Diagnostics profiles (API)
Diagnostics parameters
Use these parameters in the JSON data structure when you apply the Diagnostics policy (POLICY_CODE_DIAGNOSTICS) to the app with app-market/policy.
| Parameter | Description |
|---|---|
| diagnosticsLogClasses | A list of JSON objects with name of log to set/enable and severity keys. |
| restrictInfoScreen | 0: Default. Secured apps include an Information menu. 1: Block the Information menu from apps secured with this profile. |
This table lists the strings used in the JSON code:
| Logging class | String |
|---|---|
Atlas Client PERP (Policy/Enrollment/Reporting) | acp |
Client | client |
Connect | connect |
Data Security Framework (Cryptographic Operations) | dsf |
| Data-At-Rest | dar |
Map.Next Generic (default) | default |
Policy | policy |
Tunnel Driver | vsDriver |
Tunnel Internal | vsInternal |
Tunnel IP Stack | vsIp |
Tunnel Packet | packet |
Tunnel Socket | socket |
Tunnel TCP Stack | vsTcp |
Tunnel UDP Stack | vsUdp |
Virtual Tunnel Control | vnet |
This table lists the external log classes by index. These classes appear in the same diagnosticsLogClasses structure as the above.
| Logging class | Index |
|---|---|
| Crypto | 4 |
| FileIO | 3 |
| Foundation | 2 |
| Http | 6 |
| Injectable | 0 |
| KeyStore | 1 |
Severity levels:
| Severity level | String | |
|---|---|---|
| 0 | Debug | debug |
| 1 | Informational | info |
| 2 | Warning | warn |
| 3 | Minor error | minor |
| 4 | Major error | major |
| 5 | Critical error | crit |
Diagnostics API resources
To manage Diagnostics profiles:
- profile: Use type="diagnostics" to create a Diagnostics profile. See example below.
- profile/catalog/{policytype}: Use "diagnostics" for "{policytype}". GET returns an array of details for all policy profiles of the specified type.
- profile/{GUID}: Use the profile ID to specify a policy profile. GET returns details for the specified profile, PUT updates the details in the specified profile, and DELETE archives the profile.
- settings/diagnostics-default-profile (settings/{policytype}-default-profile): POST sets one of the Diagnostics profiles as the default. GET returns the GUID of the current default profile. DELETE archives the current default.
To retrieve details for the policy:
- app-policy/{GUID}: Use the policy ID to specify a policy. GET returns details for the specified policy.
- app-policy/code/{code}: Use POLICY_CODE_DIAGNOSTICS to specify the policy. GET returns details for the specified policy.
To secure apps with Diagnostics policy:
- app-market/policy: Use the policy GUID to apply the policy to an app.
Creating a Diagnostics profile
This example creates a Diagnostics profile with the profile API.
Request
curl -k -v -L -b c.txt -c c.txt -X POST https://bc.qwe.com:443/mocana-app-control/rest/profile \
-F name="TestProfile" \
-F type="diagnostics" \
-F desc="Default Profile" \
-F data="{\"diagnosticsLogClasses\":[{\"name\":\"connect\",\"severity\":\"crit\"},
{\"name\":\"dsf\",\"severity\":\"crit\"},{\"name\":\"acp\",\"severity\":\"crit\"},
{\"name\":\"socket\",\"severity\":\"major\"},{\"name\":\"policy\",\"severity\":\"info\"},
{\"name\":\"vsIp\",\"severity\":\"minor\"},{\"name\":\"vsUdp\",\"severity\":\"crit\"},
{\"name\":\"vsDriver\",\"severity\":\"warn\"},{\"name\":\"1\",\"severity\":\"debug\",\"index\":1},
{\"name\":\"3\",\"severity\":\"crit\",\"index\":3},{\"name\":\"6\",\"severity\":\"crit\",\"index\":6}],
\"restrictInfoScreen\":\"1\"}"