Security

Can anyone who is familiar with the Clearpass API give me some insight into how I can create a search function?  I see how to get results and I can filter those results, however the filter looks like it has to be a full match in order to work.  I want users to be able to search using partial mac-address or username.  Is there a flag you need to add to the JSON filter to allow for partial matches?  any help would be great!  or a sample app...even better.

Hey Matt,

Your timing is perfect, just in the most recent CPPM [6.6.0] we added the ability to provde a JSON filter. I've added a couple of slides from a PPT I presented internally, hopeful this wil help you out.

Cheers.

great, this is perfect!  

I would like to ask an additional question since you guys are talking CPPM and APIs.  I have an MDM server (MaaS360/Fiberlink) that I have an exteral contect server setup in CPPM for.  It polls data but I am exeeding the rate limits on the MDM server because its trying to poll 45,000 devices.  Of these devices there are apple and androids smart devices and PCs.  I only want to really poll the smart devices.  Please tell me there is a way to do this in CPPM 6.6.  I do not speak API so go easy on me it will really make me shine to get this working so all help appriciated.

Hey Alan,

We unfortunately can't use the API's to grab the filtered endpoints as you desire. But let me reachout to my peers in MaaS360 and see if they have any ideas.

Beyond that, whats the actual situation, do you get partial polls or what?

Yes I get a partial poll of about 15,000 devices then it fails. The partial poll is generally about 2am EST and then it will fail for a few hours and get partial success again and fail for a few hours. I have a ticket open with MaaS360 I can share the case owners name if you can help any. They suggested I do the below back on June 1st but I am not sure ClearPass can do 2-4. I did adjust the poll timer already. Also put in a feature request for 2-3 and for 1 because 1 is a global timer and applies to all content servers in clearpass. I asked for individual settings.
 
Here is what dev suggested and like I said I really haven't done anything with this info cause I don't know how to use the info.

 
"1. Reduction in frequency to 4 hours should be tried - will help to some extent but may not completely solve the problem.
2. Avoid computerNetworkInformation call per device - most of the information information is available in the search call itself. Can evaluate search v2 also.
3. Use separate search API pulls for Android, iOS and Blackberry devices (separate search api calls per platform - pass platformName parameters : platformName=Android or platformName=iOS or platformName = Blackberry for the pulls)
4. Respect the rate limits headers provided by X-Rate-Limit-Remaining, X-Rate-Limit-ResetWindow and X-Rate-Limit-Max response headers and throttle the API calls."　

Danny were you the guy speaking at atmosphere about APIs this past conference?

Danny,

Its been awhile has anything developed with CPPM that could help me with the above?  I heard CPPM was moving to an extension like app store.  Is there anything that can be developed to assist me as an extension/add on?