The REST API allows users to query the iQSonar results directly using the web client protocol. The results are returned in JSON format.
This worked example uses Python to produce a list of hosts (devices) which have enterprise database applications. If the device has a database, we print off the host name, the total installed RAM and the CPU type; we then list the number and edition of the databases. The device name will be taken from the "device" results. For the CPU Type and the installed RAM we need to then go to the details page for the device; For the database details we then go into the applications page. Thus for each device we find, we make at least two and sometimes three REST API calls.
A document showing a simpler use case using Python can be found here.
Step-by-step guide
Pre-requsites
- NOTE: both Python 2 and Python 3 are actively used in different environments. This example uses Python 3 syntax.
- You need to know the URL for you iQSonar install - in this example our host is iqsonar-host
- You need credentials for the iQSonar install - in this example we use the default login admin / password
- You need the "requests" module for Python which handles web requests very nicely. If this is not installed on your system you can install it as follows:
On Linux or macOS:
pip install -U pip requests |
On Windows:
python -m pip install -U pip requests |
Step One – Connect to the iQSonar Host
To access the REST-API we use HTTP with basic authentication. in Python we do this using the "requests" library. You must update this URL to reflect your host, and update the username and password to reflect the credentials for your instance of iQSonar. The "X-fetch-count" variable in the header tells us the total number of devices which have been scanned. In this example we will stop after the first 200 if the Scan Engine has scanned that many. You can look at some of the other worked examples in PowerShell for examples showing paging through the results.
The line "data = r.json()" takes the JSON results and parses it into a Python array variable.
import requests
# Set this to your own host name/login/password)
r = requests.get('http://vm-mike-er3/api/v1/devices',auth=('admin','password'))
max = r.headers['X-fetch-count']
data = r.json()
Step Two – Iterate over the array of devices
At this point in the script, we have a variable data which contains the JSON output from the Rest API.
The data structure is a JSON array of objects, each object contains an array of device attributes:
- device_id
- host_name
- serial_number
- manufacturer
- model
- last_scan
- self
The "self" item is a link to the full details on the device.
# set some counters
noapps=0
nodb = 0
gotone=0
count = len(data)
i = 0
while (i < count):
row = data[i]
gotone=0
if ( 'host_name' in row ):
hostname = row['host_name']
else:
hostname = '(no hostname)'
url2 = row['self']
r2 = requests.get(url2,auth=('admin','password'))
device = r2.json()
if ('total_memory_mb' in device):
ram = device['total_memory_mb']
else:
ram = '(unknown ram)'
if ('cpu' in device):
cpu = device['cpu'][0]['cpu_model']
# remove commas from the cpu string so as to keep the CSV output valid
cpu = cpu.replace(',','')
else:
cpu = '(unknown cpu)'
status = hostname + ': ' + str(ram) + 'MB RAM, ' + str(cpu)
Step Three – Process the Applications link
One caveat - as of Elcano R2, the applications link exists even when the device does not have any scanned applications. Following the link in these cases results in an exception - so we use a TRY/CATCH block to work around this.
# Having got Hostname, Ram and CPU, lets look for databases?
if ('applications' in device):
url3 = device['applications']
r3 = requests.get(url3,auth=('admin','password'))
# the URL might not be valid. If no applications, server will return a 500 error
try:
apps = r3.json()
except:
noapps += 1
else:
numapps = len(apps)
j=0
while (j < numapps):
# Deal with the application entries
j+=1
Related articles
Filter by label
There are no items with the selected labels at this time.