Support Center > Search Results > SecureKnowledge Details
Create and Manage Exclusions using the CloudGuard Dome9 REST API
Solution

This article illustrates how to use the Exclusion resource in the Dome9 REST API to create and manage exclusions.

Exclusions hide assessment findings, both from being displayed in the Dome9 console UI (in the Finding Alerts page), and from being returned using the Finding resource in the Dome9 API.

You can exclude a specific finding (combination of ruleset, account, and rule), or a set of findings (a specific rule on all accounts, or entities).

Pre-requisites

 

Create a new exclusion

First, use the Finding POST method to retrieve a list of findings for the account.

 

This returns the first page of a list of all findings.

Next, use the Exclusion POST method to exclude a specific finding, for a specific account and instance.

Finally, use the GET method again to retrieve the list of findings, to verify the new finding is not included in the returned list.

Request

POST https://api.dome9.com/v2/Exclusion

{
  "ruleLogicHash": "string",
  "logic": "string",
  "bundleId": 0,
  "cloudAccountId": "00000000-0000-0000-0000-000000000000",
  "cloudAccountType": "Aws",
  "comment": "string"
}

Response

Finding before exclusion

Finding after exclusion

See also

Exclusions

Alert Findings (Documentation)

Finding (API)

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment