Patch Data Collection Host Config Profile
DescriptionPatch data collection host configuration profile.
Request
URLURL
Request Body
Host configuration profile definition that is used as the request body.
{
"context_data_collection_interval": 0,
"context_process_hashes": [
"string"
],
"context_process_names": [
"string"
],
"context_user_sids": [
"string"
],
"context_user_uids": [
"string"
],
"enable_context_data_collection": false,
"enable_data_collection": false,
"enable_deep_packet_inspection": false,
"enable_external_ip_aggregation": false,
"enable_flow_data_collection": false,
"flow_data_collection_interval": 0,
"max_active_flow_count": 0,
"max_active_flow_count_bm": 0,
"max_inactive_flow_count": 0,
"max_inactive_flow_count_bm": 0
}
Interval in minute of reporting VM guest context data to Intelligence. Recommend to keep this value the same as flow_data_collection_interval.
List of hashes of processes to collect context data. Empty implies all processes.
List of processes to collect context data. Empty implies all processes.
List of windows user sid to collect context data. Empty implies all users.
List of linux user uid to collect context data. Empty implies all users.
Enable data collection of context.
A global switch to control data collection. When set to false, data collection on all the nodes is disabled. When set to true, data collection is enabled based on granular data collection settings.
To enable flow data collection, use property enable_flow_data_collection instead. To enable context data collection, use property enable_context_data_collection instead.
When this property is set to false, no data collection is performed even if enable_flow_data_collection or enable_context_data_collection is set to true.
When this property is set to true, property enable_flow_data_collection and enable_context_data_collection control whether to collect flow data and context data separately.
Enable deep packet inspection.
When this property is set to true, if the source or destination of network traffic uses an IP address that is not included in property private_ip_prefix, it is reported as ANY (255.255.255.255) to Intelligence.
When this property is set to false, the original IP addresses of network traffic are reported to Intelligence, regardless whether they are included in property private_ip_prefix.
Enable data collection of network flows.
Interval in minute of reporting network flow data to Intelligence. Recommend to keep this value the same as context_data_collection_interval.
Maximum active network flow to collect in collection interval.
Maximum active network flow to collect in collection interval for Bare Metal server.
Maximum inactive network flow to collect in collection interval.
Maximum inactive network flow to collect in collection interval for Bare Metal server.
Authentication
enterprise_admin
security_engineer
Response
Response BodyResponse Body
200 OK
Patch operation on host config profile successful.
{
"context_data_collection_interval": 0,
"context_process_hashes": [
"string"
],
"context_process_names": [
"string"
],
"context_user_sids": [
"string"
],
"context_user_uids": [
"string"
],
"enable_context_data_collection": false,
"enable_data_collection": false,
"enable_deep_packet_inspection": false,
"enable_external_ip_aggregation": false,
"enable_flow_data_collection": false,
"flow_data_collection_interval": 0,
"max_active_flow_count": 0,
"max_active_flow_count_bm": 0,
"max_inactive_flow_count": 0,
"max_inactive_flow_count_bm": 0
}
Interval in minute of reporting VM guest context data to Intelligence. Recommend to keep this value the same as flow_data_collection_interval.
List of hashes of processes to collect context data. Empty implies all processes.
List of processes to collect context data. Empty implies all processes.
List of windows user sid to collect context data. Empty implies all users.
List of linux user uid to collect context data. Empty implies all users.
Enable data collection of context.
A global switch to control data collection. When set to false, data collection on all the nodes is disabled. When set to true, data collection is enabled based on granular data collection settings.
To enable flow data collection, use property enable_flow_data_collection instead. To enable context data collection, use property enable_context_data_collection instead.
When this property is set to false, no data collection is performed even if enable_flow_data_collection or enable_context_data_collection is set to true.
When this property is set to true, property enable_flow_data_collection and enable_context_data_collection control whether to collect flow data and context data separately.
Enable deep packet inspection.
When this property is set to true, if the source or destination of network traffic uses an IP address that is not included in property private_ip_prefix, it is reported as ANY (255.255.255.255) to Intelligence.
When this property is set to false, the original IP addresses of network traffic are reported to Intelligence, regardless whether they are included in property private_ip_prefix.
Enable data collection of network flows.
Interval in minute of reporting network flow data to Intelligence. Recommend to keep this value the same as context_data_collection_interval.
Maximum active network flow to collect in collection interval.
Maximum active network flow to collect in collection interval for Bare Metal server.
Maximum inactive network flow to collect in collection interval.
Maximum inactive network flow to collect in collection interval for Bare Metal server.
Errors
Backend error. Please check the data collection pod for more information.
