Cato Networks GraphQL API Reference

Reference documentation for Cato GraphQL API

Contact

Cato Networks Support

api@catonetworks.com

API Endpoints
https://api.catonetworks.com/api/v1/graphql2

Further readings

GraphQL Introspection Query

Use the GraphQL Introspection system to learn more about queries and types with the Cato API schema.

For more information, see the GraphQL Documentation.

API Labeling

EA: These APIs are part of Cato's EA program, if you’re interested in joining, please contact us at ea@catonetworks.com

Rollout: We are gradually rolling out these APIs, and they will be available to all accounts after a few weeks.

Beta: These APIs are fully operational but may undergo schema changes, including potential breaking changes, with limited advance notice—possibly as short as two weeks.

Queries

accountBySubdomain

Response

Returns [AccountDataPayload!]

Arguments
Name Description
accountID - ID!
subdomains - [String!]! a list of required subdomains

Example

Query
query accountBySubdomain($accountID:ID!, $subdomains:[String!]!) {
  accountBySubdomain(accountID:$accountID, subdomains:$subdomains) {
    id
    subdomain
  }
}
Variables
{"accountID": "123", "subdomains": ["company"]}
Response
{"data": {"accountBySubdomain": [{"id": "123", "subdomain": "company"}]}}

accountMetrics

Description

The accountMetrics query helps you analyze the state and quality of the connections of sites and SDP users to the Cato Cloud. This data is for the traffic inside the DTLS tunnel between the site and the Cato Cloud. accountMetrics shows historical metrics, statics, and analytics for the account.

Response

Returns an AccountMetrics

Arguments
Name Description
accountID - ID Unique Identifier of Account.
timeFrame - TimeFrame! The time frame for the data that the query returns. The argument is in the format type.time value. This argument is mandatory.
groupInterfaces - Boolean When the boolean argument groupInterfaces is set to true, then the data for all the interfaces are aggregated to a single interface.
groupDevices - Boolean

When the boolean argument groupDevices is set to true, then the analytics for all the Sockets (usually two in high availability) are aggregated as one result.

For the best results for aggregated Sockets, we recommend that there is consistent names and functionality (for example Destination) for the links on both Sockets.

Example

Query
query accountMetrics(
  $accountID:ID!,
  $timeFrame:TimeFrame!,
  $groupInterfaces: Boolean,
  $groupDevices: Boolean,
  $siteIDs: [ID!]
) {
  accountMetrics(
    accountID:$accountID,
    timeFrame: $timeFrame,
    groupInterfaces: $groupInterfaces,
    groupDevices: $groupDevices
  ) {
    id
    from
    to
    sites(siteIDs:$siteIDs) {
      id
      metrics {
        bytesUpstream
        bytesDownstream
      }
      interfaces {
        name
        metrics {
          bytesUpstream
          bytesDownstream
        }
      }
    }
  }
}
Variables
{
  "accountID": "123",
  "timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}",
  "groupInterfaces": false,
  "groupDevices": true,
  "siteIDs": ["456", "789"]
}
Response
{
  "data": {
    "accountMetrics": {
      "id": "123",
      "from": "2023-02-28T00:00:00Z",
      "to": "2023-02-28T23:59:59Z",
      "sites": [
        {
          "id": "456",
          "metrics": {"bytesUpstream": 122324400, "bytesDownstream": 8354720},
          "interfaces": [
            {
              "name": "WAN 01",
              "metrics": {
                "bytesUpstream": 122324400,
                "bytesDownstream": 8354720
              }
            }
          ]
        },
        {
          "id": "789",
          "metrics": {"bytesUpstream": 100254955, "bytesDownstream": 3907080},
          "interfaces": [
            {
              "name": "WAN 01",
              "metrics": {
                "bytesUpstream": 100254955,
                "bytesDownstream": 3907080
              }
            }
          ]
        }
      ]
    }
  }
}

accountRoles

Response

Returns an AccountRolesResult!

Arguments
Name Description
accountID - ID!
accountType - AccountType

Example

Query
query accountRoles($accountID:ID!){
  accountRoles(accountID: $accountID) {
    items {
      name
      isPredefined
    }
    total
  }
}
Variables
{"accountID": "123"}
Response
{
  "data": {
    "accountRoles": {
      "items": [
        {"name": "Editor", "isPredefined": true},
        {"name": "Viewer", "isPredefined": true},
        {"name": "Network admin", "isPredefined": true},
        {"name": "Security Admin", "isPredefined": true},
        {"name": "Access Admin", "isPredefined": true}
      ],
      "total": 5
    }
  }
}

accountSnapshot

Description

Current snapshot-based metrics that show near real‑time data for the account. Provides analytics that are similar to the Topology page for the account.

Response

Returns an AccountSnapshot

Arguments
Name Description
accountID - ID Unique Identifier of Account.

Example

Query
query accountSnapshot($accountID:ID!) {
  accountSnapshot(accountID:$accountID) {
    sites {
      connectivityStatus
      haStatus{
        readiness
        wanConnectivity
        keepalive
        socketVersion
      }
      operationalStatus
      lastConnected
      connectedSince
      devices {
        connected
        version
      }
    }
    users {
      connectivityStatus
      connectedInOffice
      name
      deviceName
    }
    timestamp
  }
}
Variables
{"accountID": "123"}
Response
{
  "data": {
    "accountSnapshot": {
      "sites": [
        {
          "connectivityStatus": "connected",
          "haStatus": {
            "readiness": "ready",
            "wanConnectivity": "ok",
            "keepalive": "ok",
            "socketVersion": "ok"
          },
          "operationalStatus": "active",
          "lastConnected": "2023-02-28T13:21:05Z",
          "connectedSince": "2023-02-27T15:10:06Z",
          "devices": [
            {"connected": true, "version": "17.0.16303"},
            {"connected": true, "version": "17.0.16303"}
          ]
        },
        {
          "connectivityStatus": "disconnected",
          "haStatus": null,
          "operationalStatus": "active",
          "lastConnected": "2020-03-11T13:43:40Z",
          "connectedSince": null,
          "devices": [{"connected": false, "version": ""}]
        }
      ],
      "users": [
        {
          "connectivityStatus": "connected",
          "connectedInOffice": false,
          "name": "Employee Domywork",
          "deviceName": "Employee’s MacBook Pro"
        },
        {
          "connectivityStatus": "connected",
          "connectedInOffice": false,
          "name": "Alice Bobs",
          "deviceName": "Alice’s MacBook Pro"
        }
      ],
      "timestamp": "2023-02-28T13:22:21Z"
    }
  }
}

admin

Response

Returns a GetAdminPayload

Arguments
Name Description
accountId - ID!
adminID - ID!

Example

Query
query admin($accountId:ID!, $adminID:ID!) {
  admin(accountId:$accountId, adminID:$adminID) {
    id
    firstName
    lastName
    email
    creationDate
    mfaEnabled
    managedRoles {
      role {
        name
      }
    }
  }
}
Variables
{"accountId": "123", "adminID": "456"}
Response
{
  "data": {
    "admin": {
      "id": "456",
      "firstName": "Name",
      "lastName": "Surname",
      "email": "name.surname@company.org",
      "creationDate": "Dec 27, 2020 9:30:34 AM",
      "mfaEnabled": false,
      "managedRoles": [{"role": {"name": "Viewer"}}]
    }
  }
}

admins

Response

Returns an AdminsResult

Arguments
Name Description
accountID - ID!
limit - Int
Default
50
from - Int
Default
0
search - String
Default
""
sort - [SortInput]
adminIDs - [ID!]

Example

Query
query admins($accountId:ID!, $limit: Int) {
  admins(accountID:$accountId, limit: $limit) {
    items {
      id
      email
      managedRoles {
        role {
          name
        }
      }
    }
    total
  }
}
Variables
{"accountId": "123", "limit": 2}
Response
{
  "data": {
    "admins": {
      "items": [
        {
          "id": "1",
          "email": "editor@company.org",
          "managedRoles": [{"role": {"name": "Editor"}}]
        },
        {
          "id": "2",
          "email": "viewer@company.org",
          "managedRoles": [{"role": {"name": "Viewer"}}]
        }
      ],
      "total": 3
    }
  }
}

appStats

Description

BETA

Response

Returns an AppStats

Arguments
Name Description
accountID - ID! Account ID
timeFrame - TimeFrame!
measures - [Measure]
dimensions - [Dimension]
filters - [AppStatsFilter!]
sort - [AppStatsSort!]

Example

Query
query appStats(
  $accountID:ID!, 
  $timeFrame:TimeFrame!,
  $measures: [Measure],
  $dimensions:[Dimension],
  $sort:[AppStatsSort!],
  $limit:Int,
  $from:Int,
) {
  appStats(
    accountID: $accountID,
    timeFrame: $timeFrame,
    measures: $measures,
    dimensions:$dimensions,
    sort:$sort,
  ) {
    from
    to
    records(limit:$limit, from:$from){
      fieldsMap
      fieldsUnitTypes
    }
  }
}
Variables
{
  "accountID": "123",
  "timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}",
  "dimensions": [{"fieldName": "app"}],
  "sort": [{"fieldName": "traffic", "order": "desc"}],
  "measures": [
    {"fieldName": "traffic", "aggType": "sum"},
    {"fieldName": "application", "aggType": "any"}
  ],
  "limit": 5,
  "from": 0
}
Response
{
  "data": {
    "appStats": {
      "from": "2023-02-28T00:00:00Z",
      "to": "2023-03-01T00:00:00Z",
      "records": [
        {
          "fieldsMap": {
            "app": "zoom",
            "application": "Zoom",
            "traffic": "95138282696"
          },
          "fieldsUnitTypes": ["none", "none", "bytes"]
        },
        {
          "fieldsMap": {
            "app": "udp",
            "application": "UDP",
            "traffic": "45401221439"
          },
          "fieldsUnitTypes": ["none", "none", "bytes"]
        },
        {
          "fieldsMap": {
            "app": "Tech",
            "application": "Technological apps",
            "traffic": "13982474567"
          },
          "fieldsUnitTypes": ["none", "none", "bytes"]
        },
        {
          "fieldsMap": {
            "app": "AppleSoftwareupdate",
            "application": "Apple software update",
            "traffic": "11624258191"
          },
          "fieldsUnitTypes": ["none", "none", "bytes"]
        }
      ]
    }
  }
}

appStatsTimeSeries

Description

BETA

Response

Returns an AppStatsTimeSeries

Arguments
Name Description
accountID - ID! Account ID
timeFrame - TimeFrame!
measures - [Measure]
dimensions - [Dimension]
filters - [AppStatsFilter!]

Example

Query
query appStatsTimeSeries(
  $accountID:ID!,
  $timeFrame:TimeFrame!,
  $measures: [Measure],
  $buckets:Int!
) {
  appStatsTimeSeries(
    accountID:$accountID,
    timeFrame:$timeFrame,
    measures: $measures
  ) {
    from
    to
    granularity
    timeseries(buckets:$buckets) {
      label
      data
      key {
        measureFieldName
      }
    }
  }
}
Variables
{
  "accountID": "123",
  "timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}",
  "measures": [
    {"fieldName": "upstream", "aggType": "sum"},
    {"fieldName": "downstream", "aggType": "sum"}
  ],
  "buckets": 5
}
Response
{
  "data": {
    "appStatsTimeSeries": {
      "from": "2023-02-28T00:00:00Z",
      "to": "2023-03-01T00:00:00Z",
      "granularity": 14400,
      "timeseries": [
        {
          "label": "sum(upstream)",
          "data": [
            [1677542400000, 77192],
            [1677556800000, 742410],
            [1677571200000, 5335372],
            [1677585600000, 2239509],
            [1677600000000, 0],
            [1677614400000, 0]
          ],
          "key": {"measureFieldName": "upstream"}
        },
        {
          "label": "sum(downstream)",
          "data": [
            [1677542400000, 209763],
            [1677556800000, 1713925],
            [1677571200000, 7719290],
            [1677585600000, 2573650],
            [1677600000000, 0],
            [1677614400000, 0]
          ],
          "key": {"measureFieldName": "downstream"}
        }
      ]
    }
  }
}

auditFeed

Description

Audit Feed for account changes

Response

Returns an AuditFeed

Arguments
Name Description
accountIDs - [ID!] List of Unique Account Identifiers.
timeFrame - TimeFrame!
filters - [AuditFieldFilterInput!]
marker - String Marker to use to get results from

Example

Query
query auditFeed($accountID:ID!, $timeFrame: TimeFrame!){
  auditFeed(accountIDs:[$accountID], timeFrame:$timeFrame) {
    from
    to
    fetchedCount
    accounts {
      id
      records{
        admin {
          name
        }
        object {
          name
        }
        time
        fields {
          name
          value {
            ... on Entity {
              name
              id
              type
            }
            ... on StringValue {
              string
            }
            ... on DateValue {
              date
            }
          }
        }
      }
    }
  }
}
Variables
{"accountID": "123", "timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}"}
Response
{
  "data": {
    "auditFeed": {
      "from": "2023-02-28T00:00:00Z",
      "to": "2023-02-28T23:59:59Z",
      "fetchedCount": 1,
      "accounts": [
        {
          "id": "123",
          "records": [
            {
              "time": "2023-02-28T08:48:21Z",
              "fields": [
                {
                  "name": "admin",
                  "value": {
                    "name": "admin@company.org",
                    "id": "456",
                    "type": "admin",
                    "__typename": "Entity"
                  }
                },
                {
                  "name": "change.Before.description",
                  "value": {
                    "string": "Description before change",
                    "__typename": "StringValue"
                  }
                },
                {
                  "name": "change.After.description",
                  "value": {
                    "string": "Description after change",
                    "__typename": "StringValue"
                  }
                },
                {
                  "name": "model_name",
                  "value": {"string": "Site name", "__typename": "StringValue"}
                },
                {
                  "name": "module",
                  "value": {
                    "string": "Configuration",
                    "__typename": "StringValue"
                  }
                },
                {
                  "name": "change_type",
                  "value": {"string": "MODIFIED", "__typename": "StringValue"}
                },
                {
                  "name": "creation_date",
                  "value": {
                    "string": "1677574090000",
                    "__typename": "DateValue"
                  }
                },
                {
                  "name": "model_type",
                  "value": {"string": "Site", "__typename": "StringValue"}
                },
                {
                  "name": "admin_id",
                  "value": {"string": "456", "__typename": "StringValue"}
                },
                {
                  "name": "insertion_date",
                  "value": {
                    "date": "2023-02-28T08:48:21Z",
                    "__typename": "DateValue"
                  }
                },
                {
                  "name": "account_id",
                  "value": {"string": "123", "__typename": "StringValue"}
                }
              ]
            }
          ]
        }
      ]
    }
  }
}

entityLookup

Description

Lookup entities with a specific type, potentially filtered and paged

Response

Returns an EntityLookupResult!

Arguments
Name Description
accountID - ID! The account ID (or 0 for non-authenticated requests)
type - EntityType! Type of entity to lookup for
limit - Int Sets the maximum number of items to retrieve
Default
50
from - Int Sets the offset number of items (for paging)
Default
0
parent - EntityInput Return items under a parent entity (can be site, vpn user, etc), used to filter for networks that belong to a specific site for example
search - String Adds additional search parameters for the lookup. Available options: country lookup: "removeExcluded" to return only allowed countries countryState lookup: country code ("US", "CN", etc) to get country's states
Default
""
entityIDs - [ID!] Adds additional search criteria to fetch by the selected list of entity IDs. This option is not universally available, and may not be applicable specific Entity types. If used on non applicable entity type, an error will be generated.
sort - [SortInput] Adds additional sort criteria(s) for the lookup. This option is not universally available, and may not be applicable specific Entity types.
filters - [LookupFilterInput] Custom filters for entityLookup
helperFields - [String!] Additional helper fields

Example

Query
query entityLookup($accountID:ID!, $limit:Int, $type:EntityType!) {
  entityLookup(accountID: $accountID, type:$type, limit: $limit) {
    items {
      entity{
        id
        name
      }
    }
    total
  }
}
Variables
{"accountID": "123", "limit": 2, "type": "site"}
Response
{
  "data": {
    "entityLookup": {
      "items": [
        {"entity": {"id": "45040", "name": "azure_test"}},
        {"entity": {"id": "75791", "name": "esx_test"}}
      ],
      "total": 5
    }
  }
}

events

Response

Returns an Events

Arguments
Name Description
accountID - ID! Account ID
timeFrame - TimeFrame!
measures - [EventsMeasure]
dimensions - [EventsDimension]
filters - [EventsFilter!]
sort - [EventsSort!]

Example

Query
query events($accountID:ID!, $timeFrame:TimeFrame!, ) {
  events(accountID: $accountID, timeFrame:$timeFrame, measures: {fieldName: event_count, aggType: sum}) {
    records {
      flatFields
      fieldsMap
    }
  }
}
Variables
{"accountID": "123", "timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}"}
Response
{
  "data": {
    "events": {
      "records": [
        {
          "flatFields": [["event_count", "2"]],
          "fieldsMap": {"event_count": "2"}
        }
      ]
    }
  }
}

eventsFeed

Description

Event Feed for events paged by a topic partitions offsets marker

Response

Returns an EventsFeedData

Arguments
Name Description
accountIDs - [ID!] List of Unique Account Identifiers.
filters - [EventFeedFieldFilterInput!]
marker - String Marker to use to get results from

Example

Query
query eventsFeed(
  $accountIDs: [ID!],
  $filters: [EventFeedFieldFilterInput!]
) {
  eventsFeed(
    accountIDs: $accountIDs,
    filters: $filters,
  ) {
    marker
    fetchedCount
    accounts {
      id
      errorString
      records {
        fieldsMap
      }
    }
  }
}
Variables
{
  "accountIDs": [123],
  "filters": [
    {
      "fieldName": "event_type",
      "operator": "is_not",
      "values": ["Sockets Management"]
    },
    {
      "fieldName": "event_sub_type",
      "operator": "is",
      "values": ["Disconnected"]
    }
  ]
}
Response
{
  "data": {
    "eventsFeed": {
      "marker": "W3siVG9waWMiOiIxODIiLCJQYXJ0aXRpb24iOjAsIk9mZnNldCI6MzIxNTM4fV0=",
      "fetchedCount": 1,
      "accounts": [
        {
          "id": "123",
          "errorString": "",
          "records": [
            {
              "fieldsMap": {
                "ISP_name": "IP Addresses Are Assigned Statically",
                "account_id": "123",
                "client_version": "8.0.4127",
                "event_count": "1",
                "event_sub_type": "Disconnected",
                "event_type": "Connectivity",
                "internalId": "7r0c7xUYIf",
                "link_type": "Cato",
                "pop_name": "Amsterdam",
                "socket_interface": "WAN1",
                "src_country": "Israel",
                "src_country_code": "IL",
                "src_is_site_or_vpn": "Site",
                "src_isp_ip": "1.2.3.4",
                "src_site": "native-range",
                "time": "1677170467000",
                "tunnel_protocol": "DTLS"
              }
            }
          ]
        }
      ]
    }
  }
}

eventsTimeSeries

Response

Returns an EventsTimeSeries

Arguments
Name Description
accountID - ID! Account ID
timeFrame - TimeFrame!
measures - [EventsMeasure]
dimensions - [EventsDimension]
filters - [EventsFilter!]

Example

Query
query eventsTimeSeries(
  $accountID: ID!,
  $filters: [EventsFilter!],
  $timeFrame: TimeFrame!,
  $measures: [EventsMeasure],
  $buckets: Int!
) {
  eventsTimeSeries(
    accountID: $accountID,
    filters: $filters,
    timeFrame:$timeFrame,
    measures: $measures
  ) {
    id
    from
    to
    granularity
    timeseries(buckets:$buckets) {
      label
      data
    }
  }
}
Variables
{
  "accountID": "4125",
  "timeFrame": "utc.2023-02-{28/00:00:00--28/23:59:59}",
  "measures": [{"fieldName": "event_count", "aggType": "sum"}],
  "buckets": 4
}
Response
{
  "data": {
    "eventsTimeSeries": {
      "id": "4125",
      "from": "2023-02-28T00:00:00Z",
      "to": "2023-03-01T00:00:00Z",
      "granularity": 21600,
      "timeseries": [
        {
          "label": "sum(event_count)",
          "data": [
            [1677542400000, 5],
            [1677564000000, 2],
            [1677585600000, 0],
            [1677607200000, 5]
          ]
        }
      ]
    }
  }
}

subDomains

Description

The subdomain query helps you retrieve the URL of an account. The usage of this query supports 3 different scenarios:

  1. Regular account - Return only 1 subdomain relating to the regular account
  2. Reseller account - Return all subdomains including the reseller account subdomain
  3. Reseller account - Return only the reseller account subdomain
Response

Returns [SubDomain!]!

Arguments
Name Description
accountID - ID! Unique Identifier of Account
managedAccount - Boolean When the boolean argument managedAccount is set to true (default), then the query returns all subdomains related to the account

Example

Query
query subDomains($accountID:ID!, $managedAccount:Boolean) {
  subDomains(accountID:$accountID, managedAccount:$managedAccount) {
      accountId
      accountName
      accountType
      subDomain
  }
}
Variables
{"accountID": "123", "managedAccount": true}
Response
{
  "data": {
    "subDomains": [
      {
        "accountId": "123",
        "accountName": "Gamma LLC",
        "accountType": "Reseller",
        "subDomain": "subdomain3"
      },
      {
        "accountId": "1235",
        "accountName": "Delta Inc.",
        "accountType": "Regular",
        "subDomain": "subdomain4"
      }
    ]
  }
}

AccountManagementQueries

account

Description

Read the account information

Response

Returns an AccountInfo

Example

Query
query getAccount($accountId:ID!) {
  accountManagement(accountId: $accountId) {
    account {
      description
      id
      name
      tenancy
      timeZone
      type
      audit {
        createdBy
        createdTime
      }
    }
  }
}
Variables
{"accountId": "456"}
Response
{
  "data": {
    "accountManagement": {
      "account": {
        "description": "account description",
        "id": "456",
        "name": "name",
        "tenancy": "SINGLE_TENANT",
        "timeZone": "Australia/ACT",
        "type": "CUSTOMER",
        "audit": {
          "createdBy": "main@admin.com",
          "createdTime": "2024-08-14T09:34:24Z"
        }
      }
    }
  }
}

AppTenantRestrictionPolicyQueries

policy

Beta
Response

Returns an AppTenantRestrictionPolicy!

Arguments
Name Description
input - AppTenantRestrictionPolicyInput

Example

Query

                        query AppTenantRestriction($accountId: ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    policy {
                                        enabled
                                        rules {
                                            properties
                                            rule {
                                                id
                                                index
                                                name
                                            }
                                        }
                                        sections {
                                            properties
                                            section {
                                                id
                                                name
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "appTenantRestriction": {
        "policy": {
          "enabled": false,
          "rules": [
            {
              "properties": [],
              "rule": {
                "id": "5e38909c-d5f4-4132-98eb-7efd28ca5ca5",
                "index": 1,
                "name": "App Tenant Restriction Rule 1"
              }
            }
          ],
          "sections": [
            {
              "properties": [],
              "section": {
                "id": "0f61ccb5-1912-4bc0-ade6-06fc684b561f",
                "name": "Section 1"
              }
            }
          ]
        }
      }
    }
  }
}

revisions

Beta
Response

Returns a PolicyRevisionsPayload

Example

Query

                        query AppTenantRestriction($accountId: ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    revisions {
                                        revision {
                                            name
                                            changes
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "appTenantRestriction": {
        "revisions": {
          "revision": [
            {"name": "Test Revision", "changes": 0},
            {"name": "Test Revision", "changes": 0},
            {"name": "Test Revision", "changes": 0},
            {"name": "Test Revision", "changes": 0},
            {"name": "Test Revision", "changes": 0}
          ]
        }
      }
    }
  }
}

ContainerQueries

list

Beta
Response

Returns a ContainerSearchPayload!

Arguments
Name Description
input - ContainerSearchInput!

Example

Query

                        query listContainers($accountId:ID!, $input:ContainerSearchInput!)  {
                            container(accountId: $accountId) {
                                list(input: $input) {
                                    containers {
                                        __typename
                                        id
                                        name
                                        description
                                        size
                                        audit {
                                            createdBy
                                            createdAt
                                            lastModifiedBy
                                            lastModifiedAt
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{
  "accountId": 12345,
  "input": {
    "refs": [{"by": "NAME", "input": "Some Container"}],
    "types": ["FQDN"]
  }
}
Response
{
  "data": {
    "container": {
      "list": {
        "containers": [
          {
            "__typename": "FqdnContainer",
            "id": "1234567890",
            "name": "Some Container",
            "description": "Description of some container",
            "size": 100,
            "audit": {
              "createdBy": "some.admin@catonetworks.com",
              "createdAt": "2024-09-18T14:31:03Z",
              "lastModifiedBy": "some.admin@catonetworks.com",
              "lastModifiedAt": "2024-09-18T14:31:03Z"
            }
          }
        ]
      }
    }
  }
}

FqdnContainerQueries

downloadFile

Beta
Arguments
Name Description
input - DownloadFqdnContainerFileInput!

Example

Query

                          query downloadFqdnFile($accountId:ID!, $input:DownloadFqdnContainerFileInput!)  {
                              container(accountId: $accountId) {
                                  fqdn {
                                      downloadFile(input: $input) {
                                          id
                                          name
                                          encodedFile
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{"accountId": 12345, "input": {"by": "NAME", "input": "Some Container"}}
Response
{
  "data": {
    "container": {
      "fqdn": {
        "downloadFile": {
          "id": "1234567890",
          "name": "Some Container",
          "encodedFile": "MTkwLjIwLjI0LjM2LTE5MC4yMC4yNC4yMzYKMjAuMTAuMTMuMjcKMTgzLjEzLjU0LjIzNA=="
        }
      }
    }
  }
}

search

Beta
Response

Returns a FqdnContainerSearchPayload!

Arguments
Name Description
input - FqdnContainerSearchInput!

Example

Query

                          query searchIpContainer($accountId:ID!, $input:FqdnContainerSearchInput!)  {
                              container(accountId: $accountId) {
                                  fqdn {
                                      search(input: $input) {
                                          container {
                                              __typename
                                              id
                                              name
                                              description
                                              size
                                              audit {
                                                  createdBy
                                                  createdAt
                                                  lastModifiedBy
                                                  lastModifiedAt
                                              }
                                          }
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{
  "accountId": 12345,
  "input": {"ref": {"by": "NAME", "input": "Some Container"}}
}
Response
{
  "data": {
    "container": {
      "fqdn": {
        "search": {
          "container": {
            "__typename": "FqdnContainer",
            "id": "1234567890",
            "name": "Some Container",
            "description": "Description of some container",
            "size": 100,
            "audit": {
              "createdBy": "some.admin@catonetworks.com",
              "createdAt": "2024-09-18T14:31:03Z",
              "lastModifiedBy": "some.admin@catonetworks.com",
              "lastModifiedAt": "2024-09-18T14:31:03Z"
            }
          }
        }
      }
    }
  }
}

searchFqdn

Beta
Response

Returns a FqdnContainerSearchFqdnPayload!

Arguments
Name Description
input - FqdnContainerSearchFqdnInput!

Example

Query

                          query searchIpInContainer($accountId:ID!, $input:FqdnContainerSearchFqdnInput!)  {
                              container(accountId: $accountId) {
                                  fqdn {
                                      searchFqdn(input: $input) {
                                          containers {
                                              __typename
                                              id
                                              name
                                              description
                                              size
                                              audit {
                                                  createdBy
                                                  createdAt
                                                  lastModifiedBy
                                                  lastModifiedAt
                                              }
                                          }
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{"accountId": 12345, "input": {"fqdn": "google.com"}}
Response
{
  "data": {
    "container": {
      "fqdn": {
        "searchFqdn": {
          "containers": [
            {
              "__typename": "FqdnContainer",
              "id": "1234567890",
              "name": "Some Container",
              "description": "Description of some container",
              "size": 100,
              "audit": {
                "createdBy": "some.admin@catonetworks.com",
                "createdAt": "2024-09-18T14:31:03Z",
                "lastModifiedBy": "some.admin@catonetworks.com",
                "lastModifiedAt": "2024-09-18T14:31:03Z"
              }
            }
          ]
        }
      }
    }
  }
}

IpAddressRangeContainerQueries

downloadFile

Beta
Arguments
Name Description
input - DownloadIpAddressRangeContainerFileInput!

Example

Query

                          query downloadIpAddressNameFile($accountId:ID!, $input:DownloadIpAddressRangeContainerFileInput!)  {
                              container(accountId: $accountId) {
                                  ipAddressRange {
                                      downloadFile(input: $input) {
                                          id
                                          name
                                          encodedFile
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{"accountId": 12345, "input": {"by": "NAME", "input": "Some Container"}}
Response
{
  "data": {
    "container": {
      "ipAddressRange": {
        "downloadFile": {
          "id": "1234567890",
          "name": "Some Container",
          "encodedFile": "ZXhhbXBsZS5jb20KZ29vZ2xlLmNvbQphbWF6b20uY29t"
        }
      }
    }
  }
}

search

Beta
Arguments
Name Description
input - IpAddressRangeContainerSearchInput!

Example

Query

                          query searchIpContainer($accountId:ID!, $input:IpAddressRangeContainerSearchInput!)  {
                              container(accountId: $accountId) {
                                  ipAddressRange {
                                      search(input: $input) {
                                          container {
                                              __typename
                                              id
                                              name
                                              description
                                              size
                                              audit {
                                                  createdBy
                                                  createdAt
                                                  lastModifiedBy
                                                  lastModifiedAt
                                              }
                                          }
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{
  "accountId": 12345,
  "input": {"ref": {"by": "NAME", "input": "Some Container"}}
}
Response
{
  "data": {
    "container": {
      "ipAddressRange": {
        "search": {
          "container": {
            "__typename": "IpAddressRangeContainer",
            "id": "1234567890",
            "name": "Some Container",
            "description": "Description of some container",
            "size": 100,
            "audit": {
              "createdBy": "some.admin@catonetworks.com",
              "createdAt": "2024-09-18T14:31:03Z",
              "lastModifiedBy": "some.admin@catonetworks.com",
              "lastModifiedAt": "2024-09-18T14:31:03Z"
            }
          }
        }
      }
    }
  }
}

searchIpAddressRange

Beta

Example

Query

                          query searchIpInContainer($accountId:ID!, $input:IpAddressRangeContainerSearchIpAddressRangeInput!)  {
                              container(accountId: $accountId) {
                                  ipAddressRange {
                                      searchIpAddressRange(input: $input) {
                                          containers {
                                              __typename
                                              id
                                              name
                                              description
                                              size
                                              audit {
                                                  createdBy
                                                  createdAt
                                                  lastModifiedBy
                                                  lastModifiedAt
                                              }
                                          }
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{
  "accountId": 12345,
  "input": {"ipAddressRange": {"from": "190.20.24.36", "to": "190.20.24.236"}}
}
Response
{
  "data": {
    "container": {
      "ipAddressRange": {
        "searchIpAddressRange": {
          "containers": [
            {
              "__typename": "IpAddressRangeContainer",
              "id": "1234567890",
              "name": "Some Container",
              "description": "Description of some container",
              "size": 100,
              "audit": {
                "createdBy": "some.admin@catonetworks.com",
                "createdAt": "2024-09-18T14:31:03Z",
                "lastModifiedBy": "some.admin@catonetworks.com",
                "lastModifiedAt": "2024-09-18T14:31:03Z"
              }
            }
          ]
        }
      }
    }
  }
}

DynamicIpAllocationPolicyQueries

policy

Beta
Response

Returns a DynamicIpAllocationPolicy!

Arguments
Name Description
input - DynamicIpAllocationPolicyInput

Example

Query

                        query DynamicIpAllocation($accountId: ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    policy {
                                        enabled
                                        rules {
                                            properties
                                            rule {
                                                id
                                                index
                                                name
                                                range {
                                                    globalIpRange{
                                                        id
                                                        name
                                                    }
                                                }
                                            }
                                        }
                                        sections {
                                            properties
                                            section {
                                                id
                                                name
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "dynamicIpAllocation": {
        "policy": {
          "enabled": false,
          "rules": [
            {
              "properties": [],
              "rule": {
                "id": "3c345055-4f14-48dc-ab8c-5b5db9d778fc",
                "index": 1,
                "name": "Rule2",
                "range": {
                  "globalIpRange": {"id": "1927109", "name": "12.22.17.0/24"}
                }
              }
            },
            {
              "properties": [],
              "rule": {
                "id": "eb2d4d79-0149-4839-a5c4-fc167211dbe6",
                "index": 2,
                "name": "Rule1",
                "range": {
                  "globalIpRange": {"id": "1927108", "name": "12.22.16.0/24"}
                }
              }
            },
            {
              "properties": [],
              "rule": {
                "id": "2c25bae8-f787-4098-b3c2-6057e5fe8537",
                "index": 3,
                "name": "Updated rule name",
                "range": {
                  "globalIpRange": {"id": "1927110", "name": "12.22.18.0/24"}
                }
              }
            }
          ],
          "sections": [
            {
              "properties": [],
              "section": {
                "id": "54a367d6-75da-4399-bc03-65170ea97d3f",
                "name": "Updated section new to the new name"
              }
            },
            {
              "properties": [],
              "section": {
                "id": "83e54a6a-9998-4fcf-b1a1-5313e52cc5f0",
                "name": "New section2"
              }
            },
            {
              "properties": [],
              "section": {
                "id": "0495cf5e-1598-4f34-8c01-94970620c68f",
                "name": "New section 2"
              }
            }
          ]
        }
      }
    }
  }
}

revisions

Beta
Response

Returns a PolicyRevisionsPayload

Example

Query

                        query DynamicIpAllocation($accountId: ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    revisions {
                                        revision {
                                            name
                                            changes
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "dynamicIpAllocation": {
        "revisions": {"revision": [{"name": "Test Revision", "changes": 0}]}
      }
    }
  }
}

HardwareManagementQueries

socketInventory

Beta
Description

Retrieve the account socket inventory

Response

Returns a SocketInventoryPayload!

Arguments
Name Description
input - SocketInventoryInput

Example

Query
query socketInventory($accountId: ID!, $input: SocketInventoryInput!) {
    hardwareManagement(accountId: $accountId) {
        socketInventory(input: $input) {
            items {
                id
                status
                serialNumber
                socketMac
                socketVersion
                site {
                    id
                    name
                }
                account {
                    id
                    name
                }
                shippingDate
                socketType
                trackingUrl
                trackingNumber
                shippingCompany
                deliverySiteName
                description
            }
            pageInfo {
        total
      }
        }
    }
}
Variables
{
  "accountId": "123456",
  "input": {
    "paging": {"limit": 25, "from": 0},
    "filter": {"freeText": {"search": "search"}},
    "sort": {"deliverySiteName": {"direction": "ASC"}}
  }
}
Response
{
  "data": {
    "hardwareManagement": {
      "socketInventory": {
        "items": [
          {
            "id": "111111",
            "status": "DELIVERED",
            "serialNumber": "987654321",
            "socketMac": "00-B0-D0-63-C2-26",
            "socketVersion": "13.0.11395",
            "site": {"id": "010101", "name": "exampleSite"},
            "account": {"id": "123456", "name": "exampleAccount"},
            "shippingDate": "2024-05-22T08:36:58Z",
            "socketType": "X1500",
            "trackingUrl": "https://fedex.com/1111111",
            "trackingNumber": "1111111",
            "shippingCompany": "fedex",
            "deliverySiteName": "exampleWarehouse",
            "description": "example description"
          },
          {
            "id": "2222222",
            "status": "SHIPPED",
            "serialNumber": "123456789",
            "socketMac": "00-B0-D0-63-C2-27",
            "socketVersion": "13.0.11395",
            "site": {"id": "0202", "name": "exampleSite2"},
            "account": {"id": "123456", "name": "exampleAccount"},
            "shippingDate": "2024-05-22T08:36:58Z",
            "socketType": "X1700",
            "trackingUrl": "https://ups.com/2222222",
            "trackingNumber": "2222222",
            "shippingCompany": "ups",
            "deliverySiteName": "exampleWarehouse2",
            "description": "example description 2"
          }
        ],
        "pageInfo": {"total": 2}
      }
    }
  }
}

InternetFirewallPolicyQueries

policy

Beta
Response

Returns an InternetFirewallPolicy!

