Create and Manage Exclusions using the CloudGuard Dome9 REST API
This article illustrates how to use the Exclusion resource in the Dome9 REST API to create and manage exclusions.
Exclusions hide assessment findings, both from being displayed in the Dome9 console UI (in the Finding Alerts page), and from being returned using the Finding resource in the Dome9 API.
You can exclude a specific finding (combination of ruleset, account, and rule), or a set of findings (a specific rule on all accounts, or entities).
Create a new exclusion
First, use the Finding POST method to retrieve a list of findings for the account.
This returns the first page of a list of all findings.
Next, use the Exclusion POST method to exclude a specific finding, for a specific account and instance.
Finally, use the GET method again to retrieve the list of findings, to verify the new finding is not included in the returned list.
Finding before exclusion
Finding after exclusion
Alert Findings (Documentation)