Security

Reply
Occasional Contributor II
Posts: 58
Registered: ‎05-22-2016

Clearpass Clear all endpoints via API

Hi guys, I want to delete all endpoints from the endpoint database using the API, i am able to delete 1 by 1 but is there a way to delete them all?

 

below is what i am using but it is only matching the element id which is different for every endpoint

 

 

[root@mx ~]# curl -sk -u apiadmin:eTIPS123 -d '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
> <TipsApiRequest xmlns="http://www.avendasys.com/tipsapiDefs/1.0">
> <TipsHeader version="6.5"/>
> <Filter entity="Endpoint">
> <Criteria fieldName="macAddress" filterString="dcef09e1cecc" match="contains"/>
> </Filter>
> </TipsApiRequest>' https://192.168.50.10/tipsapi/config/deleteConfirm/Endpoint

 

 

 

 

 

 

curl -sk -u apiadmin:eTIPS123 -d '<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<TipsApiRequest xmlns="http://www.avendasys.com/tipsapiDefs/1.0">
<TipsHeader version="6.4"/>
<Delete>
<Element-Id>Endpoint_dcef09e1cecc_eOH</Element-Id>
</Delete>
</TipsApiRequest>' https://192.168.50.10/tipsapi/config/delete/Endpoint

MVP
Posts: 467
Registered: ‎11-04-2011

Re: Clearpass Clear all endpoints via API

Ricardo,

In most cases, it is better to use the automatic cleanup feature in ClearPass. If you go to Administration » Server Manager » Server Configuration, then Cluster-wide parameters, you can set automatic cleanup parameters:

cleanup.png

As you are explicitly asking for cleanup via the API, you will probably need some scripting around this. I would advise you first to move away from the (deprecated) legacy API (/tipsapi/) and use the REST API (/api-docs) instead. For the new API, you will need to generate an access token which can be done through ClearPass Guest: Administration » API Services » API Clients.

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC.
MVP
Posts: 467
Registered: ‎11-04-2011

Re: Clearpass Clear all endpoints via API

Just created a small python script that deletes all endpoints (max 1000 at a time) via the API:

#!/usr/bin/python

import string
import random
import time
import requests
import json

# Chenge this to your Access Token
token='Bearer b4d61285743b8b3a341210ff58e44a1ee8f934a6'

# Change IP here; Get list of endpoints (max 1000, which is the maximum value); Run script multiple times if you have over 1000 endpoints.
resp = requests.get('https://10.1.50.11/api/endpoint?limit=1000',
headers={ 'Authorization':token}, verify=False)
endpoints=resp.json()
print("-----\nDeleting: ", end='')
# Walk through all endpoint items:
for endpoint in endpoints['_embedded']['items']:
print("%s " % (endpoint['id']), end='')
# Change IP here; Delete the endpoint with the given id
resp = requests.delete('https://10.1.50.11/api/endpoint/'+str(endpoint['id']),
headers={ 'Authorization':token}, verify=False)
print(resp)
exit

print()

The token should be changed as does the ClearPass server IP address. To get a token go to ClearPass Guest, Administration » API Services » API Clients; then in the API client that you created: Generate Access Token.

 

You will need to have the Python modules json and request installed, which might be default as I cannot remember installing those manually.

 

As stated in my first response, you probably are better off with the cleanup intervals, this example does remove all endpoint via the API.

--
If you have urgent issues, please contact your Aruba partner or Aruba TAC.
Occasional Contributor II
Posts: 58
Registered: ‎05-22-2016

Re: Clearpass Clear all endpoints via API

Thanks, i will give it a try and let you know if it worked.

New Contributor
Posts: 3
Registered: Monday

Re: Clearpass Clear all endpoints via API

I tried the above and got 404 response, looks like the API /api/client does not exist.

 

I tried other APIs such as /api/guest, /api/guestmanager, /api/device and they work, so the token and authorization header should be correct. My questions is how do I get the list of endpoints and endpoint detail via REST APIs, beside using the /tipapis which I heard going to be deprecated?

Guru Elite
Posts: 8,458
Registered: ‎09-08-2010

Re: Clearpass Clear all endpoints via API

/endpoint

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
New Contributor
Posts: 3
Registered: Monday

Re: Clearpass Clear all endpoints via API

/Endpoint gave me 200 succesfully. However, the response content seems odd - it's far from the list of endpoints that /tipsapi/config/read/Endpoint API gives me. Can you give me an idea why /Endpoint is returning the below?

 

Thanks.

 

<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<title>ClearPass Policy Manager - Aruba Networks</title>
<link rel="SHORTCUT ICON" href="/tips/images/favicon.ico" type="image/x-icon">
<link rel="stylesheet" href="css/app.css" type="text/css"/>
</head>
<body style="background-color: #EAEAEA;">
<div style="width:950px;margin:0 auto; border:1px solid #cccccc;background-color: white;">
<table width=100% height=100% cellpadding=0 cellspacing=0 border=0>
<tr>
<td height=10% align=center>
<img src="images/guestPortalLogo.png" />
</td>
</tr>
<tr>
<td height=10% align=center>
<h3>With ClearPass, you can create and enforce policies that extend across the network to devices and applications.</h3>
</td>
</tr>
<tr>
<td height=30% align=center>
<table border=0 width=50 cellpadding=20>
<tr>
<td>
<div class="nwaCommandLink" style="min-height: 60px; width: 400px;"
onmouseover="this.className='nwaCommandLinkHover'"
onmouseout="this.className='nwaCommandLink'">
<a style="text-decoration: none;"
href="/tips/tipsLogin.action"
target="_blank">
<div class="nwaCommandLinkInner"
style="min-height: 48px; width: 388px;">
<img src="images/icon-clearpass-policy-manager48.png" width="48" height="48"
border="0" alt="ClearPass Policy Manager" style="margin-right: 10px; float: left;">
<div class="nwaImportant">ClearPass Policy Manager</div>
<div class="nwaInfo nwaCommandLinkText" style="margin:0px;padding-top:5px;margin-left:58px;">
Role-based Policies, Enterprise-grade AAA with Device Profiling
<br clear="all">
</div>
</div>
</a>
</div>
</td>
<td>
<div class="nwaCommandLink" style="min-height: 60px; width: 400px;"
onmouseover="this.className='nwaCommandLinkHover'"
onmouseout="this.className='nwaCommandLink'">
<a style="text-decoration: none;"
href="/guest/guest_index.php"
target="_blank">
<div class="nwaCommandLinkInner"
style="min-height: 48px; width: 388px;">
<img src="/guest/images/icon-guestmanager128.png" width="48" height="48"
border="0" alt="ClearPass Guest" style="margin-right: 10px; float: left;">
<div class="nwaImportant">ClearPass Guest</div>
<div class="nwaInfo nwaCommandLinkText" style="margin:0px;padding-top:5px;margin-left:58px;">
Guest Management
<br clear="all">
</div>
</div>
</a>
</div>
</td>
</tr>
<tr>
<td>
<div class="nwaCommandLink" style="min-height: 60px; width: 400px;"
onmouseover="this.className='nwaCommandLinkHover'"
onmouseout="this.className='nwaCommandLink'">
<a style="text-decoration: none;"
href="/guest/mdps_index.php"
target="_blank">
<div class="nwaCommandLinkInner"
style="min-height: 48px; width: 388px;">
<img src="/guest/images/icon-mdps128.png" width="48" height="48"
border="0" alt="ClearPass Onboard" style="margin-right: 10px; float: left;">
<div class="nwaImportant">ClearPass Onboard</div>
<div class="nwaInfo nwaCommandLinkText" style="margin:0px;padding-top:5px;margin-left:58px;">
Mobile Devices Provisioning
<br clear="all">
</div>
</div>
</a>
</div>
</td>
<td>
<div class="nwaCommandLink" style="min-height: 60px; width: 400px;"
onmouseover="this.className='nwaCommandLinkHover'"
onmouseout="this.className='nwaCommandLink'">
<a style="text-decoration: none;"
href="/insight"
target="_blank">
<div class="nwaCommandLinkInner"
style="min-height: 48px; width: 388px;">
<img src="/guest/images/icon-export-html.png" width="48" height="48"
border="0" alt="ClearPass Insight" style="margin-right: 10px; float: left;">
<div class="nwaImportant">ClearPass Insight</div>
<div class="nwaInfo nwaCommandLinkText" style="margin:0px;padding-top:5px;margin-left:58px;">
Advanced Analytics, In-depth Reporting, Compliance & Regulation
<br clear="all">
</div>
</div>
</a>
</div>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td height=35% align=center></td>
</tr>
<tr>
<td height=5% align=left>
&copy; Copyright 2014 Aruba Networks. All rights reserved.
</td>
</tr>
</table>
</div>
</body>
</html>

