Create Application Definition (v2.5)
POST/v2.5/api/tenants/:tenant_id/appdefs
Create an application definition.
Request
Path Parameters
The tenant ID.
- application/json
Body
Application definition
Abbreviation of the application name.
Aggregate flows enabled. True / False.
Type of application. Allowed values: custom. System defined applications are not allowed to be edited using appdefs.
Aggregate reachability detection. True / False.
Possible values: [anonymity
, anti-virus
, auth
, backup
, cad
, collaboration
, conference
, crm
, db-mgmt
, email
, enterprise
, file-sharing
, file-system
, file-transfer
, gaming
, intercomm
, logging
, management
, messaging
, net-discovery
, net-mgmt
, net-monitor
, news-server
, notification
, p2p
, printing
, proxy
, recreational
, remote-desk
, remote-mgmt
, replication
, routing
, saas
, secure-browsing
, storage
, streaming
, tunnel
, utility
, voip
, wan-opt
, web-browsing
, wireless-mgmt
, ip-protocol
, multicast
, security
, i23v5
, printer
, default
]
The application category.
Connection Idle Timeout. Application connection timeout should be in between 0-44000.
Description for the application. Max size = 256.
This is the name of the application that is visible on the Controller UI. Application display name is required and cannot be null. Max size = 64.
Applicable for layer 7 applications. List of application domains. Maximum 16 valid domains are allowed and each domain should not exceed 253 characters.
Application ID.
Application ingress traffic percentage should be in between 1-99.
Applicable for L3/L4 applications. These are IP Prefix rules used to identify the application viz protocol, dscp, source & destination prefixes and source & destination prefixes.
Deprecated application definitions.
If true, it enables Network Scan App to designate custom applications as network scan applications.
The order number. Order number should be between 1-65535L.
If true, this enables an update to be added using the appdef_overrides API.
Parent app category.
P Parent Id
Parent app sub-category.
Parent app ID.
Possible values: [none
, weak
, strict
]
This parameter defines the path affinity characteristics to consider during flow decision making. Allowed values: "none" "weak" "strict". If path affinity is none or weak and a better path is available, flows will be moved to a new path. If path affinity is strict, all application flows will continue on the same path.
Application session timeout should be in between 0-44000.
Possible values: [ave
, ave-all
, panos
, all
, panos-ml7
]
Supported engines values.
If true, it indicates the an application override has been added.
A information field that can be added to identify the application. Maximum 10 Unique tags of length 1024 each are allowed.
For TCP applications, this dictionary will include information on client & server prefix filters, server & client ports, DCSP settings.
Application transfer type. Allowed values: transactional, bulk, rt-audio, rt-video.
For UDP applications, this dictionary will include information on UDP port, DCSP settings, UDP Filters and destination prefixes.
If enabled, policy rule defined for the parent application will be used to make routing decisions for this app.
Responses
- 200
- 400
Successful Operation
- application/json
- Schema
- Example (from schema)
Schema
Abbreviation of the application name.
The aggregate flows.
Type of application. Allowed values: custom. System defined applications are not allowed to be edited using appdefs.
Application unreachability detection.
Possible values: [anonymity
, anti-virus
, auth
, backup
, cad
, collaboration
, conference
, crm
, db-mgmt
, email
, enterprise
, file-sharing
, file-system
, file-transfer
, gaming
, intercomm
, logging
, management
, messaging
, net-discovery
, net-mgmt
, net-monitor
, news-server
, notification
, p2p
, printing
, proxy
, recreational
, remote-desk
, remote-mgmt
, replication
, routing
, saas
, secure-browsing
, storage
, streaming
, tunnel
, utility
, voip
, wan-opt
, web-browsing
, wireless-mgmt
, ip-protocol
, multicast
, security
, i23v5
, printer
, default
]
The application category.
Connection Idle Timeout. Application connection timeout should be in between 0-44000.
Description for the application. Max size = 256.
This is the name of the application that is visible on the Controller UI. Application display name is required and cannot be null. Max size = 64.
Applicable for layer 7 applications. List of application domains. Maximum 16 valid domains are allowed and each domain should not exceed 253 characters.