Arguments
Name Description
input - InternetFirewallPolicyInput

Example

Query

                        query InternetFirewall($accountId: ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    policy {
                                        enabled
                                        rules {
                                            properties
                                            rule {
                                                id
                                                index
                                                name
                                            }
                                        }
                                        sections {
                                            properties
                                            section {
                                                id
                                                name
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "internetFirewall": {
        "policy": {
          "enabled": false,
          "rules": [
            {
              "properties": ["SYSTEM"],
              "rule": {
                "id": "f99c880a-7474-42a7-9da1-828c2d93abe6",
                "index": 1,
                "name": "Block any P2P"
              }
            },
            {
              "properties": [],
              "rule": {
                "id": "8df22e9d-c5c2-417e-a282-7c9908bfc1f4",
                "index": 2,
                "name": "Default Block Tor, SMB, SMTP"
              }
            },
            {
              "properties": [],
              "rule": {
                "id": "d42482ef-cbf2-494d-9343-5dc6ca30f815",
                "index": 3,
                "name": "Default Block for Categories"
              }
            },
            {
              "properties": [],
              "rule": {
                "id": "5d04747f-b31f-4d7c-8c02-831f07df80b8",
                "index": 4,
                "name": "Default prompt for Categories"
              }
            }
          ],
          "sections": [
            {
              "properties": [],
              "section": {
                "id": "9ab458a3-a263-4ef7-ad6a-86de3cee7822",
                "name": "Updated section name"
              }
            }
          ]
        }
      }
    }
  }
}

revisions

Beta
Response

Returns a PolicyRevisionsPayload

Example

Query

                        query InternetFirewall($accountId: ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    revisions {
                                        revision {
                                            name
                                            changes
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "internetFirewall": {
        "revisions": {"revision": [{"name": "Test Revision", "changes": 0}]}
      }
    }
  }
}

LicensingQueries

licensingInfo

Beta
Description

BETA

Response

Returns a LicensingInfo

Example

Query
query licensingInfo($accountId: ID!){
                            licensing(accountId: $accountId) {
                                licensingInfo {
                                    globalLicenseAllocations {
                                        publicIps {
                                            total
                                            allocated
                                            available
                                        }
                                        ztnaUsers {
                                            total
                                            allocated
                                            available
                                        }
                                    }
                                    licenses {
                                        sku
                                        plan
                                        status
                                        expirationDate
                                        startDate
                                        lastUpdated
                                    
                                        ... on QuantifiableLicense {
                                            total
                                        }
                                        ... on DataLakeLicense {
                                            dpaVersion
                                        }
                                        ... on PooledBandwidthLicense {
                                            siteLicenseGroup
                                            siteLicenseType
                                            allocatedBandwidth
                                            sites {
                                                site {
                                                    id
                                                    name
                                                }
                                                allocatedBandwidth
                                            }
                                        }
                                        ... on SiteLicense {
                                            siteLicenseGroup
                                            regionality
                                            siteLicenseType
                                            site {
                                                id
                                                name
                                            }
                                        }
                                        ... on ZtnaUsersLicense {
                                            ztnaUsersLicenseGroup
                                        }
                                    }
                                }
                            }
                        }
                        
Variables
{"accountId": "12345"}
Response
{
  "data": {
    "licensing": {
      "licensingInfo": {
        "globalLicenseAllocations": {
          "publicIps": {"total": 68, "allocated": 0, "available": 68},
          "ztnaUsers": {"total": 15, "allocated": 5, "available": 10}
        },
        "licenses": [
          {
            "sku": "CATO_CASB",
            "plan": "COMMERCIAL",
            "status": "ACTIVE",
            "expirationDate": "2025-04-30T00:00:00.000Z",
            "startDate": "2024-04-24T21:00:00.000Z",
            "lastUpdated": "2024-04-30T08:14:29.884Z",
            "__typename": "CasbLicense"
          },
          {
            "sku": "CATO_DATALAKE_3M",
            "plan": "COMMERCIAL",
            "status": "ACTIVE",
            "expirationDate": "2025-04-30T00:00:00.000Z",
            "startDate": "2024-04-24T21:00:00.000Z",
            "lastUpdated": "2024-04-25T10:08:32.586Z",
            "total": 1,
            "dpaVersion": "DPA_2023_01",
            "__typename": "DataLakeLicense"
          },
          {
            "sku": "CATO_IP_ADD",
            "plan": "COMMERCIAL",
            "status": "ACTIVE",
            "expirationDate": "2025-04-30T00:00:00.000Z",
            "startDate": null,
            "lastUpdated": null,
            "total": 68,
            "__typename": "IpsLicense"
          },
          {
            "sku": "CATO_MDR",
            "plan": "COMMERCIAL",
            "status": "ACTIVE",
            "expirationDate": "2025-04-30T00:00:00.000Z",
            "startDate": "2024-04-24T21:00:00.000Z",
            "lastUpdated": "2024-04-30T08:14:30.294Z",
            "__typename": "ManagedXdrLicense"
          },
          {
            "sku": "CATO_PB",
            "plan": "COMMERCIAL",
            "status": "ACTIVE",
            "expirationDate": "2024-07-04T00:00:00.000Z",
            "startDate": "2024-03-31T00:00:00.000Z",
            "lastUpdated": "2024-03-31T11:26:19.233Z",
            "total": 250,
            "siteLicenseGroup": "GROUP_2",
            "siteLicenseType": "SASE",
            "allocatedBandwidth": 50,
            "sites": [
              {
                "site": {"id": "456", "name": "Tokyo"},
                "allocatedBandwidth": 20
              },
              {
                "site": {"id": "789", "name": "Sydney"},
                "allocatedBandwidth": 30
              }
            ],
            "__typename": "PooledBandwidthLicense"
          },
          {
            "sku": "CATO_ZTNA_USERS",
            "plan": "COMMERCIAL",
            "status": "ACTIVE",
            "expirationDate": "2025-04-30T00:00:00.000Z",
            "startDate": null,
            "lastUpdated": "2024-04-30T10:54:29.294Z",
            "total": 21,
            "ztnaUsersLicenseGroup": "GENERAL",
            "__typename": "ZtnaUsersLicense"
          },
          {
            "sku": "CATO_SITE",
            "plan": "COMMERCIAL",
            "status": "ACTIVE",
            "expirationDate": "2025-04-30T00:00:00.000Z",
            "startDate": "2024-04-24T21:00:00.000Z",
            "lastUpdated": "2024-04-30T16:45:10.517Z",
            "total": 100,
            "siteLicenseGroup": "GROUP_1",
            "regionality": null,
            "siteLicenseType": "SASE",
            "site": {"id": "123", "name": "London"},
            "__typename": "SiteLicense"
          },
          {
            "sku": "CATO_THREAT_PREVENTION",
            "plan": "COMMERCIAL",
            "status": "ACTIVE",
            "expirationDate": "2025-04-30T00:00:00.000Z",
            "startDate": "2024-04-24T21:00:00.000Z",
            "lastUpdated": "2024-04-25T10:08:32.464Z",
            "__typename": "ThreatPreventionLicense"
          }
        ]
      }
    }
  }
}

RemotePortFwdPolicyQueries

policy

Beta
Response

Returns a RemotePortFwdPolicy!

Arguments
Name Description
input - RemotePortFwdPolicyInput

Example

Query

                        query RemotePortFwdPolicy($accountId: ID!) {
                          policy(accountId: $accountId) {
                            remotePortFwd {
                              policy {
                                enabled
                                rules {
                                  rule {
                                    id
                                    name
                                    index
                                    enabled
                                    section {
                                      id
                                      name
                                    }
                                    description
                                    forwardIcmp
                                    externalIp {
                                      id
                                      name
                                    }
                                    externalPortRange {
                                      from
                                      to
                                    }
                                    internalIp
                                    internalPortRange {
                                      from
                                      to
                                    }
                                    remoteIPs {
                                      ip
                                      ipRange {
                                        from
                                        to
                                      }
                                      subnet
                                      globalIpRange {
                                        id
                                        name
                                      }
                                    }
                                    restrictionType
                                  }
                                }
                                sections {
                                  section {
                                    id
                                    name
                                  }
                                }
                              }
                            }
                          }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "remotePortFwd": {
        "policy": {
          "enabled": false,
          "rules": [
            {
              "rule": {
                "id": "4b80b0ac-94ea-45b8-9ae0-20d6104607ce",
                "name": "new rule",
                "index": 1,
                "enabled": true,
                "section": {
                  "id": "d11f742a-7b5b-4483-8b1f-71035de5406f",
                  "name": "My Section"
                },
                "description": "",
                "forwardIcmp": false,
                "externalIp": {
                  "id": "26",
                  "name": "site_test_4 - 192.168.1.16"
                },
                "externalPortRange": {"from": 75, "to": 75},
                "internalIp": "222.222.22.22",
                "internalPortRange": {"from": 75, "to": 75},
                "remoteIPs": {
                  "ip": ["192.168.1.1"],
                  "ipRange": [],
                  "subnet": [],
                  "globalIpRange": []
                },
                "restrictionType": "ALLOW_LIST"
              }
            }
          ],
          "sections": [
            {
              "section": {
                "id": "d11f742a-7b5b-4483-8b1f-71035de5406f",
                "name": "My Section"
              }
            }
          ]
        }
      }
    }
  }
}

revisions

Beta
Response

Returns a PolicyRevisionsPayload

Example

Query

                        query RemotePortFwd($accountId: ID!) {
                            policy(accountId: $accountId) {
                                remotePortFwd {
                                    revisions {
                                        revision {
                                            name
                                            changes
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "remotePortFwd": {
        "revisions": {
          "revision": [
            {"name": "Test Revision", "changes": 0},
            {"name": "Test Revision", "changes": 0},
            {"name": "Test Revision", "changes": 0}
          ]
        }
      }
    }
  }
}

SandboxQueries

reports

Beta Rollout
Description

Get a list of sandbox reports

Response

Returns a SandboxReportsPayload!

Arguments
Name Description
input - SandboxReportsInput

Example

Query
query Sandbox($accountId: ID!, $input: SandboxReportsInput) {
                          sandbox(accountId: $accountId) {
                            reports(input: $input) {
                              report {
                                fileName
                                fileHash
                                status
                                verdict
                                downloadUrl
                                creationDate
                                expirationDate
                              }
                              pageInfo {
                                total
                              }
                            }
                          }
                        }
                        
                        
Variables
{
  "accountId": 12345,
  "input": {
    "filter": {"fileName": {"in": "eicar.zip"}},
    "sort": {"reportCreateDate": {"direction": "DESC"}},
    "paging": {"limit": 20, "from": 0}
  }
}
Response
{
  "data": {
    "sandbox": {
      "reports": {
        "report": [
          {
            "fileName": "eicar.zip",
            "fileHash": "FILE_HASH",
            "status": "READY",
            "verdict": "MALICIOUS",
            "downloadUrl": "DOWNLOAD_URL",
            "creationDate": "2025-01-12T12:41:30.241Z",
            "expirationDate": "2025-02-11T12:42:20.132Z"
          }
        ],
        "pageInfo": {"total": 1}
      }
    }
  }
}

SiteQueries

bgpPeer

Beta
Description

Retrieves details of a specific BGP peer by reference.

Response

Returns a BgpPeer

Arguments
Name Description
input - BgpPeerRefInput!

Example

Query
query bgpPeer($accountId: ID!, $input: BgpPeerRefInput!) {
                            site(accountId: $accountId) {
                                bgpPeer(input: $input) {
                                        site{
                                            id
                                            name
                                        }
                                        id
                                        name
                                        peerAsn
                                        catoAsn
                                        peerIp
                                        catoIp
                                        advertiseDefaultRoute
                                        advertiseAllRoutes
                                        advertiseSummaryRoutes
                                        summaryRoute{
                                            id
                                            route
                                            community{
                                                from
                                                to
                                            }
                                        }
                                        defaultAction
                                        performNat
                                        md5AuthKey
                                        metric
                                        holdTime
                                        keepaliveInterval
                                        bfdEnabled
                                        bfdSettings {
                                            transmitInterval
                                            receiveInterval
                                            multiplier
                                        }
                                        tracking{
                                            id
                                            enabled
                                            alertFrequency
                                            subscriptionId
                                        }
                                    }
                            }
                        }
                        
                        
Variables
{"accountId": 123, "input": {"input": "example peer", "by": "NAME"}}
Response
{
  "data": {
    "site": {
      "bgpPeer": {
        "site": {"id": "456", "name": "test-accept"},
        "id": "13373",
        "name": "example peer",
        "peerAsn": 1,
        "catoAsn": 8,
        "peerIp": "185.0.0.69",
        "catoIp": "185.0.0.1",
        "advertiseDefaultRoute": true,
        "advertiseAllRoutes": false,
        "advertiseSummaryRoutes": false,
        "summaryRoute": [
          {
            "id": "3833",
            "route": "1.6.5.0/25",
            "community": [{"from": 1, "to": 2}, {"from": 1, "to": 3}]
          }
        ],
        "defaultAction": "ACCEPT",
        "performNat": false,
        "md5AuthKey": "2313123",
        "metric": 100,
        "holdTime": 60,
        "keepaliveInterval": 20,
        "bfdEnabled": false,
        "bfdSettings": {
          "transmitInterval": 1000,
          "receiveInterval": 1000,
          "multiplier": 5
        },
        "tracking": {
          "id": "1692",
          "enabled": true,
          "alertFrequency": "DAILY",
          "subscriptionId": "-100"
        }
      }
    }
  }
}

bgpPeerList

Beta
Description

Retrieves a list of all BGP peers associated with the specified site.

Response

Returns a BgpPeerListPayload

Arguments
Name Description
input - BgpPeerListInput!

Example

Query
query bgpPeerList($accountId: ID!, $input: BgpPeerListInput!) {
                            site(accountId: $accountId) {
                                bgpPeerList(input: $input){
                                    total
                                    bgpPeer{
                                            site{
                                            id
                                            name
                                        }
                                        id
                                        name
                                        peerAsn
                                        catoAsn
                                        peerIp
                                        catoIp
                                        advertiseDefaultRoute
                                        advertiseAllRoutes
                                        advertiseSummaryRoutes
                                        summaryRoute{
                                            id
                                            route
                                            community{
                                                from
                                                to
                                            }
                                        }
                                        defaultAction
                                        performNat
                                        md5AuthKey
                                        metric
                                        holdTime
                                        keepaliveInterval
                                        bfdEnabled
                                        bfdSettings {
                                            transmitInterval
                                            receiveInterval
                                            multiplier
                                        }
                                        tracking{
                                            id
                                            enabled
                                            alertFrequency
                                            subscriptionId
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 123, "input": {"site": {"by": "ID", "input": "456"}}}
Response
{
  "data": {
    "site": {
      "bgpPeerList": {
        "total": 1,
        "bgpPeer": [
          {
            "site": {"id": "456", "name": "test-accept"},
            "id": "13373",
            "name": "example peer",
            "peerAsn": 1,
            "catoAsn": 8,
            "peerIp": "185.0.0.69",
            "catoIp": "185.0.0.1",
            "advertiseDefaultRoute": true,
            "advertiseAllRoutes": false,
            "advertiseSummaryRoutes": false,
            "summaryRoute": [
              {
                "id": "3833",
                "route": "1.6.5.0/25",
                "community": [{"from": 1, "to": 2}, {"from": 1, "to": 3}]
              }
            ],
            "defaultAction": "ACCEPT",
            "performNat": false,
            "md5AuthKey": "2313123",
            "metric": 100,
            "holdTime": 60,
            "keepaliveInterval": 20,
            "bfdEnabled": false,
            "bfdSettings": {
              "transmitInterval": 1000,
              "receiveInterval": 1000,
              "multiplier": 5
            },
            "tracking": {
              "id": "1692",
              "enabled": true,
              "alertFrequency": "DAILY",
              "subscriptionId": "-100"
            }
          }
        ]
      }
    }
  }
}

cloudInterconnectConnectionConnectivity

Beta
Description

Check the L2 connectivity status of a cloud interconnect connection using ICMP.

Arguments
Name Description
input - CloudInterconnectConnectionConnectivityInput!

Example

Query
query cloudInterconnectConnectionConnectivity($accountId: ID!, $input: CloudInterconnectConnectionConnectivityInput!) {
    site(accountId : $accountId){
        cloudInterconnectConnectionConnectivity(input: $input) {
           success
        }
    }
}
Variables
{"accountId": 128782, "input": {"id": "MzY2MzM0LVBSSU1BUlk="}}
Response
{
  "data": {
    "site": {"cloudInterconnectConnectionConnectivity": {"success": false}}
  }
}

cloudInterconnectPhysicalConnection

Beta
Description

Get details of a physical connection at a cloud interconnect site.

Arguments
Name Description
input - CloudInterconnectPhysicalConnectionInput!

Example

Query
query cloudInterconnectPhysicalConnection($accountId: ID!, $input: CloudInterconnectPhysicalConnectionInput!) {
    site(accountId : $accountId){
        cloudInterconnectPhysicalConnection(input: $input) {
            site{
                id
                name
            }
            haRole
            encapsulationMethod
            subnet
            privateCatoIp
            privateSiteIp
            upstreamBwLimit
            downstreamBwLimit
            popLocation{
                id,
                name
            }
            vlan
            sVlan
            cVlan
        }
    }
}
Variables
{"accountId": 128782, "input": {"id": "NDAwOTU3LVBSSU1BUlk="}}
Response
{
  "data": {
    "site": {
      "cloudInterconnectPhysicalConnection": {
        "site": {"id": "400957", "name": "cloud_interconnect_test_site"},
        "haRole": "PRIMARY",
        "encapsulationMethod": "DOT1Q",
        "subnet": "200.0.2.0/24",
        "privateCatoIp": "200.0.2.19",
        "privateSiteIp": "200.0.2.20",
        "upstreamBwLimit": 100,
        "downstreamBwLimit": 100,
        "popLocation": {
          "id": "10000",
          "name": "Exalt Socket Upgrade Simulator for TestCC2"
        },
        "vlan": 2713,
        "sVlan": 0,
        "cVlan": 0
      }
    }
  }
}

cloudInterconnectPhysicalConnectionId

Beta
Description

Get the ID of a physical connection at a cloud interconnect site.

