Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

API & Integration, DevOps,NetOps,SecOps

Reply

WAPI : Seed router configuration

Techie
Posts: 9
9061     0

Hi everyone,

I was searching for a WAPI call to configure seed routers (in a discovery probe) for a Network Insight configuration in my environment and was not able to find any article in the Community or the Support KB base for the same. After going through the WAPI documentation and spending a couple of hours, found that there is indeed a WAPI call for the seed router configuration.

Thought of sharing the code as this might help a lot of people. Note that there is no option to do a CSV import for this configuration and as my environment had more than 2000 devices which needed to be added to this list, a WAPI call was my only option. Also, I am not sure if there is any other option to achieve this, so kindly update the thread if there are any alternatives as it would be helpful for others as well.

 

My Grid was running NIOS 8.4.0.

 

- WAPI call to fetch the Discovery member reference ID:

 

curl -k1 -u admin -H "Content-Type: application/json" -X GET https://grid.ip.address/wapi/v2.7/discovery:memberproperties

 

  • Username to access the Grid (password will be prompted if not provided with the call).
  • WAPI code to retrieve the member reference ID.

 

 

- WAPI call to fetch current seed router configuration using the member reference ID:

 

curl -k1 -u admin -H "Content-Type: application/json" -X GET https://grid.ip.address/wapi/v2.7/discovery:memberproperties/ZGlzY292ZXJ5Lm1lbWJlcl9kaXNjb3ZlcnlfcHJvcGVydGllcy:member.name?_return_fields=seed_routers

 

  • Member reference ID fetched using the previous WAPI call.
  • WAPI code to retrieve the seed router configuration.

 

 

- Example WAPI call to configure seed routers (Note: For some unknown reason, POST would not work in this WAPI call and PUT will replace the existing seed router configuration, i.e., there is no option to add additional seed routers to an existing list.  - BEWARE):

 

curl -k1 -u admin -H "Content-Type: application/json" -X PUT https://grid.ip.address/wapi/v2.7/discovery:memberproperties/ZGlzY292ZXJ5Lm1lbWJlcl9kaXNjb3ZlcnlfcHJvcGVydGllcy:member.name -d '{"seed_routers": [{"address": "1.2.3.4","network_view": "default"},{"address":"5.6.7.8","network_view":"default"}]}'

 

  • Member reference ID fetched using the first WAPI call.
  • The actual seed router configuration in the desired format.

 

 

- Example WAPI call to configure seed routers when the required data is in a file:

 

curl -k1 -u admin -H "Content-Type: application/json" -X PUT https://grid.ip.address/wapi/v2.7/discovery:memberproperties/ZGlzY292ZXJ5Lm1lbWJlcl9kaXNjb3ZlcnlfcHJvcGVydGllcy:member.name -d @seed-router-list

 

  • Member reference ID fetched using the first WAPI call.
  • Path to the file to be used.

 

Note: The file should contain the list of IP addresses in the format as follows:

{"seed_routers": [{"address": "1.2.3.4","network_view": "default"},{"address":"5.6.7.8","network_view":"default"}]}

 

Regards,

Vishnu Nair

Re: WAPI : Seed router configuration

Authority
Posts: 20
9061     0

hi , i try the seed router GET in Postman, it doens't work ...

Re: WAPI : Seed router configuration

Techie
Posts: 9
9061     0

Hi,

 

Which NIOS version are you using? And also check whether you are using the correct member ID where the seed routers are configured in the WAPI call.

 

Regards,

Vishnu Nair

Re: WAPI : Seed router configuration

[ Edited ]
Authority
Posts: 20
9061     0

8.4.2-383580 version 

 

This is the postman tool i used. I search for members, and use the https://172.28.0.82/wapi/v2.7/discovery:memberproperties/ZGlzY292ZXJ5Lm1lbWJlcl9kaXNjb3ZlcnlfcHJvcGV...

command to get seed routers output. But failed.

 

(Sorry, i'm not an programming/IT guy)

 

Re: WAPI : Seed router configuration

Techie
Posts: 9
9061     0

Could you share the exact output (as text) you are getting when you run the WAPI calls (for both the wapi calls) ? Seems like screen snippets are not visible in the forum.

 

Regards,

Vishnu Nair

Re: WAPI : Seed router configuration

[ Edited ]
Authority
Posts: 20
9061     0

 

get

https://172.28.0.82/wapi/v2.7/discovery:memberproperties/ZGlzY292ZXJ5Lm1lbWJlcl9kaXNjb3ZlcnlfcHJvcGV...

