Infoblox’s global team of threat hunters uncovers a DNS operation with the ability to bypass traditional security measures and control the Great Firewall of China. Read about “Muddling Meerkat” and the many other threat actors discovered by Infoblox Threat Intel here.

Community Blog


Applying Dynamic Lists to Make Automation More Practical

My name is Lou, and I have the good fortune of running a product management team here at Infoblox.  We focus on advancing network automation solutions and helping our customers achieve an ever increasing level of automated network control.  We’ve learned a lot from our customers, and I’m proud that so many features we’ve delivered have stemmed from customer needs and finding innovative ways to solve them.  Before I describe an example, I want to take this opportunity to recruit more of your input.  Please share your ideas, examples, and challenges on our community site.  Infoblox is investing heavily in this strategic direction, and I need to make sure what we build will solve your problems. 

I can remember the specific customer who first requested this ability to use lists in change automation.  It’s a great example, and I’ll admit it has been very rewarding for me to go back to this and other customers to show their ideas come to fruition.  The idea is how dynamic variable lists work and why. . . 

Imagine you need to roll out a configuration change to multiple routers.  Now imagine those routers reside in different key sites, perhaps 5 primary locations.  The change you need to make is the same, but some of the detailed attributes of that change, say perhaps the DHCP IP address, primary DNS server IP, or local logging server, vary depending on which site the router is located.  How do you do this today?  The answer varies from customer to customer, but what I hear most is either the use of a template engine tool or home grown scripts.  In most cases the user selects the template or script to execute.   As in the screenshot below, the user is then prompted to type in values to customize the change template or script for the individual router being changed:

The user must type in, or copy and paste from another source, the IP addresses, server names, or other required parameters, then push the change.  Not a big deal.  But wait, now we have to make the same change to the 2nd, 3rd, 4th, and 5th sites in this case while making sure you get the list of routers for each site correct.  In each case, the process starts again, with a new input form, and the user types or pastes new and different information for each.  A bit tedious.  Now imagine making this sort of change every week, or more frequently, or imagine having more sites.

What’s the chance that just ONE time, the user makes a typo, or copy and pastes, but misses the last character?  What can the implications be?  Not good in many cases.

So it’s not just tedious or inefficient, it’s also dangerous!  Any repetitive and manual task can be problematic.  Especially when your team is busy, stressed, and fighting fires.

So let’s change the example.  In this same scenario… shouldn’t it be true that a good network data model that is up to date and correlated already knows the answers to the questions that template input form is asking?  Why should you have to type in the answer?  It’s kind of ridiculous if you think of it.    Using dynamic list variables in Infoblox network automation scripts and templates combined with our network data model allows you to configure change jobs to look up the answers themselves, rather than prompting the user for manually typed input.  As shown in this screenshot, the list looks like a spreadsheet (yes, you can import one).   

In this example, the list is keyed off a site code which might be derived from a DNS name pattern, syslocation value, sysdecription value, IP scheme, or any other method you might apply.  Then for each site, the key unique parameters are stored for ready lookup by the change job.  You run a single job for all 5 sites.  As the job is processed against each device, the system automatically looks up the correct value and applies it to complete the change.  Simple.  Fast.  Fewer jobs.  Fewer human touches.  Authoritative data.  More efficient.  Safer.

I’d also point out this dynamic variable lookup technique in our products is not limited to this embedded list example, change jobs can look up information directly in the Infoblox discovered data model, your own files, or even 3rd party apps or DB’s via API calls or SQL calls.

I hope this can help you, and I look forward to your ideas and feedback.  You can find some examples on our community site.  Please post and share any more you come up with!



‎10-03-2013 09:28 AM

Hi Lou,

This is exactly what I want to do, but I can't find any examples or documentations on how to.  Do you have an example and example ccs script you can share?

Also, what happens when there are multiple entities?  For example, I have 5 devices in "ny" that I want to target.  Will I be able to find all the different "ny" entities or will it just retrieve the first match?


‎04-10-2014 03:39 AM

Hi Lou, Joseph,

I want to do the same thing and was hoping to use the /api/2.9/config_lists/import call to maintain lists of data which I could use in scripts. I'm using Curl to try and make the API calls. I've been searching and playing around for a day now with no joy. I'm trying to do this: curl --user usernameSmiley Tongueassword --insecure -v –F upload=@mylist.csv and get the error:

{"error": "general/validation-failed", "message": "The action failed because the request was not valid.", "fields": {"file": ["is required"]}}

and from what I can tell it's complaining over a poorly formatted API call.

Any assitance you can provide would be very much appreciated!




Showing results for 
Search instead for 
Did you mean: