Rule Hit Count
The Rule Hit Count feature is configured so only certain VENs can compute the rule hit counts and send the rule ID to the PCE.
Enabling Rule Hit Count
The Rule Hit Count feature is disabled by default on all the VENs and the PCE.
To use the Rule Hit Count feature, you must first enable it on the PCE and the relevant VENs.
Enable Rule Hit Count on a VEN
Use the following API to enable the feature on a VEN on all scopes:
PUT api/v2/orgs/:xorg_id/sec_policy/draft/firewall_settings
{
"rule_hit_count_enabled_scopes":[[]]
}This sample API can be used to enable features in specific scopes. This example enables the features on all VENs with labels 7 and 12.
{
"rule_hit_count_enabled_scopes": [
[
{
"label": {
"href": "/orgs/1/labels/7"
}
},
{
"label": {
"href": "/orgs/1/labels/12"
}
}
]
]
}Commit or provision these DRAFT changes.
POST /api/v2/orgs/:xorg_id/sec_policy
{
"update_description":"Enable rule hit count",
"change_subset": {
"firewall_settings":
[
{
"href":"/orgs/1/sec_policy/draft/firewall_settings"
}
]
}
}Disable the feature Rule Hit Count on all VENs:
PUT api/v2/orgs/:xorg_id/sec_policy/draft/firewall_settings
The property rule_hit_count_enabled_scopes was added to this API:
{
"rule_hit_count_enabled_scopes": []
} Enable Rule Hit Count on a PCE
Use the following API to enable the feature on a PCE:
PUT /api/v2/orgs/:xorg_id/report_templates/rule_hit_count_report
{
"enabled": true
}Generating Rule Hit Count Reports
A Rule Hit Count report can be either a scheduled report generated on a recurrent basis or an ad-hoc report.
To generate the Rule Hit Count report, two new schemas have been introduced: rule_hit_count_ report_params and rule_set_lists: