add_action_to_fam_rule

This command adds an action to an existing FAM rule.

This API is available in Guardium V10.1.4 and later.

REST API syntax

This API is available as a REST service with the POST method. Call this API as follows:
POST https://[Guardium hostname or IP address]:8443/restAPI/addActionToFAMRule

GuardAPI syntax

add_action_to_fam_rule parameter=value

Parameters

Parameter Value type Description
actionName String Required. The action taken when the rule criteria are met. Valid values:
  • Alert and audit: Send an alert directly generated from the sniffer with specific behavior, and log the event.
  • Audit only: Log the event in GDM tables
  • Block, log violation, and audit: Block access to the object, log a policy violation, and log the event. A blocking action requires an alert configuration as well.
  • Ignore: No action taken.
  • Log as violation and audit: Log this as a policy violation and log the event.
alertReceiver String AlertReceiver is any user of the appliance like admin, etc.
classDestination String For valid values, call add_action_to_fam_rule from the command line with --help=true.
command String The command name to be included in the rule. For valid values, call add_action_to_fam_rule from the command line with --help=true.
commandGroup String Name of command group to be included in the rule.
commandGroupId Integer ID of command group to be included in the rule.
messageTemplate String Name of message template. For valid values, call add_action_to_fam_rule from the command line with --help=true.
notificationType String For valid values, call add_action_to_fam_rule from the command line with --help=true.
policyName String Required. Valid values: For valid values, call add_action_to_fam_rule from the command line with --help=true.
ruleName String Required. Rule that is getting modified with this command.