Hello All,
Is there possibility to access Arnold detention mechanism using Nav API? If yes , it will be nice to see some example Please advice Thanks
On Wed, 16 Dec 2015 11:57:02 +0000 Tal Bar-Or tbaror@gmail.com wrote:
Is there possibility to access Arnold detention mechanism using Nav API? If yes , it will be nice to see some example
Hi there,
we do not currently have any API endpoints for interfacing with Arnold. What kind of endpoints would you be interested in?
Thanks Morten for the answer , My interest would be automate IPS using the API for isolating hosts upon alerting events Thanks
On Thu, Dec 17, 2015 at 1:29 PM, Morten Brekkevold < morten.brekkevold@uninett.no> wrote:
On Wed, 16 Dec 2015 11:57:02 +0000 Tal Bar-Or tbaror@gmail.com wrote:
Is there possibility to access Arnold detention mechanism using Nav API? If yes , it will be nice to see some example
Hi there,
we do not currently have any API endpoints for interfacing with Arnold. What kind of endpoints would you be interested in?
-- Morten Brekkevold UNINETT
At NTNU, we use Arnold to automatic disable switchports based on netflow-statistics. Our netflow-server provides a list of IP-addresses (a file). This file is transferred to the nav-server (ssh, I think), and Arnold disables the switchports where the IP-addresses were last seen. Morten is the creator of it, and knows all the details ☺
As long as the NAV API has only one token “to rule them all”, I’m a bit skeptical to allow the API to disable ports.
Gro-Anita Vindheim NTNU
From: nav-users-request@uninett.no [mailto:nav-users-request@uninett.no] On Behalf Of Tal Bar-Or Sent: Thursday, December 17, 2015 5:49 PM To: Morten Brekkevold morten.brekkevold@uninett.no Cc: nav-users@uninett.no Subject: Re: Using API for Arnold
Thanks Morten for the answer , My interest would be automate IPS using the API for isolating hosts upon alerting events Thanks
On Thu, Dec 17, 2015 at 1:29 PM, Morten Brekkevold <morten.brekkevold@uninett.nomailto:morten.brekkevold@uninett.no> wrote: On Wed, 16 Dec 2015 11:57:02 +0000 Tal Bar-Or <tbaror@gmail.commailto:tbaror@gmail.com> wrote:
Is there possibility to access Arnold detention mechanism using Nav API? If yes , it will be nice to see some example
Hi there,
we do not currently have any API endpoints for interfacing with Arnold. What kind of endpoints would you be interested in?
-- Morten Brekkevold UNINETT
-- Tal Bar-or
On Fri, 18 Dec 2015 08:36:18 +0100 Gro-Anita Hillestad Vindheim gro-anita.vindheim@ntnu.no wrote:
At NTNU, we use Arnold to automatic disable switchports based on netflow-statistics. Our netflow-server provides a list of IP-addresses (a file). This file is transferred to the nav-server (ssh, I think), and Arnold disables the switchports where the IP-addresses were last seen. Morten is the creator of it, and knows all the details J
Usage of this system is documented:
https://nav.uninett.no/doc/4.3/reference/arnold.html?#start-arnold-py
This does sound somewhat like what Tal Bar-Or is asking for.
As long as the NAV API has only one token “to rule them all”, I’m a bit skeptical to allow the API to disable ports.
We would not want to add write-type API endpoints until we change the token auth system, no. We have multiple users asking for this by now, so we should definitely have a look at it in 2016.
-- Morten Brekkevold UNINETT
Thanks all for the answers :-)
On Mon, Dec 21, 2015 at 9:23 AM, Morten Brekkevold < morten.brekkevold@uninett.no> wrote:
On Fri, 18 Dec 2015 08:36:18 +0100 Gro-Anita Hillestad Vindheim < gro-anita.vindheim@ntnu.no> wrote:
At NTNU, we use Arnold to automatic disable switchports based on netflow-statistics. Our netflow-server provides a list of IP-addresses (a file). This file is transferred to the nav-server (ssh, I think), and
Arnold
disables the switchports where the IP-addresses were last seen. Morten
is the
creator of it, and knows all the details J
Usage of this system is documented:
https://nav.uninett.no/doc/4.3/reference/arnold.html?#start-arnold-py
This does sound somewhat like what Tal Bar-Or is asking for.
As long as the NAV API has only one token “to rule them all”, I’m a bit skeptical to allow the API to disable ports.
We would not want to add write-type API endpoints until we change the token auth system, no. We have multiple users asking for this by now, so we should definitely have a look at it in 2016.
-- Morten Brekkevold UNINETT