DLP Virtual Appliance for Developer Apps Testing with Postman
search cancel

DLP Virtual Appliance for Developer Apps Testing with Postman

book

Article ID: 248176

calendar_today

Updated On:

Products

Data Loss Prevention API Detection for Developer Apps Virtual Appliance Data Loss Prevention

Issue/Introduction

Your DLP API Detection Appliance is up and running and you wish to test the API appliance with some basic tests. 

Environment

DLP Policies tested:
Keyword test matching: PurpleMonkeyLizard, Secret, Foobar
Creditcard numbers
Social Security numbers


Application to test: Postman (https://www.postman.com/downloads/)

Resolution

We must first register the postman application for testing. 
Registering the application:
1. Log onto the Enforce console as a privileged user.
2. Navigate to Manage -> Application Detection -> Configuration
3. Click 'New Configuration'
4. Name the new application(Postman)
5. Set the 'type' to 'Detection API Appliance'
6. Set the 'Transfer Type' to 'Upload'
7. Save the application.
8. Click on the application and note/copy the ID. We will need this to be in the body of the test data. 

Testing with Postman
1. Download, Install, and Open Postman
2. Click on 'Workspaces' 
3. Click 'Create Workspace'
4. Name the Workspace
5. Set visibility to 'personal' 
6. within the workspace click 'new'
7. Select 'Http Request'
8. Click 'Headers'
9. in the 'KEY' column type 'Content-Type' without quotes
10. in the 'VALUE' column type 'application/json' without quotes
11. click 'Body'
12. Paste the following:

{
 
    "context":[
 
        {"name":"common.dataType","value":["DIM"]},
 
        {"name":"common.application","value":["TO_BE_CHANGED"]},
 
        {"name":"common.filter","value":["TO_BE_CHANGED]},
 
        {"name":"common.transactionId","value":["a32cc030-9776-45ceba55-84f9f5afe009"]},
 
        {"name":"common.user.name","value":["John Smith"]},
 
        {"name":"common.doc.exposed","value":["True"]},
 
        {"name":"common.doc.exposures.public","value":["True"]},
 
        {"name":"common.doc.type","value":["File"]},
 
        {"name":"common.user.docsExposedCount","value":["3"]},
 
        {"name":"common.doc.creatorId","value":["321"]},
 
        {"name":"common.doc.parentFolderId","value":["123"]},
 
        {"name":"common.user.activityType ","value":["create"]},
 
        {"name":"http.browser ","value":["IE"]},
 
        {"name":"common.expectActionsAck","value":["true"]}
 
    ],
 
    "body":{
 
        "contentBlockId":"BodyContent001",
 
        "mimeType":"text/plain",
 
        "data":"UHVycGxlTW9ua2V5TGl6YXJkCkZvb2JhcgpTb21ldGhpbmcgU2VjcmV0CgpTU046IDU0Ni02NS0zNTQ2CkNDTjogVmlzYSA0OTI5LTM4MTMtMzI2Ni00Mjk1CkNDTjogQW1leCA1MzcwLTQ2MzgtODg4MS0zMDIwCg=="
 
    }
 
}

13. Note the 2 instances of 'TO_BE_CHANGED' above.
14. Set common.application to be the name that you named the registered application in step 4 of the 'Registering an Application' section
15. Set comm.filter to the the application ID noted in step 8 of the 'Registering an Application' section.
16. Click 'send'
17. Note the response, and verify an incident is generated in Enforce. 

 

 

Powered by Wolken Software