The Open-AudIT API (1.12.8)

Introduction

Open-AudIT is implementing a JSON Restful API. Te format of the request URLs will also be used in the web application (with a few extra pieces, see below re: action).

In short, you can all /devices using the API to retrieve a JSON document containing the devices as per the JSONapi.org spec.

You can also call /devices in the web front end and retrieve the same list which is displayed in the web page and formatted as per the normal application theme.

Filtering, sorting and the other options apply equally to both the web frontend and to the JSON API.

 

NOTE - This API is not ready for a full release as yet and items below are subject to change.As at 1.12.8, this is how it stands.

NOTE - This page is incomplete and is being updated as we work towards a released version of the API.

Open-AudIT's API

Open-AudIT is basing it's API on http://jsonapi.org with the intention of providing simple and intuitive access in a manner familiar to developers. In addition to this API, the web interface will use the same request/URI format and supply some additional actions.

Options

Format

Using the format option is useful when using a web browser but you wish to see the result in JSON format. Adding format=json achieves this. Normally a web browser will set its accept header to html, so in that case we return the rendered page. Using an API to retrieve JSON you should set the accept header to contain the string "json". That might be "json/application" or whatever you like. You can override this by providing the format option in the URL..

We tend to use the Google Chrome extension called Postman for testing actual restful queries. You might like to install and test with that. http://www.getpostman.com.

format={json}

Sort

To sort by a database column, user "sort={attribute}". To reverse sort, insert a minus, thus "sort=-{attribute}".

 

sort=[-]{attribute}

 

Current

By default, only attributes with "current=y" are retrieved. To override this, set current as below.

 

current={y|n|all}

 

GroupBy

 

groupby={attribute}

 

Limit

When requesting JSON, by default no limit is set. When requesting screen display, limit is set to 1000 by default.

 

limit={int}

 

Offset

The offset is the count of devices you wish to return data from.

 

offset={int}

 

Properties

Requested properties should be in a comma separated list.

 

properties={attribute 1},{attribute 2},{attribute 3}

 

Filter

To filter by a property value, use the property name. Operators that should precede the value are !=, >, >=, <, <=, 'like' and '!like'. If no operator is specified, the default is =.

 

{attribute}=[operator]{value}

 

Include

When requesting the details fo a resource (a device), if the request is JSON based only the 'system' table will be returned. NOT all the related tables. There will be links for these tables in the data->links section. If you would like the system tabel AND the bios table (for example) in a JSON request, you can use the 'include' keyword. An example would be a GET request with accept header as JSON to http://server/open-audit/index.php/devices?include=bios. For a HTML (web browser) formatted request, by default all related tables are included so the web page can render the device details as it has always done. When using include, you can use the keyword 'all' to retrieve all tables that contain related information.

include={sub_resource}

 

Version

To request a different version of the API (currently only v1 exists), use the url /api/{version}/devices or /v1/devices.

 

Action

When using the API the default action is determined according to the request method and URL. You can override this by providing the 'action' option in the URL. This is only really required when using the web front end. Normal use of the API does not require you to set 'action'. An example of this is when creating a new item. You would normally use POST to /item but in the case of a web user, you need a web form to be able to fill out the item details. In that case there is no facility for this in a typical JSON restful API. We work around this by providing action=create in a GET request for the URL. IE - http://{server}/open-audit/index.php/networks?action=create

 

Routing Table

The default action if notihng matches below is to return a collection of items.

* Not all routes are available on or apply to all endpoints.

** Actions ending in _form are for web form input

Request Methodidactionsub_resourcesub_resource_idResulting ActionNotesURL Example
GETN   collection /devices
GETNcreate  create_form /devices?action=create
GETY/NcreateY sub_resource_create_form /devices?action=create&sub_resource=credentials
GETNimport  import_form /devices?action=import
GETY   read /devices/{id}
GETYupdate  update_form /devices/{id}?action=update
GETYdownload  download /scripts/{id}?action=download
GETNupdate  bulk_update_form

Should provide attribute "ids" which is a comma

separated list of ID's upon which to bulk update.

/devices?action=update&ids=1,2,3,4
POSTN   create /devices
POSTNimport  import /devices?action=import
POSTNedit  bulk_update_form  
POST / PUT / PATCHY   update /devices/{id}?action=update
POSTY Y sub_resource_create /devices/{id}?sub_resource=credential
DELETEY N deleteYou cannot delete a default org, location or script./scripts/{id}
DELETEY YYsub_resource_delete /devices/{id}/credential/{sub_resource_id}
ALL <empty> or list  collection  
        
        
        
        

 

 

Devices

Examples of retrieving data

HTTP VerbAcceptURLResultExample Response
GETJSON/devicesGet a list of all devices.devices.json
GETJSON/devices?properties=system.id,system.name,system.type,system.serialGet a list of devices with the data id, name, type and serialdevices_properties.json
GETJSON/devices?system.os_group=WindowsGet a list of devices with an OS Group of Linux.devices_os_group_linux.json
GETJSON/devices?sub_resource=ip&ip.network=192.168.1.0/24&properties=system.id,system.name,system.domain,ip.ipGet a list of devices in the 192.168.1.0/24 subnet.devices_in_192-168-1-0.json
GETJSON/devices/8Get the system table of device with id = 8.devices_8.json
GETJSON/devices/8?include=biosGet the system table and bios table for device with ID = 8.devices_8_include_bios.json
GETJSON/devices/8/biosGet the bios details (not the system table) for device with ID = 8.devices_8_bios.json

Example of updating a device

HTTP VerbAcceptURLDataResultExample Response
PATCHJSON/devices/8
{
"data": {
    "type" : "devices",
    "id" : 8,
    "attributes" : {
        "description" : "my HP"
        }
    }
}
Update the description of the device with ID = 8.devices_8_patch_description.json
      

 

Device sub_resource Names

NAME
NAME
NAME

audit_log
bios
change_log
credentials
disk
dns
edit_log
ip
log
memory
module
monitor
motherboard

netstat
network
optical
pagefile
partition
print_queue
processor
route
san
scsi
server
server_item 

service
share
software
software_key
sound
task
user
user_group
variable
video
vm
windows