Calculation results of a Risk Analysis task. Permission requires

Field Name	Description
`changed` - `DateTime`	The date that the task entity was last changed.
`errors` - `[AccessRequestError!]`	`AccessRequestError`s occurred during calculation.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`id` - `ID!`	Task ID.
`isCompleted` - `Boolean`	True when all of the task's access requests calculations are completed.
`name` - `String`	This property is not supported.
`processedAccessRequests` - `[String!]`	List of the the processed access requests in task.
`requestsCount` - `Int`	Number of access requests in task.
`timestamp` - `DateTime`	The date and time that the task was created.
`violations` - `[RiskAnalysisViolation!]`	List of `RiskAnalysisViolation` representing the violations calculation results of the tasks' access requests. Permission requires
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "changed": DateTime,
  "errors": [AccessRequestError],
  "id": ID,
  "isCompleted": false,
  "name": "xyz789",
  "processedAccessRequests": ["abc123"],
  "requestsCount": 987,
  "timestamp": DateTime,
  "violations": [RiskAnalysisViolation]
}

Types

`UspRiskAnalysisTaskQuery`

Query for UspRiskAnalysisTask objects. These objects can be filtered with a TQL query.

Field Name	Description
`count` - `Long!`	The total count of UspRiskAnalysisTask objects matching the specified filter.
`values` - `[UspRiskAnalysisTask!]!`	A list of UspRiskAnalysisTask objects matching the specified filter.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.

Example

{
  "count": Long,
  "values": [UspRiskAnalysisTask]
}

Types

`VM`

A virtual machine (VM) is a software program or operating system that not only exhibits the behavior of a separate computer, but is also capable of performing tasks such as running applications and programs like a separate computer

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`ipAddresses` - `[IpAddress!]`	List of IP addresses
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`name` - `String`	The name of the entity
`nics` - `[NIC!]`	Collection of virtual network interface cards. The emulation of a physical network adapters (NICs)
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`subnets` - `[Subnet!]`	Collection of sub-networks
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "xyz789",
  "device": BasicDevice,
  "id": ID,
  "ipAddresses": [IpAddress],
  "name": "abc123",
  "nics": [NIC],
  "subnets": [Subnet],
  "system": BasicSystem,
  "version": 123
}

Types

`VendorName`

Device vendor name

Enum Value	Description
`AMAZON`	Amazon.com, Inc.
`BARRACUDA`	Barracuda
`CHECKPOINT`	Check Point software technologies
`CISCO`	Cisco Systems
`FORTINET`	Fortinet
`JUNIPER`	Juniper Networks, Inc.
`MICROSOFT`	Microsoft Corporation
`PALO_ALTO`	Palo Alto Networks
`UNKNOWN`	Fallback value for unknown vendors
`VMWARE`	VMware, Inc.
`ZSCALER`	Zscaler

Types

`VersionStatus`

The progress status of a specific version of changes (IN_PROGRESS, COMPLETED, or ERROR).

Field Name	Description
`apiV1VersionId` - `String`	The internal unique identifier of the version in the legacy API.
`created` - `DateTime`	The date and time that the version was created.
`status` - `ProgressStatus`	The progress status of the version processing.
`steps` - `[StepStatus!]`	The progress status of each version-related calculation.
Arguments `first` - `Int` default = `100` Limit results count to this amount. If no limit is explicitly set, the default limit is 100. `offset` - `Long` default = `0` Offset results for paging.
`versionId` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made.

Example

{
  "apiV1VersionId": "xyz789",
  "created": DateTime,
  "status": ProgressStatus,
  "steps": [StepStatus],
  "versionId": 123
}

Types

`ViolationOrigin`

This defines policy and device that the violating securityPolicies are installed on.

Field Name	Description
`securityPolicy` - `SecurityPolicy`	`SecurityPolicy` that the rule evaluates.
`violatingDevice` - `BasicDevice`	`Device` (such as physical devices, virtual devices, cloud, or managed devices) that the violating `securityPolicies` are installed on.

Example

{
  "securityPolicy": SecurityPolicy,
  "violatingDevice": BasicDevice
}

Types

`ViolationSeverity`

Level of risk of the violation.

Enum Value	Description
`CRITICAL`	The violation is critical.
`HIGH`	The violation is very risky.
`LOW`	The violation is not risky.
`MEDIUM`	The violation is not very risky.

Types

`Visibility`

Entity visibility definition.

Enum Value	Description
`PUBLIC`	Visible for all participants.

Types

`VpnCommunity`

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made

Example

{
  "changed": DateTime,
  "comment": "xyz789",
  "device": BasicDevice,
  "id": ID,
  "name": "xyz789",
  "system": BasicSystem,
  "version": 987
}

Types

`VpnPredefinedValue`

Predefined values for VPN entities of type Any

Enum Value	Description
`ALL_COMMUNITIES`	Any VPN community
`ALL_GWTOGW`	Any gateway to gateway VPN
`ANY_VPN`	Any VPN

Types

`WorkFlowType`

The type of workflow.

Enum Value	Description
`DECOMMISSION_RULES`	Decommission rules.
`MODIFY_RULES`	Modify rules.
`RECERTIFY_RULES`	Recertify rules.

