• object SuccessfulAddOperation
  The response body for a successful add operation.
• object type

{
    "allOf":[
        {
            "$ref":"#/components/schemas/SuccessfulAddOperation"
        },
        {
            "type":"object",
            "properties":{
                "data":{
                    "description":"The properties of the new CAPE policy.",
                    "type":"array",
                    "items":{
                        "$ref":"#/components/schemas/eventPoliciesRead"
                    }
                },
                "total":{
                    "description":"The total number of results regardless of paging.",
                    "type":"integer",
                    "example":"1"
                }
            }
        }
    ]
}

• message: string
  The response message.

  Example: Added record
• success: boolean
  Whether the operation was a success (true) or a failure (false).

  Example: true

{
    "description":"The response body for a successful add operation.",
    "properties":{
        "success":{
            "description":"Whether the operation was a success (<b>true</b>) or a failure (<b>false</b>).",
            "type":"boolean",
            "example":"true"
        },
        "message":{
            "description":"The response message.",
            "type":"string",
            "example":"Added record"
        }
    },
    "type":"object"
}

• data: array data
  The properties of the new CAPE policy.
• total: integer
  The total number of results regardless of paging.

  Example: 1

{
    "type":"object",
    "properties":{
        "data":{
            "description":"The properties of the new CAPE policy.",
            "type":"array",
            "items":{
                "$ref":"#/components/schemas/eventPoliciesRead"
            }
        },
        "total":{
            "description":"The total number of results regardless of paging.",
            "type":"integer",
            "example":"1"
        }
    }
}

• Array of: object eventPoliciesRead

{
    "description":"The properties of the new CAPE policy.",
    "type":"array",
    "items":{
        "$ref":"#/components/schemas/eventPoliciesRead"
    }
}

• PolicyDescription: string
  CAPE Policy Description

  Example: Analytics has found an event that has never happened before or through heuristics has been found as not noise but important. The goal is to increase the severity of the originating event.
• PolicyID: integer
  Profile ID specified for individual CRUD operations

  Example: 1
• PolicyName: string
  CAPE Policy Name

  Example: AbnormalActivity
• PolicyNodeID: integer
  The ID of the first node called to process this policy's matching events.

  Example: 1
• PolicyNodeName: string
  Name of the first node called.

  Example: EscalateByAnomaly
• PolicyNodeNameDisplay: string
  Name of the first node called.

  Example: EscalateByAnomaly
• PolicyPollTime: integer
  Interval, in seconds, this policy should run (30 seconds recommended minimum)

  Example: 30
• PolicyProcessType: string
  Flag to indicate whether events will be processed by each node in a batch, or individually Allowed Values: - 0 => Process Events Individually - 1 => Process Events Together

  Example: 0
• PolicySelectSQL: string
  SQL used to select which events will be processed by this CAPE Policy's node(s)

  Example: SELECT * FROM Events WHERE Severity > 1 AND EventType LIKE 'AbnormalActivity-%'
• PolicyStatus: string
  Status for the Policy. Status will be Enabled or Disabled.

  Example: Enabled
• PolicyStatusIcon: string
  CAPE Policy Status Icon. The icon will be "OrbRed.png" or "OrbGreen.png"

  Example: OrbGreen.png
• PolicyStatusID: integer
  The policy status ID. Either 0 (disabled) or 1 (enabled).

  Example: 1
• PolicyZoneID: integer
  The device zone ID associated with the policy. 0 is used for "all zones".

  Example: 0
• PolicyZoneName: string
  The device zone name associated with the policy. It will be null if the zone ID is 0.

  Example: oracle.doceng.json.BetterJsonNull@5b977aaa
• PolicyZoneNameDisplay: string
  The device zone name associated with the policy. It will be "[All]" if the zone ID is 0.

  Example: [All]

{
    "type":"object",
    "properties":{
        "PolicyID":{
            "description":"Profile ID specified for individual CRUD operations",
            "type":"integer",
            "example":"1"
        },
        "PolicyStatusIcon":{
            "description":"CAPE Policy Status Icon. The icon will be \"OrbRed.png\" or \"OrbGreen.png\"",
            "type":"string",
            "example":"OrbGreen.png"
        },
        "PolicyStatus":{
            "description":"Status for the Policy. Status will be Enabled or Disabled.",
            "type":"string",
            "example":"Enabled"
        },
        "PolicyName":{
            "description":"CAPE Policy Name",
            "type":"string",
            "example":"AbnormalActivity"
        },
        "PolicyStatusID":{
            "description":"The policy status ID. Either <b>0</b> (disabled) or <b>1</b> (enabled).",
            "type":"integer",
            "example":"1"
        },
        "PolicyDescription":{
            "description":"CAPE Policy Description",
            "type":"string",
            "example":"Analytics has found an event that has never happened before or through heuristics has been found as not noise but important. The goal is to increase the severity of the originating event."
        },
        "PolicySelectSQL":{
            "description":"SQL used to select which events will be processed by this CAPE Policy's node(s)",
            "type":"string",
            "example":"SELECT *\n  FROM Events\n WHERE Severity     > 1\n   AND EventType LIKE 'AbnormalActivity-%'\n"
        },
        "PolicyProcessType":{
            "description":"Flag to indicate whether events will be processed by each node in a batch, or individually\n\nAllowed Values:\n  -  0 => Process Events Individually\n  -  1 => Process Events Together",
            "type":"string",
            "example":"0"
        },
        "PolicyPollTime":{
            "description":"Interval, in seconds, this policy should run (30 seconds recommended minimum)",
            "type":"integer",
            "example":"30"
        },
        "PolicyNodeID":{
            "description":"The ID of the first node called to process this policy's matching events.",
            "type":"integer",
            "example":"1"
        },
        "PolicyNodeName":{
            "description":"Name of the first node called.",
            "type":"string",
            "example":"EscalateByAnomaly"
        },
        "PolicyNodeNameDisplay":{
            "description":"Name of the first node called.",
            "type":"string",
            "example":"EscalateByAnomaly"
        },
        "PolicyZoneID":{
            "description":"The device zone ID associated with the policy. 0 is used for \"all zones\".",
            "type":"integer",
            "example":"0"
        },
        "PolicyZoneName":{
            "description":"The device zone name associated with the policy. It will be null if the zone ID is 0.",
            "type":"string",
            "example":null
        },
        "PolicyZoneNameDisplay":{
            "description":"The device zone name associated with the policy. It will be \"[All]\" if the zone ID is 0.",
            "type":"string",
            "example":"[All]"
        }
    }
}

• errors: array errors
  The list of errors reported. Validation errors will be keyed by record field.
• message: string
  The response message.

  Example: Exception thrown
• success: boolean
  Whether the operation was a success (true) or a failure (false).

  Example: false

{
    "properties":{
        "success":{
            "description":"Whether the operation was a success (<b>true</b>) or a failure (<b>false</b>).",
            "type":"boolean",
            "example":"false"
        },
        "message":{
            "description":"The response message.",
            "type":"string",
            "example":"Exception thrown"
        },
        "errors":{
            "description":"The list of errors reported. Validation errors will be keyed by record field.",
            "type":"array",
            "items":{
                "description":"An error.",
                "type":"object"
            }
        }
    },
    "type":"object"
}

• Array of: object items
  An error.

{
    "description":"The list of errors reported. Validation errors will be keyed by record field.",
    "type":"array",
    "items":{
        "description":"An error.",
        "type":"object"
    }
}