Are you interested in our Early Access Program (EAP)? This program allows you to preview code, test in your lab and provide feedback prior to General Availability (GA) release of all Infoblox products. If so, please click the link here.

Rapid7

Reply
This is an open group. Sign in and click the "Join Group" button to become a group member and start posting.
INFOBLOX & RAPID7 NEXPOSE INTEGRATION - SESSION, LOGIN & LOGOUT TEMPLATES
Adviser
Posts: 169
Registered: ‎09-09-2015
Adviser
Posts: 79

Hi there,

In this post I’m going to review session, login and logout templates. Do not copy/past templates from the post, they may not work. Download templates attached to this post. The templates are provided “as-is”, please check them in you Lab environment and modify for your needs before implementing them in production.


Session template does not require a detailed description. All parameters are described in the NIOS administrator guide

 

Template Comments
{
 "name": "Rapid7 Session",
 "version": "2.0",
 "type": "REST_ENDPOINT",
 "comment": "no comments",
 "vendor_identifier": "Rapid7",
 "path": "/api/1.1/xml",

Version must be set to  “2.0”

 "login_template": "Rapid7_Login",
 "logout_template": "Rapid7_Logout",

Login_template, Logout_template must contains exact template names (defined in a template itself, it is not a file name)

 "logout_only_at_template_end": true,

 "step_execution_limit": 100,
 "inactivity_interval": 100000,

 "keepalive": true,
 "override_path": true,

 "rate_limit": 0,
 "rate_limit_requests": 10,
 "rate_limit_interval": 1000,
 "rate_limit_reset": 1000,
 "retry": 0,
 "retry_template": 0,
 "timeout": 10,

 "logout_any_condition": true,
 "logout_regexp": "asd.*",
 "logout_status_code": 34
}

“Step_execution_limit” defines maximum loop iteration. If you system has more than 100 sites or more 100 “real” assets per site increase this number up to a desired value (it is required only for delete operation).

 

Rapid7_Login template is used for authentication because Rapid7 Nexpose doesn’t support basic authentication.

Template Comments
{
   "vendor_identifier": "Rapid7",
   "version": "2.0",
   "name": "Rapid7_Login",
   "content_type": "text/xml",
   "quoting": "XMLA",
   "type": "REST_EVENT",
   "event_type": ["SESSION"],

“version” must be set to “2.0”


“event_type” should be set to [“Session”]


XMLA quoting is used by default.

   "steps": [
      {
         "name": "login: remove basic auth headers",
         "body": "${XC:ASSIGN:{H:Authorization}:{S:}}",
         "operation": "NOP"
      },

Rapid7 Nexpose does not allow to login if basic authorisation headers contains correct credentials, so set the header variable H:Authorization to empty value

      {
         "name": "login: request",
         "parse": "XMLA",
         "operation": "POST",
         "no_connection_debug": false,
         "body_list": [
            "",
            ""
         ]
      },

Authenticate on Rapid7 Nexpose using LoginRequest method

      {
         "name": "login: errorcheck",
         "operation": "CONDITION",
         "condition": {
            "statements": [
               {
                  "op": "!=",
                  "right": "${P:A:PARSE[[name]]}",
                  "left": "LoginResponse"
               },
               {
                  "op": "!=",
                  "right": "1",
                  "left": "${P:A:PARSE{{success}}}"
               }
            ],
            "condition_type": "AND",
            "else_eval": "${XC:COPY:{S:SESSID}:{P:PARSE{{session-id}}}}",
            "error": true
         }
      }
   ]
}

Check that the authentication was successful and copy the session id to S: SESSID variable.


S: SESSID should be used in all API requests send to Rapid7 Nexpose.



Rapid7_Logout template is used to terminate a session

Template Comments
{
   "vendor_identifier": "Rapid7",
   "version": "2.0",
   "name": "Rapid7_Logout",
   "content_type": "text/xml",
   "quoting": "XMLA",
   "type": "REST_EVENT",
   "event_type": ["SESSION"],

“version” must be set to “2.0”


“event_type” should be set to [“Session”]


XMLA quoting will be used by default.

   "steps": [
      {
         "name": "logout: request",
         "parse": "XMLA",
         "operation": "POST",
         "no_connection_debug": false,
         "body_list": [
            "",
            ""
         ]
      },
      {
         "operation": "CONDITION",
         "name": "logout: errorcheck",
         "condition": {
            "statements": [
               {
                  "op": "!=",
                  "right": "${P:A:PARSE[[name]]}",
                  "left": "LogoutResponse"
               },
               {
                  "op": "!=",
                  "right": "1",
                  "left": "${P:A:PARSE{{success}}}"
               }

            ],
            "condition_type": "AND",
            "error": true
         }
      }
   ]
}

Send a LogoutRequest.


S: SESSID is used to identify a session. Response is analysed for errors.

 

 

Any feedback and/or questions are appreciated and very welcome.

BR,

Vadim Pavlov

Showing results for 
Search instead for 
Did you mean: