...
Open-AudIT's API
Open-AudIT is basing its API on 's API is base upon http://jsonapi.org with the intention of providing simple and intuitive access in a manner familiar to developers.
In addition to this API, the web interface will use the same request format and supply some additional actions (eg: HTML forms for creating items).
Access Model
The API uses a cookie. You can request a cookie by sending a POST to the URL below, containing the username and password attributes and values:
Code Block |
---|
http://{server}/omk/open-audit/loginindex.php/logon |
POSTing data
To create a resource, you should POST the required data.
When POSTing data, you must include an access token. An access token is generated with every request type, so make a GET (for example) and Accept: application/json, parse the response for meta→access_token, and include that with your request. This will should be placed in the field data[access_token], IE, the top level.
...
data[attributes][credentials][credentials][username]
Examples Som examples are at the bottom of this page.
...
applications: name,org_id
attributes: name,org_id,type,resource,value
baselines: name,org_id
buildings: name,org_id,location_id
clouds: name,org_id,type,credentials,options
clusters: name,org_id
collectors: name,org_id,statustype,host,community,username,password
connections: name,org_id
credentials: name,org_id,type,credentials
dashboards: name,org_id, options, sidebar
devices: name, org_id
discoveries: name,org_id,type
discovery_scan_options: name,org_id
fields: name,org_id,type,placement,group_id
files,ping,service_version,filtered,open|filtered,timing,nmap_tcp_ports,nmap_udp_ports
fields: name,org_id,pathtype
floors
files: name,org_id,building_idpath
groups: name,org_id,sql
integrations: name,org_id,attributes,optionsfields
ldap_servers: name,org_id,lang,host,port,secure,domain,type,version,use_auth,use_roles,refresh
licenses: name,org_id,org_descendants,purchase_count,match_string
locations: name,org_id
networks: name,org_id,network
orgs: name,parent_id
queries: name,org_id,sql,menu_category,menu_display
racks: name,org_id,rowru_idheight
rack_devices: rack_id,systemdevice_id,position,height
roles: name,permissions
rooms: name,org_id,floor_id
rows: name,org_id,room_id,permissions
rules: name,org_id,weight,inputs,outputs
scripts: name,org_id,options,based_on
summaries: name,org_id,table,column,menu_category
tasks: name,org_id,type,sub_resource_id,uuid,enabled,minute,hour,day_of_month,month,day_of_week
users: name,org_id,lang,active,roles,orgs
widgets: name,org_id,type
...
Using the format option is useful when using a web browser but you wish to see the result in JSON format. Adding format=json achieves this. If you only want the actual data in JSON, format=json_data will do the trick. Normally a web browser will set its accept header to HTML, so in that case, we return the rendered page. Using an API to retrieve JSON you should set the accept header to "json/application". You can override this by providing the format option in the URL.
We tend to use the Google Chrome extension called Postman for testing actual restful queries. You might like to install and test with that. http://www.getpostman.com.
Action
NOTE - Removed from 5.0.0.
When using the API the default action is determined according to the format and URL. You can override this by providing the 'action' option in the URL. An example of this is when creating a new item. You would normally use POST to /item but in the case of a web user, you need a web form to be able to fill out the item details. In that case, there is no facility for this in a typical JSON Restful API. We work around this by providing action=create in a GET request for the URL. IE - http://{server}/omk/open-audit/networks?action=create. The default action if nothing matches below is to return a collection of items.
...
End Points
All endpoints URLs for prior to v5 are of the format http://{server}/omk/open-audit/{endpoint}
NOTE - From 5.0.0 all endpoint URLs are of the form - http://{server}/open-audit/index.php/{endpoint}
Devices
NOTE - From 5.0.0 the sub_resource item has been replaced by the components endpoint.
Type | Endpoint v4 | v5 | |||
---|---|---|---|---|---|
GET | /system | /devices | Return a collection of devices with the default set of columns from the system table (system.system_id, system.icon, system.man_type, system.hostname, system.domain, system.man_ip_address, system.man_description, system.man_os_family, system.man_status) | ||
GET | /system/{id} | /devices/{id} | Return an individual devices details. | ||
GET | /devicessystem?sub_resource={sub_resource name} | /components?components.type={sub_resource name} | To return all items in a sub_resource for a collection of devices. If you wanted all software you would use http://{server}/open-audit/index.php/devices?sub_resource=software | ||
GET | / | devicessystem/{id}?sub_resource={sub_resource name} | /components?components.type={sub_resource name}&components.device_id={id} | To return all items in a sub_resource for a specific device. | |
GET | / | devicessystem/{id}?sub_resource={sub_resource name}&sub_resource_id={sub_resource id} | /components/{sub_resource id}?components.type={sub_resource name} | To return a specific sub_resource item. |
Device sub_resource
...
names / component types
NAME | NAME | NAME |
---|---|---|
audit_log | netstat | service |
...