 

OUTPUT =

{
    "Error""AdmConError: None (The selected object could not be found)",
    "code""Client.Ibap.Data",
    "text""The selected object could not be found"
}

Re: WAPI : Seed router configuration

Techie
Posts: 9
9061     0

I tried the exact call in my environment, but using CURL and it seems to be working fine. Please find the output below:

 

curl -k1 -u admin -H "Content-Type: application/json" -X GET https://grid.master/wapi/v2.7/discovery:memberproperties/ZGlzY292ZXJ5Lm1lbWJlcl9kaXNjb3ZlcnlfcHJvcGV...


Enter host password for user 'admin':
{
"_ref": "discovery:memberproperties/ZGlzY292ZXJ5Lm1lbWJlcl9kaXNjb3ZlcnlfcHJvcGVydGllcyQyQy:nd-discover.blr",
"discovery_member": "nd-discover.blr",
"seed_routers": [
{
"address": "10.38.156.52",
"network_view": "default"
},
{
"address": "10.38.128.53",
"network_view": "default"
 }
]
}

Re: WAPI : Seed router configuration

Techie
Posts: 9
9061     0

I tried the same WAPI call on a 8.4.4 grid as well and the call is working on it. There must me some issue with the member ID you are selecting or it could be something with postman tool.

Re: WAPI : Seed router configuration

Techie
Posts: 9
9061     0

I just tried running the WAPI call against the Grid master's reference ID (grid master cannot be configured with any seed routers) and it seems like the output would be like ' "seed_routers": [] ' even if we select the incorrect member ID. So, I think it is the issue with the tool you are using.

 

curl -k1 -u admin -H "Content-Type: application/json" -X GET https://grid.master/wapi/v2.7/discovery:memberproperties/ZGlzY292ZXJ5Lm1lbWJlcl9kaXNjb3ZlcnlfcHJvcGV...
Enter host password for user 'admin':
{
"_ref": "discovery:memberproperties/ZGlzY292ZXJ5Lm1lbWJlcl9kaXNjb3ZlcnlfcHJvcGVydGllcyQwQw:infoblox.localdomain",
"discovery_member": "infoblox.localdomain",
"seed_routers": []
}

 

Regards,

Vishnu Nair

Re: WAPI : Seed router configuration

Authority
Posts: 20
9061     0

hi , what tool do you recommend if you may? easier for newbie like myself. i will try on it...

 

 

Re: WAPI : Seed router configuration

[ Edited ]
Authority
Posts: 20
9061     0

i tried with your command and found sth below: it means my access not allowed to GET? 

 

 

HTTP/1.1 200 OK
Date: Mon, 06 Jan 2020 08:57:25 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Cache-Control: no-cache, no-store
Pragma: no-cache
Content-Type: application/json
set-cookie: ibapauth="ip=172.26.81.xx,client=API,group=group-acs,ctime=1578301045,timeout=3600,mtime=1578301045,su=1,auth=TACACS%2B,user=kennygoh,rE56XAqv4dO5O8OZT+emJKXB563AZcte9lo"; httponly; Path=/; secure
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Connection: close
Transfer-Encoding: chunked

{
"_ref": "discovery:memberproperties/ZGlzY292ZXJ5Lm1lbWJlcl9kaXNjb3ZlcnlfcHJvcGVydGllcyQw:wigmttosb001.xxxx.com.my",
"discovery_member": "wigmttosb001.xxxxx.com.my"
}

Re: WAPI : Seed router configuration

New Member
Posts: 1
9061     0

This documentation worked great for me. My only issue is that when I do a put I'm not adding to the list I'm overwriting it. Is that expected behaviour?

Re: WAPI : Seed router configuration

Authority
Posts: 20
9061     0

It works for me. thanks. 

Re: WAPI : Seed router configuration

Authority
Posts: 20
9061     0

One more question, i have 1-2k devices to add into seed. Any way to speed up instead of adding one by one is textpad/excel ?

Re: WAPI : Seed router configuration

[ Edited ]
New Member
Posts: 4
9061     0

Had the same issue, the problem is if you only add the seed router IP without a network view assigned they can't be retrieved via WAPI, when the networkvie is assigned erverything works.

 

seed router issue.jpg

 

Kind Regards

Andreas

Showing results for 
Search instead for 
Did you mean: 

Recommended for You