Security

Hi community,

 

I need to pull a list of all end-points (including details like device type, hostname, ip, etc.) from ClearPass through its API. The process that works is:

First, pull a high-level list of all available MAC addresses: /api/endpoint

Then iterate that list and run two API calls per MAC:

 - /insight/endpoint/mac/001aef1a188b

 - /async_netd/deviceprofiler/endpoints/001aef1a188b

 

I need to run the call to async_netd in order to get the hostname per device as the /insight/endpoint/mac API wouldn't return that info.

 

My question is: is there a more efficient way to pull all those end-point details?

The reason this is not very efficient: let's assume you have an environment with 10.000 end-points. I will need to run 1 + 10.000 + 10.000 API calls to get all details from all end-points. That takes more than 20 minutes to process and puts the ClearPass server under quite some load for quite a long time.

Any ideas on improving this?

Thanks

Kurt

What is the goal of pulling all of the endpoints?

Synchronizing them with a CMDB

I have to perform the same action. Do you have a more efficient solution?

No, I did not find a more efficient solution :(

curl -u '***':'***' https://ldn1nacv.ebrd.com/insight/endpoint/mac/4cbc4882460e

 

 

is that format is correct to pull endpoint  

can you help me out because format gives me error

Let me try to help, but to make it easier, post the exact line that you use
plus the exact output that you get. (you can write username/password
instead of the actual values but keep the quotation marks or apostrophes or
whatever you use).
______________________________



*Or Pinchasof** | *Security Researcher

*orp@medigate.io* | *+972-52-363-8420* | *www.medigate.io
*
Yigal Alon 94 st., Tel-Aviv, Israel