Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

API & Integration, DevOps,NetOps,SecOps

Reply

How to delete a record from an RPZ using the API?
vatodorov
New Member
Posts: 3

‎01-23-2020 06:40 AM

3962     0

What is the API call to delete a record from an RPZ?

 

I figured that I can delete a record from an RPZ with:

DELETE /wapi/v2.10/record:rpz:cname/ZG5zLmJpbmRfY25hbWUkLl9kZWZhdWx0LnRocmVhdHFycHouY29tLmJhZGd1eS50ZXN0NA.badguy.com/default/?_return_as_object=1

However, I can't figure out how to obtain the refname (the hash value in the middle) for the object.

 

The refnames that are returned from a GET call to /wapi/v2.10/zone_rp are different from the refnames needed for the deletion of the objects. Any suggestions how to obtain the refnames for all objects in a PRZ?

 

 

Thanks,

Valentin

Labels:
Reply
0 Kudos

Re: How to delete a record from an RPZ using the API?
kvasudevan
Adviser
Posts: 181

‎01-23-2020 06:47 AM

3963     0

Hi,

 

Depending on the kind of RPZ record you are querying, you can do a GET against that like below:

 

In the case of Block Domain Name (No Such Domain) Rule:

curl -k -u admin:infoblox -X GET "https://grid-master/wapi/v2.11/record:rpz:cname?_return_as_object=1"

Sample result:

{
    "result": [
        {
            "_ref": "record:rpz:cname/ZG5zLmJpbmRfY25hbWUkLl9kZWZhdWx0LmxvY2FsLnJwei5jb20uZ29vZHNpdGU:goodsite.com.rpz.local/default",
            "canonical": "goodsite.com",
            "name": "goodsite.com.rpz.local",
            "view": "default"
        },
        {
            "_ref": "record:rpz:cname/ZG5zLmJpbmRfY25hbWUkLl9kZWZhdWx0LmxvY2FsLnJwei5jb20uYmFkc2l0ZQ:badsite.com.rpz.local/default",
            "canonical": "",
            "name": "badsite.com.rpz.local",
            "view": "default"
        }
    ]
}

You can use the field from _ref for the DELETE query

Hope that is helpful,

Krishna

Reply

Re: How to delete a record from an RPZ using the API?
vatodorov
New Member
Posts: 3

‎01-23-2020 07:13 AM

3963     0

Thanks! This worked like a charm.

 

I see the error I had. I was getting the objects using the /wapi/v2.10/allrpzrecords endpoint instead of getting the records from the specific zone I have which should use the /wapi/v2.10/record:rpz:cname endpoint. Looks like the _ref values from both endpoints are different.

 

 

Valentin

Reply
0 Kudos
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Recommended for You

Latest Annoucements

Demo: Infoblox IPAM plug-in integration with OpenStack Newton

playicon

Infoblox Experts Community

You have reached the maximum number of topics allowed as a visitor. Please Login or Join the community to continue to read.

Join for free

TOPICS REMAINING

Register for unlimited browsing. Registration is FREE.

Join Community