Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    CLI Reference

    Home FortiCNAPP CLI Reference

    lacework policy

    lacework policy

    Manage policies

    Synopsis

    Manage policies in your Lacework account.

    Policies add annotated metadata to queries for improving the context of alerts, reports, and information displayed in the Lacework Console.

    Policies also facilitate the scheduled execution of Lacework queries.

    Queries let you interactively request information from specified curated datasources. Queries have a defined structure for authoring detections.

    Lacework ships a set of default LQL policies that are available in your account.

    Limitations:

    • The maximum number of records that each policy will return is 1000

    • The maximum number of API calls is 120 per hour for on-demand LQL query executions

    To view all the policies in your Lacework account.

    lacework policy ls

    To view more details about a single policy.

    lacework policy show <policy_id>

    To view the LQL query associated with the policy, use the query ID.

    lacework query show <query_id>

    Note: LQL syntax may change.

    Options

      -h, --help   help for policy

    Options inherited from parent commands

      -a, --account string      account subdomain of URL (i.e. <ACCOUNT>.lacework.net)
  -k, --api_key string      access key id
  -s, --api_secret string   secret access key
      --api_token string    access token (replaces the use of api_key and api_secret)
      --debug               turn on debug logging
      --json                switch commands output from human-readable to json format
      --nocache             turn off caching
      --nocolor             turn off colors
      --noninteractive      turn off interactive mode (disable spinners, prompts, etc.)
      --organization        access organization level data sets (org admins only)
  -p, --profile string      switch between profiles configured at ~/.lacework.toml
      --subaccount string   sub-account name inside your organization (org admins only)

    See also

    Previous
    Next

    lacework policy

    lacework policy

    Manage policies

    Synopsis

    Manage policies in your Lacework account.

    Policies add annotated metadata to queries for improving the context of alerts, reports, and information displayed in the Lacework Console.

    Policies also facilitate the scheduled execution of Lacework queries.

    Queries let you interactively request information from specified curated datasources. Queries have a defined structure for authoring detections.

    Lacework ships a set of default LQL policies that are available in your account.

    Limitations:

    • The maximum number of records that each policy will return is 1000

    • The maximum number of API calls is 120 per hour for on-demand LQL query executions

    To view all the policies in your Lacework account.

    lacework policy ls

    To view more details about a single policy.

    lacework policy show <policy_id>

    To view the LQL query associated with the policy, use the query ID.

    lacework query show <query_id>

    Note: LQL syntax may change.

    Options

      -h, --help   help for policy

    Options inherited from parent commands

      -a, --account string      account subdomain of URL (i.e. <ACCOUNT>.lacework.net)
  -k, --api_key string      access key id
  -s, --api_secret string   secret access key
      --api_token string    access token (replaces the use of api_key and api_secret)
      --debug               turn on debug logging
      --json                switch commands output from human-readable to json format
      --nocache             turn off caching
      --nocolor             turn off colors
      --noninteractive      turn off interactive mode (disable spinners, prompts, etc.)
      --organization        access organization level data sets (org admins only)
  -p, --profile string      switch between profiles configured at ~/.lacework.toml
      --subaccount string   sub-account name inside your organization (org admins only)

    See also

    Previous
    Next