Arguments
Name Description
input - CloudInterconnectPhysicalConnectionIdInput!

Example

Query
query cloudInterconnectPhysicalConnectionId($accountId: ID!, $input: CloudInterconnectPhysicalConnectionIdInput!) {
    site(accountId : $accountId){
        cloudInterconnectPhysicalConnectionId(input: $input) {
           id
        }
    }
}
Variables
{
  "accountId": 128782,
  "input": {"site": {"by": "ID", "input": "400957"}, "haRole": "PRIMARY"}
}
Response
{
  "data": {
    "site": {
      "cloudInterconnectPhysicalConnectionId": {"id": "NDAwOTU3LVBSSU1BUlk="}
    }
  }
}

siteBgpStatus

Beta
Description

Provides the BGP status of the specified site, including session and route details.

Response

Returns a SiteBgpStatus

Arguments
Name Description
input - SiteBgpStatusInput!

Example

Query
query siteBgpStatus($accountId: ID!, $input: SiteBgpStatusInput!) {
                            site(accountId: $accountId) {
                                siteBgpStatus(input: $input) {
                                    status {
                                        remoteIp
                                        bgpSession
                                        bfdSession
                                        routesFromPeer
                                        routesToPeer
                                        rejectedRoutesFromPeer {
                                            subnet
                                            type
                                            community{
                                                from
                                                to
                                            }
                                            rule
                                            lastPublishAttempt
                                        }
                                    }
                                    rawStatus
                        
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 123, "input": {"site": {"by": "ID", "input": "456"}}}
Response
{
  "data": {
    "site": {
      "siteBgpStatus": {
        "status": [
          {
            "remoteIp": "192.168.2.100",
            "bgpSession": "Established via outgoing connection",
            "bfdSession": null,
            "routesFromPeer": ["172.16.32.0/24"],
            "routesToPeer": [
              "10.41.0.0/16",
              "100.1.0.0/16",
              "172.17.31.0/24",
              "10.254.254.0/24",
              "220.220.220.0/24",
              "10.254.254.12/32",
              "10.254.254.253/32",
              "100.1.1.0/24",
              "120.120.120.0/24",
              "111.1.1.1/32",
              "156.88.88.0/24",
              "192.168.1.0/24",
              "10.254.254.5/32",
              "10.254.254.1/32",
              "192.168.2.0/24"
            ],
            "rejectedRoutesFromPeer": [
              {
                "subnet": "200.1.1.0/24",
                "type": "IPv4",
                "community": [{"from": 5555, "to": 5555}],
                "rule": " ( ( bgp_range == 200.1.1.0/24 ) )",
                "lastPublishAttempt": null
              },
              {
                "subnet": "200.1.0.0/16",
                "type": "IPv4",
                "community": [{"from": 6666, "to": 6666}],
                "rule": " ( ( bgp_communities ~= 436869642 ) )",
                "lastPublishAttempt": null
              }
            ]
          }
        ],
        "rawStatus": [
          "{\"Exposed_On_Interface\":\"LAN1\",\"Exposed_With_IP\":\"192.168.2.1\",\"Peer\":{\"BGP_Session\":\"Established via outgoing connection\",\"BGP_peer_filter_rule\":{\"default_accept\":true,\"rules\":[{\"accept\":false,\"description\":\"\",\"expression\":{\"expression\":[],\"op\":\"BOOL_AND\",\"predicate\":[{\"field_name\":\"bgp_range\",\"op\":\"OP_EQ\",\"values\":[{\"str\":\"200.1.1.0/24\",\"type\":\"field_type_ip\"}]}]},\"id\":18258},{\"accept\":false,\"description\":\"\",\"expression\":{\"expression\":[],\"op\":\"BOOL_AND\",\"predicate\":[{\"field_name\":\"bgp_communities\",\"op\":\"OP_CONTAINS\",\"values\":[{\"num\":\"364058035\",\"type\":\"field_type_hostorder_uint64\"}]}]},\"id\":18259},{\"accept\":false,\"description\":\"\",\"expression\":{\"expression\":[],\"op\":\"BOOL_AND\",\"predicate\":[{\"field_name\":\"bgp_communities\",\"op\":\"OP_CONTAINS\",\"values\":[{\"num\":\"436869642\",\"type\":\"field_type_hostorder_uint64\"}]}]},\"id\":18260}]},\"Incoming_Connection\":{\"State\":\"Idle\",\"Transport\":\"Not set\"},\"Local_ASN\":\"65000\",\"Local_IP\":\"169.254.1.179\",\"Negotiated\":{\"Capabilities\":{\"as4\":\"0\",\"enhanced_route_refresh\":\"1\",\"graceful_restart_always_publish\":false,\"graceful_restart_enabled\":false,\"graceful_restart_present\":false,\"graceful_restart_timeout\":\"0\",\"multiprotocol_ext\":\"1\",\"route_refresh\":\"1\"},\"Hold_Time\":\"60\",\"Keepalive_Period\":\"20\"},\"Outgoing_Connection\":{\"State\":\"Established\",\"Transport\":\"169.254.1.179:43113-192.168.2.100:179\"},\"RIB_out\":[{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"10.254.254.253/32\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"10.254.254.0/24\"},{\"add_time\":\"1733132508 (02/12/24 09:41:48)\",\"blob\":{\"AS_Path offset\":\"4\",\"Communities count\":\"1\",\"Communities offset\":\"15\",\"Transitive Attributes\":[\"40\",\"01\",\"01\",\"00\",\"50\",\"02\",\"00\",\"04\",\"02\",\"01\",\"1d\",\"fd\",\"c0\",\"08\",\"04\",\"15\",\"b3\",\"00\",\"37\"],\"communities\":[\"5555:55\"]},\"last_update_time\":\"1733132508 (02/12/24 09:41:48)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"100.1.0.0/16\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"120.120.120.0/24\"},{\"add_time\":\"1733132508 (02/12/24 09:41:48)\",\"blob\":{\"AS_Path offset\":\"4\",\"Communities count\":\"0\",\"Communities offset\":\"0\",\"Transitive Attributes\":[\"40\",\"01\",\"01\",\"00\",\"50\",\"02\",\"00\",\"04\",\"02\",\"01\",\"1d\",\"fd\"]},\"last_update_time\":\"1733132508 (02/12/24 09:41:48)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"172.17.31.0/24\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"156.88.88.0/24\"},{\"add_time\":\"1733132508 (02/12/24 09:41:48)\",\"blob\":{\"AS_Path offset\":\"4\",\"Communities count\":\"1\",\"Communities offset\":\"15\",\"Transitive Attributes\":[\"40\",\"01\",\"01\",\"00\",\"50\",\"02\",\"00\",\"04\",\"02\",\"01\",\"1d\",\"fd\",\"c0\",\"08\",\"04\",\"08\",\"ae\",\"08\",\"ae\"],\"communities\":[\"2222:2222\"]},\"last_update_time\":\"1733132508 (02/12/24 09:41:48)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"100.1.1.0/24\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"220.220.220.0/24\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"192.168.2.0/24\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"10.41.0.0/16\"},{\"add_time\":\"1733132508 (02/12/24 09:41:48)\",\"blob\":{\"AS_Path offset\":\"4\",\"Communities count\":\"1\",\"Communities offset\":\"15\",\"Transitive Attributes\":[\"40\",\"01\",\"01\",\"00\",\"50\",\"02\",\"00\",\"04\",\"02\",\"01\",\"1d\",\"fd\",\"c0\",\"08\",\"04\",\"0d\",\"05\",\"0d\",\"05\"],\"communities\":[\"3333:3333\"]},\"last_update_time\":\"1733132508 (02/12/24 09:41:48)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"111.1.1.1/32\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"10.254.254.1/32\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"10.254.254.12/32\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"10.254.254.5/32\"},{\"add_time\":\"1733132478 (02/12/24 09:41:18)\",\"last_update_time\":\"1733132478 (02/12/24 09:41:18)\",\"med\":100,\"next_hop\":\"192.168.2.1\",\"prepend_count\":1,\"subnet\":\"192.168.1.0/24\"}],\"Remote_ASN\":\"7678\",\"Remote_IP\":\"192.168.2.100\",\"Router_ID\":\"192.168.2.1\",\"Router_Weight\":\"100\"},\"accept_default_route\":false,\"advertise_cato\":true,\"advertise_default\":\"never\",\"advertise_summary\":false,\"bfd_peer\":{\"BFD_Session\":\"DOWN\",\"bfd_config\":{\"local_asn\":65000,\"local_ip_no\":\"169.254.1.179\",\"local_port_ho\":0,\"remote_asn\":7678,\"remote_ip_no\":\"192.168.2.100\"},\"bfd_session_info\":{\"active_mode\":false,\"auth_type\":0,\"desired_min_tx_interval_usec\":300000,\"detect_interval_usec\":0,\"detect_mult\":3,\"local_diag\":\"NO_DIAGNOSTIC\",\"my_discriminator\":1394721461,\"next_detect_timestamp_usec\":9223372036854776000,\"next_send_timestamp_usec\":9223372036854776000,\"poll_in_progress\":false,\"remote_demand_mode\":false,\"remote_detect_mult\":0,\"remote_diag\":\"NO_DIAGNOSTIC\",\"remote_discriminator\":0,\"remote_min_echo_interval_usec\":0,\"remote_min_rx_interval_usec\":0,\"remote_min_tx_interval_usec\":0,\"remote_state\":\"DOWN\",\"remote_tx_interval_usec\":0,\"required_min_echo_interval_usec\":0,\"required_min_rx_interval_usec\":300000,\"state\":\"DOWN\",\"tx_interval_usec\":0},\"bfd_timeline\":[{\"event\":{\"func\":\"bfd_peer_init\",\"line\":\"513\",\"msg\":\"initialized BFD session to 192.168.2.100. tx = 300000 usec, rx = 300000 usec, mult = 3 , mode is passive\"},\"time\":\"02/12/24 09:41:03.583\"}],\"enabled\":true},\"custom_ranges_advertise\":\"never\",\"interface_pcap_captured_packets\":\"0\",\"interface_pcap_enabled\":false,\"interface_port_id\":0,\"rejected_routes_from_neighbor\":[{\"Communities\":[\"5555:5555\"],\"Subnet\":\"200.1.1.0/24\",\"Type\":\"IPv4\",\"last_publish_attempt\":\"02/12/24 09:41:18.216\",\"rule\":\" ( ( bgp_range == 200.1.1.0/24 ) )\"},{\"Communities\":[\"6666:6666\"],\"Subnet\":\"200.1.0.0/16\",\"Type\":\"IPv4\",\"last_publish_attempt\":\"02/12/24 09:41:18.216\",\"rule\":\" ( ( bgp_communities ~= 436869642 ) )\"}],\"routes_count\":\"1\",\"routes_count_limit\":\"1024\",\"routes_count_limit_exceeded\":false,\"routes_from_neighbor\":[{\"Next_Hop\":\"192.168.2.100\",\"Range\":\"172.16.32.0-172.16.32.255\",\"Subnet\":\"172.16.32.0/24\"}],\"routes_to_neighbor\":[{\"Subnet\":\"10.41.0.0/16\"},{\"Subnet\":\"111.1.1.1/32\"},{\"Subnet\":\"100.1.0.0/16\"},{\"Subnet\":\"100.1.1.0/24\"},{\"Subnet\":\"172.17.31.0/24\"},{\"Subnet\":\"120.120.120.0/24\"},{\"Subnet\":\"192.168.1.0/24\"},{\"Subnet\":\"220.220.220.0/24\"},{\"Subnet\":\"192.168.2.0/24\"},{\"Subnet\":\"10.254.254.0/24\"},{\"Subnet\":\"10.254.254.12/32\"},{\"Subnet\":\"10.254.254.253/32\"},{\"Subnet\":\"10.254.254.5/32\"},{\"Subnet\":\"10.254.254.1/32\"},{\"Subnet\":\"156.88.88.0/24\"}]}"
        ]
      }
    }
  }
}

WanFirewallPolicyQueries

policy

Beta
Response

Returns a WanFirewallPolicy!

Arguments
Name Description
input - WanFirewallPolicyInput

Example

Query

                        query InternetFirewall($accountId: ID!) {
                            policy(accountId: $accountId) {
                                wanFirewall {
                                    policy {
                                        enabled
                                        rules {
                                            properties
                                            rule {
                                                id
                                                index
                                                name
                                            }
                                        }
                                        sections {
                                            properties
                                            section {
                                                id
                                                name
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "wanFirewall": {
        "policy": {
          "enabled": false,
          "rules": [
            {
              "properties": [],
              "rule": {
                "id": "16044293",
                "index": 1,
                "name": "Allow social media"
              }
            },
            {
              "properties": [],
              "rule": {"id": "16044295", "index": 2, "name": "WAN FW Rule 2"}
            }
          ],
          "sections": [
            {
              "properties": [],
              "section": {"id": "363808", "name": "Example Wan Section"}
            },
            {
              "properties": [],
              "section": {"id": "363809", "name": "My Wan Section"}
            }
          ]
        }
      }
    }
  }
}

revisions

Beta
Response

Returns a PolicyRevisionsPayload

Example

Query

                        query InternetFirewall($accountId: ID!) {
                            policy(accountId: $accountId) {
                                wanFirewall {
                                    revisions {
                                        revision {
                                            name
                                            changes
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "wanFirewall": {
        "revisions": {
          "revision": [
            {"name": "WAN Test Revision", "changes": 0},
            {"name": "WAN Test Revision", "changes": 0}
          ]
        }
      }
    }
  }
}

XDR

stories

Beta
Description

Define the paging, sort, and filter arguments to define the XDR stories that are returned in the query

Response

Returns a StoriesData

Arguments
Name Description
input - StoryInput!

Example

Query
query Stories($accountId: ID!, $from: Int!, $limit: Int!, $sort: [StorySortInput!], $filter: [StoryFilterInput!]!) {
                          xdr(accountID: $accountId) {
                            stories(
                              input: {paging: {from: $from, limit: $limit}, sort: $sort, filter: $filter}
                            ) {
                              paging {
                                from
                                limit
                                total
                                __typename
                              }
                              items {
                                ...StoryBrief
                                __typename
                              }
                              __typename
                            }
                            __typename
                          }
                        }
                        
                        fragment StoryBrief on Story {
                          id
                          accountId
                          accountName
                          updatedAt
                          createdAt
                          analystName
                          incident {
                            __typename
                            id
                            status
                            lastSignal
                            firstSignal
                            producer
                            connectionType
                            indication
                            queryName
                            description
                            criticality
                            source
                            ticket
                            research
                            vendor
                            sourceIp
                            analystFeedback {
                              severity
                              __typename
                            }
                            ... on Threat {
                              ...ThreatIncidentBrief
                              __typename
                            }
                            ... on ThreatPrevention {
                              ...ThreatPreventionIncidentBrief
                              __typename
                            }
                            ... on AnomalyStats {
                              ...AnomalyStatsIncidentBrief
                              __typename
                            }
                            ... on AnomalyEvents {
                              ...AnomalyEventsIncidentBrief
                              __typename
                            }
                            ... on NetworkXDRIncident {
                              ...NetworkXDRIncidentBrief
                              __typename
                            }
                          }
                          __typename
                        }
                        
                        fragment ThreatIncidentBrief on Threat {
                          __typename
                          site {
                            id
                            name
                            __typename
                          }
                          user {
                            id
                            name
                            __typename
                          }
                          direction
                        }
                        
                        fragment ThreatPreventionIncidentBrief on ThreatPrevention {
                          __typename
                          site {
                            id
                            name
                            __typename
                          }
                          user {
                            id
                            name
                            __typename
                          }
                          direction
                        }
                        
                        fragment AnomalyStatsIncidentBrief on AnomalyStats {
                          __typename
                          srcSiteId
                          subjectType
                          drillDownFilter {
                            name
                            value
                            __typename
                          }
                        }
                        
                        fragment AnomalyEventsIncidentBrief on AnomalyEvents {
                          __typename
                          srcSiteId
                          subjectType
                          drillDownFilter {
                            name
                            value
                            __typename
                          }
                        }
                        
                        fragment NetworkXDRIncidentBrief on NetworkXDRIncident {
                          __typename
                          storyDuration
                          storyType
                          siteConnectionType
                          siteConfigLocation
                          acknowledged
                          linkId
                          linkName
                          linkConfigPrecedence
                          deviceConfigHaRole
                          licenseRegion
                          licenseBandwidth
                          isp
                          bgpConnection {
                            connectionName
                            peerIp
                            peerAsn
                            catoIp
                            catoAsn
                            __typename
                          }
                          networkIncidentTimeline {
                            created
                            validated
                            description
                            eventType
                            eventIds
                            acknowledged
                            networkEventSource
                            linkId
                            linkName
                            linkConfigPrecedence
                            linkStatus
                            linkConfigBandwidth
                            deviceConfigHaRole
                            deviceHaRoleState
                            isp
                            bgpConnection {
                              connectionName
                              peerIp
                              peerAsn
                              catoIp
                              catoAsn
                              __typename
                            }
                            linkQualityIssue {
                              issueType
                              direction
                              current
                              threshold
                              __typename
                            }
                            __typename
                          }
                        }
                        
Variables
{
  "accountId": "123",
  "from": 0,
  "limit": 25,
  "filter": [
    {
      "timeFrame": {"time": "last.P14D", "timeFrameModifier": "StoryUpdate"},
      "producer": {
        "in": [
          "AnomalyEvents",
          "AnomalyStats",
          "ThreatHunt",
          "ThreatPrevention",
          "MicrosoftEndpointDefender",
          "CatoEndpointAlert"
        ]
      }
    }
  ],
  "sort": [{"fieldName": "updatedAt", "order": "desc"}]
}
Response
{
  "data": {
    "xdr": {
      "__typename": "XDR",
      "stories": {
        "paging": {"from": 0, "limit": 25, "total": 5, "__typename": "Paging"},
        "items": [
          {
            "id": "65ba47966e0c8517cf2de805",
            "accountId": 123,
            "accountName": "account",
            "updatedAt": "2024-01-31T13:13:58Z",
            "createdAt": "2024-01-31T13:13:58Z",
            "analystName": "abc123",
            "incident": {
              "__typename": "CatoEndpoint",
              "id": "29ebcff1",
              "status": "PendingMoreInfo",
              "lastSignal": "2024-01-18T01:48:25Z",
              "firstSignal": "2024-01-18T01:48:25Z",
              "producer": "CatoEndpointAlert",
              "connectionType": null,
              "indication": "Cato Endpoint Alert",
              "queryName": null,
              "description": null,
              "criticality": 5,
              "source": "source",
              "ticket": null,
              "research": false,
              "vendor": "CATO",
              "sourceIp": null,
              "analystFeedback": {
                "severity": "Medium",
                "__typename": "AnalystFeedback"
              }
            },
            "__typename": "Story"
          }
        ]
      }
    }
  }
}
XDR

story

Beta
Description

Define either the story ID, or the incident ID and producer arguments, to query the specific XDR story

Response

Returns a Story

Arguments
Name Description
storyId - ID
producer - StoryProducerEnum
incidentId - ID

Example

Query
query StoryDetails($accountId: ID!, $storyId: ID!) {
                          xdr(accountID: $accountId) {
                            ... on XDR {
                              story(storyId: $storyId) {
                                ...StoryDetailed
                                __typename
                              }
                              __typename
                            }
                            __typename
                          }
                        }
                        
                        
                        fragment StoryDetailed on Story {
                          __typename
                          id
                          summary
                          updatedAt
                          createdAt
                          playbook
                          timeline {
                            ...TimelineItem
                            __typename
                          }
                          incident {
                            __typename
                            id
                            status
                            producer
                            ticket
                            connectionType
                            indication
                            queryName
                            criticality
                            source
                            research
                            firstSignal
                            lastSignal
                            description
                            site {
                              id
                              name
                              __typename
                            }
                            user {
                              id
                              name
                              __typename
                            }
                            ... on AnomalyStats {
                              ...AnomalyStatsIncidentDetailed
                              __typename
                            }
                            ... on AnomalyEvents {
                              ...AnomalyEventsIncidentDetailed
                              __typename
                            }
                            ... on Threat {
                              ...ThreatIncidentDetailed
                              __typename
                            }
                            ... on ThreatPrevention {
                              ...ThreatPreventionIncidentDetailed
                              __typename
                            }
                        
                            ... on NetworkXDRIncident {
                              ...NetworkXDRIncidentDetailed
                              __typename
                            }
                            ... on MicrosoftEndpoint {
                              ...MicrosoftEndpointIncidentDetailed
                              __typename
                            }
                            ... on CatoEndpoint {
                              ...CatoEndpointIncidentDetailed
                              __typename
                            }
                          }
                        }
                        
                        fragment TimelineItem on TimelineItem {
                          createdAt
                          type
                          descriptions
                          additionalInfo
                          analystInfo {
                            name
                            __typename
                          }
                          context
                          category
                          __typename
                        }
                        
                        fragment AnomalyStatsIncidentDetailed on AnomalyStats {
                          __typename
                          srcSiteId
                          subjectType
                          metric {
                            name
                            value
                            __typename
                          }
                          drillDownFilter {
                            name
                            value
                            __typename
                          }
                          gaussian {
                            n
                            avg
                            __typename
                          }
                          mitres {
                            id
                            name
                            __typename
                          }
                          logonName
                          sourceIp
                          os
                          clientClass
                          deviceName
                          macAddress
                          breakdownField
                          predictedVerdict
                          predictedThreatType
                          similarStoriesData {
                            storyId
                            indication
                            threatTypeName
                            verdict
                            similarityPercentage
                            __typename
                          }
                          targets {
                            name
                            analysisScore
                            infectionSource
                            catoPopularity
                            threatFeeds
                            creationTime
                            categories
                            countryOfRegistration
                            searchHits
                            engines
                            eventData {
                              signatureId
                              eventType
                              threatType
                              threatName
                              severity
                              action
                              __typename
                            }
                            __typename
                          }
                          analystFeedback {
                            ...AnalystFeedback
                            __typename
                          }
                        }
                        
                        fragment AnalystFeedback on AnalystFeedback {
                          verdict
                          severity
                          threatType {
                            name
                            details
                            recommendedAction
                            __typename
                          }
                          threatClassification
                          additionalInfo
                          __typename
                        }
                        
                        fragment AnomalyEventsIncidentDetailed on AnomalyEvents {
                          __typename
                          srcSiteId
                          subjectType
                          metric {
                            name
                            value
                            __typename
                          }
                          drillDownFilter {
                            name
                            value
                            __typename
                          }
                          gaussian {
                            n
                            avg
                            __typename
                          }
                          mitres {
                            id
                            name
                            __typename
                          }
                          logonName
                          sourceIp
                          os
                          clientClass
                          deviceName
                          macAddress
                          breakdownField
                          predictedVerdict
                          predictedThreatType
                          similarStoriesData {
                            storyId
                            indication
                            threatTypeName
                            verdict
                            similarityPercentage
                            __typename
                          }
                          targets {
                            name
                            analysisScore
                            infectionSource
                            catoPopularity
                            threatFeeds
                            creationTime
                            categories
                            countryOfRegistration
                            searchHits
                            engines
                            eventData {
                              signatureId
                              eventType
                              threatType
                              threatName
                              severity
                              action
                              __typename
                            }
                            __typename
                          }
                          analystFeedback {
                            ...AnalystFeedback
                            __typename
                          }
                        }
                        
                        fragment ThreatIncidentDetailed on Threat {
                          __typename
                          srcSiteId
                          flowsCardinality
                          storyDuration
                          os
                          deviceName
                          macAddress
                          sourceIp
                          logonName
                          direction
                          predictedVerdict
                          predictedThreatType
                          similarStoriesData {
                            storyId
                            indication
                            threatTypeName
                            verdict
                            similarityPercentage
                            __typename
                          }
                          queryName
                          events {
                            signatureId
                            eventType
                            threatType
                            threatName
                            severity
                            __typename
                          }
                          mitres {
                            id
                            name
                            __typename
                          }
                          timeSeries {
                            info
                            units
                            label
                            data(perSecond: false)
                            sum
                            key {
                              measureFieldName
                              dimensions {
                                fieldName
                                value
                                __typename
                              }
                              __typename
                            }
                            __typename
                          }
                          targets {
                            type
                            name
                            analysisScore
                            infectionSource
                            catoPopularity
                            threatFeeds
                            creationTime
                            categories
                            countryOfRegistration
                            searchHits
                            engines
                            eventData {
                              signatureId
                              eventType
                              threatType
                              threatName
                              severity
                              action
                              __typename
                            }
                            __typename
                          }
                          flows {
                            appName
                            clientClass
                            sourceIp
                            sourcePort
                            direction
                            createdAt
                            referer
                            userAgent
                            method
                            destinationCountry
                            destinationPort
                            destinationIp
                            destinationGeolocation
                            url
                            tunnelGeolocation
                            domain
                            target
                            httpResponseCode
                            dnsResponseIP
                            smbFileName
                            fileHash
                            ja3
                            __typename
                          }
                          analystFeedback {
                            ...AnalystFeedback
                            __typename
                          }
                        }
                        
                        fragment ThreatPreventionIncidentDetailed on ThreatPrevention {
                          __typename
                          srcSiteId
                          flowsCardinality
                          storyDuration
                          os
                          deviceName
                          macAddress
                          sourceIp
                          logonName
                          direction
                          predictedVerdict
                          predictedThreatType
                          similarStoriesData {
                            storyId
                            indication
                            threatTypeName
                            verdict
                            similarityPercentage
                            __typename
                          }
                          queryName
                          events {
                            signatureId
                            eventType
                            threatType
                            threatName
                            severity
                            __typename
                          }
                          mitres {
                            id
                            name
                            __typename
                          }
                          timeSeries {
                            info
                            units
                            label
                            data(perSecond: false)
                            sum
                            key {
                              measureFieldName
                              dimensions {
                                fieldName
                                value
                                __typename
                              }
                              __typename
                            }
                            __typename
                          }
                          targets {
                            type
                            name
                            analysisScore
                            infectionSource
                            catoPopularity
                            threatFeeds
                            creationTime
                            categories
                            countryOfRegistration
                            searchHits
                            engines
                            eventData {
                              signatureId
                              eventType
                              threatType
                              threatName
                              severity
                              action
                              __typename
                            }
                            __typename
                          }
                          threatPreventionsEvents {
                            appName
                            clientClass
                            sourceIp
                            sourcePort
                            direction
                            createdAt
                            referrer
                            userAgent
                            method
                            destinationCountry
                            destinationPort
                            destinationIp
                            destinationGeolocation
                            url
                            tunnelGeolocation
                            domain
                            target
                            httpResponseCode
                            dnsResponseIP
                            smbFileName
                            fileHash
                            ja3
                            __typename
                          }
                          analystFeedback {
                            ...AnalystFeedback
                            __typename
                          }
                        }
                        
                        fragment NetworkXDRIncidentDetailed on NetworkXDRIncident {
                          __typename
                          storyDuration
                          storyType
                          occurrences
                          siteConnectionType
                          siteConfigLocation
                          acknowledged
                          description
                          linkId
                          linkName
                          linkConfigPrecedence
                          deviceConfigHaRole
                          licenseRegion
                          licenseBandwidth
                          pop
                          isp
                          hostIp
                          ruleName
                          bgpConnection {
                            connectionName
                            peerIp
                            peerAsn
                            catoIp
                            catoAsn
                            __typename
                          }
                          networkIncidentTimeline {
                            created
                            validated
                            description
                            eventType
                            incidentId
                            eventIds
                            acknowledged
                            networkEventSource
                            linkId
                            linkName
                            linkConfigPrecedence
                            linkStatus
                            linkConfigBandwidth
                            deviceConfigHaRole
                            deviceHaRoleState
                            pop
                            isp
                            hostIp
                            ruleName
                            tunnelResetCount
                            bgpConnection {
                              connectionName
                              peerIp
                              peerAsn
                              catoIp
                              catoAsn
                              __typename
                            }
                            linkQualityIssue {
                              issueType
                              direction
                              current
                              threshold
                              __typename
                            }
                            __typename
                          }
                          analystFeedback {
                            ... on AnalystFeedback {
                              severity
                              __typename
                            }
                            __typename
                          }
                        }
                        
                        fragment MicrosoftEndpointIncidentDetailed on MicrosoftEndpoint {
                          storyDuration
                          sourceIp
                          analystFeedback {
                            ...AnalystFeedback
                            __typename
                          }
                          device {
                            deviceName
                            osDetails {
                              ... on OsDetails {
                                ...MicrosoftEndpointIncidentDeviceOsDetails
                                __typename
                              }
                              __typename
                            }
                            loggedOnUsers {
                              ... on EndpointUser {
                                ...MicrosoftEndpointIncidentDeviceLoggedOnUser
                                __typename
                              }
                              __typename
                            }
                            __typename
                          }
                          alerts {
                            ... on MicrosoftDefenderEndpointAlert {
                              ...StoryDetailsMicrosoftEndpointAlert
                              __typename
                            }
                            __typename
                          }
                          __typename
                        }
                        
                        fragment MicrosoftEndpointIncidentDeviceOsDetails on OsDetails {
                          osType
                          osBuild
                          osVersion
                          __typename
                        }
                        
                        fragment MicrosoftEndpointIncidentDeviceLoggedOnUser on EndpointUser {
                          ... on MicrosoftEndpointUser {
                            ...MicrosoftEndpointIncidentUserDetails
                            __typename
                          }
                          __typename
                        }
                        
                        fragment MicrosoftEndpointIncidentUserDetails on MicrosoftEndpointUser {
                          name
                          domainName
                          __typename
                        }
                        
                        fragment StoryDetailsMicrosoftEndpointAlert on MicrosoftDefenderEndpointAlert {
                          id
                          title
                          localIp
                          destinationIp
                          destinationUrl
                          mitreTechnique {
                            id
                            name
                            __typename
                          }
                          firstActivityDateTime
                          lastActivityDateTime
                          threatName
                          activities {
                            ...StoryDetailsMicrosoftEndpointActivity
                            __typename
                          }
                          resources {
                            ...StoryDetailsMicrosoftEndpointResource
                            __typename
                          }
                          ... on MicrosoftDefenderEndpointAlert {
                            criticality
                            msStatus: status
                            __typename
                          }
                          __typename
                        }
                        
                        fragment StoryDetailsMicrosoftEndpointActivity on MicrosoftActivity {
                          id
                          resourceId
                          parentResourceId
                          action
                          __typename
                        }
                        
                        fragment StoryDetailsMicrosoftEndpointResource on MicrosoftEndpointResource {
                          id
                          remediationStatus
                          createdDateTime
                          verdict
                          roles
                          ...StoryDetailsMicrosoftEndpointFileResource
                          ...StoryDetailsMicrosoftEndpointProcessResource
                          ...StoryDetailsMicrosoftEndpointRegistryResource
                          __typename
                        }
                        
                        fragment StoryDetailsMicrosoftEndpointFileResource on MicrosoftFileResource {
                          detectionStatus
                          fileDetails {
                            ...StoryDetailsMicrosoftEndpointFileDetails
                            __typename
                          }
                          __typename
                        }
                        
                        fragment StoryDetailsMicrosoftEndpointFileDetails on FileDetails {
                          path
                          name
                          size
                          sha1
                          sha256
                          issuer
                          signer
                          __typename
                        }
                        
                        fragment StoryDetailsMicrosoftEndpointProcessResource on MicrosoftProcessResource {
                          processId
                          processCommandLine
                          imageFile {
                            ...StoryDetailsMicrosoftEndpointFileDetails
                            __typename
                          }
                          userAccount {
                            ...StoryDetailsMicrosoftEndpointUserDetails
                            __typename
                          }
                          __typename
                        }
                        
                        fragment StoryDetailsMicrosoftEndpointUserDetails on EndpointUser {
                          id
                          ... on MicrosoftEndpointUser {
                            userSid
                            __typename
                          }
                          __typename
                        }
                        
                        fragment StoryDetailsMicrosoftEndpointRegistryResource on MicrosoftRegistryResource {
                          valueName
                          valueType
                          value
                          key
                          hive
                          __typename
                        }
                        
                        fragment CatoEndpointIncidentDetailed on CatoEndpoint {
                          storyDuration
                          sourceIp
                          analystFeedback {
                            ...AnalystFeedback
                            __typename
                          }
                          device {
                            deviceName
                            macAddress
                            osDetails {
                              ... on OsDetails {
                                ...CatoEndpointIncidentDeviceOsDetails
                                __typename
                              }
                              __typename
                            }
                            loggedOnUsers {
                              ... on EndpointUser {
                                ...CatoEndpointIncidentDeviceLoggedOnUser
                                __typename
                              }
                              __typename
                            }
                            __typename
                          }
                          alerts {
                            ... on CatoEndpointAlert {
                              ...StoryDetailsCatoEndpointAlert
                              __typename
                            }
                            __typename
                          }
                          __typename
                        }
                        
                        fragment CatoEndpointIncidentDeviceOsDetails on OsDetails {
                          osType
                          osBuild
                          osVersion
                          __typename
                        }
                        
                        fragment CatoEndpointIncidentDeviceLoggedOnUser on EndpointUser {
                          ... on CatoEndpointUser {
                            ...CatoEndpointIncidentUserDetails
                            __typename
                          }
                          __typename
                        }
                        
                        fragment CatoEndpointIncidentUserDetails on CatoEndpointUser {
                          name
                          __typename
                        }
                        
                        fragment StoryDetailsCatoEndpointAlert on CatoEndpointAlert {
                          id
                          title
                          mitreTechnique {
                            id
                            name
                            __typename
                          }
                          createdDateTime
                          threatName
                          activities {
                            ...StoryDetailsCatoEndpointActivity
                            __typename
                          }
                          resources {
                            ...StoryDetailsCatoEndpointResource
                            __typename
                          }
                          ... on CatoEndpointAlert {
                            criticality
                            catoStatus: status
                            __typename
                          }
                          __typename
                        }
                        
                        fragment StoryDetailsCatoEndpointActivity on CatoActivity {
                          id
                          resourceId
                          parentResourceId
                          __typename
                        }
                        
                        fragment StoryDetailsCatoEndpointResource on CatoResource {
                          id
                          createdDateTime
                          remediationStatus
                          ...StoryDetailsCatoEndpointFileResource
                          ...StoryDetailsCatoEndpointProcessResource
                          __typename
                        }
                        
                        fragment StoryDetailsCatoEndpointFileResource on CatoFileResource {
                          detectionStatus
                          fileDetails {
                            ...StoryDetailsCatoEndpointFileDetails
                            __typename
                          }
                          __typename
                        }
                        
                        fragment StoryDetailsCatoEndpointFileDetails on FileDetails {
                          path
                          name
                          size
                          sha1
                          sha256
                          issuer
                          signer
                          __typename
                        }
                        
                        fragment StoryDetailsCatoEndpointProcessResource on CatoProcessResource {
                          processId
                          processCommandLine
                          imageFile {
                            ...StoryDetailsCatoEndpointFileDetails
                            __typename
                          }
                          userAccount {
                            ...StoryDetailsCatoEndpointUserDetails
                            __typename
                          }
                          __typename
                        }
                        
                        fragment StoryDetailsCatoEndpointUserDetails on EndpointUser {
                          id
                          ... on CatoEndpointUser {
                            name
                            __typename
                          }
                          __typename
                        }
                        
Variables
{"accountId": "123", "storyId": "abc123"}
Response
{
  "data": {
    "xdr": {
      "__typename": "XDR",
      "story": {
        "playbook": null,
        "incident": {
          "__typename": "Threat",
          "id": "abc123",
          "status": "Open",
          "producer": "ThreatHunt",
          "ticket": null,
          "connectionType": "Site",
          "indication": "abc123",
          "queryName": "abc123",
          "criticality": 5,
          "source": "abc123",
          "research": false,
          "firstSignal": "2024-02-29T09:00:00Z",
          "lastSignal": "2024-02-29T13:00:00Z",
          "description": "abc123",
          "site": null,
          "user": null,
          "srcSiteId": "123",
          "flowsCardinality": 4,
          "storyDuration": 14400,
          "os": "OS_WINDOWS",
          "deviceName": "abc123",
          "macAddress": "aa:aa:11:22:33:44",
          "sourceIp": "1.2.3.4",
          "logonName": null,
          "direction": "OUTBOUND",
          "predictedVerdict": null,
          "predictedThreatType": null,
          "similarStoriesData": [],
          "events": [],
          "mitres": [],
          "timeSeries": [],
          "targets": [
            {
              "type": "domain",
              "name": "123",
              "analysisScore": 0.75688803,
              "infectionSource": true,
              "catoPopularity": -1,
              "threatFeeds": 2,
              "creationTime": "2023-01-10T06:16:40Z",
              "categories": "abc123",
              "countryOfRegistration": "CZ",
              "searchHits": "123",
              "engines": null,
              "eventData": [],
              "__typename": "IncidentTargetRep"
            }
          ],
          "flows": [
            {
              "appName": "http",
              "clientClass": null,
              "sourceIp": "11.22.33.111",
              "sourcePort": 123,
              "direction": "INBOUND",
              "createdAt": "2024-02-29T09:45:00Z",
              "referer": null,
              "userAgent": null,
              "method": null,
              "destinationCountry": "US",
              "destinationPort": 123,
              "destinationIp": "11.22.33.644",
              "destinationGeolocation": "11.1,22.2",
              "url": null,
              "tunnelGeolocation": "11.1,22.2",
              "domain": "abc123",
              "target": "abc123",
              "httpResponseCode": null,
              "dnsResponseIP": null,
              "smbFileName": null,
              "fileHash": null,
              "ja3": null,
              "__typename": "IncidentFlow"
            }
          ],
          "analystFeedback": {
            "verdict": null,
            "severity": null,
            "threatType": {
              "name": "PuP",
              "details": null,
              "recommendedAction": null,
              "__typename": "AnalystFeedbackThreatType"
            },
            "threatClassification": null,
            "additionalInfo": null,
            "__typename": "AnalystFeedback"
          }
        },
        "__typename": "Story",
        "id": "abc123",
        "summary": "abc123",
        "updatedAt": "2024-03-27T08:32:44Z",
        "createdAt": "2024-03-27T08:22:51Z",
        "timeline": [
          {
            "createdAt": "2024-03-27T08:22:51Z",
            "type": "Diff",
            "descriptions": ["abc123"],
            "additionalInfo": null,
            "analystInfo": null,
            "context": "Story created",
            "category": null,
            "__typename": "TimelineItem"
          }
        ]
      }
    }
  }
}

Mutations

AccountManagementMutations

addAccount

Description

Add a new account

Response

Returns an AccountInfo

Arguments
Name Description
input - AddAccountInput!

Example

Query
mutation addAccount($accountId:ID!, $input:AddAccountInput!) {
  accountManagement(accountId: $accountId) {
    addAccount(input: $input) {
      description
      id
      name
      tenancy
      timeZone
      type
      audit {
        createdBy
        createdTime
      }
    }
  }
}
Variables
{
  "accountId": "123",
  "input": {
    "name": "account_name",
    "tenancy": "SINGLE_TENANT",
    "type": "CUSTOMER",
    "description": "account description",
    "timezone": "Australia/ACT"
  }
}
Response
{
  "data": {
    "accountManagement": {
      "addAccount": {
        "description": "account description",
        "id": "456",
        "name": "name",
        "tenancy": "SINGLE_TENANT",
        "timeZone": "Australia/ACT",
        "type": "CUSTOMER",
        "audit": {
          "createdBy": "main@admin.com",
          "createdTime": "2024-08-14T09:34:24Z"
        }
      }
    }
  }
}

removeAccount

Description

Delete an existing account. The account status will become “Disabled”, and it will be scheduled for deletion

Response

Returns a RemoveAccountPayload

Arguments
Name Description
accountId - ID!

Example

Query
mutation removeAccount($parentAccountId:ID!, $accountId:ID!) {
  accountManagement(accountId: $parentAccountId) {
    removeAccount(accountId: $accountId) {
      accountInfo {
                description
                id
                name
                tenancy
                timeZone
                type
                audit {
                    createdBy
                    createdTime
                }
      }
    }
  }
}
Variables
{"parentAccountId": "123", "accountId": "456"}
Response
{
  "data": {
    "accountManagement": {
      "removeAccount": {
        "accountInfo": {
          "description": "account description",
          "id": "456",
          "name": "name",
          "tenancy": "SINGLE_TENANT",
          "timeZone": "Australia/ACT",
          "type": "CUSTOMER",
          "audit": {
            "createdBy": "main@admin.com",
            "createdTime": "2024-08-14T09:34:24Z"
          }
        }
      }
    }
  }
}

updateAccount

Description

Update existing account attributes

Response

Returns an AccountInfo

Arguments
Name Description
input - UpdateAccountInput!

Example

Query
mutation updateAccount($accountId:ID!, $input:UpdateAccountInput!) {
  accountManagement(accountId: $accountId) {
    updateAccount(input: $input) {
      description
      id
      name
      tenancy
      timeZone
      type
      audit {
        createdBy
        createdTime
      }
    }
  }
}
Variables
{"accountId": "456", "input": {"description": "new account description"}}
Response
{
  "data": {
    "accountManagement": {
      "updateAccount": {
        "description": "account description",
        "id": "456",
        "name": "name",
        "tenancy": "SINGLE_TENANT",
        "timeZone": "Australia/ACT",
        "type": "CUSTOMER",
        "audit": {
          "createdBy": "main@admin.com",
          "createdTime": "2024-08-14T09:34:24Z"
        }
      }
    }
  }
}

AdminMutations

addAdmin

Response

Returns an AddAdminPayload

Arguments
Name Description
input - AddAdminInput!

Example

Query
mutation addAdmin($accountId:ID!, $input: AddAdminInput!) {
  admin(accountId:$accountId) {
    addAdmin(input:$input) {
      adminID
    }
  }
}
Variables
{
  "accountId": "123",
  "input": {
    "firstName": "Name",
    "lastName": "Surname",
    "email": "name.surname@company.org",
    "passwordNeverExpires": false,
    "mfaEnabled": true,
    "managedRoles": [{"role": {"id": 2, "name": "Viewer"}}]
  }
}
Response
{"data": {"admin": {"addAdmin": {"adminID": "456"}}}}

removeAdmin

Response

Returns a RemoveAdminPayload

Arguments
Name Description
adminID - ID!

Example

Query
mutation removeAdmin($accountId:ID!, $adminID:ID!){
  admin(accountId:$accountId) {
    removeAdmin(adminID:$adminID) {
      adminID
    }
  }
}
Variables
{"accountId": "123", "adminID": "456"}
Response
{"data": {"admin": {"removeAdmin": {"adminID": "456"}}}}

updateAdmin

Response

Returns an UpdateAdminPayload

Arguments
Name Description
adminID - ID!
input - UpdateAdminInput!

Example

Query
mutation updateAdmin($accountId:ID!, $adminID:ID!, $input: UpdateAdminInput!){
  admin(accountId:$accountId) {
    updateAdmin(adminID:$adminID,input:$input) {
      adminID
    }
  }
}
Variables
{
  "accountId": "123",
  "adminID": "456",
  "input": {
    "managedRoles": [
      {"role": {"id": 1, "name": "Editor"}},
      {"role": {"id": 2, "name": "Viewer"}}
    ]
  }
}
Response
{"data": {"admin": {"updateAdmin": {"adminID": "456"}}}}

AppTenantRestrictionPolicyMutations

addRule

Beta
Arguments
Name Description
input - AppTenantRestrictionAddRuleInput!

Example

Query

                        mutation AddRule($accountId: ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    addRule(input: {
                                        rule: {
                                            enabled: true
                                            name: "Example Rule"
                                            description: "Example description"
                                            severity: MEDIUM
                                            action: INJECT_HEADERS
                                            application: {
                                                input:"hibob"
                                                by: ID
                                            }
                                            source: {
                                                ip: ["192.0.2.1", "198.51.100.1"]
                                                subnet: ["10.0.0.0/24"]
                                            }
                                            headers: [{
                                                name: "headerName"
                                                value: "headerValue"
                                            }]
                                        },
                                        at: {
                                            position: LAST_IN_POLICY
                                        }
                                    }) {
                                        status
                                        rule {
                                            rule {
                                                id
                                                name
                                                description
                                                enabled
                                                source {
                                                    ip
                                                    subnet
                                                }
                                                action
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "appTenantRestriction": {
        "addRule": {
          "status": "SUCCESS",
          "rule": {
            "rule": {
              "id": "58dc4161-77bb-4866-a2c8-3eed554158f7",
              "name": "Example Rule",
              "description": "Example description",
              "enabled": true,
              "source": {
                "ip": ["192.0.2.1", "198.51.100.1"],
                "subnet": ["10.0.0.0/24"]
              },
              "action": "INJECT_HEADERS"
            }
          }
        }
      }
    }
  }
}

addSection

Beta
Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyAddSectionInput!

Example

Query

                        mutation AddSection($accountId: ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    addSection(input: {
                                        section: {
                                            name: "New section"
                                        },
                                        at: {
                                            position: LAST_IN_POLICY
                                        }
                                    }) {
                                        section {
                                            section {
                                                id
                                                name
                                            }
                                        }
                                        status
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "appTenantRestriction": {
        "addSection": {
          "section": {
            "section": {
              "id": "6d468052-8680-4c54-8316-58793ad30d1e",
              "name": "New section"
            }
          },
          "status": "SUCCESS"
        }
      }
    }
  }
}

createPolicyRevision

Beta
Arguments
Name Description
input - PolicyCreateRevisionInput!

Example

Query

                        mutation CreatePolicyRevision($accountId: ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    createPolicyRevision(input: {
                                        name: "Test Revision"
                                        description: "Test working with multiple revisions"
                                    }) {
                                        status
                                        policy {
                                            revision {
                                                description
                                                name
                                                id
                                                createdTime
                                                updatedTime
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "appTenantRestriction": {
        "createPolicyRevision": {
          "status": "SUCCESS",
          "policy": {
            "revision": {
              "description": "Test working with multiple revisions",
              "name": "Test Revision",
              "id": "276f34f3-197d-41ec-8d3d-de34bc703da9",
              "createdTime": "2024-12-15T13:25:34.774",
              "updatedTime": "2024-12-15T13:25:34.774"
            }
          }
        }
      }
    }
  }
}

discardPolicyRevision

Beta
Arguments
Name Description
input - PolicyDiscardRevisionInput

Example

Query

                        mutation DiscardPolicyRevision($accountId: ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    discardPolicyRevision {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "appTenantRestriction": {"discardPolicyRevision": {"status": "FAILURE"}}
    }
  }
}

moveRule

Beta
Arguments
Name Description
input - PolicyMoveRuleInput!

Example

Query

                        mutation MoveRule($accountId: ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    moveRule(input: {
                                        id: "58dc4161-77bb-4866-a2c8-3eed554158f7"
                                        to: {
                                            position: FIRST_IN_POLICY
                                        }
                                    }) {
                                        status
                                        rule {
                                            rule {
                                                index
                                                id
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "appTenantRestriction": {
        "moveRule": {
          "status": "SUCCESS",
          "rule": {
            "rule": {"index": 1, "id": "58dc4161-77bb-4866-a2c8-3eed554158f7"}
          }
        }
      }
    }
  }
}

moveSection

Beta
Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyMoveSectionInput!

Example

Query

                        mutation MoveSection($accountId:ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    moveSection(input: {
                                        id: "0f61ccb5-1912-4bc0-ade6-06fc684b561f"
                                        to: {
                                            position: LAST_IN_POLICY
                                        }
                                    }) {
                                        status
                                        errors {
                                            errorMessage
                                            errorCode
                                        }
                                        section {
                                            properties
                                            section {
                                                id
                                                name
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "appTenantRestriction": {
        "moveSection": {
          "status": "SUCCESS",
          "errors": [],
          "section": {
            "properties": ["MOVED"],
            "section": {
              "id": "0f61ccb5-1912-4bc0-ade6-06fc684b561f",
              "name": "Section 1"
            }
          }
        }
      }
    }
  }
}

publishPolicyRevision

Beta
Arguments
Name Description
input - PolicyPublishRevisionInput

Example

Query

                        mutation PublishPolicy($accountId:ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    publishPolicyRevision(input: {
                                        name: "Ticket #1234"
                                        description : "Allow HR access to social websites"
                                    }) {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "appTenantRestriction": {"publishPolicyRevision": {"status": "SUCCESS"}}
    }
  }
}

removeRule

Beta
Arguments
Name Description
input - AppTenantRestrictionRemoveRuleInput!

Example

Query

                        mutation RemoveRule($accountId:ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    removeRule(input: {
                                        id: "58dc4161-77bb-4866-a2c8-3eed554158f7"
                                    }) {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {"appTenantRestriction": {"removeRule": {"status": "SUCCESS"}}}
  }
}

removeSection

Beta
Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyRemoveSectionInput!

Example

Query

                        mutation RemoveSection($accountId: ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    removeSection(input: {
                                        id: "6d468052-8680-4c54-8316-58793ad30d1e"
                                    }) {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {"appTenantRestriction": {"removeSection": {"status": "SUCCESS"}}}
  }
}

updatePolicy

Beta
Arguments
Name Description
input - AppTenantRestrictionPolicyUpdateInput!

Example

Query

                        mutation UpdatePolicyState($accountId: ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    updatePolicy(input: {
                                        state: DISABLED
                                    }){
                                        status
                                        policy {
                                            enabled
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "appTenantRestriction": {
        "updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
      }
    }
  }
}

updateRule

Beta
Arguments
Name Description
input - AppTenantRestrictionUpdateRuleInput!

Example

Query

                        mutation UpdateRule($accountId: ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    updateRule(input: {
                                        id: "58dc4161-77bb-4866-a2c8-3eed554158f7"
                                        rule: {
                                            name: "Updated rule name"
                                            source: {
                                                ip: ["192.0.2.2"]
                                            }
                                        }
                                    }) {
                                        status
                                        rule {
                                            rule {
                                                id
                                                name
                                                description
                                                source {
                                                    ip
                                                    subnet
                                                }
                                                action
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "appTenantRestriction": {
        "updateRule": {
          "status": "SUCCESS",
          "rule": {
            "rule": {
              "id": "58dc4161-77bb-4866-a2c8-3eed554158f7",
              "name": "Updated rule name",
              "description": "Example description",
              "source": {"ip": ["192.0.2.2"], "subnet": ["10.0.0.0/24"]},
              "action": "INJECT_HEADERS"
            }
          }
        }
      }
    }
  }
}

updateSection

Beta
Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyUpdateSectionInput!

Example

Query

                        mutation UpdateSection($accountId: ID!) {
                            policy(accountId: $accountId) {
                                appTenantRestriction {
                                    updateSection(input: {
                                        id: "6d468052-8680-4c54-8316-58793ad30d1e"
                                        section: {
                                            name: "Updated section name"
                                        }
                                    }) {
                                        status
                                        section {
                                            section {
                                                id
                                                name
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "appTenantRestriction": {
        "updateSection": {
          "status": "SUCCESS",
          "section": {
            "section": {
              "id": "6d468052-8680-4c54-8316-58793ad30d1e",
              "name": "New section"
            }
          }
        }
      }
    }
  }
}

ContainerMutations

delete

Beta
Response

Returns a DeleteContainerPayload!

Arguments
Name Description
input - DeleteContainerInput!

Example

Query

                        mutation removeValuesFqdnContainer($accountId:ID!, $input:DeleteContainerInput!) {
                            container(accountId: $accountId) {
                                delete(input: $input) {
                                    container {
                                        __typename
                                        id
                                        name
                                        description
                                        size
                                        audit {
                                            createdBy
                                            createdAt
                                            lastModifiedBy
                                            lastModifiedAt
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{
  "accountId": 12345,
  "input": {"ref": {"by": "NAME", "input": "Some Container"}}
}
Response
{
  "data": {
    "container": {
      "delete": {
        "container": {
          "__typename": "FqdnContainer",
          "id": "1234567890",
          "name": "Some Container",
          "description": "Description of some container",
          "size": 100,
          "audit": {
            "createdBy": "some.admin@catonetworks.com",
            "createdAt": "2024-09-18T14:31:03Z",
            "lastModifiedBy": "some.admin@catonetworks.com",
            "lastModifiedAt": "2024-09-18T14:31:03Z"
          }
        }
      }
    }
  }
}

FqdnContainerMutations

addValues

Beta
Response

Returns a FqdnContainerAddValuesPayload!

Arguments
Name Description
input - FqdnContainerAddValuesInput!

Example

Query

                          mutation addValuesToFqdnContainer($accountId:ID!, $input:FqdnContainerAddValuesInput!)  {
                              container(accountId: $accountId) {
                                  fqdn {
                                      addValues(input: $input) {
                                          container {
                                              __typename
                                              id
                                              name
                                              description
                                              size
                                              audit {
                                                  createdBy
                                                  createdAt
                                                  lastModifiedBy
                                                  lastModifiedAt
                                              }
                                          }
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{
  "accountId": 12345,
  "input": {
    "ref": {"by": "NAME", "input": "Some Container"},
    "values": ["google.com", "amazon.com"]
  }
}
Response
{
  "data": {
    "container": {
      "fqdn": {
        "addValues": {
          "container": {
            "__typename": "FqdnContainer",
            "id": "1234567890",
            "name": "Some Container",
            "description": "Description of some container",
            "size": 100,
            "audit": {
              "createdBy": "some.admin@catonetworks.com",
              "createdAt": "2024-09-18T14:31:03Z",
              "lastModifiedBy": "some.admin@catonetworks.com",
              "lastModifiedAt": "2024-09-18T14:31:03Z"
            }
          }
        }
      }
    }
  }
}

createFromFile

Beta
Arguments
Name Description
input - CreateFqdnContainerFromFileInput!

Example

Query

                          mutation createFqdnContainerFromFile($accountId:ID!, $input:CreateFqdnContainerFromFileInput!)  {
                              container(accountId: $accountId) {
                                  fqdn {
                                      createFromFile(input: $input) {
                                          container {
                                              __typename
                                              id
                                              name
                                              description
                                              size
                                              audit {
                                                  createdBy
                                                  createdAt
                                                  lastModifiedBy
                                                  lastModifiedAt
                                              }
                                          }
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{
  "accountId": 12345,
  "input": {
    "name": "Some Container",
    "description": "Description of some container",
    "uploadFile": "A multipart file containing data"
  }
}
Response
{
  "data": {
    "container": {
      "fqdn": {
        "createFromFile": {
          "container": {
            "__typename": "FqdnContainer",
            "id": "1234567890",
            "name": "Some Container",
            "description": "Description of some container",
            "size": 100,
            "audit": {
              "createdBy": "some.admin@catonetworks.com",
              "createdAt": "2024-09-18T14:31:03Z",
              "lastModifiedBy": "some.admin@catonetworks.com",
              "lastModifiedAt": "2024-09-18T14:31:03Z"
            }
          }
        }
      }
    }
  }
}

removeValues

Beta
Arguments
Name Description
input - FqdnContainerRemoveValuesInput!

Example

Query

                          mutation removeValuesToFqdnContainer($accountId:ID!, $input:FqdnContainerRemoveValuesInput!)  {
                              container(accountId: $accountId) {
                                  fqdn {
                                      removeValues(input: $input) {
                                          container {
                                              __typename
                                              id
                                              name
                                              description
                                              size
                                              audit {
                                                  createdBy
                                                  createdAt
                                                  lastModifiedBy
                                                  lastModifiedAt
                                              }
                                          }
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{
  "accountId": 12345,
  "input": {
    "ref": {"by": "NAME", "input": "Some Container"},
    "values": ["google.com", "amazon.com"]
  }
}
Response
{
  "data": {
    "container": {
      "fqdn": {
        "removeValues": {
          "container": {
            "__typename": "FqdnContainer",
            "id": "1234567890",
            "name": "Some Container",
            "description": "Description of some container",
            "size": 100,
            "audit": {
              "createdBy": "some.admin@catonetworks.com",
              "createdAt": "2024-09-18T14:31:03Z",
              "lastModifiedBy": "some.admin@catonetworks.com",
              "lastModifiedAt": "2024-09-18T14:31:03Z"
            }
          }
        }
      }
    }
  }
}

updateFromFile

Beta
Arguments
Name Description
input - UpdateFqdnContainerFromFileInput!

Example

Query

                          mutation updateFqdnContainerFromFile($accountId:ID!, $input:UpdateFqdnContainerFromFileInput!)  {
                              container(accountId: $accountId) {
                                  fqdn {
                                      updateFromFile(input: $input) {
                                          container {
                                              __typename
                                              id
                                              name
                                              description
                                              size
                                              audit {
                                                  createdBy
                                                  createdAt
                                                  lastModifiedBy
                                                  lastModifiedAt
                                              }
                                          }
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{
  "accountId": 12345,
  "input": {
    "ref": {"by": "NAME", "input": "Some Container"},
    "description": "Description of some container",
    "uploadFile": null
  }
}
Response
{
  "data": {
    "container": {
      "fqdn": {
        "updateFromFile": {
          "container": {
            "__typename": "FqdnContainer",
            "id": "1234567890",
            "name": "Some Container",
            "description": "Description of some container",
            "size": 100,
            "audit": {
              "createdBy": "some.admin@catonetworks.com",
              "createdAt": "2024-09-18T14:31:03Z",
              "lastModifiedBy": "some.admin@catonetworks.com",
              "lastModifiedAt": "2024-09-18T14:31:03Z"
            }
          }
        }
      }
    }
  }
}

IpAddressRangeContainerMutations

addValues

Beta
Arguments
Name Description
input - IpAddressRangeContainerAddValuesInput!

Example

Query

                          mutation addValuesToIpAddressRangeContainer($accountId:ID!, $input:IpAddressRangeContainerAddValuesInput!)  {
                              container(accountId: $accountId) {
                                  ipAddressRange {
                                      addValues(input: $input) {
                                          container {
                                              __typename
                                              id
                                              name
                                              description
                                              size
                                              audit {
                                                  createdBy
                                                  createdAt
                                                  lastModifiedBy
                                                  lastModifiedAt
                                              }
                                          }
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{
  "accountId": 12345,
  "input": {
    "ref": {"by": "NAME", "input": "Some Container"},
    "values": [
      {"from": "190.20.24.36", "to": "190.20.24.236"},
      {"from": "190.30.24.36", "to": "190.30.24.236"}
    ]
  }
}
Response
{
  "data": {
    "container": {
      "ipAddressRange": {
        "addValues": {
          "container": {
            "__typename": "IpAddressRangeContainer",
            "id": "1234567890",
            "name": "Some Container",
            "description": "Description of some container",
            "size": 100,
            "audit": {
              "createdBy": "some.admin@catonetworks.com",
              "createdAt": "2024-09-18T14:31:03Z",
              "lastModifiedBy": "some.admin@catonetworks.com",
              "lastModifiedAt": "2024-09-18T14:31:03Z"
            }
          }
        }
      }
    }
  }
}

createFromFile

Beta

Example

Query

                          mutation createIpAddressRangeContainerFromFile($accountId:ID!, $input:CreateIpAddressRangeContainerFromFileInput!)  {
                              container(accountId: $accountId) {
                                  ipAddressRange {
                                      createFromFile(input: $input) {
                                          container {
                                              __typename
                                              id
                                              name
                                              description
                                              size
                                              audit {
                                                  createdBy
                                                  createdAt
                                                  lastModifiedBy
                                                  lastModifiedAt
                                              }
                                          }
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{
  "accountId": 12345,
  "input": {
    "name": "Some Container",
    "description": "Description of some container",
    "uploadFile": "A multipart file containing data"
  }
}
Response
{
  "data": {
    "container": {
      "ipAddressRange": {
        "createFromFile": {
          "container": {
            "__typename": "IpAddressRangeContainer",
            "id": "1234567890",
            "name": "Some Container",
            "description": "Description of some container",
            "size": 100,
            "audit": {
              "createdBy": "some.admin@catonetworks.com",
              "createdAt": "2024-09-18T14:31:03Z",
              "lastModifiedBy": "some.admin@catonetworks.com",
              "lastModifiedAt": "2024-09-18T14:31:03Z"
            }
          }
        }
      }
    }
  }
}

removeValues

Beta
Arguments
Name Description
input - IpAddressRangeContainerRemoveValuesInput!

Example

Query

                          mutation removeValuesToIpAddressRangeContainer($accountId:ID!, $input:IpAddressRangeContainerRemoveValuesInput!)  {
                              container(accountId: $accountId) {
                                  ipAddressRange {
                                      removeValues(input: $input) {
                                          container {
                                              __typename
                                              id
                                              name
                                              description
                                              size
                                              audit {
                                                  createdBy
                                                  createdAt
                                                  lastModifiedBy
                                                  lastModifiedAt
                                              }
                                          }
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{
  "accountId": 12345,
  "input": {
    "ref": {"by": "NAME", "input": "Some Container"},
    "values": [
      {"from": "190.20.24.36", "to": "190.20.24.236"},
      {"from": "190.30.24.36", "to": "190.30.24.236"}
    ]
  }
}
Response
{
  "data": {
    "container": {
      "ipAddressRange": {
        "removeValues": {
          "container": {
            "__typename": "IpAddressRangeContainer",
            "id": "1234567890",
            "name": "Some Container",
            "description": "Description of some container",
            "size": 100,
            "audit": {
              "createdBy": "some.admin@catonetworks.com",
              "createdAt": "2024-09-18T14:31:03Z",
              "lastModifiedBy": "some.admin@catonetworks.com",
              "lastModifiedAt": "2024-09-18T14:31:03Z"
            }
          }
        }
      }
    }
  }
}

updateFromFile

Beta

Example

Query

                          mutation updateIpAddressRangeContainerFromFile($accountId:ID!, $input:UpdateIpAddressRangeContainerFromFileInput!)  {
                              container(accountId: $accountId) {
                                  ipAddressRange {
                                      updateFromFile(input: $input) {
                                          container {
                                              __typename
                                              id
                                              name
                                              description
                                              size
                                              audit {
                                                  createdBy
                                                  createdAt
                                                  lastModifiedBy
                                                  lastModifiedAt
                                              }
                                          }
                                      }
                                  }
                              }
                          }
                          
                          
Variables
{
  "accountId": 12345,
  "input": {
    "ref": {"by": "NAME", "input": "Some Container"},
    "description": "Description of some container",
    "uploadFile": null
  }
}
Response
{
  "data": {
    "container": {
      "ipAddressRange": {
        "updateFromFile": {
          "container": {
            "__typename": "IpAddressRangeContainer",
            "id": "1234567890",
            "name": "Some Container",
            "description": "Description of some container",
            "size": 100,
            "audit": {
              "createdBy": "some.admin@catonetworks.com",
              "createdAt": "2024-09-18T14:31:03Z",
              "lastModifiedBy": "some.admin@catonetworks.com",
              "lastModifiedAt": "2024-09-18T14:31:03Z"
            }
          }
        }
      }
    }
  }
}

DynamicIpAllocationPolicyMutations

addRule

Beta
Arguments
Name Description
input - DynamicIpAllocationAddRuleInput!

Example

Query

                        mutation AddRule($accountId: ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    addRule(input: {
                                        at: {
                                            position: LAST_IN_POLICY
                                        }
                                        rule: {
                                            enabled:true
                                            name: "Example Rule"
                                            description: "Example description"
                                            range: {
                                                globalIpRange:{
                                                    by: NAME
                                                    input: "12.22.18.0/24"
                                                }
                                            }
                                        }
                                    })
                                    {
                                        status
                                        rule {
                                            rule {
                                                id
                                                name
                                                description
                                                enabled
                                                range {
                                                    globalIpRange {
                                                        id
                                                    }
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "dynamicIpAllocation": {
        "addRule": {
          "status": "SUCCESS",
          "rule": {
            "rule": {
              "id": "2c25bae8-f787-4098-b3c2-6057e5fe8537",
              "name": "Example Rule",
              "description": "Example description",
              "enabled": true,
              "range": {"globalIpRange": {"id": "1927110"}}
            }
          }
        }
      }
    }
  }
}

addSection

Beta
Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyAddSectionInput!

Example

Query

                        mutation AddSection($accountId: ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    addSection(input: {
                                        section: {
                                            name: "New Section Name Example"
                                        },
                                        at: {
                                            position: LAST_IN_POLICY
                                        }
                                    }) {
                                        section {
                                            section {
                                                id
                                                name
                                            }
                                        }
                                        status
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "dynamicIpAllocation": {
        "addSection": {
          "section": {
            "section": {
              "id": "83e54a6a-9998-4fcf-b1a1-5313e52cc5f0",
              "name": "New section2"
            }
          },
          "status": "SUCCESS"
        }
      }
    }
  }
}

createPolicyRevision

Beta
Arguments
Name Description
input - PolicyCreateRevisionInput!

Example

Query

                        mutation CreatePolicyRevision($accountId: ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    createPolicyRevision(input: {
                                        name: "Revision Name Example"
                                        description: "Revision Description Example"
                                    }) {
                                        status
                                        policy {
                                            revision {
                                                description
                                                name
                                                id
                                                createdTime
                                                updatedTime
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "dynamicIpAllocation": {
        "createPolicyRevision": {
          "status": "SUCCESS",
          "policy": {
            "revision": {
              "description": "Test working with multiple revisions",
              "name": "Test Revision",
              "id": "ce815213-ec04-435a-8bf9-3ef5ada025e6",
              "createdTime": "2024-09-25T14:31:07.605",
              "updatedTime": "2024-09-25T14:31:07.605"
            }
          }
        }
      }
    }
  }
}

discardPolicyRevision

Beta
Arguments
Name Description
input - PolicyDiscardRevisionInput

Example

Query

                        mutation DiscardPolicyRevision($accountId: ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    discardPolicyRevision {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "dynamicIpAllocation": {"discardPolicyRevision": {"status": "FAILURE"}}
    }
  }
}

moveRule

Beta
Arguments
Name Description
input - PolicyMoveRuleInput!

Example

Query

                        mutation MoveRule($accountId: ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    moveRule(input: {
                                        id: "3c345055-4f14-48dc-ab8c-5b5db9d778fc"
                                        to: {
                                            position: FIRST_IN_POLICY
                                        }
                                    }) {
                                        status
                                        rule {
                                            rule {
                                                index
                                                id
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "dynamicIpAllocation": {
        "moveRule": {
          "status": "SUCCESS",
          "rule": {
            "rule": {"index": 1, "id": "3c345055-4f14-48dc-ab8c-5b5db9d778fc"}
          }
        }
      }
    }
  }
}

moveSection

Beta
Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyMoveSectionInput!

Example

Query

                        mutation MoveSection($accountId:ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    moveSection(input: {
                                        id: "0495cf5e-1598-4f34-8c01-94970620c68f"
                                        to: {
                                            position: LAST_IN_POLICY
                                        }
                                    }) {
                                        status
                                        errors {
                                            errorMessage
                                            errorCode
                                        }
                                        section {
                                            properties
                                            section {
                                                id
                                                name
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "dynamicIpAllocation": {
        "moveSection": {
          "status": "SUCCESS",
          "errors": [],
          "section": {
            "properties": ["MOVED"],
            "section": {
              "id": "0495cf5e-1598-4f34-8c01-94970620c68f",
              "name": "New section 2"
            }
          }
        }
      }
    }
  }
}

publishPolicyRevision

Beta
Arguments
Name Description
input - PolicyPublishRevisionInput

Example

Query

                        mutation PublishPolicy($accountId:ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    publishPolicyRevision(input: {
                                        name: "IT Group SDP Users Dynamic IP Allocation Example"
                                        description : "Allocate Dynamic IP range for IT group Example"
                                    }) {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "dynamicIpAllocation": {"publishPolicyRevision": {"status": "SUCCESS"}}
    }
  }
}

removeRule

Beta
Arguments
Name Description
input - DynamicIpAllocationRemoveRuleInput!

Example

Query

                        mutation RemoveRule($accountId:ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    removeRule(input: {
                                        id: "60ba1383-04ce-4a1f-8c61-5e5a3c2eabb1"
                                    }) {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {"dynamicIpAllocation": {"removeRule": {"status": "SUCCESS"}}}
  }
}

removeSection

Beta
Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyRemoveSectionInput!

Example

Query

                        mutation RemoveSection($accountId: ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    removeSection(input: {
                                        id: "f4d0862d-cd2f-47fa-9a94-ce418130ce1f"
                                    }) {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {"dynamicIpAllocation": {"removeSection": {"status": "SUCCESS"}}}
  }
}

updatePolicy

Beta
Arguments
Name Description
input - DynamicIpAllocationPolicyUpdateInput!

Example

Query

                        mutation UpdatePolicyState($accountId: ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    updatePolicy(input: {
                                        state: DISABLED
                                    }){
                                        status
                                        policy {
                                            enabled
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "dynamicIpAllocation": {
        "updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
      }
    }
  }
}

updateRule

Beta
Arguments
Name Description
input - DynamicIpAllocationUpdateRuleInput!

Example

Query

                        mutation UpdateRule($accountId: ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    updateRule(input: {
                                        id: "2c25bae8-f787-4098-b3c2-6057e5fe8537"
                                        rule: {
                                            name: "Updated Rule Name Example"
                                        }
                                    })             {
                                        status
                                        rule {
                                            rule {
                                                id
                                                name
                                                description
                                                enabled
                                                range {
                                                    globalIpRange {
                                                        id
                                                    }
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "dynamicIpAllocation": {
        "updateRule": {
          "status": "SUCCESS",
          "rule": {
            "rule": {
              "id": "2c25bae8-f787-4098-b3c2-6057e5fe8537",
              "name": "Updated rule name",
              "description": "Example description",
              "enabled": true,
              "range": {"globalIpRange": {"id": "1927110"}}
            }
          }
        }
      }
    }
  }
}

updateSection

Beta
Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyUpdateSectionInput!

Example

Query

                        mutation UpdateSection($accountId: ID!) {
                            policy(accountId: $accountId) {
                                dynamicIpAllocation {
                                    updateSection(input: {
                                        id: "54a367d6-75da-4399-bc03-65170ea97d3f"
                                        section: {
                                            name: "Updated Section Name Example"
                                        }
                                    }) {
                                        status
                                        section {
                                            section {
                                                id
                                                name
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "dynamicIpAllocation": {
        "updateSection": {
          "status": "SUCCESS",
          "section": {
            "section": {
              "id": "54a367d6-75da-4399-bc03-65170ea97d3f",
              "name": "New section"
            }
          }
        }
      }
    }
  }
}

InternetFirewallPolicyMutations

addRule

Beta
Description

Add a new rule to the Internet Firewall policy.

Arguments
Name Description
input - InternetFirewallAddRuleInput!

Example

Query

                        mutation AddRule($accountId: ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    addRule(input: {
                                        rule: {
                                            enabled: true
                                            name: "Example Rule"
                                            description: "Example description"
                                            source: {
                                                ip: ["192.0.2.1", "198.51.100.1"]
                                                subnet: ["10.0.0.0/24"]
                                            }
                                            action: ALLOW
                                        },
                                        at: {
                                            position: LAST_IN_POLICY
                                        }
                                    }) {
                                        status
                                        rule {
                                            rule {
                                                id
                                                name
                                                description
                                                enabled
                                                source {
                                                    ip
                                                    subnet
                                                }
                                                action
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "internetFirewall": {
        "addRule": {
          "status": "SUCCESS",
          "rule": {
            "rule": {
              "id": "106ee457-4406-4ea4-a163-36aa247de48f",
              "name": "Example Rule",
              "description": "Example description",
              "enabled": true,
              "source": {
                "ip": ["192.0.2.1", "198.51.100.1"],
                "subnet": ["10.0.0.0/24"]
              },
              "action": "ALLOW"
            }
          }
        }
      }
    }
  }
}

addSection

Beta
Description

Add a new section to the policy. First section behaves as follows: When the first section is created, all the rules in the policy, including the default system rules, are automatically added to it. The first section containing the default system rules can be modified but not deleted. The first section will always remain first-in-policy, i.e. it cannot be moved, and not other sections can be moved or created before it.

Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyAddSectionInput!

Example

Query

                        mutation AddSection($accountId: ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    addSection(input: {
                                        section: {
                                            name: "New section"
                                        },
                                        at: {
                                            position: LAST_IN_POLICY
                                        }
                                    }) {
                                        section {
                                            section {
                                                id
                                                name
                                            }
                                        }
                                        status
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "internetFirewall": {
        "addSection": {
          "section": {
            "section": {
              "id": "9ab458a3-a263-4ef7-ad6a-86de3cee7822",
              "name": "New section"
            }
          },
          "status": "SUCCESS"
        }
      }
    }
  }
}

createPolicyRevision

Beta
Description

Create the policy revision. Create a new empty policy revision.

Arguments
Name Description
input - PolicyCreateRevisionInput!

Example

Query

                        mutation CreatePolicyRevision($accountId: ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    createPolicyRevision(input: {
                                        name: "Test Revision"
                                        description: "Test working with multiple revisions"
                                    }) {
                                        status
                                        policy {
                                            revision {
                                                description
                                                name
                                                id
                                                createdTime
                                                updatedTime
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "internetFirewall": {
        "createPolicyRevision": {
          "status": "SUCCESS",
          "policy": {
            "revision": {
              "description": "Test working with multiple revisions",
              "name": "Test Revision",
              "id": "c15811b4-1e43-44ea-a132-6d1a73cb7f8d",
              "createdTime": "2024-07-18T21:49:58.116",
              "updatedTime": "2024-07-18T21:49:58.116"
            }
          }
        }
      }
    }
  }
}

discardPolicyRevision

Beta
Description

Discard the policy revision. All changes in this discarded revision are discarded, and the revision is deleted.

Arguments
Name Description
input - PolicyDiscardRevisionInput

Example

Query

                        mutation DiscardPolicyRevision($accountId: ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    discardPolicyRevision {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "internetFirewall": {"discardPolicyRevision": {"status": "FAILURE"}}
    }
  }
}

moveRule

Beta
Description

Change the relative location of an existing rule within the Internet Firewall policy.

Arguments
Name Description
input - PolicyMoveRuleInput!

Example

Query

                        mutation MoveRule($accountId: ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    moveRule(input: {
                                        id: "106ee457-4406-4ea4-a163-36aa247de48f"
                                        to: {
                                            position: FIRST_IN_POLICY
                                        }
                                    }) {
                                        status
                                        rule {
                                            rule {
                                                index
                                                id
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "internetFirewall": {
        "moveRule": {
          "status": "SUCCESS",
          "rule": {
            "rule": {"index": 1, "id": "106ee457-4406-4ea4-a163-36aa247de48f"}
          }
        }
      }
    }
  }
}

moveSection

Beta
Description

Move a section to a new position within the policy. The section will be anchored in the new position, i.e. other admins will not be able to move it, or reference it when moving other sections, until the modified policy revision is published.

Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyMoveSectionInput!

Example

Query

                        mutation MoveSection($accountId:ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    moveSection(input: {
                                        id: "9ab458a3-a263-4ef7-ad6a-86de3cee7822"
                                        to: {
                                            position: LAST_IN_POLICY
                                        }
                                    }) {
                                        status
                                        errors {
                                            errorMessage
                                            errorCode
                                        }
                                        section {
                                            properties
                                            section {
                                                id
                                                name
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "internetFirewall": {
        "moveSection": {
          "status": "FAILURE",
          "errors": [
            {
              "errorMessage": "Section with system rules cannot be moved or removed",
              "errorCode": "sectionSystemMove"
            }
          ],
          "section": null
        }
      }
    }
  }
}

publishPolicyRevision

Beta
Description

Publish the policy revision. A published revision becomes the active policy, and its content is merged with all unpublished revisions for other admins.

Arguments
Name Description
input - PolicyPublishRevisionInput

Example

Query

                        mutation PublishPolicy($accountId:ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    publishPolicyRevision(input: {
                                        name: "Ticket #1234"
                                        description : "Allow HR access to social websites"
                                    }) {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "internetFirewall": {"publishPolicyRevision": {"status": "SUCCESS"}}
    }
  }
}

removeRule

Beta
Description

Remove an existing rule from the Internet Firewall policy.

Arguments
Name Description
input - InternetFirewallRemoveRuleInput!

Example

Query

                        mutation RemoveRule($accountId:ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    removeRule(input: {
                                        id: "106ee457-4406-4ea4-a163-36aa247de48f"
                                    }) {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {"internetFirewall": {"removeRule": {"status": "SUCCESS"}}}
  }
}

removeSection

Beta
Description

Delete an existing section. The first section in policy cannot be deleted.

Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyRemoveSectionInput!

Example

Query

                        mutation RemoveSection($accountId: ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    removeSection(input: {
                                        id: "9ab458a3-a263-4ef7-ad6a-86de3cee7822"
                                    }) {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {"internetFirewall": {"removeSection": {"status": "FAILURE"}}}
  }
}

updatePolicy

Beta
Description

Change the state of the policy, e.g. enable or disable the policy. Applicable to the published policy only. State changes are applied immediately and not as part of publishing a policy revision.

Arguments
Name Description
input - InternetFirewallPolicyUpdateInput!

Example

Query

                        mutation UpdatePolicyState($accountId: ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    updatePolicy(input: {
                                        state: DISABLED
                                    }){
                                        status
                                        policy {
                                            enabled
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "internetFirewall": {
        "updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
      }
    }
  }
}

updateRule

Beta
Description

Update an existing rule of the Internet Firewall policy.

Arguments
Name Description
input - InternetFirewallUpdateRuleInput!

Example

Query

                        mutation UpdateRule($accountId: ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    updateRule(input: {
                                        id: "106ee457-4406-4ea4-a163-36aa247de48f"
                                        rule: {
                                            name: "Updated rule name"
                                            source: {
                                                ip: ["192.0.2.2"]
                                            }
                                        }
                                    }) {
                                        status
                                        rule {
                                            rule {
                                                id
                                                name
                                                description
                                                source {
                                                    ip
                                                    subnet
                                                }
                                                action
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "internetFirewall": {
        "updateRule": {
          "status": "SUCCESS",
          "rule": {
            "rule": {
              "id": "106ee457-4406-4ea4-a163-36aa247de48f",
              "name": "Updated rule name",
              "description": "Example description",
              "source": {"ip": ["192.0.2.2"], "subnet": ["10.0.0.0/24"]},
              "action": "ALLOW"
            }
          }
        }
      }
    }
  }
}

updateSection

Beta
Description

Update policy section attributes

Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyUpdateSectionInput!

Example

Query

                        mutation UpdateSection($accountId: ID!) {
                            policy(accountId: $accountId) {
                                internetFirewall {
                                    updateSection(input: {
                                        id: "9ab458a3-a263-4ef7-ad6a-86de3cee7822"
                                        section: {
                                            name: "Updated section name"
                                        }
                                    }) {
                                        status
                                        section {
                                            section {
                                                id
                                                name
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "internetFirewall": {
        "updateSection": {
          "status": "SUCCESS",
          "section": {
            "section": {
              "id": "9ab458a3-a263-4ef7-ad6a-86de3cee7822",
              "name": "Updated section name"
            }
          }
        }
      }
    }
  }
}

RemotePortFwdPolicyMutations

addRule

Beta
Description

Add a new port forwarding rule to enable remote access to internal services.

Arguments
Name Description
input - RemotePortFwdAddRuleInput!

Example

Query

                        mutation AddRule($accountId: ID!) {
                            policy(accountId: $accountId) {
                                remotePortFwd {
                                    addRule(input: {
                                        rule: {
                                            enabled: true,
                                            name: "RPF Rule",
                                            description: "RPF Rule",
                                            forwardIcmp: false,
                                            externalIp: {
                                                by: ID,
                                                input: "26270"
                                            },
                                            externalPortRange: {
                                                from: 8095,
                                                to: 8095
                                            },
                                            internalIp: "1.1.1.1",
                                            internalPortRange: {
                                                from: 8095,
                                                to: 8095
                                            },
                                            remoteIPs: {
                                                ip: [
                                                    "8.8.8.8"
                                                ]
                                            },
                                            restrictionType: ALLOW_LIST
                                        },
                                        at: {
                                            position: LAST_IN_POLICY
                                        }
                                    }) {
                                        status
                                        rule {
                                            rule {
                                                id
                                                name
                                                enabled
                                                description
                                                forwardIcmp
                                                externalIp {
                                                    id
                                                    name
                                                }
                                                externalPortRange {
                                                    from
                                                    to
                                                }
                                                internalIp
                                                internalPortRange {
                                                    from
                                                    to
                                                }
                                                remoteIPs {
                                                    ip
                        
                                                }
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "remotePortFwd": {
        "addRule": {
          "status": "SUCCESS",
          "rule": {
            "rule": {
              "id": "d22ece52-f1cb-46c4-b3d5-367125bebb37",
              "name": "RPF Rule",
              "enabled": true,
              "description": "RPF Rule",
              "forwardIcmp": false,
              "externalIp": {
                "id": "26270",
                "name": "exaltsimu_test_4 - 198.20.1.16"
              },
              "externalPortRange": {"from": 8095, "to": 8095},
              "internalIp": "1.1.1.1",
              "internalPortRange": {"from": 8095, "to": 8095},
              "remoteIPs": {"ip": ["8.8.8.8"]}
            }
          }
        }
      }
    }
  }
}

addSection

Beta
Description

Add a new section to the policy. First section behaves as follows: When the first section is created, all the rules in the policy, including the default system rules, are automatically added to it. The first section containing the default system rules can be modified but not deleted. The first section will always remain first-in-policy, i.e. it cannot be moved, and not other sections can be moved or created before it.

Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyAddSectionInput!

Example

Query

                        mutation AddSection($accountId: ID!) {
                            policy(accountId: $accountId) {
                                remotePortFwd {
                                    addSection(input: {
                                        section: {
                                            name: "New section"
                                        },
                                        at: {
                                            position: LAST_IN_POLICY
                                        }
                                    }) {
                                        section {
                                            section {
                                                id
                                                name
                                            }
                                        }
                                        status
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "remotePortFwd": {
        "addSection": {
          "section": {
            "section": {
              "id": "0e3bbaff-698e-440d-93f2-d207eca8af89",
              "name": "New section"
            }
          },
          "status": "SUCCESS"
        }
      }
    }
  }
}

createPolicyRevision

Beta
Description

Create a new empty policy revision for port forwarding rules.

Arguments
Name Description
input - PolicyCreateRevisionInput!

Example

Query

                        mutation CreatePolicyRevision($accountId: ID!) {
                            policy(accountId: $accountId) {
                                remotePortFwd {
                                    createPolicyRevision(input: {
                                        name: "Test Revision"
                                        description: "Test working with multiple revisions"
                                    }) {
                                        status
                                        policy {
                                            revision {
                                                description
                                                name
                                                id
                                                createdTime
                                                updatedTime
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "remotePortFwd": {
        "createPolicyRevision": {
          "status": "SUCCESS",
          "policy": {
            "revision": {
              "description": "Test working with multiple revisions",
              "name": "Test Revision",
              "id": "b8305755-fe19-4868-9962-dff25687e722",
              "createdTime": "2024-11-19T16:11:21.338",
              "updatedTime": "2024-11-19T16:11:21.338"
            }
          }
        }
      }
    }
  }
}

discardPolicyRevision

Beta
Description

Discard the policy revision. All changes in this revision are discarded and the revision is deleted.

Arguments
Name Description
input - PolicyDiscardRevisionInput

Example

Query

                        mutation DiscardPolicyRevision($accountId: ID!) {
                            policy(accountId: $accountId) {
                                remotePortFwd {
                                    discardPolicyRevision {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "remotePortFwd": {"discardPolicyRevision": {"status": "FAILURE"}}
    }
  }
}

moveRule

Beta
Description

Change the priority/position of an existing port forwarding rule.

Arguments
Name Description
input - PolicyMoveRuleInput!

Example

Query

                        mutation MoveRule($accountId: ID!) {
                            policy(accountId: $accountId) {
                                remotePortFwd {
                                    moveRule(input: {
                                        id: "d22ece52-f1cb-46c4-b3d5-367125bebb37"
                                        to: {
                                            position: FIRST_IN_POLICY
                                        }
                                    }) {
                                        status
                                        rule {
                                            rule {
                                                index
                                                id
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "remotePortFwd": {
        "moveRule": {
          "status": "SUCCESS",
          "rule": {
            "rule": {"index": 1, "id": "d22ece52-f1cb-46c4-b3d5-367125bebb37"}
          }
        }
      }
    }
  }
}

moveSection

Beta
Description

Move a section to a new position within the policy. The section will be anchored in the new position, i.e. other admins will not be able to move it, or reference it when moving other sections, until the modified policy revision is published.

Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyMoveSectionInput!

Example

Query

                        mutation MoveSection($accountId:ID!) {
                            policy(accountId: $accountId) {
                                remotePortFwd {
                                    moveSection(input: {
                                        id: "0e3bbaff-698e-440d-93f2-d207eca8af89"
                                        to: {
                                            position: LAST_IN_POLICY
                                        }
                                    }) {
                                        status
                                        errors {
                                            errorMessage
                                            errorCode
                                        }
                                        section {
                                            properties
                                            section {
                                                id
                                                name
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "remotePortFwd": {
        "moveSection": {
          "status": "SUCCESS",
          "errors": [],
          "section": {
            "properties": ["MOVED"],
            "section": {
              "id": "0e3bbaff-698e-440d-93f2-d207eca8af89",
              "name": "New section"
            }
          }
        }
      }
    }
  }
}

publishPolicyRevision

Beta
Description

Publish the policy revision. Published revision becomes the active policy and its rules are merged with unpublished revisions from other admins.

Arguments
Name Description
input - PolicyPublishRevisionInput

Example

Query

                        mutation PublishPolicy($accountId:ID!) {
                            policy(accountId: $accountId) {
                                remotePortFwd {
                                    publishPolicyRevision(input: {
                                        name: "NA sites"
                                        description : "Allow traffic for North America sites"
                                    }) {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "remotePortFwd": {"publishPolicyRevision": {"status": "SUCCESS"}}
    }
  }
}

removeRule

Beta
Description

Remove an existing port forwarding rule from the policy.

Arguments
Name Description
input - RemotePortFwdRemoveRuleInput!

Example

Query

                        mutation RemoveRule($accountId:ID!) {
                            policy(accountId: $accountId) {
                                remotePortFwd {
                                    removeRule(input: {
                                        id: "d22ece52-f1cb-46c4-b3d5-367125bebb37"
                                    }) {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{"data": {"policy": {"remotePortFwd": {"removeRule": {"status": "SUCCESS"}}}}}

removeSection

Beta
Description

Delete an existing section. The first section in policy cannot be deleted.

Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyRemoveSectionInput!

Example

Query

                        mutation RemoveSection($accountId: ID!) {
                            policy(accountId: $accountId) {
                                remotePortFwd {
                                    removeSection(input: {
                                        id: "0e3bbaff-698e-440d-93f2-d207eca8af89"
                                    }) {
                                        status
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {"remotePortFwd": {"removeSection": {"status": "SUCCESS"}}}
  }
}

updatePolicy

Beta
Description

Change the state of the port forwarding policy (enable/disable). Changes are applied immediately and not as part of policy revision publishing.

Arguments
Name Description
input - RemotePortFwdPolicyUpdateInput!

Example

Query

                        mutation UpdatePolicyState($accountId: ID!) {
                            policy(accountId: $accountId) {
                                remotePortFwd {
                                    updatePolicy(input: {
                                        state: DISABLED
                                    }){
                                        status
                                        policy {
                                            enabled
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "remotePortFwd": {
        "updatePolicy": {"status": "SUCCESS", "policy": {"enabled": false}}
      }
    }
  }
}

updateRule

Beta
Description

Update an existing port forwarding rule configuration.

Arguments
Name Description
input - RemotePortFwdUpdateRuleInput!

Example

Query

                        mutation UpdateRule($accountId: ID!) {
                            policy(accountId: $accountId) {
                                remotePortFwd {
                                    updateRule(input: {
                                        id: "d22ece52-f1cb-46c4-b3d5-367125bebb37"
                                        rule: {
                                            internalIp: "10.0.0.1",
                                        }
                                    }) {
                                        status
                                        rule {
                                            rule {
                                                id
                                                name
                                                enabled
                                                description
                                                internalIp
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId": 12345}
Response
{
  "data": {
    "policy": {
      "remotePortFwd": {
        "updateRule": {
          "status": "SUCCESS",
          "rule": {
            "rule": {
              "id": "d22ece52-f1cb-46c4-b3d5-367125bebb37",
              "name": "RPF Rule",
              "enabled": true,
              "description": "RPF Rule",
              "internalIp": "10.0.0.1"
            }
          }
        }
      }
    }
  }
}

updateSection

Beta
Description

Update policy section attributes

Response

Returns a PolicySectionMutationPayload!

Arguments
Name Description
input - PolicyUpdateSectionInput!

Example

Query

                        mutation UpdateSection($accountId: ID!) {
                            policy(accountId: $accountId) {
                                remotePortFwd {
                                    updateSection(input: {
                                        id: "0e3bbaff-698e-440d-93f2-d207eca8af89"
                                        section: {
                                            name: "Updated section name"
                                        }
                                    }) {
                                        status
                                        section {
                                            section {
                                                id
                                                name
                                            }
                                        }
                                    }
                                }
                            }
                        }
                        
                        
                        
Variables
{"accountId":