create_group

This command defines a group.

This API is available in Guardium V9.5 and later.

REST API syntax

This API is available as a REST service with the POST method. Call this API as follows:
POST https://[Guardium hostname or IP address]:8443/restAPI/group

GuardAPI syntax

create_group parameter=value

Parameters

Parameter Value type Description
appid String Required. For valid values, call create_group from the command line with --help=true.
category String A category is an optional label that is used to group policy violations and groups for reporting.
classification String A classification is an optional label that is used to group policy violations and groups for reporting.
desc String Required. Enter a unique description for the new group.
hierarchical String Valid values:
  • true
  • false
tuple_parameters String Required. Valid values:
  • client_ip
  • client_host_name
  • server_ip
  • server_host_name
  • source_program
  • db_name
  • db_user
  • service_name
  • app_user_name
  • os_user
  • db_type
  • net_protocol
  • command
  • server_port
  • sender_ip
  • server_description
  • analyzed_client_ip
  • incident
  • session
  • client_os_name
  • server_os_name
  • db_prototype
  • field_name
  • error_code
type String Required. For valid values, call create_group from the command line with --help=true.

Examples

Use this command to create a public OBJECTS group named A public group:

grdapi create_group desc="A public group" type=OBJECTS  appid=Public