Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

API Examples

Reply

Using API call to set SNMP trap receivers

New Member
Posts: 3
2869     0

Hi all

 

Is there a way to make an API call to set the SNMP trap receivers on an NIOS machine, either at Grid level or individual member level ? I've read a previous post (2015!!) that the perl API under NIOS v7.1 was able to define trap receivers, but the Rest API did not support this (https://community.infoblox.com/t5/Protocols/API-Query-SNMP/m-p/2977#M17), so was wondering if things were still the same. I'm running NIOS 8.5.2 and wapi 2.11. and am assuming the Perl API would not be a good way to go as the Perl API is/will be retired at some point.

 

I've been able to read the values of the snmp_setting object via a simple call - /wapi/v2.1/grid?_return_fields=snmp_setting, but not the specific "trap_receivers" object. But even if I could read the receivers values, I do not know how to add/change the trap receivers, or if it is even possible.

 

The reason for this requirement is that to my knowledge Infoblox does not allow non ip addressing for its trap receivers (ie ipv4 and ipv6 only, no url references allowed) and we are trying to implement an AWS based load-balancing trap receiver solution that will only publish an url reference, not a specific ip address, hence needing to set infoblox up to send traps to an url. So one option would be to somehow set the SNMP trap receiver value dynamically via an API call. The other option is using a local trap forwarder, but that is non-ideal.

 

Any help most welcome

Re: Using API call to set SNMP trap receivers

Moderator
Moderator
Posts: 312
2870     0

 

create an SNMPv3 User

curl -k1 -u admin:infoblox -X POST 'https://192.168.1.6/wapi/v2.11/request' -H "Content-Type: application/json" -d \
'[{
  "method":"POST",
  "object":"snmpuser",
  "data": {
    "name": "ib-snmp",
    "authentication_protocol": "SHA",
    "authentication_password": "supersecret",
    "privacy_protocol": "AES",
    "privacy_password": "superprivate"
  }
}]'

returns the reference

[
    "snmpuser/b25lLnNubXBfdXNlciRpYmdyaWQ:ib-snmp"
]

get the SNMP settings (and the grid reference)

curl -k1 -u admin:infoblox -X POST 'https://192.168.1.6/wapi/v2.11/request' -H "Content-Type: application/json" -d \
'[{
  "method":"GET",
  "object":"grid",
  "args": {
      "_return_fields+":"snmp_setting"
  }
}]'

returns (no SNMP configured yet):

[
    {
        "_ref": "grid/b25lLmNsdXN0ZXIkMA:IB-GRID", 
        "snmp_setting": {
            "engine_id": [
                "80:00:12:34:56:78:90:ab:cd:ef:00:02:04:06:08"
            ], 
            "queries_community_string": "public", 
            "queries_enable": false, 
            "snmpv3_queries_enable": false, 
            "snmpv3_traps_enable": false, 
            "syscontact": [], 
            "sysdescr": [], 
            "syslocation": [], 
            "sysname": [], 
            "trap_receivers": [], 
            "traps_community_string": "public", 
            "traps_enable": false
        }
    }
]

set the SNMP settings

curl -k1 -u admin:infoblox -X POST 'https://192.168.1.6/wapi/v2.11/request' -H "Content-Type: application/json" -d \
'[{
  "method":"PUT",
  "object":"grid/b25lLmNsdXN0ZXIkMA:IB-GRID",
  "data": {
    "snmp_setting": {
	  "snmpv3_queries_enable": true, 
	  "snmpv3_queries_users": [{
	    "user": "snmpuser/b25lLnNubXBfdXNlciRpYmdyaWQ:ib-snmp"
	  }],
	  "snmpv3_traps_enable": true, 
	  "trap_receivers": [{
	    "address": "192.168.1.10", 
		"user": "snmpuser/b25lLnNubXBfdXNlciRpYmdyaWQ:ib-snmp"
      }]
	}
  }
}]'

returns a reference again

[
    "grid/b25lLmNsdXN0ZXIkMA:IB-GRID"
]

get the settings again for validation

[
    [
        {
            "_ref": "grid/b25lLmNsdXN0ZXIkMA:IB-GRID", 
            "snmp_setting": {
                "engine_id": [
                    "80:00:12:34:56:78:90:ab:cd:ef:00:02:04:06:08"
                ], 
                "queries_enable": false, 
                "snmpv3_queries_enable": true, 
                "snmpv3_queries_users": [
                    {
                        "user": {
                            "_ref": "snmpuser/b25lLnNubXBfdXNlciRpYmdyaWQ:ib-snmp", 
                            "authentication_protocol": "SHA", 
                            "disable": false, 
                            "extattrs": {}, 
                            "name": "ib-snmp", 
                            "privacy_protocol": "AES"
                        }
                    }
                ], 
                "snmpv3_traps_enable": true, 
                "syscontact": [], 
                "sysdescr": [], 
                "syslocation": [], 
                "sysname": [], 
                "trap_receivers": [
                    {
                        "address": "192.168.1.10", 
                        "user": {
                            "_ref": "snmpuser/b25lLnNubXBfdXNlciRpYmdyaWQ:ib-snmp", 
                            "authentication_protocol": "SHA", 
                            "disable": false, 
                            "extattrs": {}, 
                            "name": "ib-snmp", 
                            "privacy_protocol": "AES"
                        }
                    }
                ], 
                "traps_enable": false
            }
        }
    ]
]

Setting at the member level is similar, here we get the settings, including references for the members:

curl -k1 -u admin:infoblox -X POST 'https://192.168.1.6/wapi/v2.11/request' -H "Content-Type: application/json" -d \
'[{
  "method":"GET",
  "object":"member",
  "args": {
      "_return_fields+":"snmp_setting"
  }
}]'

 

Re: Using API call to set SNMP trap receivers

Moderator
Moderator
Posts: 312
2870     0

SNMP requires an IP address for destination, it does not accept a hostname or or URL in the configuration.

 

You might also take a look at the Ecosystem featureset, including the Outbound API.  With it the grid can send a REST API call to a REST endpoint whenever certain events occur.  For example, whenever a new network is created, the grid can send a API call to ServiceNow, to update ServiceNow's IPAM database.  Or when a security event occurs, the grid can send an API call to an Cisco ISE, to re-scan or isolate an endhost.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You