web_dlp#

The following methods allow for interaction with the ZIA User Management API endpoints.

Methods are accessible via zia.web_dlp

class WebDLPAPI#

Bases: object

add_rule(name, action, **kwargs)#

Adds a new DLP policy rule.

Parameters:

  • name (str) – The name of the filter rule. 31 char limit.

  • action (str) – The action for the filter rule.

Keyword Arguments:

  • order (str) – The order of the rule, defaults to adding rule to bottom of list.

  • rank (str) – The admin rank of the rule.

  • state (str) – The rule state. Accepted values are ‘ENABLED’ or ‘DISABLED’.

  • auditor (list of int) – IDs for the auditors this rule applies to.

  • cloud_applications (list) – IDs for cloud applications this rule applies to.

  • description (str) – Additional information about the rule

  • departments (list of int) – IDs for departments this rule applies to.

  • dlp_engines (list of int) – IDs for DLP engines this rule applies to.

  • excluded_groups (list of int) – IDs for excluded groups.

  • excluded_departments (list of int) – IDs for excluded departments.

  • excluded_users (list of int) – IDs for excluded users.

  • file_types (list) – List of file types the DLP policy rule applies to.

  • groups (list of int) – IDs for groups this rule applies to.

  • icap_server (list of int) – IDs for the icap server this rule applies to.

  • labels (list of int) – IDs for labels this rule applies to.

  • locations (list of int) – IDs for locations this rule applies to.

  • location_groups (list of int) – IDs for location groups this rule applies to.

  • notification_template (list of int) – IDs for the notification template.

  • time_windows (list of int) – IDs for time windows this rule applies to.

  • users (list of int) – IDs for users this rule applies to.

  • url_categories (list) – IDs for URL categories the rule applies to.

  • external_auditor_email (str) – Email of an external auditor for DLP notifications.

  • dlp_download_scan_enabled (bool) – True enables DLP scan for file downloads.

  • min_size (str) – Minimum file size (in KB) for DLP policy rule evaluation.

  • match_only (bool) – If true, matches file size for DLP policy rule evaluation.

  • ocr_enabled (bool) – True allows OCR scanning of image files.

  • without_content_inspection (bool) – True indicates a DLP rule without content inspection.

  • zcc_notifications_enabled (bool) – True enables Zscaler Client Connector notification.

Returns:

The new dlp web rule resource record.

Return type:

Box

Examples

Add a rule to allow all traffic to Google DNS (admin ranking is enabled):

>>> zia.web_dlp.add_rule(rank='7',
...    file_types=['BITMAP', 'JPEG', 'PNG'],
...    name='ALLOW_ANY_TO_GOOG-DNS',
...    action='ALLOW',
...    description='TT#1965432122')

Add a rule to block all traffic to Quad9 DNS for Finance Group:

>>> zia.web_dlp.add_rule(rank='7',
...    file_types=['BITMAP', 'JPEG', 'PNG'],
...    name='BLOCK_GROUP-FIN_TO_Q9-DNS',
...    action='BLOCK_ICMP',
...    groups=['95016183'],
...    description='TT#1965432122')
delete_rule(rule_id)#

Deletes a DLP policy rule. This endpoint is not applicable to SaaS Security API DLP policy rules.

Parameters:

rule_id (str) – Unique id of the Web DLP Policy Rule that will be deleted.

Returns:

Response message from the ZIA API endpoint.

Return type:

Box

Examples

Delete a rule with an id of 9999.

>>> results = zia.web_dlp.delete_rule(rule_id=9999)
... print(results)
get_rule(rule_id)#

Returns a DLP policy rule, excluding SaaS Security API DLP policy rules.

Parameters:

rule_id (str) – The unique id for the Web DLP rule.

Returns:

The Web DLP Rule resource record.

Return type:

Box

Examples

Get information on a Web DLP item by ID

>>> results = zia.web_dlp.get_rule(rule_id='9999')
... print(results)
list_rules()#

Returns a list of DLP policy rules, excluding SaaS Security API DLP policy rules.

Returns:

List of Web DLP items.

Return type:

BoxList

Examples

Get a list of all Web DLP Items

>>> results = zia.web_dlp.list_rules()
... for item in results:
...    print(item)
list_rules_lite()#

Returns the name and ID for all DLP policy rules, excluding SaaS Security API DLP policy rules.

Returns:

List of Web DLP name/ids.

Return type:

BoxList

Examples

Get Web DLP Lite results

>>> results = zia.web_dlp.list_rules_lite()
... for item in results:
...    print(item)
reformat_params = [('auditor', 'auditor'), ('dlp_engines', 'dlpEngines'), ('departments', 'departments'), ('excluded_departments', 'excludedDepartments'), ('excluded_groups', 'excludedGroups'), ('excluded_users', 'excludedUsers'), ('groups', 'groups'), ('labels', 'labels'), ('locations', 'locations'), ('location_groups', 'locationGroups'), ('notification_template', 'notificationTemplate'), ('time_windows', 'timeWindows'), ('users', 'users'), ('url_categories', 'urlCategories')]#
update_rule(rule_id, **kwargs)#

Updates an existing DLP policy rule. Not applicable to SaaS Security API DLP policy rules.

Parameters:

  • rule_id (str) – ID of the rule.

  • **kwargs – Optional keyword args.

Keyword Arguments:

  • order (str) – Rule order, defaults to bottom of list.

  • rank (str) – Admin rank of the rule.

  • state (str) – Rule state (‘ENABLED’ or ‘DISABLED’).

  • auditor (list) – IDs for auditors this rule applies to.

  • cloud_applications (list) – IDs for cloud applications rule applies to.

  • description (str) – Additional information about the rule.

  • departments (list) – IDs for departments rule applies to.

  • dlp_engines (list) – IDs for DLP engines rule applies to.

  • excluded_groups (list) – IDs for excluded groups.

  • excluded_departments (list) – IDs for excluded departments.

  • excluded_users (list) – IDs for excluded users.

  • file_types (list) – List of file types the rule applies to.

  • groups (list) – IDs for groups rule applies to.

  • icap_server (list) – IDs for the ICAP server rule applies to.

  • labels (list) – IDs for labels rule applies to.

  • locations (list) – IDs for locations rule applies to.

  • location_groups (list) – IDs for location groups rule applies to.

  • notification_template (list) – IDs for the notification template.

  • time_windows (list) – IDs for time windows rule applies to.

  • users (list) – IDs for users rule applies to.

  • url_categories (list) – IDs for URL categories rule applies to.

  • external_auditor_email (str) – Email of external auditor for DLP notifications.

  • dlp_download_scan_enabled (bool) – True enables DLP scan for file downloads.

  • min_size (str) – Minimum file size (in KB) for rule evaluation.

  • match_only (bool) – If true, uses min_size for rule evaluation.

  • ocr_enabled (bool) – True allows OCR scanning of image files.

  • without_content_inspection (bool) – True for DLP rule without content inspection.

  • zcc_notifications_enabled (bool) – True enables ZCC notification for block action.

Returns:

The updated web dlp rule resource record.

Return type:

Box

Examples

Update a Web DLP Policy Rule:

>>> zia.web_dlp.get_rule('9999')
... name="updated name."
... description="updated name."

Update a web dlp policy rule to update description:

>>> zia.web_dlp.update_rule('976597', description="TT#1965232866")