Introduction
With the release of Open-AudIT 3.2.0 we have introduced a new concept called Rules. Rules are created and run against a device when the device is discovered or an audit result is processed. Rules can be used to set a device attribute based on other attributes.
...
Initially we have included rules for SNMP Enterprises, MAC Addresses, SNMP OIDs and quite a few custom rules. The actual counts are:
SNMP Enterprise | 54006 |
Mac Address | 26432 |
SNMP OID | 10897 |
Custom | 422 |
Total | 99757 |
---|
All these rules were previously hard coded into the application codebase. As a result, we have deleted many thousands of lines of code! We have still more to introduce, but this is a start
...
Operators in Inputs can have the following values.
Name | Result |
---|---|
eq | Equals |
ne | Does Not Equal |
gt | Greater Than |
ge | Greater Than or Equals |
lt | Less Than |
le | Less Than or Equals |
st | Starts With |
li | Like |
nl | Not Like |
in | In the (comma seperated) list |
ni | Not in the (comma seperated) list |
Value Types in Outputs can have the following values.
Name | Description |
---|---|
string | a String |
integer | an Integer |
timestamp | A timestamp. If the value is set, that timestamp value will be used. If the value is not set, the current timestamp will be used. |
When the rules run in discovery, any matching rules will appear in the discovery log. See below for an example.
Hit on snmp_enterprise_id 9 eq 9 for SNMP Enterprise Number for ciscoSystems. Hit on manufacturer eq for SNMP Enterprise Number for ciscoSystems. (Rule: 10)
Command: Rule match
Output: {"manufacturer":"Cisco Systems","snmp_enterprise_name":"ciscoSystems"}
and anohter
Hit on snmp_oid 1.3.6.1.4.1.9.1.620 eq 1.3.6.1.4.1.9.1.620 for SNMP OID match. (Rule: 135661)
Command: Rule match
Output: {"model":"Cisco 1841","type":"router"}
Create Rules Entries
Rules can be created just like any other item. Menu → Manage → Rules → Create.
...
You can access the /rules collection using the normal Open-AudIT JSON based API. Just like any other collection. Please see the API documentation for further details.
API Routes
Request Method | ID | Action | Resulting Function | URL Example | Notes | Example Response |
---|---|---|---|---|---|---|
GET | n | collection | /rules | Returns a list of rules. | ||
GET | y | read | /rules/{id} | Returns a rules details. | ||
PATCH | y | update | /rules/{id} | Update an attribute of a rules entry. | ||
POST | n | create | /rules | Insert a new rules entry. | ||
DELETE | y | delete | /rules/{id} | Delete a rules entry. |
Web Application Routes
Only available under Open-AudIT Enterprise
Request Method | ID | Action | Resulting Function | URL Example | Notes |
---|---|---|---|---|---|
GET | n | create | create_form | /rules/create | Displays a standard web form for submission to POST /files. |