Guru Elite
Posts: 8,458
Registered: ‎09-08-2010

Re: Clearpass Clear all endpoints via API

Hm, not sure. You're doing a GET against that namespace correct? Are you authenticated? Do you have any application ACLs enabled?

 

curl -X GET \
  https://clearpass/api/endpoint \
  -H 'authorization: <redacted>'

 

{
  "_links": {
    "self": {
      "href": "https://clearpass/api/endpoint?calculate_count=false&offset=0&limit=25&sort=%2Bid&filter=%7B%7D"
    },
    "first": {
      "href": "https://clearpass/api/endpoint?calculate_count=false&offset=0&limit=25&sort=%2Bid&filter=%7B%7D"
    },
    "next": {
      "href": "https://clearpass/api/endpoint?calculate_count=false&offset=25&limit=25&sort=%2Bid&filter=%7B%7D"
    }
  },
  "_embedded": {
    "items": [
      {
        "id": 3001,
        "mac_address": "000c29df283f",
        "status": "Unknown",
        "attributes": {},
        "_links": {
          "self": {
            "href": "https://clearpass/api/endpoint/3001"
          }
        }
      },
      {
        "id": 3002,
        "mac_address": "000c29cb1dff",
        "status": "Unknown",
        "attributes": {},
        "_links": {
          "self": {
            "href": "https://clearpass/api/endpoint/3002"
          }
        }
      },
      {
        "id": 3100,
        "mac_address": "6805ca35d1e1",
        "status": "Unknown",
        "attributes": {},
        "_links": {
          "self": {
            "href": "https://clearpass/api/endpoint/3100"
          }
        }
      },
      {
        "id": 3005,
        "mac_address": "00178814dec0",
        "status": "Unknown",
        "attributes": {},
        "_links": {
          "self": {
            "href": "https://clearpass/api/endpoint/3005"
          }
        }
      },
      {
        "id": 3006,
        "mac_address": "24dec67f6910",
        "status": "Unknown",
        "attributes": {},
        "_links": {
          "self": {
            "href": "https://clearpass/api/endpoint/3006"
          }
        }
      },

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
MVP
Posts: 467
Registered: ‎11-04-2011

Re: Clearpass Clear all endpoints via API

There is a limit on the number of endpoints returned, which can be set with the limit= parameter:

 

https://10.1.50.11/api/endpoint?limit=1000

 It will not go beyond 1000, and it could be that 200 is the default value (untested) which might be the reason you only get 200. The calculate_count=true gives you the actual number of endpoints in the database:

https://cppm.arubalab.com:443/api/endpoint?filter=%7B%7D&sort=%2Bid&offset=0&limit=10&calculate_count=true

Response Body

{
  "count": 328,
  "_links": {
......
Please use the API explorer to create the proper queries to be used in your own curl commands or API scripts.
--
If you have urgent issues, please contact your Aruba partner or Aruba TAC.
Search Airheads
Showing results for 
Search instead for 
Did you mean: