Organization Settings
Organization Settings
For Organization Settings parameters, properties, JSON request and response bodies, and example curl commands, see "Organization Settings" in Illumio Core REST API Reference.
Get Events Settings
Returns events settings information.
Syslog Destinations
Use this API to specify a local syslog location and/or one or more remote syslog locations.
Enabling clone detection
In some cases, users need to disable clone detection as a safety valve. For example, if a customer has workloads in a particular environment that behaves unexpectedly, they might end up with runaway clones being activated.
Functionality | HTTP | Properties added | URI |
|---|---|---|---|
For VEN or URI to fetch the current clone detection settings. Authorization is for the org user and interservice. |
|
|
|
For org admin to set new clone detection settings. Authorization is for the org admin. |
|
|
|
Two properties have been added to the schemas settings_get and settings_put:
clone_detection_enabled
automatic_clone_reactivation
Depending whether they are added to the PUT or GET method, they require different type of authorization: org admin for PUT and org user or interservice authorization for GET.
If
automatic_clone_reactivationisdisabled, there is no automatic clone reactivation
Examples for Organization Settings
Example JSON Response Body for Get Events Settings
{
"audit_event_retention_seconds": 180,
"audit_event_min_severity": "informational",
"format": "JSON"
}
Update Events Settings
Example JSON Request Body for Update Events
{
"audit_event_retention_seconds": 90,
"audit_event_min_severity": "informational"
}Example JSON Response Body with Local and Remote Syslog Location Information
[
{
"href": "/api/v2/orgs/1/settings/syslog/destinations/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"pce_scope": [ "remote-my-company0.com", "remote-my-company1.com" ],
"type": "remote_syslog",
"description": "remotesyslog",
"audit_event_logger": {
"configuration_event_included": true,
"system_event_included": false,
"min_severity": "warning"
},
"traffic_event_logger": {
"traffic_flow_allowed_event_included": true,
"traffic_flow_potentially_blocked_event_included": true,
"traffic_flow_blocked_event_included": true
},
"node_status_logger": {
"node_status_included": true
},
"remote_syslog": {
"address" : "my-company-20.com",
"port" : 12345,
"protocol" : 6,
"tls_enabled" : false,
"tls_verify_cert" : false
}
}
]Get a Specified Syslog Destination
Returns information about one syslog destination.
Example JSON Response Body with Remote Syslog Location Information
{
"href": "/api/v2/orgs/1/settings/syslog/destinations/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"pce_scope": [ "remote-my-company0.com", "remote-my-company1.com" ],
"type": "remote_syslog",
"description": "remotesyslog",
"audit_event_logger": {
"configuration_event_included": true,
"system_event_included": false,
"min_severity": "warning"
},
"traffic_event_logger": {
"traffic_flow_allowed_event_included": true,
"traffic_flow_potentially_blocked_event_included": true,
"traffic_flow_blocked_event_included": true
},
"node_status_logger": {
"node_status_included": true
},
"remote_syslog": {
"address" : "my-company-20.com",
"port" : 12345,
"protocol" : 6,
"tls_enabled" : false,
"tls_verify_cert" : false
}
}Create a Syslog Destination
Creates a local and remote syslog destination.
Example JSON Request Body to Create a Remote Syslog Destination
{
"pce_scope": [ "my-company0.com", "my-company1.com", "my-company2.com" ],
"type": "remote_syslog",
"description": "remote syslog",
"audit_event_logger": {
"configuration_event_included": true,
"system_event_included": false,
"min_severity": "warning"
},
"traffic_event_logger": {
"traffic_flow_allowed_event_included": true,
"traffic_flow_potentially_blocked_event_included": true,
"traffic_flow_blocked_event_included": true
},
"node_status_logger": {
"node_status_included": true
},
"remote_syslog": {
"address" : "my-company-20.com",
"port" : 12345,
"protocol" : 6,
"tls_enabled" : false,
"tls_verify_cert" : false
}
}Example JSON Request Body to Update a Syslog Destination
{
"href": "/api/v2/orgs/1/settings/syslog/destinations/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"pce_scope": [ "my-company0.com", "my-company1.com", "my-company2.com" ],
"type": "remote_syslog",
"description": "localhost syslog",
"audit_event_logger": {
"configuration_event_included": true,
"system_event_included": true,
"min_severity": "informational"
},
"traffic_event_logger": {
"traffic_flow_allowed_event_included": true,
"traffic_flow_potentially_blocked_event_included": true,
"traffic_flow_blocked_event_included": true
},
"node_status_logger": {
"node_status_included": false
},
"remote_syslog": {
"address" : "my-company-20.com",
"port" : 67890,
"protocol" : 6,
"tls_enabled" : false,
"tls_verify_cert" : false
}
}Examples for Enabling clone detection:
(only new fileds in the schema settings_get are shown)
"clone_detection_enabled": {
"description": "When true, clone detection is done for this org",
"type": "boolean"
},
"automatic_clone_reactivation": {
"description": "When true, automatic clone reactivation should be done on clone detection for this org",
"type": "string",
"enum": [ "disabled", "windows_domain_joined_workloads_only" ]
}Example reply (only for "clone_detection_enabled")
{
"clone_detection_enabled": true,
"automatic_clone_reactivation": "windows_domain_joined_workloads_only"
}