Security

Hi!

Im trying to run a python script to check the eventlog on our clearpass servers.

Using this for auth:

https://github.com/aruba/clearpass-api-python-snippets/blob/master/clearpass-api-auth/clearpassauth.py

Now running the API works fine but it only returns events on the publisher node (specified fqdn in params.cfg). How do I query data from the subsciber nodes ?

I tried changing fqdn in the query, and I tried chaning fqdn in the params-file.

I always get:

403 Client Error: Forbidden for url

Do you have create also a client API on sub ?

Hi 

API Client can be only created on Publisher since its having the Database read/write access.

This looks permission issue to me, Try changing the operator profile to Super administrator and check.

Or else please work with Aruba TAC for Faster resolution.  

I've already tried changing to super admin, makes no difference.

Hi,

Could you please recheck the Parameter file or share here if possible. 

Also try doing HTTP get individually for the URLS and let me know the results for both publisher and susbcriber. 

• url = "https://" + clearpass_fqdn + "/api/oauth/privileges"
• url = "https://" + clearpass_fqdn + "/api/oauth/me

with content type and Authorization Token.

Hi,

Every subscriber maintains a local database called "tipsLogDb" in which you can query for local data such as events and requests.

If using the https API is not a strong requirement, you could go the postgresql way.

Regards,

Hi,

Yes, Correct "TipsLogDb" (Server event and session logs) and "AppPlatform" (licensing logs) are individual server specific.