Create WCF Agent
Copy
curl --request POST \
--url https://app.onefirewall.com/api/v1/agents \
--header 'Content-Type: application/json' \
--data '{
"gaid": "OFA-AGENT-ID-6QMRfdQp3G0Skkkkkkkk",
"ts": 1753828861732,
"score_threshold": 150,
"start_from": 0,
"version": "v4.60.4",
"proxy": "CLOUD",
"sync_time": 1,
"maximum_rules": 99999998,
"api_url": "http://127.0.0.1:8081/api/v1/ipv4",
"api_url_bulk": "http://127.0.0.1:8081/api/v2/ips",
"api_url_feedback": "http://127.0.0.1:8081/api/v1/feedback",
"auth_name": "Authorization",
"api_jwt_key": "<string>",
"ids": {
"iptables": {
"active": true
},
"ebtables": {
"active": true
},
"pflist": {
"active": true
},
"modsec": {
"active": true,
"modsec_logs": "/var/log/apache2/modsec_audit.log"
},
"cloudflare": {
"active": true,
"cloudflare_x_auth_email": "<string>",
"cloudflare_x_auth_key": "<string>"
},
"luna": {
"active": true,
"json": [
"<any>"
]
},
"sshlog": {
"active": true,
"ssh_log_location": "/var/log/auth.log"
}
},
"ips": {
"httpd": {
"active": true,
"command": "cp blacklist_onefirewall.txt httpd/blacklist.txt"
},
"iptables": {
"active": true,
"acl": "/opt/onefirewall/acl/ipset.txt",
"reload_command": "sudo ipset flush blacklist && sudo ipset restore < /opt/onefirewall/acl/ipset.txt"
},
"checkpoint": {
"active": true,
"username": "admin",
"password": "<string>",
"address": "https://10.47.2.48",
"group": "OneFirewall_IPS",
"policy": "standard",
"domain": "Test_domain_Server",
"gateways": "Test_gw"
},
"checkpoint_securexl": {
"active": true,
"connections": "[email protected]",
"password": "admin1",
"command": "bash artifacts/checkpoint/install-securexl.sh",
"vsids": "1,2"
},
"fortigate": {
"active": true,
"connections": "[email protected]",
"password": "admin1",
"command": "bash artifacts/fortigate/install-fortigate-url-feed.sh",
"feeds": "/api/v1/feeds",
"updates": "5"
},
"csp": {
"active": true,
"connections": "[email protected]",
"password": "admin1",
"command": "bash artifacts/csp.sh",
"feeds": "onefirewall.txt",
"updates": "5"
},
"ebtables": {
"active": true
},
"pflist": {
"active": true,
"ofa_ips_txt": "/opt/apps/onefirewall-cloud-client/ofa-ips.txt",
"pflist_reload_command": "sudo pfctl -f /etc/pf.conf;"
},
"modsec": {
"active": true,
"ruleset": "/usr/share/modsecurity-crs/rules/onefirewall_rules.conf",
"modsec_reload_command": "sudo apachectl -k graceful;"
},
"cloudflare": {
"active": true,
"cloudflare_x_auth_email": "<string>",
"cloudflare_x_auth_key": "<string>"
},
"cisco": {
"active": true,
"cisco_host": "<string>",
"cisco_user": "<string>",
"cisco_password": "<string>"
},
"haproxy": {
"active": true,
"haproxy_logs": "/opt/onefirewall/acl/haproxy.txt",
"haproxy_reload_command": "sudo service haproxy reload"
},
"csv": {
"active": true,
"csv_logs": "/opt/onefirewall/feeds.csv",
"csv_reload_command": "wc /opt/onefirewall/feeds.csv"
},
"aws": {
"active": true,
"accessKeyId": "<string>",
"secretAccessKey": "<string>",
"region": "<string>"
},
"sophos": {
"active": true,
"user": "<string>",
"password": "<string>",
"address": "<string>",
"command": "bash artifacts/sophos/update_blacklist_sophos.sh"
},
"trellix": {
"active": true,
"username": "<string>",
"password": "<string>",
"api": "<string>",
"fileslist_file": "<string>",
"broker_ca_bundle": "<string>",
"cert_file": "<string>",
"private_key": "<string>"
},
"infoblox": {
"active": true,
"username": "<string>",
"password": "<string>",
"api": "<string>",
"group": "<string>",
"policy": "<string>",
"action": "<string>",
"view": "<string>",
"domains_file": "<string>",
"domains_file_whitelist": "<string>",
"api_whitelist_url": "<string>"
},
"forcepoint": {
"active": true,
"username": "<string>",
"password": "<string>",
"api": "<string>",
"group": "<string>",
"policy": "<string>",
"action": "<string>",
"parent": "<string>",
"urls_file": "<string>"
}
}
}'Copy
{
"success": true,
"message": "WCF Agent created successfully",
"agent_id": "OFA-AGENT-ID-6QMRfdQp3G0Skkkkkkkk"
}WCF Agent
Create WCF Agent
Creates a new WCF Agent with specified configuration for threat detection and IP blocking across multiple security platforms
POST
/
agents
