FortiSIEM Discover Devices API Integration

Discover Devices

Applies To

API Parameters

Multitenant Deployments

Enterprise Deployments

Sample Code for Discovery Request

Sample Input XML File

Sample Python Script

Sample Output XML for Discovery Results

Sample Output Text for Discovery Results

Applies To

Enterprise and multitenant deployments

API Parameters

Multitenant Deployments

Methodology REST API based: make an HTTP(S) request with an input XML containing the devices to be discovered. An output XML containing the task Id is returned. The task Id can then be used to get the status of the discovery results
Request

URL

Discovery request: https://<AccelOps_IP>/phoenix/rest/deviceMon/discover

Discovery result: https://<AccelOps_IP>/phoenix/rest/deviceMon/discover/status?taskId=1234

Input

Parameters

Username and password of Super account or Organization specific account, Organization name
Output Discovery request: XML containing task Id

Discovery result: XML containing discovered devices and attributes

Enterprise Deployments

Methodology REST API based: make an HTTP(S) request with an input XML containing the devices to be discovered. An output XML containing the task Id is returned. The task Id can then be used to get the status of the discovery results
Request

URL

Discovery request: https://<AccelOps_IP>/phoenix/rest/deviceMon/discover

Discovery result: https://<AccelOps_IP>/phoenix/rest/deviceMon/discover/status?taskId=1234

Input

Parameters

Username and password of any AccelOps account
Output Discovery request: XML containing task Id

Discovery result: XML containing discovered devices and attributes

Sample Code for Discovery Request

This sample takes the credentials and, optionally, organization name as arguments and writes out the parsed XML output file in a comma separated value (CSV) format on the screen. The output can be redirected to a file if needed.

Sample Input XML File

Sample Python Script

Discover.py Script Usage

 

 

import sys, base64, urllib, urllib2 def restPost(appServer, user, password, file):

f = open(file, ‘r’)     content = f.read()

f.close()     url = “https://” + appServer + “/phoenix/rest/deviceMon/discover”     auth = “Basic %s” % base64.encodestring(user + “:” + password)     request = urllib2.Request(url, content)     request.add_header(‘Authorization’, auth)     request.add_header(‘Content-Type’, ‘text/xml’) # ‘application/xml’     request.add_header(‘Content-Length’, len(content))     request.add_header(‘User-Agent’, ‘Python-urllib2/2.4’)     request.get_method = lambda: ‘PUT’     try:

handle = urllib2.urlopen(request)     except urllib2.HTTPError, error:         if (error.code != 204):

print error if __name__==’__main__’:     if len(sys.argv) != 5:

print “Usage: discoverDevice.py appServer user password deviceDefFile”         print “Example: python discoverDevice.py 192.168.20.116 super/admin adm1n deviceDef.xml”         sys.exit()     restPost(sys.argv[1], sys.argv[2], sys.argv[3], sys.argv[4])

python Discover.py <AccelOps_IP> <user> <password> <device xml file name> Example

python Discover.py 172.16.20.210 “super/admin” “admin*1” DiscoverDevice. xml

The Super_user needs to be explicitly stated in organization/user format, for example, “super/adm in” or “super/admin” instead of just “admin”.

Sample Output XML for Discovery Results

Sample Output Text for Discovery Results

 

This entry was posted in Administration Guides, FortiSIEM on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.