• State Not Answered
  • Replies 6 replies
  • Subscribers 28 subscribers
  • Views 713 views
  • Users 0 members are here
Options
Related

Test Connection with API in swagger

dario guastella
7 months ago

testing the Test Connection in swagger we get an error. The purpose is to test the test connection for all assets on SPP since on SPP if many assets are selected, there can be many false positives. The customer wants a script that he can launch massively on demand. I attach step by step process we are trying.

First we query this method to have all the id of the assets: ASSETS GET /v4/Assets specifying to have the id in the field "fields"

Once we have all ids we query this method to test the “TestConnection”: POST /4/Assets/(id)/TestConnection specifying the single id

we want to cycle this but if we try with a specific id we get some responces but mainly an error:

{
  "Code": 70000,
  "Message": "The request is invalid.",
  "ModelState": {
    "entity.ConnectionProperties.ServiceAccountProfileId": [
      "The field ServiceAccountProfileId must be a valid non-zero database ID."
    ],
    "entity.ConnectionProperties.ServiceAccountSshKeyProfileId": [
      "The field ServiceAccountSshKeyProfileId must be a valid non-zero database ID."
    ]
  }
}
what can we do?

the aim is to create a script that is launched on demand to query all assets with the test connection since in spp if too many assets are queried, many false positives are received.

thank you so much!

Parents
  • 0 7 months ago

    Hi Dario,

    If you tested (POST ​/v4​/Assets​/{id}​/TestConnection) in Swagger UI then make sure to clear the Request Body field under "Optionally override asset connection settings"


    Which would send the API call without any additional data as clearing the field above adds the -d parameter with a blank value such as: -d ''

    Thanks!

  • 0 7 months ago in reply to Tawfiq.Ahmad

    ok Tawfiq we were able to create our script that queries the TestConnection method (POST ​/v4​/Assets​/{id}​/TestConnection). The responce is correct. We are missing one last step. Which attribute can we consider to know whether the test is OK or KO?

    We have considered a response for an asset that gives OK (verified on SPP) and one that gives a response with an error, but the two responses via API are identical.

    this is one responce for example for an asset that in SPP give us OK checking the connection:

    *******

    {
    "Id": "b7a9b814-8d43-11ee-af11-02b4a74764f8",
    "LogTime": "2023-11-27T16:40:47.8742548Z",
    "UserId": 1,
    "UserProperties": {
    "ClientIpAddress": "192.168.200.50",
    "UserName": "S2E-lab",
    "DomainName": null,
    "UserDisplayName": "s2e admin",
    "UserWasGlobalAdmin": true,
    "UserWasDirectoryAdmin": false,
    "UserWasAuditor": true,
    "UserWasApplicationAuditor": true,
    "UserWasSystemAuditor": true,
    "UserWasAssetAdmin": true,
    "UserWasPartitionOwner": false,
    "UserWasApplianceAdmin": true,
    "UserWasPolicyAdmin": true,
    "UserWasUserAdmin": true,
    "UserWasHelpdeskAdmin": true,
    "UserWasOperationsAdmin": true
    },
    "ApplianceId": "565adc962bd94638a1dee0fd96444536",
    "ApplianceName": "SPPlab.OIMDemo.local",
    "EventName": "TestConnectionStarted",
    "EventDisplayName": null,
    "Name": "TestConnection",
    "SystemId": 35,
    "SystemName": null,
    "SystemType": "Asset",
    "PlatformId": 547,
    "PlatformType": "Windows",
    "PlatformDisplayName": "Windows Server",
    "NetworkAddress": "Marte.OIMDemo.local",
    "AccountId": null,
    "AccountName": null,
    "AccountDomainName": null,
    "AccountNetBiosName": null,
    "AccountDistinguishedName": null,
    "SyncGroupId": null,
    "SyncGroupName": null,
    "SshKeySyncGroupId": null,
    "SshKeySyncGroupName": null,
    "AssetPartitionId": 1,
    "AssetPartitionName": "AD_OIMDemo.local",
    "ProfileId": 1,
    "ProfileName": "AD_OIMDemo.local Profile",
    "SshKeyProfileId": null,
    "SshKeyProfileName": null,
    "InstallSshKeyId": null,
    "InstallSshKeyFingerprint": null,
    "SshKeyFingerprint": null,
    "RequestStatus": {
    "State": "Accepted",
    "PercentComplete": 0,
    "Cancellable": true,
    "AcceptedTime": "2023-11-27T16:40:48.3957856Z",
    "AcceptanceDuration": "00:00:00",
    "StartTime": null,
    "QueuedDuration": "00:00:00",
    "EndTime": null,
    "RunningDuration": "00:00:00",
    "TotalDuration": "00:00:00",
    "Message": null
    },
    "Log": [],
    "ConnectionProperties": {
    "ServiceAccountUniqueObjectId": "3ee84547-646b-4683-beb0-dd2867a7ffe7",
    "ServiceAccountSecurityId": "S-1-5-21-1458583873-974125826-2990878429-1104",
    "EnablePassword": null,
    "EnableHasPassword": false,
    "CommandTimeout": 20,
    "WorkstationId": null,
    "ClientId": null,
    "ServiceAccountProfileId": 1,
    "ServiceAccountProfileName": "AD_OIMDemo.local Profile",
    "ServiceAccountSshKeyProfileId": null,
    "ServiceAccountSshKeyProfileName": null,
    "UseSslEncryption": false,
    "VerifySslCertificate": false,
    "Instance": null,
    "ServiceName": null,
    "SslThumbprint": null,
    "PrivilegeElevationCommand": null,
    "AccessKeyId": null,
    "SecretKey": null,
    "HasSecretKey": false,
    "OraclePrivileges": null,
    "HideAlterUserCommand": false,
    "UseNamedPipeForServiceAccountConnection": false,
    "RegisteredConnectorId": null,
    "TacacsSecret": null,
    "HasTacacsSecret": false,
    "UseTopSecretInterval": false,
    "ServiceAccountId": 15,
    "ServiceAccountName": null,
    "EffectiveServiceAccountName": "IAMAdmin",
    "ServiceAccountDomainName": "oimdemo.local",
    "ServiceAccountDistinguishedName": "CN=IAM Administrator,OU=IAM,DC=OIMDemo,DC=local",
    "EffectiveServiceAccountDistinguishedName": "CN=IAM Administrator,OU=IAM,DC=OIMDemo,DC=local",
    "ServiceAccountCredentialType": "DirectoryPassword",
    "ServiceAccountPassword": null,
    "ServiceAccountHasPassword": true,
    "ServiceAccountSshKey": {
    "PrivateKey": null,
    "Passphrase": null,
    "PublicKey": null,
    "Comment": null,
    "Fingerprint": null,
    "FingerprintSha256": null,
    "KeyType": null,
    "KeyLength": null
    },
    "ServiceAccountHasSshKey": false,
    "Port": null,
    "ServiceAccountSshKeyId": null,
    "ServiceAccountSshKeyFingerprint": null,
    "ServiceAccountSshKeyComment": null,
    "ServiceAccountAssetId": 2,
    "ServiceAccountAssetName": "AD_OIMDemo.local",
    "ServiceAccountAssetPlatformId": 522,
    "ServiceAccountAssetPlatformType": "MicrosoftAD",
    "ServiceAccountAssetPlatformDisplayName": "Active Directory",
    "ServiceAccountNetbiosName": "OIMDEMO"
    },
    "CustomScriptParameters": []
    }

    ********

    i need to identify the specific parameter that give me the result "OK" about the TestConnection and it differ from the same parameter of an asset in which the TestConnection give me "KO"

    thank you so much

  • 0 7 months ago in reply to dario guastella

    Hi Dario,

    You can check the audit log for results and verify using the EventName value from GET​/v4​/AuditLog​/Passwords​/{taskName}​/{id}

    {taskName} = TestConnection

    {id} = b7a9b814-8d43-11ee-af11-02b4a74764f8

    This is the task id which was provided in the response from performing the POST Test connection call

    - You can also filter to show only the eventname field, for example:

    GET /v4/AuditLog/Passwords/TestConnection/e84f6a2a-8df8-11ee-bfeb-36d0a617d33c?fields=eventname


    if eventname = "TestConnectionSucceeded" = OK

    Otherwise, if eventname = "TestConnectionFailed" = KO

    Thanks!

  • 0 7 months ago in reply to Tawfiq.Ahmad

    GREAT!!!!!!!!!!!!!!!

    so we created the script and everything is PERFECT!!!

    LAST QUESTION: is it possible to display a sort of widget in the SPP dashboard?

    thank you so much and have a GREAT DAY!!!

  • 0 7 months ago in reply to dario guastella

    Hi Dario,

    The Web UI allows you to show or hide widgets but if you are asking about adding a custom widget to the Web UI then there is no current option for that in the existing Web UI.

    Thanks!

Reply Children