I've successfully been able to update a reusable sender pattern by scripting it with powershell and the very pwoerful Invoke-WebRequest cmdlet.
This code was just a proof-of-concept. Now that I know updates can be scripted.. I'm going to clean up the static variables and loop some of the logic based on lists. At the end of the day, i want to automate some of the more remedial parts of DLP such as metrics gathering or simple poicy updates.
#login and save session
$credential = Get-Credential
$uaString = "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko"
[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
$webRequest = Invoke-WebRequest -Uri 'https://dlp.com/ProtectManager/enforce/navigate?menuID=default' -SessionVariable webSession -UserAgent $uaString
$logonForm = $webRequest.Forms | Where-Object {$_.Id -eq 'logonForm'}
$logonForm.Fields.username = $credential.UserName
$logonForm.Fields.j_username = $credential.UserName + ':DLP.com'
$logonForm.Fields.password = $credential.GetNetworkCredential().Password
$logonForm.Fields.j_password = $credential.GetNetworkCredential().Password
$logonForm.Fields.domain = 'DLP.com'
$webRequest = Invoke-WebRequest -Uri 'https://dlp.com/ProtectManager/j_security_check' -Method $logonForm.Method -Body $logonForm.Fields -WebSession $webSession -UserAgent $uaString
if ($webRequest.Links | Where-Object {$_ -like '*logout*'}) {
Write-Host "Login verified!"
} else {
Write-Host 'Login unsuccessful!' -ForegroundColor Red -BackgroundColor DarkBlue
exit
}
$csrf = ($webRequest.ParsedHTML.getElementsByName('csrf-protection-token') | Select-Object *).Content
#update TLS Policy
$domains = Get-Content .\tls-domains.csv -Raw
$ListSenderPatterns = Invoke-WebRequest -WebSession $webSession -Uri 'https://dlp.com/ProtectManager/enforce/admin/senderrecipientpatterns/list'
$v1 = ($ListSenderPatterns.Links | where-object {$_.'data-edit-url' -like '*5043*'}).'data-edit-url'
$version = $v1.Replace('amp;','')
$edit_policy = 'https://dlp.com/ProtectManager/enforce/admin/senderrecipientpatterns/'+$version
$GoToPattern = Invoke-WebRequest -WebSession $webSession -Uri $edit_policy
$UpdatePattern = $GoToPattern.Forms | Where-Object {$_.Id -eq 'editReusableRecipientPatternForm'}
$UpdatePattern.Fields.name = $UpdatePattern.Fields.'recipient-name-edit'
#$UpdatePattern.Fields.description = ''
$UpdatePattern.Fields.userPatterns = $domains
#$UpdatePattern.Fields.ipAddresses = ''
#$UpdatePattern.Fields.urlDomains = ''
$UpdatePattern.Fields.csrfProtectionToken = $csrf
$UpdatePattern.Fields.'value(csrfProtectionToken)' = $csrf
$ApplyPattern = Invoke-WebRequest -WebSession $webSession -Uri 'https://dlp.com/ProtectManager/enforce/admin/senderrecipientpatterns/recipient_patterns/update' -Method $UpdatePattern.Method -Body $UpdatePattern.Fields
Write-Host "Updated TLS List"