https://server-name/ws/powerscui/command

Handled headers

Accept - define output format (application/json, application/xml), default is application/json

List of resources

/ws/powerscui/command/results - resource to retrieve command execution result

Methods

POST
Submit command to execute
URL Parameters
- denaliSessionId (required) - current session identifier.
Required content

<SubmitOrderList>

Result

<SubmitResultList>

Data structures

SubmitOrderList


       { "orders" : [ <SubmitOrder>, <SubmitOrder>, <SubmitOrder>, ... ] }

SubmitOrder

 {
          "commandName" : <commandName>,
          "elementId" : <uid>,
          "arguments" : <commandArguments>,
        }

SubmitResultList

{ "results" : [ <SubmitResult>, <SubmitResult>, <SubmitResult>, ... ] }

SubmitResult

{
          "elementId" : <uid>,
          "commandName" : <commandName>,
          "resultKey" : <submitResultKey>,
          "result" : <submitResult>
        }

submitResultKey


One of the following:

FORBIDDEN - authenticated user has no rights for the operation
BAD_REQUEST - request is malformed
NO_PROFILE_FOUND - specific for profiles commands
INTERNAL_SERVER_ERROR - internal server error occurred
OK - the command successfully committed to execute

submitResult

<executionKey> or error message

monFileListItem

{
          "fileName" : <String>,
          "modFile" : <Boolean>,
          "modFileAttr" : <Boolean>,
          "modDir" : <Boolean>
        }

teFileList

{
          "fileName" : <String>,
          "isMonitored" : <Boolean>,
          "isVolatile" : <Boolean>
        }

fapolicydFileList

{
          "fileName" : <String>
        }

fapolicydFileListItem

{
          "fileName" : <String>
        }

teFileListItem

{
          "name" : <String>,
          "timestamp" : <String>
        }

fileListItem

{
          "name" : <String>,
          "directory" : <String>
        }

commandArguments

This should be a set of key values in JSON format. Refer to the tables below for command and required arguments information.

commandName

Refer to the following table for Compliance command information.

Command name	Description	Required arguments
refreshStatus	Get currently applied profiles.	No arguments are required.
checkLevel	Check compliance level.	level Compliance level (-l argument of pscxpert).
applyLevel	Apply compliance level.	level Compliance level (-l argument of pscxpert)
checkProfile	Check compliance with a profile.	profileName Profile name (-P argument of pscxpert) The name should not contains a path
applyProfile	Apply compliance profile.	profileName Profile name (-P argument of pscxpert) The name should not contains a path
checkCompliance	Check compliance level against current rule type.	No arguments are required.
undoCompliance	Undoes the security settings that are applied.	No arguments are required.

Refer to the following table for Compliance profile command information:

Command name and description	Description	Required arguments
getProfile	Get profile XML file content from system.	profileName Profile XML file name The name should not contain a path.
putProfile	Get profile xml-file content from the specified library using the specified profile name, and put it to endpoint.	profileName Profile XML file name The name should not contain a path. profileLibrary The profile library name. The profile library variable may have two values: 'built-in' or 'custom'
deleteProfile	Delete profile XML file.	profileName Profile XML file name The name should not contain a path.
getProfileList	Get space-separated list of profile XML file names.	No arguments are required.

Refer to the following table for Real-time compliance profile command information:

Command name and description	Description	Required arguments
getRTCPolicy	Get RTC policy configuration in JSON format.	backupName (optional) Backed up RTC configuration file name The name should not contains a path
configureRTCPolicy	Change RTC policy.	policy RTC configuration key-value pairs in JSON format
getRTCMonitoredFileset	Get list of files monitored by RTC. This command returns JSON array of monFileListItem.	backupName (optional) Backed up RTC configuration file name The name should not contain a path.
changeRTCFilePolicy	Change list of monitored files.	fileList JSON array of <monFileListItem>
getRTCMonitoredFileBackupFileList	Get list of backed up policy files. This method return JSON array of backupFileListItem.	No arguments are required.
getRTCConfigurationBackupFileList	Get list of backed up configuration files. This method return JSON array ofbackupFileListItem.	No arguments are required.
turnOffRTC	Turn off (or turn on in a special case) RTC for a specified amount of time in minutes.	OffTimeout Timeout in minutes Special case: -1 - turn on permanently Special case: 1 - turn on immediately

Refer to the following table for Auditd command information:

Command name and description	Description	Required arguments
getAuditdMonitoredFileBackupFileList	Get list of backed up rules file. This method returns the JSON array of backupFileListItem.	No arguments are required.
getAuditdMonitoredFileset	Get list of filed monitored by Auditd. This command returns the JSON array of monFileListItem.	backupName (optional) Backed up auditd rules file The name should not contain a path.
changeAuditdFilePolicy	Change list of files monitored by Auditd.	fileList JSON array of monFileListItem command.
turnOffAuditd	Turn off (or turn on in special case) Auditd for a specified amount of time in minutes.	OffTimeout Specify timeout in minutes: Special case: -1 - turn on permanently Special case: 1 - turn on immediately

Refer to the following table for Trusted execution command information:

Command name and description	Description	Required arguments
getTEPolicy	Get trusted execution policy.	No arguments are required.
configureTEPolicy	Change trusted execution policy.	TE policy key value pairs in JSON format.
getTEMonitoredFileset	Get list of files monitored by TE. This command return JSON array of teFileListItem.	No arguments are required.
getFAPOLICYDMonitoredFileset	Get list of files monitored by fapolicyd. This command return JSON array of fapolicydFileListItem.	Arguments are required.
changeTEFilePolicy	Change list of files monitored by TE.	fileList JSON array of teFileListItem.
changeFAPOLICYDFilePolicy	Change list of files monitored by FAPOLICYD	fileList JSON array of fapolicydFileListItem.
turnOffTE	Turn off (or turn on in special case) TE for a specified amount of time in minutes.	OffTimeout Specify timeout in minutes: Special case: -1 - turn on permanently Special case: 1 - turn on immediately
turnOffFAPOLICYD	Turn off (or turn on in special case) FAPOLICYD	OffTimeout Specify timeout in minutes: Special case: -1 - turn on permanently Special case: 1 - turn on immediately
runTSDScan	Check the security parameters stored in the TSD against the parameters of the actual files using trustchk -n ALL.	No arguments are required.

Refer to the following table for Up to date command information:

Command name and description	Description	Required arguments
verify	Check patch management status (up to date status).	No arguments are required.
update	Update system with patch management.	No arguments are required.

Refer to the following table for custom command information:

Command name and description	Description	Required arguments
getFileList	Get list of files. This command returns JSON array of <fileListItem>.	Path Path to file list.

Refer to the following table for PSAD command information:

Command name and description	Description	Required arguments
getPSADPolicy	Get the contents of the PSAD configuration file. This command returns the result key and status.	elementId The fully-qualified name of the system on which to execute the command.
configurePSADPolicy	Set the contents of the PSAD configuration file. Use the PowerSC GUI or run `getPSADPolicy` to get the current configuration file, make any needed changes, and paste in the revised string in `conf`.	elementId The fully-qualified name of the system on which to execute the command. arguments `{ "policy": { "conf": "string", "PSAD": "on" }`