https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20653#M1277 <HTML><HEAD></HEAD><BODY><P>The images you wish to emulate against are specified in the API call.</P></BODY></HTML> Thu, 03 May 2018 13:54:33 GMT PhoneBoy 2018-05-03T13:54:33Z https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20648#M1272 <HTML><HEAD></HEAD><BODY><P>Hello !&nbsp;</P><P>Customer is concerned about API logging, generally they want to see logs from API requests/responses in TE blade log in SmartLog. Is that possible ?&nbsp; If not, what is the way to get similar logging ? (Verdict, filename, malware, etc).</P><P></P><P>Another question is about NGTX profile - how to apply it to API requests ?&nbsp;</P><P></P><P>Thanks in advance !</P></BODY></HTML> Wed, 02 May 2018 10:28:19 GMT https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20648#M1272 Nikolajs_Matjus 2018-05-02T10:28:19Z https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20649#M1273 <HTML><HEAD></HEAD><BODY><P>Are you querying against the API on a local Threat Emulation appliance or ThreatCloud?&nbsp;</P><P>For a local Threat Emulation appliance, this information should log the same way as if a gateway generated the request.</P><P>See also:&nbsp;/var/log/huntress_api_logs&nbsp;</P><P>For ThreatCloud, I'm not sure that's possible.</P><P></P><P>For your second question, I'm not sure I understand, can you clarify?</P></BODY></HTML> Wed, 02 May 2018 21:25:18 GMT https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20649#M1273 PhoneBoy 2018-05-02T21:25:18Z https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20650#M1274 <HTML><HEAD></HEAD><BODY><P>We are quering local TE appliance.</P><P>Regarding second question - how do we define protection profile for API queries ?</P><P>Just like we do for protection scope in Threat Prevention tab, or differently ?&nbsp;</P></BODY></HTML> Thu, 03 May 2018 06:16:36 GMT https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20650#M1274 Nikolajs_Matjus 2018-05-03T06:16:36Z https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20651#M1275 <HTML><HEAD></HEAD><BODY><P>Profiles do not apply to API calls.</P><P>It is up to the application calling the API to determine what to do with the result of the API call.</P></BODY></HTML> Thu, 03 May 2018 06:24:11 GMT https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20651#M1275 PhoneBoy 2018-05-03T06:24:11Z https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20652#M1276 <HTML><HEAD></HEAD><BODY><P>Thank you for quick reply!</P><P>But then how do we define emulation environment for API calls ?</P></BODY></HTML> Thu, 03 May 2018 06:59:31 GMT https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20652#M1276 Nikolajs_Matjus 2018-05-03T06:59:31Z https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20653#M1277 <HTML><HEAD></HEAD><BODY><P>The images you wish to emulate against are specified in the API call.</P></BODY></HTML> Thu, 03 May 2018 13:54:33 GMT https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20653#M1277 PhoneBoy 2018-05-03T13:54:33Z https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20654#M1278 <HTML><HEAD></HEAD><BODY><P style="color: #333333; background-color: #ffffff; border: 0px;">We are quering local TE appliance.</P><P style="color: #333333; background-color: #ffffff; border: 0px;">Regarding second question - how do we define protection profile for&nbsp;<A href="http://freedomappapk.com/">API</A> queries ?</P><P style="color: #333333; background-color: #ffffff; border: 0px;">Just like we do for protection scope in Threat Prevention tab, or differently ?&nbsp; Thanks for This MAmazing Forum.</P></BODY></HTML> Fri, 18 May 2018 13:13:59 GMT https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20654#M1278 freedom_apps 2018-05-18T13:13:59Z https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20655#M1279 <HTML><HEAD></HEAD><BODY><P>Threat Prevention profiles don't make sense when you're calling the API directly, which gives you the raw verdict on a given file.</P><P>The actual enforcement decision/logic lies elsewhere in this case.</P></BODY></HTML> Fri, 18 May 2018 17:25:28 GMT https://community.checkpoint.com/t5/API-CLI-Discussion/API-logging-and-profiles/m-p/20655#M1279 PhoneBoy 2018-05-18T17:25:28Z