Create WCF Agent
Copy
curl --request POST \
--url https://app.onefirewall.com/api/v1/agents \
--header 'Content-Type: application/json' \
--data '{
"gaid": "OFA-AGENT-ID-6QMRfdQp3G0Skkkkkkkk",
"ts": 1753828861732,
"score_threshold": 150,
"start_from": 0,
"version": "v4.60.4",
"proxy": "CLOUD",
"sync_time": 1,
"maximum_rules": 99999998,
"api_url": "http://127.0.0.1:8081/api/v1/ipv4",
"api_url_bulk": "http://127.0.0.1:8081/api/v2/ips",
"api_url_feedback": "http://127.0.0.1:8081/api/v1/feedback",
"auth_name": "Authorization",
"api_jwt_key": "<string>",
"ids": {
"iptables": {
"active": true
},
"ebtables": {
"active": true
},
"pflist": {
"active": true
},
"modsec": {
"active": true,
"modsec_logs": "/var/log/apache2/modsec_audit.log"
},
"cloudflare": {
"active": true,
"cloudflare_x_auth_email": "<string>",
"cloudflare_x_auth_key": "<string>"
},
"luna": {
"active": true,
"json": [
"<any>"
]
},
"sshlog": {
"active": true,
"ssh_log_location": "/var/log/auth.log"
}
},
"ips": {
"httpd": {
"active": true,
"command": "cp blacklist_onefirewall.txt httpd/blacklist.txt"
},
"iptables": {
"active": true,
"acl": "/opt/onefirewall/acl/ipset.txt",
"reload_command": "sudo ipset flush blacklist && sudo ipset restore < /opt/onefirewall/acl/ipset.txt"
},
"checkpoint": {
"active": true,
"username": "admin",
"password": "<string>",
"address": "https://10.47.2.48",
"group": "OneFirewall_IPS",
"policy": "standard",
"domain": "Test_domain_Server",
"gateways": "Test_gw"
},
"checkpoint_securexl": {
"active": true,
"connections": "[email protected]",
"password": "admin1",
"command": "bash artifacts/checkpoint/install-securexl.sh",
"vsids": "1,2"
},
"fortigate": {
"active": true,
"connections": "[email protected]",
"password": "admin1",
"command": "bash artifacts/fortigate/install-fortigate-url-feed.sh",
"feeds": "/api/v1/feeds",
"updates": "5"
},
"csp": {
"active": true,
"connections": "[email protected]",
"password": "admin1",
"command": "bash artifacts/csp.sh",
"feeds": "onefirewall.txt",
"updates": "5"
},
"ebtables": {
"active": true
},
"pflist": {
"active": true,
"ofa_ips_txt": "/opt/apps/onefirewall-cloud-client/ofa-ips.txt",
"pflist_reload_command": "sudo pfctl -f /etc/pf.conf;"
},
"modsec": {
"active": true,
"ruleset": "/usr/share/modsecurity-crs/rules/onefirewall_rules.conf",
"modsec_reload_command": "sudo apachectl -k graceful;"
},
"cloudflare": {
"active": true,
"cloudflare_x_auth_email": "<string>",
"cloudflare_x_auth_key": "<string>"
},
"cisco": {
"active": true,
"cisco_host": "<string>",
"cisco_user": "<string>",
"cisco_password": "<string>"
},
"haproxy": {
"active": true,
"haproxy_logs": "/opt/onefirewall/acl/haproxy.txt",
"haproxy_reload_command": "sudo service haproxy reload"
},
"csv": {
"active": true,
"csv_logs": "/opt/onefirewall/feeds.csv",
"csv_reload_command": "wc /opt/onefirewall/feeds.csv"
},
"aws": {
"active": true,
"accessKeyId": "<string>",
"secretAccessKey": "<string>",
"region": "<string>"
},
"sophos": {
"active": true,
"user": "<string>",
"password": "<string>",
"address": "<string>",
"command": "bash artifacts/sophos/update_blacklist_sophos.sh"
},
"trellix": {
"active": true,
"username": "<string>",
"password": "<string>",
"api": "<string>",
"fileslist_file": "<string>",
"broker_ca_bundle": "<string>",
"cert_file": "<string>",
"private_key": "<string>"
},
"infoblox": {
"active": true,
"username": "<string>",
"password": "<string>",
"api": "<string>",
"group": "<string>",
"policy": "<string>",
"action": "<string>",
"view": "<string>",
"domains_file": "<string>",
"domains_file_whitelist": "<string>",
"api_whitelist_url": "<string>"
},
"forcepoint": {
"active": true,
"username": "<string>",
"password": "<string>",
"api": "<string>",
"group": "<string>",
"policy": "<string>",
"action": "<string>",
"parent": "<string>",
"urls_file": "<string>"
}
}
}'Copy
{
"success": true,
"message": "WCF Agent created successfully",
"agent_id": "OFA-AGENT-ID-6QMRfdQp3G0Skkkkkkkk"
}Body
application/json
Response
201
application/json
WCF Agent created successfully
The response is of type object.
Assistant
Responses are generated using AI and may contain mistakes.