# Hostname Ignore List

If you want to ignore traffic from a specific source hostname, you can use these endpoints.

There are times when you see alerts that are generated from known, expected hostnames (such as scanners). In cases like this, you can add the known hostname to an Ignore List which allows your Flock to filter traffic and only alerts you on unexpected incidents.

TIP

These endpoints will set the Ignore Lists for specified Flocks. For Globally defined Ignore lists, you can take a look at the Console Settings.

POST /api/v1/flock/settings/ignorelist/hostname/disable

POST /api/v1/flock/settings/ignorelist/hostname/enable

POST /api/v1/flock/settings/ignorelist/hostname/ignorelist_hostname

GET /api/v1/flock/settings/ignorelist/hostname/is_enabled

GET /api/v1/flock/settings/ignorelist/hostname/is_global

GET /api/v1/flock/settings/ignorelist/hostname/is_hostname_ignorelisted

GET /api/v1/flock/settings/ignorelist/hostname/sanitized

POST /api/v1/flock/settings/ignorelist/hostname/save

GET /api/v1/flock/settings/ignorelist/hostname/string

POST /api/v1/flock/settings/ignorelist/hostname/use_global

# Add Hostname to Ignore List

POST /api/v1/flock/settings/ignorelist/hostname/ignorelist_hostname

Add a hostname to the ignore list for a Flock.

Required Parameters

auth_token string

A valid auth token

flock_id string

A valid flock_id

hostname string

The source hostname to ignore

Response

A JSON structure with result indicator.

Example

Response

{
  "result": "success"
}

1
2
3

# Check if Hostname Ignoring is Enabled

GET /api/v1/flock/settings/ignorelist/hostname/is_enabled

Check if hostname ignoring is enabled for a Flock.

Required Parameters

auth_token string

A valid auth token

flock_id string

A valid flock_id

Response

A JSON structure with the enabled state.

Example

Response

{
  "is_enabled": true,
  "result": "success"
}

1
2
3
4

# Check if Hostname Ignoring is Global

GET /api/v1/flock/settings/ignorelist/hostname/is_global

Check if hostname ignoring is set to Global for a Flock.

Required Parameters

auth_token string

A valid auth token

flock_id string

A valid flock_id

Response

A JSON structure with the Global state.

Example

Response

{
  "is_global": true,
  "result": "success"
}

1
2
3
4

# Check if Hostname is Ignored

GET /api/v1/flock/settings/ignorelist/hostname/is_hostname_ignorelisted

Check if a hostname is ignored in a Flock's Ignore List.

Required Parameters

auth_token string

A valid auth token

flock_id string

A valid flock_id

hostname string

The source hostname to check

Response

A JSON structure with the ignored state.

Example

Response

{
  "is_ignorelist_enabled": true,
  "is_ignorelisted": true,
  "result": "success"
}

1
2
3
4
5

# Disable Hostname Ignore List

POST /api/v1/flock/settings/ignorelist/hostname/disable

Disable hostname ignoring for a Flock.

Required Parameters

auth_token string

A valid auth token

flock_id string

A valid flock_id

Response

A JSON structure with result indicator.

Example

Response

{
  "result": "success"
}

1
2
3

# Enable Hostname Ignore List

POST /api/v1/flock/settings/ignorelist/hostname/enable

Enable hostname ignoring for a Flock.

Required Parameters

auth_token string

A valid auth token

flock_id string

A valid flock_id

Response

Example

Response

{
  "result": "success"
}

1
2
3

# Fetch Unsanitized Ignore List

GET /api/v1/flock/settings/ignorelist/hostname/string

Fetch the unsanitized ignore list string.

Required Parameters

auth_token string

A valid auth token

flock_id string

A valid flock_id

Response

A JSON structure with the unsanitized list.

Example

Response

{
  "ignorelist": "<hostname>",
  "result": "success"
}

1
2
3
4

# List Ignored Hostnames

GET /api/v1/flock/settings/ignorelist/hostname/sanitized

Fetch a sanitized list of ignored hostnames for a Flock.

Required Parameters

auth_token string

A valid auth token

flock_id string

A valid flock_id

Response

A JSON structure with a list of ignored hostnames for a Flock.

Example

Response

{
  "ignorelist": [
    "<hostname>",
    "<hostname>"
  ],
  "result": "success"
}

1
2
3
4
5
6
7

# Set Ignored Hostnames

POST /api/v1/flock/settings/ignorelist/hostname/save

Set the list of ignored hostnames for a Flock.

Required Parameters

auth_token string

A valid auth token

flock_id string

A valid flock_id

Optional Parameters

ignorelist string

A newline separated list of hostnames to ignore

clear boolean

If true, clears the ignore list

Response

A JSON structure with result indicator.

Example

Response

{
  "result": "success"
}

1
2
3

# Set Ignore List to Global

POST /api/v1/flock/settings/ignorelist/hostname/use_global

Set a Flock's ignore hostname list to use Global.

Required Parameters

auth_token string

A valid auth token

flock_id string

A valid flock_id

Response

A JSON structure with result indicator.

Example

Response

{
  "result": "success"
}

1
2
3

← Default Ignore List Source Port Ignore List →