Hello All, Is there possibility to access Arnold detention mechanism using Nav API? If yes , it will be nice to see some example Please advice Thanks -- Tal Bar-or
On Wed, 16 Dec 2015 11:57:02 +0000 Tal Bar-Or <tbaror@gmail.com> wrote:
Is there possibility to access Arnold detention mechanism using Nav API? If yes , it will be nice to see some example
Hi there, we do not currently have any API endpoints for interfacing with Arnold. What kind of endpoints would you be interested in? -- Morten Brekkevold UNINETT
Thanks Morten for the answer , My interest would be automate IPS using the API for isolating hosts upon alerting events Thanks On Thu, Dec 17, 2015 at 1:29 PM, Morten Brekkevold < morten.brekkevold@uninett.no> wrote:
On Wed, 16 Dec 2015 11:57:02 +0000 Tal Bar-Or <tbaror@gmail.com> wrote:
Is there possibility to access Arnold detention mechanism using Nav API? If yes , it will be nice to see some example
Hi there,
we do not currently have any API endpoints for interfacing with Arnold. What kind of endpoints would you be interested in?
-- Morten Brekkevold UNINETT
-- Tal Bar-or
At NTNU, we use Arnold to automatic disable switchports based on netflow-statistics. Our netflow-server provides a list of IP-addresses (a file). This file is transferred to the nav-server (ssh, I think), and Arnold disables the switchports where the IP-addresses were last seen. Morten is the creator of it, and knows all the details ☺ As long as the NAV API has only one token “to rule them all”, I’m a bit skeptical to allow the API to disable ports. Gro-Anita Vindheim NTNU From: nav-users-request@uninett.no [mailto:nav-users-request@uninett.no] On Behalf Of Tal Bar-Or Sent: Thursday, December 17, 2015 5:49 PM To: Morten Brekkevold <morten.brekkevold@uninett.no> Cc: nav-users@uninett.no Subject: Re: Using API for Arnold Thanks Morten for the answer , My interest would be automate IPS using the API for isolating hosts upon alerting events Thanks On Thu, Dec 17, 2015 at 1:29 PM, Morten Brekkevold <morten.brekkevold@uninett.no<mailto:morten.brekkevold@uninett.no>> wrote: On Wed, 16 Dec 2015 11:57:02 +0000 Tal Bar-Or <tbaror@gmail.com<mailto:tbaror@gmail.com>> wrote:
Is there possibility to access Arnold detention mechanism using Nav API? If yes , it will be nice to see some example
Hi there, we do not currently have any API endpoints for interfacing with Arnold. What kind of endpoints would you be interested in? -- Morten Brekkevold UNINETT -- Tal Bar-or
On Fri, 18 Dec 2015 08:36:18 +0100 Gro-Anita Hillestad Vindheim <gro-anita.vindheim@ntnu.no> wrote:
At NTNU, we use Arnold to automatic disable switchports based on netflow-statistics. Our netflow-server provides a list of IP-addresses (a file). This file is transferred to the nav-server (ssh, I think), and Arnold disables the switchports where the IP-addresses were last seen. Morten is the creator of it, and knows all the details J
Usage of this system is documented: https://nav.uninett.no/doc/4.3/reference/arnold.html?#start-arnold-py This does sound somewhat like what Tal Bar-Or is asking for.
As long as the NAV API has only one token “to rule them all”, I’m a bit skeptical to allow the API to disable ports.
We would not want to add write-type API endpoints until we change the token auth system, no. We have multiple users asking for this by now, so we should definitely have a look at it in 2016. -- Morten Brekkevold UNINETT
Thanks all for the answers :-) On Mon, Dec 21, 2015 at 9:23 AM, Morten Brekkevold < morten.brekkevold@uninett.no> wrote:
On Fri, 18 Dec 2015 08:36:18 +0100 Gro-Anita Hillestad Vindheim < gro-anita.vindheim@ntnu.no> wrote:
At NTNU, we use Arnold to automatic disable switchports based on netflow-statistics. Our netflow-server provides a list of IP-addresses (a file). This file is transferred to the nav-server (ssh, I think), and Arnold disables the switchports where the IP-addresses were last seen. Morten is the creator of it, and knows all the details J
Usage of this system is documented:
https://nav.uninett.no/doc/4.3/reference/arnold.html?#start-arnold-py
This does sound somewhat like what Tal Bar-Or is asking for.
As long as the NAV API has only one token “to rule them all”, I’m a bit skeptical to allow the API to disable ports.
We would not want to add write-type API endpoints until we change the token auth system, no. We have multiple users asking for this by now, so we should definitely have a look at it in 2016.
-- Morten Brekkevold UNINETT
-- Tal Bar-or
participants (3)
-
Gro-Anita Hillestad Vindheim -
Morten Brekkevold -
Tal Bar-Or