Security

Reply
Frequent Contributor II

ClearPass API - Get Endpoint lists and filter based on endpoint attributes

Hello community,

I'm playing around with ClearPass API Explorer, and what I'm trying to do is to get a list of endpoints in my endpoint repository, and filter the result using endpoint attributes. The sample data for an endpoint looks like this:

 

"_embedded": {
    "items": [
      {
        "id": 3004,
        "mac_address": "f822934bb108",
        "status": "Known",
        "attributes": {
          "Owner": "user1@example.com",
          "social_vip": "",
          "Device IMEI": "01 374800 460669 4",
          "Device Name": "iOS",
          "Device Type": "iOS",
          "Device UDID": "50e082617c1c07c25dd12706b79be6a",
          "Product Name": "iPhone6,1",
          "social_roles": "[]",
          "social_groups": "[]",
          "social_userType": "Member",
          "social_username": "user1@example.com",
          "social_timestamp": "1512108128",
          "social_objectType": "User"
}
]
}

I can filter the result based on an endpoint's MAC address by specifying this syntax in the filter box:

 

{"mac_address": "<mac address>"}

But when I tried to filter based on associated attributes of an endpoint using this syntax:

 

{"attributes": {"social_username": "user1@example.com"}}

it failed, and the API Explorer responded with code 422 which said invalid filter expression. So I know my filter syntax for endpoint attributes was not correct, but how should I configure it then?

 

Thank you,

Guru Elite

Re: ClearPass API - Get Endpoint lists and filter based on endpoint attributes

You cannot filter on attributes today.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Frequent Contributor II

Re: ClearPass API - Get Endpoint lists and filter based on endpoint attributes

Thanks Tim for your quick reply. I'll try a different solution then.

New Contributor

Re: ClearPass API - Get Endpoint lists and filter based on endpoint attributes

I understand that filtering on specific attributes is not supported, but is it possible to filter if an Endpoint holds any attributes at all?

 

I tried several filter expressions, amongst them : 

{"attributes":{"$exists":true}}

without success.

New Contributor

Re: ClearPass API - Get Endpoint lists and filter based on endpoint attributes

For me, fetching half a million endpoint records and filtering afterwards is not an option. Filtering on attributes is a really basic and important feature. I hope this implementaiton will find it's way into a future version of the API.

 

Also, @Zaffiro what alternate solution did you come up with?

Frequent Contributor II

Re: ClearPass API - Get Endpoint lists and filter based on endpoint attributes

Hi Mart,

 

Previously I had a requirement  to get a list of endpoints belong to a certain user. My first thought was to filter based on the social_username attribute associated with an endpoint. But as you can see it failed. So my alternate solution back then was to get all the user certificates based on subject_common_name attribute, and extract the mac addresses embedded inside those certs.

 

But I believe starting from version 6.7.0, ClearPass API has support for endpoint attributes filtering. I tried {"social_username": "user1@example.com"} and it worked (notice there's no "attributes" keyword in the filter syntax). I think you should try again and see if it works for your case.

 

Regards,

Re: ClearPass API - Get Endpoint lists and filter based on endpoint attributes


@cappalli wrote:
You cannot filter on attributes today.

When is that support ecpected?


Bruce Osborne - Wireless Engineer
ACCP, ACMP

All opinions written here are my own and do not necessarily reflect the views and opinions of my employer or Aruba Networks

Guru Elite

Re: ClearPass API - Get Endpoint lists and filter based on endpoint attributes

This was added in CPPM 6.7.2


| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: