create_policy

Edit online

This command creates a new policy.

This API is available in Guardium V9.5 and later.

REST API syntax

This API is available as a REST service with the POST method. Call this API as follows: 
POST https://[Guardium hostname or IP address]:8443/restAPI/policy

GuardAPI syntax

create_policy parameter=value

Parameters

Parameter Value type Description
baselineDesc String
Draft comment: MiriamLEZAK
What is this parameter?
categoryName String An existing data or file policy. For valid values, call create_policy from the command line with --help=true.
isFam Boolean Determines whether this policy is for file access monitoring. Valid values:
  • 0 (false): This is a data access monitoring policy.
  • 1 (true): This is a file access monitoring policy.

Default = 0 (false)

For more information, see Using rules for file activity policies.
logFlat Boolean Determine whether to use the flat log option for this policy. Valid values:
  • 0 (false)
  • 1 (true)

Default = 0 (false)

For more information, see Log flat.
pattern String A regular expression to match. For more information, see Pattern in Rule definition fields.
Draft comment: MiriamLEZAK
What's a pattern in this context? Is this the same as a Pattern from the Rule definition fields?
policyLevel String Valid values:
  • REGULAR
  • SESSION
  • FAM
  • FAM_SP
  • FAM_NAS
  • 0
  • 1
  • 2
  • 3
  • 4

Default = REGULAR

Draft comment: MiriamLEZAK
Where are the policy levels described? What do these all mean?
ruleSetDesc String Required. The name of this policy.
Draft comment: MiriamLEZAK
Is this correct?
rulesOnFlat Boolean Valid values:
  • 0 (false)
  • 1 (true)
Draft comment: MiriamLEZAK
Is rulesOnFlat only valid if logFlat = 1?

Default = 0 (false)

For more information, see Rules on flat.
securityPolicy Boolean Determines whether this policy uses a selective audit trail. Valid values:
  • 0 (false)
  • 1 (true)

Default = 0 (false)

For more information, see Selective audit trail.
api_target_host String

Specifies the target hosts where the API executes. Valid values:
  • all_managed: execute on all managed units but not the central manager
  • all: execute on all managed units and the central manager
  • group:<group name>: execute on all managed units identified by <group name>
  • host name or IP address of a managed unit: specified from the central manager to execute on a managed unit.  For example, api_target_host=10.0.1.123.
  • host name or IP address of the central manager: specified from a managed unit to execute on the central manager. For example, api_target_host=10.0.1.123.

IP addresses must conform to the IP mode of your network. For dual IP mode, use the same IP protocol with which the managed unit is registered with the central manager. For example, if the registration uses IPv6, specify an IPv6 address. The hostname is independent of IP mode and can be used with any mode.