On This Page
Running the APG CLI
Overview
After you prepare the log files (Getting Logs for APG), you can generate an actual firewall policy from the log files with the command:
st_apg_gen <parameters>
where <parameters> is a list of any of the following parameters. Each parameter name is followed by =<value>, for example:
[<ADMIN> ~]# kubectl exec -it deployment/device-collector -c device-collector bash
[<ADMIN> ~]# st_apg_gen --conf=/usr/local/st/conf/apg_conf.xml --input=logs.txt --output=policy --output-format=html --min-net-coverage=10 --min-net-size=28 --include-broadcast=0 --any-threshold=100Input/Output Parameters
|
Parameter |
Description |
|---|---|
--conf
|
The APG configuration file. The default is located in /usr/local/st/conf/apg_conf.xml. |
--input
|
A prepared log file (Getting Logs for APG). |
--output
|
A prefix for the output filename. The APG output phase (default: 5) and an extension will be appended to the filename. |
--output-format
|
The format for the generated firewall policy. The value must be one of the following:
|
Parameters for rule consolidation
|
Parameter |
Description |
|---|---|
--min-net-coverage
|
An integer between 1 and 100, indicating the minimum percentage that logged traffic needs to be of a network for network consolidation. |
--min-net-size
|
An integer between 1 and 32, indicating the minimal subnet length (in CIDR notation) that is allowed to be created by network consolidation. |
--include-broadcast
|
Determines whether to include the broadcast address in network consolidation. Possible values are 0 and 1. |
--any-threshold
|
An integer indicating the minimum number of traffic logs for Any consolidation. |
Was this helpful?
Thank you!
We’d love your feedback
We really appreciate your feedback
Send this page to a colleague