Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

API & Integration, DevOps,NetOps,SecOps

Reply

How To Search All IP Addresses Without Defining A Subnet/Network

New Member
Posts: 2
1183     0

I have a situation where I need to produce a list of all IPv4 Addresses that match specific criteria (i.e. - status equals USED, IP is not used for DHCP, IP does not have a Last Discovered date, etc.)

 

The Grid I am working with has over 3000 IPv4 networks defined. So, is there an API call I can use to search through all networks and IPv4 addresses looking for specific criteria and then have only those IP's that satisfy the criteria returned?

 

Right now, my script makes a call and returns a list of all Networks to a dictionary. Any assistance would be appreciated. I don't need assistance with building the script itself. I only need to know if there is an approach I can take that will allow me to search through all IP's for specific criteria without having to do it network by network.

TIA.

Re: How To Search All IP Addresses Without Defining A Subnet/Network

Moderator
Moderator
Posts: 287
1183     0

When searching for ipaddress objects, it's required to include either the specific ip address, or the parent network.  So if you wanted everything, you would need to loop through every network and request the ipaddress objects of that network.

Re: How To Search All IP Addresses Without Defining A Subnet/Network

New Member
Posts: 2
1183     0

Thank you for the response.  Do you know of a more efficient/proper way to query each network instead of having a Python script run through over 3000 instances of the following:

 

.....
https://10.255.77.21/wapi/v2.11.3/ipv4address?network=172.19.67.0/28&status=USED&_return_fields%2B=discovered_data.last_discovered
https://10.255.77.21/wapi/v2.11.3/ipv4address?network=172.21.67.0/28&status=USED&_return_fields%2B=discovered_data.last_discovered
https://10.255.77.21/wapi/v2.11.3/ipv4address?network=10.254.60.0/24&status=USED&_return_fields%2B=discovered_data.last_discovered
https://10.255.77.21/wapi/v2.11.3/ipv4address?network=10.254.62.0/24&status=USED&_return_fields%2B=discovered_data.last_discovered
https://10.255.77.21/wapi/v2.11.3/ipv4address?network=172.21.20.0/28&status=USED&_return_fields%2B=discovered_data.last_discovered
.....

 

Thank you.

 

Re: How To Search All IP Addresses Without Defining A Subnet/Network

Moderator
Moderator
Posts: 287
1183     0

Hopefully there are Extensible Attribute values assigned to every network, and you don't need to look at every network?

 

In a script I'd have functions to:

  1. retrieve the list of networks, matching your requirements, and store that in a dictionary.
  2. retrieve the list of IP addresses within a network matching your requiements
  3. iterate through the dictionary, and for each network:
    • call the function to retrieve the list of IP addresses
  4. perform post-processing, or exporting, or whatever is needed

The main function would call function #1 and #3 and #4.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You