Security

Reply
Frequent Contributor I
Posts: 62
Registered: ‎12-02-2014

Create Entry in Endpoint Database with REST API

My goal is to create profiled Endpoints for static IP devices that are not able to be profiled via, DHCP, SNMP, Device Sensor, etc...  I would like to be able to create them manually and set their device category, os family, name, etc...

 

Is there a way to create and endpoint entry in the Database with a REST API call?   If so, can you provide some example calls with needed XML request.

 

Any docs available on doing this?

 

Thanks,  -- Mark Thiel

Guru Elite
Posts: 8,781
Registered: ‎09-08-2010

Re: Create Entry in Endpoint Database with REST API

Take a look at this tech note: 

https://support.arubanetworks.com/Documentation/tabid/77/DMXModule/512/Command/Core_Download/Default.aspx?EntryId=14976

Thanks, 
Tim

Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 62
Registered: ‎12-02-2014

Re: Create Entry in Endpoint Database with REST API

[ Edited ]

Tim,  I have seen that document and used it to create python scripts for querying the endpoint database.  The document doesn't show how to create an entry, or retrieve data from existing ednpoints.  I want to create an endpoint.

 

The document seems to be more focused on Guest accounts instead or endpoints.

Frequent Contributor I
Posts: 62
Registered: ‎12-02-2014

Re: Create Entry in Endpoint Database with REST API

I read a profiling doc by Danny Jump and found a REST call to profile an endpoint with a call similar to the following:

 

curl -k -X POST https://10.238.32.32/async_netd/deviceprofiler/endpoints -u apiadmin:xxxxxxx -H "Content-Type:application/json"-k-d' {"mac": "00005e000101": {"category": "Printer", "family": "Xerox", "name": "Xerox WorkCenter"}}'

 

The POST returns a 200OK, but the endpoint category, family and name are unchanged.

 

Any ideas?

Guru Elite
Posts: 8,781
Registered: ‎09-08-2010

Re: Create Entry in Endpoint Database with REST API

Sorry didn't realize you were trying to change the profile information. This is not currently possible via the API. You could however create a custom attribute for use with these manually added devices.


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 62
Registered: ‎12-02-2014

Re: Create Entry in Endpoint Database with REST API

Tim,

 

According to Danny Jumps profiling tech note, it is possible unless I am not understanding what he has written on the last page of the document.

 

From Danny's doc......:

 

Manual Profile API: This API allows an admin to manually profile a given endpoint to specific device category, device family and device name. By manually profile, we mean ASSIGN the required classification to the device. This can be anything you want. Below I assign a family of ‘Future-iPhone’ under the SmartDevice category, then I call the Phone an iPhone20 to demonstrate the power of the API’s

 

Method: POST
URL: /async_netd/deviceprofiler/endpoints
Value :
{"mac" : " ",
"device" : {
"category": " ",
"family": " ",
"name": ""
}
}


Example:
CMD:
danny-jump:~ djump$ curl -X POST
https://10.2.100.161/async_netd/deviceprofiler/endpoints -u apiadmin:arubans123 -H
"Content-Type: application/json" -k -d '{"mac": "00000
0000013", "device": {"category": "SmartDevice", "family": "Future-iPhone", "name":
"iPhone20"}}'
<html>
<head>
<title>200 OK</title>
</head>
<body>
<h1>200 OK</h1>
<br /><br />
</body>
</html>

 

Guru Elite
Posts: 8,781
Registered: ‎09-08-2010

Re: Create Entry in Endpoint Database with REST API

I stand corrected! Thanks for the reference!

 

When you do the API call, do you see anything in audit viewer reflecting the endpoint change?


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Frequent Contributor I
Posts: 62
Registered: ‎12-02-2014

Re: Create Entry in Endpoint Database with REST API

Nothing showing up in Event viewer.  Makes me wonder if the API call syntax is correct?  That is what I need help with.  I may open a TAC case tomorrow to ask for assistance on this.  

I want to do 2 things:

1.  Create a endpoint entry (new mac address)

2.  Assign Profile attribute values (category, family, name)

 

Frequent Contributor I
Posts: 62
Registered: ‎12-02-2014

Re: Create Entry in Endpoint Database with REST API

[ Edited ]

Here is the proper syntax to create/modify an endpoint's category, os family and name.

 

curl -X POST http://<ip address>/async_netd/deviceprofiler/endpoints -u apiadmin:<password> -H "Content-Type: application/json" -d '{"mac": "00105e0001af", "device": {"category": "Printer", "family": "Xerox", "name": "Xerox WorkCenter"}}'

 

You can set the values to anything needed.

Search Airheads
Showing results for 
Search instead for 
Did you mean: