Reply

Searching for record 'Audit History" information like timestamp, action, message via WAPI

New Member
Posts: 2
12781     0

Hi Infoblox,

 

I am using Ruby (httparty gem) to communicate with Infoblox WAPI. Trying to get a list of all hosts in specific VLAN and would like to get 'Audit History' info.

 

Please help...

 

Thanks

Re: Searching for record 'Audit History" information like timestamp, action, message via WAPI

Moderator
Moderator
Posts: 321
12781     0

The Audit details are available in the Audit Log which is a separate file.  It is available through WAPI but you would need to pull that file and search through it separately.  It's a three part operation, first we generate and get a link to the downloadable file.  This example downloads it but you would want to ingest it in your script instead:

 

curl -k1 -u admin:infoblox -X POST \
'https://192.168.1.2/wapi/v2.6/fileop?_function=get_log_files' \
-H "Content-Type: application/json" \
-d '{"member": "gm.example.org","node_type": "ACTIVE","log_type": "AUDITLOG"}'

This is what the response looks like:

{  "token": "eJylUEFuwyAQ...",
    "url": "https://192.168.1.2/http_direct_file_io/req_id-DOWNLOAD-5095/auditLog.tar.gz" }

Downloading the file:

curl -k1 -u admin:infoblox -H "Content-type:application/force-download" -O \
 'https://192.168.1.2/http_direct_file_io/req_id-DOWNLOAD-5095/auditLog.tar.gz'
 
And then close the file using the token from the first query:
 
 curl -k1 -u admin:infoblox -X POST 'https://192.168.1.2/wapi/v2.6/fileop?_function=downloadcomplete' \
-H "Content-Type: application/json" -d '{ "token": "eJylUEFuwyAQ..."}'

 

 

 

Discovery data is available for IP addresses, the data is stored on the host ip address sub-objects (not the host object).

 

for example:


curl -k -u admin:infoblox -X GET 'https://192.168.1.2/wapi/v2.3/record:host_ipv4addr' -d 'ipv4addr=192.168.1.201&_return_fields%2b=discovered_data'
 
here’s the response:
 
[
    {
        "_ref": "record:host_ipv4addr/ZG5zLmhvc3RfYWRkcmVzcyQuX2RlZmF1bHQubmV0d29yay5yaWNoYXJkLnByaW50ZXIuMTAuOS4xNi41Lg:192.168.1.201/printer.example.org/Internal",
        "configure_for_dhcp": false,
        "discovered_data": {
            "device_type": "Printer",
            "device_vendor": "HP",
            "discovered_name": "NPI1A2B3C",
            "discoverer": "Network Insight",
            "first_discovered": 1475162675,
            "last_discovered": 1506910079,
            "mac_address": "00:0e:7f:1a:2b:3c",
            "mgmt_ip_address": "192.168.1.201",
            "netbios_name": "NPI1A2B3C      ",
            "open_ports": "TCP:21,23,80,443,515,9100 UDP:",
            "os": "29.20",
            "port_speed": "Unknown"
        },
        "host": "printer.example.org",
        "ipv4addr": "192.168.1.201"
    }
]

Re: Searching for record 'Audit History" information like timestamp, action, message via WAPI

New Member
Posts: 2
12781     0

Thanks for your respond Richard, I really appreciate it.

 

What I am looking is Audit History, where I can get info from:

 

Timestam;

Action;

Object type;

Object Name;

Admin name;

Message

 

Is that possible via WAPI?

 

Screen Shot 2017-10-10 at 3.06.37 PM.png

Re: Searching for record 'Audit History" information like timestamp, action, message via WAPI

Moderator
Moderator
Posts: 321
12781     0

Sorry no, the audit history is not available for individual objects.   It's only available as a file you can download.

Re: Searching for record 'Audit History" information like timestamp, action, message via WAPI

New Member
Posts: 1
12781     0

Hey Richard, Can we filter the logs based on timestamp (like last 1 Days) while generating the audit file using API? 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You