Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

API & Integration, DevOps,NetOps,SecOps

Reply

DNS/DHCP Monitoring with API

[ Edited ]
Techie
Posts: 7
1883     0

Is it possible to use the API for DNS/DHCP/NIOS monitoring? Which urls do we need?

What should we monitor?

Re: DNS/DHCP Monitoring with API

[ Edited ]
Superuser
Posts: 81
1884     0

Hello There,

 

It is possible. But you'd need a scripted logic for this. Summary of the logic is :

 

1) First you need to prepare a list of all Grid node references. References are just a string with which you could get to specific details about a node. Call for that would be :

 

https://<Grid_Master_IP>/wapi/v2.10.1/member

 

2) From the output of the first call, you need the value of "host_name" & "_ref" for all the items that you seen in the list. With hostname, you can identify different grid nodes(Ie, server names).

 

3) Now depending on the servers that you're interested in, you could use the "_ref" value for each nodes to get the service status from all the nodes. That call would be :

 

https://<Grid_Master_IP>/wapi/v2.10.1/member/b25lLnZpcnR1YWxfbm9kZSQw:infoblox.localdomain/memberservicestatus/nodeinfo?_return_fields=service_status

What you need to note in the call above is that "member/b25lLnZpcnR1YWxfbm9kZSQw:infoblox.localdomain" has to be the "value" of the "_ref" keys of all grid nodes that you get from call #1.

 

4) If you just take a look at the response of the second API call, you will understand what you need to do further with it. A sample output of call #2 would be :

{
    "_ref": "member/b25lLnZpcnR1YWxfbm9kZSQw:infoblox.localdomain",
    "service_status": [
        {
            "description": "DHCP Service is inactive",
            "service": "DHCP",
            "status": "INACTIVE"
        },
        {
            "description": "DNS Service is working",
            "service": "DNS",
            "status": "WORKING"
        },
        {
            "description": "NTP Service is inactive",
            "service": "NTP",
            "status": "INACTIVE"
        },
        {
            "description": "Hard Disk: 0% - TFTP Service is inactive",
            "service": "TFTP",
            "status": "INACTIVE"
        },
        {
            "description": "Hard Disk: 0% - HTTP File Dist Service is inactive",
            "service": "HTTP_FILE_DIST",
            "status": "INACTIVE"
        },
        {
            "description": "Hard Disk: 0% - FTP Service is inactive",
            "service": "FTP",
            "status": "INACTIVE"
        },
        {
            "description": "CPU: 100%, Memory: 0%, Hard Disk: 0%",
            "service": "BLOXTOOLS",
            "status": "INACTIVE"
        },
        {
            "description": "Captive Portal Service is inactive",
            "service": "CAPTIVE_PORTAL",
            "status": "INACTIVE"
        },
        {
            "service": "HSM",
            "status": "UNKNOWN"
        },
        {
            "description": "Subscriber Collection Service is inactive",
            "service": "IMC",
            "status": "INACTIVE"
        },
        {
            "description": "TAXII Service is inactive",
            "service": "TAXII",
            "status": "INACTIVE"
        }
    ]
}                                     

If you'd like to have a robust script including all that logic, please let me know.

 

Best regards,

 

Showing results for 
Search instead for 
Did you mean: 

Recommended for You