Application ID.
The app def ingress traffic. Application ingress traffic percentage should be in between 1-99.
Applicable for L3/L4 applications. These are IP Prefix rules used to identify the application viz protocol, dscp, source & destination prefixes and source & destination prefixes.
Deprecated application definitions.
If true, it enables Network Scan App to designate custom applications as network scan applications.
The app config order number. Order number should be between 1-65535.
If true, this enables an update to be added using the appdef_overrides API.
Parent app category.
P Parent Id
Parent app sub-category.
Parent app ID.
Possible values: [none
, weak
, strict
]
This parameter defines the path affinity characteristics to consider during flow decision making. Allowed values: "none" "weak" "strict". If path affinity is none or weak and a better path is available, flows will be moved to a new path. If path affinity is strict, all application flows will continue on the same path.
Application session timeout should be in between 0-44000.
Possible values: [ave
, ave-all
, panos
, all
, panos-ml7
]
Supported engines.
If true, it indicates the an application override has been added.
A information field that can be added to identify the application. Maximum 10 Unique tags of length 1024 each are allowed.
For TCP applications, this dictionary will include information on client & server prefix filters, server & client ports, DCSP settings.
Application transfer type. Allowed values: transactional, bulk, rt-audio, rt-video.
For UDP applications, this dictionary will include information on UDP port, DCSP settings, UDP Filters and destination prefixes.
If enabled, policy rule defined for the parent application will be used to make routing decisions for this app.
{
"abbreviation": "string",
"aggregate_flows": true,
"app_type": "string",
"app_unreachability_detection": true,
"category": "anonymity",
"conn_idle_timeout": 0,
"display_name": "string",
"domains": [
"string"
],
"id": "string",
"ingress_traffic_pct": 0,
"ip_rules": [
{}
],
"is_deprecated": true,
"network_scan_application": true,
"order_number": 0,
"overrides_allowed": true,
"p_category": "string",
"p_parent_id": "string",
"p_sub_category": "string",
"parent_id": "string",
"path_affinity": "none",
"session_timeout": 0,
"supported_engines": "ave",
"system_app_overridden": true,
"tags": [
"string"
],
"tcp_rules": [
"string"
],
"transfer_type": "string",
"udp_rules": [
{}
],
"use_parentapp_network_policy": true
}
Bad Request
- application/json
- Schema
- Example (from schema)
- Example
Schema
- Array [
- ]
_error ErrorResponse[]
The error code.
The error message.
{
"_error": [
{
"code": "string",
"message": "string"
}
]
}
{
"value": {
"_error": [
{
"code": "APPDEF_CONFIG_NO_SYSTEM_APPS"
},
{
"code": "APPDEF_CONFIG_UPDATING_READ_ONLY_FIELD"
},
{
"code": "APPDEF_CONFIG_INVALID_TYPE"
},
{
"code": "APPDEF_CONFIG_INVALID_PROTOCOL"
},
{
"code": "APPDEF_CONFIG_INVALID_SESSION_TIMEOUT"
},
{
"code": "APPDEF_CONFIG_INVALID_RULE_CONFIG"
},
{
"code": "APPDEF_CONFIG_INVALID_ORDER_NUMBER"
},
{
"code": "APPDEF_CONFIG_INVALID_ORDER_CONFIG"
},
{
"code": "APPDEF_CONFIG_INVALID_DSCP"
},
{
"code": "APPDEF_CONFIG_INVALID_TIMEOUT"
},
{
"code": "APPDEF_CONFIG_INVALID_INGRESS"
},
{
"code": "APPDEF_CONFIG_INVALID_PATHAFFINITY"
},
{
"code": "APPDEF_CONFIG_INVALID_TRANSFER_TYPE"
},
{
"code": "APPDEF_CONFIG_INVALID_TCP_PORTS"
},
{
"code": "APPDEF_CONFIG_INVALID_APP_UNREACHABILITY_DETECTION"
},
{
"code": "APPDEF_CONFIG_INVALID_NWTWORK_SCAN_APPLICATION"
}
]
}
}