Security

Reply
Frequent Contributor II

ClearPass API - Get Endpoint lists and filter based on endpoint attributes

Hello community,

I'm playing around with ClearPass API Explorer, and what I'm trying to do is to get a list of endpoints in my endpoint repository, and filter the result using endpoint attributes. The sample data for an endpoint looks like this:

 

"_embedded": {
    "items": [
      {
        "id": 3004,
        "mac_address": "f822934bb108",
        "status": "Known",
        "attributes": {
          "Owner": "user1@example.com",
          "social_vip": "",
          "Device IMEI": "01 374800 460669 4",
          "Device Name": "iOS",
          "Device Type": "iOS",
          "Device UDID": "50e082617c1c07c25dd12706b79be6a",
          "Product Name": "iPhone6,1",
          "social_roles": "[]",
          "social_groups": "[]",
          "social_userType": "Member",
          "social_username": "user1@example.com",
          "social_timestamp": "1512108128",
          "social_objectType": "User"
}
]
}

I can filter the result based on an endpoint's MAC address by specifying this syntax in the filter box:

 

{"mac_address": "<mac address>"}

But when I tried to filter based on associated attributes of an endpoint using this syntax:

 

{"attributes": {"social_username": "user1@example.com"}}

it failed, and the API Explorer responded with code 422 which said invalid filter expression. So I know my filter syntax for endpoint attributes was not correct, but how should I configure it then?

 

Thank you,

Guru Elite

Re: ClearPass API - Get Endpoint lists and filter based on endpoint attributes

You cannot filter on attributes today.

| Tim Cappalli | Aruba Security | @timcappalli | timcappalli.me |

NOTE: Answers and views expressed by me on this forum are my own and not necessarily the position of Aruba or Hewlett Packard Enterprise.
Frequent Contributor II

Re: ClearPass API - Get Endpoint lists and filter based on endpoint attributes

Thanks Tim for your quick reply. I'll try a different solution then.

New Contributor

Re: ClearPass API - Get Endpoint lists and filter based on endpoint attributes

I understand that filtering on specific attributes is not supported, but is it possible to filter if an Endpoint holds any attributes at all?

 

I tried several filter expressions, amongst them : 

{"attributes":{"$exists":true}}

without success.

New Contributor

Re: ClearPass API - Get Endpoint lists and filter based on endpoint attributes

For me, fetching half a million endpoint records and filtering afterwards is not an option. Filtering on attributes is a really basic and important feature. I hope this implementaiton will find it's way into a future version of the API.

 

Also, @Zaffiro what alternate solution did you come up with?

Frequent Contributor II

Re: ClearPass API - Get Endpoint lists and filter based on endpoint attributes

Hi Mart,

 

Previously I had a requirement  to get a list of endpoints belong to a certain user. My first thought was to filter based on the social_username attribute associated with an endpoint. But as you can see it failed. So my alternate solution back then was to get all the user certificates based on subject_common_name attribute, and extract the mac addresses embedded inside those certs.

 

But I believe starting from version 6.7.0, ClearPass API has support for endpoint attributes filtering. I tried {"social_username": "user1@example.com"} and it worked (notice there's no "attributes" keyword in the filter syntax). I think you should try again and see if it works for your case.

 

Regards,

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: