...
SNMP Enterprise | 54006 |
Mac Address | 26432 |
SNMP OID | 10897 |
Custom | 422 |
Total | 99757 |
---|
All these rules were previously hard coded into the application codebase. As a result, we have deleted many thousands of lines of code! We have still more to introduce, but this is a start
...
And of course you are free to add or modify the rules as you see fit. If you have a device with an SNMP OID that doesn't match a model already in the database - now you can add it easily. No more waiting for us to provide a patch and add it to the codebase for you.
When you create a Rules entry, you will need to provide a name and a list of inputs and outputs. The inputs and outputs are stored as JSON arrays within the database.
Inputs have a table and attribute, an operator and a value. When executing the condition, it works thus: If $table . $attribute $operator $value then apply the outputs.
A contrived example rule to match a type and set the model is below.
Code Block | ||||
---|---|---|---|---|
| ||||
INPUTS table = system attribute = type operator = eq value = computer OUTPUTS table = system attribute = model value = My Model value_type = string |
Operators in Inputs can have the following values.
Name | Result |
---|---|
eq | Equals |
ne | Does Not Equal |
gt | Greater Than |
ge | Greater Than or Equals |
lt | Less Than |
le | Less Than or Equals |
st | Starts With |
li | Like |
nl | Not Like |
in | In the (comma seperated) list |
ni | Not in the (comma seperated) list |
...
Code Block | ||||
---|---|---|---|---|
| ||||
id: 65554 name: Mac Address for Cisco Systems org_id: 1 description: Set the manufacturer based on the MAC prefix. weight: 90 inputs: [{"table":"network","attribute":"mac","operator":"st","value":"cc:46:d6"},{"table":"system","attribute":"manufacturer","operator":"eq","value":""}] outputs: [{"table":"system","attribute":"manufacturer","value":"Cisco Systems","value_type":"string"}] edited_by: system edited_date: 2001-01-01 00:00:00 |
API / Web Access?
You can access the /rules collection using the normal Open-AudIT JSON based API. Just like any other collection. Please see the API documentation for further details.
API Routes
Request Method | ID | Action | Resulting Function | URL Example | Notes | Example Response |
---|---|---|---|---|---|---|
GET | n | collection | /rules | Returns a list of rules. | ||
GET | y | read | /rules/{id} | Returns a rules details. | ||
PATCH | y | update | /rules/{id} | Update an attribute of a rules entry. | ||
POST | n | create | /rules | Insert a new rules entry. | ||
DELETE | y | delete | /rules/{id} | Delete a rules entry. |
Web Application Routes
Only available under Open-AudIT Enterprise
Request Method | ID | Action | Resulting Function | URL Example | Notes |
---|---|---|---|---|---|
GET | n | create | create_form | /rules/create | Displays a standard web form for submission to POST /files. |
...