Modify the action for an attack group

put

https://{hostname}/appsec/v1/configs/{configId}/versions/{versionNumber}/security-policies/{policyId}/attack-groups/{attackGroupId}

All products Update what action to take when an attack group's rule triggers. Use alert to record the trigger of the event, deny to block the request, or none to take no action. Currently the only field in the attack group object is action.

Path Params

configId

int64

required

A unique identifier for each configuration.

versionNumber

integer

required

A unique identifier for each version of a configuration.

policyId

string

required

A unique identifier for a security policy.

attackGroupId

string

required

A unique identifier for each attack group.

Query Params

accountSwitchKey

string

For customers who manage more than one account, this runs the operation from another account. The Identity and Access Management API provides a list of available account switch keys.

Body Params

action

string

enum

required

The attack group action, either alert, deny, or none.

Allowed:

Headers

string

enum

Defaults to application/json

Generated from available response content types

Allowed:

Responses

Language

URL

Response

Choose an example:

application/json

application/problem+json

200Successfully updated the attack group's action.

400Invalid. Client error, such as invalid or malformed input.

403Forbidden. You don't have permission to write to this resource.

404Not found. The security policy doesn't exist, doesn't carry application layer controls, or no rule with this ID is available for use in this policy.

500Internal server error. Something went wrong on our side. Try again in a few minutes or contact support if the error persists.