Types

`Zone`

Group of one or more interfaces or networks

Field Name	Description
`changed` - `DateTime`	The most recent time that this entity was directly modified
`comment` - `String`	A text comment associated with this entity
`device` - `BasicDevice`	The device that this entity belongs to
`id` - `ID!`	The internal unique identifier for this entity
`name` - `String`	The name of the entity
`system` - `BasicSystem`	The system (root device) that this entity belongs to
`version` - `Int!`	A sequential number assigned to each change to identify the order in which changes were made
`zoneType` - `ZoneType`	Device specific zone type

Example

{
  "changed": DateTime,
  "comment": "abc123",
  "device": BasicDevice,
  "id": ID,
  "name": "abc123",
  "system": BasicSystem,
  "version": 123,
  "zoneType": ZoneType
}

Types

`ZoneManualMappingInput`

Updates the mapping of the SecureTrack network zones for a specific interface and ZoneMappingType

Input Field	Description
`appliedToAnyDomain` - `Boolean!`	`True` indicates that the mapping of the device will be updated for All Domains. `False` indicates that the mapping will be updated only for the specified domain.
`deviceId` - `IdString!`	The Device ID
`domain` - `IdString`	The ID of the domain that the mapping will be updated for. Note: If `appliedToAnyDomain` is set to `True` this value is ignored.
`interfaceId` - `IdString!`	The Interface ID
`mappingType` - `ZoneMappingType!`	The `ZoneMappingType` value
`zonesIds` - `[ZoneMappingMutationsInput!]!`	List of SecureTrack network zone IDs that are manually mapped to the interface and the specified `ZoneMappingType`

Example

{
  "appliedToAnyDomain": false,
  "deviceId": IdString,
  "domain": IdString,
  "interfaceId": IdString,
  "mappingType": ZoneMappingType,
  "zonesIds": [ZoneMappingMutationsInput]
}

Types

`ZoneManualMappingResult`

Returns the status result when updating the mapping of SecureTrack network zones for a specific interface and ZoneMappingType

Field Name	Description
`resultStatus` - `ResultStatus!`	Status of the request to update the mapping of SecureTrack network zones for a specific interface and `ZoneMappingType`

Example

{"resultStatus": ResultStatus}

Types

`ZoneMappingActionType`

The action to perform on the zone mapping

Enum Value	Description
`ADD`	Add a zone to the zone mapping
`DELETE`	Delete a zone from the zone mapping
`EXCLUDE`	Exclude a zone from the zone mapping

Types

`ZoneMappingInput`

Mapping between the regulation zone to the SecureTrack network zone.

Input Field	Description
`appliedToAnyDomain` - `Boolean`
`domain` - `IdString`
`predefinedZoneName` - `Name!`	Regulation's zone name.
`securityZoneId` - `IdString!`	SecureTrack network zone ID.

Example

{
  "appliedToAnyDomain": false,
  "domain": IdString,
  "predefinedZoneName": Name,
  "securityZoneId": IdString
}

Types

`ZoneMappingMutation`

The ZoneMappingMutation entity enables you to add, update, or delete the mapping of SecureTrack network zones to a Device

Field Name	Description
`updateDeviceInclusionInCalculation` - `UpdateDeviceInclusionInCalculationResult!`	Update whether the Device is included in the violation calculation
Arguments `input` - `UpdateDeviceInclusionInCalculationInput!`
`updateMappings` - `ZoneManualMappingResult!`	Update the mapping of SecureTrack network zones for a specific interface and `ZoneMappingType`
Arguments `input` - `ZoneManualMappingInput!`
`updateProtectionMode` - `UpdateProtectionModeResult!`	Update the protection mode of the Device to the type of SecureTrack network zones that will be used in the violation calculation. Zones could be directly connected to the interface or have a route that passes through the interface.
Arguments `input` - `UpdateProtectionModeInput!`

Example

{
  "updateDeviceInclusionInCalculation": UpdateDeviceInclusionInCalculationResult,
  "updateMappings": ZoneManualMappingResult,
  "updateProtectionMode": UpdateProtectionModeResult
}

Types

`ZoneMappingMutationsInput`

Input Field	Description
`action` - `ZoneMappingActionType!`
`securityZoneId` - `IdString!`

Example

{
  "action": ZoneMappingActionType,
  "securityZoneId": IdString
}

Types

`ZoneMappingType`

The ZoneMappingType identifies whether the connection is a direct connection between two devices, or is routed through multiple devices

Enum Value	Description
`DIRECTLY_CONNECTED`	Zones are directly connected to the interface
`ROUTE`	Zones have a connection that is routed through multiple devices

Types

`ZonePair`

Either or both - fromZone or toZone may be empty. An empty zone is considered as 'all' zones in the given usp.

Field Name	Description
`fromZone` - `SecurityZone`	SecureTrack zone.
`toZone` - `SecurityZone`	SecureTrack zone.

Example

{
  "fromZone": SecurityZone,
  "toZone": SecurityZone
}

Types

`ZonePairInput`

Input Field	Description
`fromZone` - `IdString`
`toZone` - `IdString`

Example

{
  "fromZone": IdString,
  "toZone": IdString
}

Types

`ZonePredefinedValue`

Predefined values to define Any zone

Enum Value	Description
`ANY_ZONE`	Any zone

Types

`ZoneToZoneUspRequirementMatcher`

The USP pair (source zone, destination zone) that the USP requirement applies to.

Field Name	Description
`destination` - `SecurityZone`	The destination zone.
`source` - `SecurityZone`	The source zone.

Example

{
  "destination": SecurityZone,
  "source": SecurityZone
}

Types

`ZoneType`

Device specific zone type

Enum Value	Description
`ZONE_LAYER2`	Zone of layer 2 trunk ports
`ZONE_LAYER3`	Zone of layer 3 trunk ports
`ZONE_TUNNEL`	Zone of VPN tunnels

Types

`ZonesRelation`

Zone relation definition on device side

Enum Value	Description
`INTERZONE`	External zone
`INTRAZONE`	Internal zone
`UNIVERSAL`	Zone with not defined relation

Types

`countsOrderBy`

Enum Value	Description
`COUNT`
`GROUP`

Types

`orderDirection`

Enum Value	Description
`ASC`
`DESC`

Documentation by Anvil SpectaQL