Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

API & Integration, DevOps,NetOps,SecOps

Reply

WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

Techie
Posts: 12
8294     0

 

Hi all,

 

I am using this to obtain all leases, which fetches me all leases irrespective of the binding_state

 

curl -k1 -u username:password -X GET 'https://host/wapi/v2.9.5/lease?_return_fields%2b=address,starts,ends,tstp,binding_state,hardware,fingerprint&_return_as_object=1&_max_results=100&_paging=1'


But is there a way to only obtain back leases, which only have STATIC and ACTIVE binding_states?

I have tried and failed at using "binding_state" as a filter using the "binding_state=ACTIVE" or "binding_state~=ACTIVE" and "binding_state=STATIC" or "binding_state~=STATIC" url param option in the above inflobox WAPI request.

 

 



Re: WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

Moderator
Moderator
Posts: 287
8294     0

binding_state is not searchable, you will need to bring down the full list and filter in your code.

Re: WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

Techie
Posts: 12
8295     0

Thanks for replying.

 

Yes, I did try bringing down the full list and filtering it, but the list is way too huge, also because of a ton of ABANDONED and FREE lease objects in the results list.

 

Also I need the current active list of dhcp ACTIVE/STATIC leases, and contacting the inflobox server frequently might be too intensive for the inflobox instances?

Re: WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

Moderator
Moderator
Posts: 287
8295     0

Consider a more efficient method to pull the lease data, by downloading the lease file of each appliance.  Or tell the gridmaster to send the lease file to an FTP, TFTP, or SCP destination. Note that start time and end time are mandatory.

 

Here's an example with REST, downloading to a local file:

 

curl -k1 -u admin:infoblox -X POST \
'https://192.168.1.2/wapi/v2.6/fileop?_function=getleasehistoryfiles' \
-H "Content-Type: application/json" \
-d '{"member": "gm.example.org", "start_time": "1514764800", "end_time" :"1533686400"}'

 

returns:

 

{ "token": "eJytUMFuwyAMvfMj3aUkNA1NduuUVZtUtVI7aUcrAZJaSoABqdp9/WDSdtpxB9Czn+33bCGMvYNT\nA4mfMNoHN4tgHLGMPAjUvelGc6NGq/TC3SpPmja0cFI9sSsiALoZx4AagEgUgdiCPEi7JueFull0\ndwg4qQWxJdmxsmCcl7zmdJ0XPK8Y8efF7MZI89hwCcH6xyxjOa0p45RnKQMSo7UAPY4K0GROfQDK\nZXN8P+yP22a5yqvNOpMXYfeq9eoFffR/p8Jf6fAZJ2+SCMqIqqjxZ3fk6lQl42YRszwWZmlMO6gs\nTPZffDD2IwFKCyNRDym7ilpPr4cEi9+Cych0M5bO2GzftnB63qW4JD6cLOPpxGwTyR7VKD0EA8JM\ntnXfXRU5pJW71gJqOwe4KufR6MTVkevoF4DuoAQ=\n",
"url": "https://192.168.1.2/http_direct_file_io/req_id-DOWNLOAD-20874/dhcpLeaseHistory.csv.gz" }

 

 

Now download the file.

 

curl -k1 -u admin:infoblox -H "Content-type:application/force-download" -O \
'https://192.168.1.2/http_direct_file_io/req_id-DOWNLOAD-20874/dhcpLeaseHistory.csv.gz'



After downloading, close the file on the gridmaster's webserver using the token

curl -k1 -u admin:infoblox -X POST 'https://192.168.1.2/wapi/v2.6/fileop?_function=downloadcomplete' \
-H "Content-Type: application/json" -d '{ "token": "eJytUMFuwyAMvfMj3aUkNA1NduuUVZtUtVI7aUcrAZJaSoABqdp9/WDSdtpxB9Czn+33bCGMvYNT\nA4mfMNoHN4tgHLGMPAjUvelGc6NGq/TC3SpPmja0cFI9sSsiALoZx4AagEgUgdiCPEi7JueFull0\ndwg4qQWxJdmxsmCcl7zmdJ0XPK8Y8efF7MZI89hwCcH6xyxjOa0p45RnKQMSo7UAPY4K0GROfQDK\nZXN8P+yP22a5yqvNOpMXYfeq9eoFffR/p8Jf6fAZJ2+SCMqIqqjxZ3fk6lQl42YRszwWZmlMO6gs\nTPZffDD2IwFKCyNRDym7ilpPr4cEi9+Cych0M5bO2GzftnB63qW4JD6cLOPpxGwTyR7VKD0EA8JM\ntnXfXRU5pJW71gJqOwe4KufR6MTVkevoF4DuoAQ=\n"}'

Re: WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

Moderator
Moderator
Posts: 287
8295     0

Also consider using the Ecosystem featureset.  With an Ecosystem license you can generate an outbound REST call to a different system for each lease event.

Re: WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

Techie
Posts: 12
8295     0

 

Thanks for the example. I was trying it out. How do I figure out the value for the "member" field in your curl sample below? - 

 

curl -k1 -u username:password -X POST 'https://<host>/wapi/v2.9.5/fileop?_function=getleasehistoryfiles' -H "Content-Type: application/json" -d '{"start_time": "1514764800", "end_time" :"1533686400", "member": "<how_to_figure_this_out>"}'

Re: WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

Moderator
Moderator
Posts: 287
8295     0

The member name is the appliance's name in the grid that holds DHCP leases.  If you have four DHCP appliances in tour grid, you might need to pull the lease file from each of the four appliances.

Re: WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

Techie
Posts: 12
8295     0

Is there a way I can figure out from any of the WAPI apis, the names of the appliances in the grid that holds the leases?

 

From an integration standpoint it becomes easier, than ask the admin for the names.

Re: WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

Moderator
Moderator
Posts: 287
8295     0

When you pull the lease file from a specific appliance, you will get only leases that belong to that appliance.  The IP address is in the "Member/Server" column.

 

For the lease object, the name and ip address of the server are stored in the "server_host_name" and "served_by" fields, respectively.

 

Here's a call with all the supported fields for WAPI v2.9:

 

curl -k -u admin:infoblox -X GET 'https://192.168.1.2/wapi/v2.9/lease?_return_fields%2b=address,billing_class,binding_state,client_hostname,cltt,discovered_data,ends,fingerprint,hardware,ipv6_duid,ipv6_iaid,ipv6_preferred_lifetime,ipv6_prefix_bits,is_invalid_mac,ms_ad_user_data,network,network_view,never_ends,never_starts,next_binding_state,on_commit,on_expiry,on_release,option,protocol,remote_id,served_by,server_host_name,starts,tsfp,tstp,uid,username,variable'

You can ask for all the available fields for any object by requesting the schema for that object.  The fields returned will be supported by the version of the API you use to send the request.

 

 

curl -k -u admin:infoblox -X GET 'https://192.168.1.2/wapi/v2.9/lease?_schema&_schema_version=2&_get_doc=1

 

 

Re: WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

[ Edited ]
Techie
Posts: 12
8295     0

Thank you.

So if I have understaood your above curl request, we would be only pulling the leases from the inflobox appliance "192.168.1.2".

 

Is there a concept/way of a central inflobox master server/appliance, whom I can contact to obtain the list of all inflbox appliance ips/names?

I can then use this obtained appliance list from the master server to individually contact each f the appliances to pull the leases.

 

I did try the below from the WAPI docs, but it came back with empty results.
Is this the right API to use to get the list of all the inflobox appliances, assuming I have the ip of the grid master(<host> below)? And also the below request came back empty results. Is that because of a permissions thing that the admin has to enable?

curl -k -u <username>:<password> -X GET "https://<host>/wapi/v2.9.5/member?_return_as_object=1"

 

Re: WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

Moderator
Moderator
Posts: 287
8295     0

All (*) API calls go to the gridmaster (192.168.1.2 is the GM in my examples).   You send your request to the gridmaster.  In your request you specify which member (aka appliance) , using the "member" field, you want to pull leases from.

 

Your example looks good for retrieving the list of appliances.  I suspect you're right, you're probably coming across a permissions issue.

 

 

 

(*) The GMC can be configured to allow read-only API calls.  And with cloud automation licenses, cloud appliances can accept limited API calls.  By default, and for most situations, API calls go to the gridmaster only.

 

 

 

Re: WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

[ Edited ]
Techie
Posts: 12
8295     0

 

Thanks for the answers Richard.

 

What about WAPI requests that don't take the member/node, like the one below? From which appliance does this below request pull the leases from? Only the leases present on the grid master(192.168.1.2) appliance to which the WAPI request is headed to?

 

curl -k -u admin:infoblox -X GET 'https://192.168.1.2/wapi/v2.9/lease?_return_fields%2b=address,billing_class,binding_state,client_hostname,cltt,discovered_data,ends,fingerprint,hardware,ipv6_duid,ipv6_iaid,ipv6_preferred_lifetime,ipv6_prefix_bits,is_invalid_mac,ms_ad_user_data,network,network_view,never_ends,never_starts,next_binding_state,on_commit,on_expiry,on_release,option,protocol,remote_id,served_by,server_host_name,starts,tsfp,tstp,uid,username,variable'

 

Re: WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

Moderator
Moderator
Posts: 287
8295     0

This api call pulls from the gridmaster's database which contains leases from all the appliances.

Re: WAPI: Get DHCP leases which are either ACTIVE or STATIC binding_states

Techie
Posts: 12
8295     0

Got it. Thanks.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You