06-23-2023 06:50 PM
Testing the DNA center API.
To locate Wireless Intrusion Prevention System (WIPS) information in Cisco DNA Center, you can use the Cisco DNA Center API. Specifically, you can make use of the GET /dna/intent/api/v1/stealthwatch/wips/rogue-aps endpoint to retrieve WIPS-related details for rogue APs. Here's an example script in Python that demonstrates how to retrieve the mentioned WIPS information:
import requests
# Cisco DNA Center API endpoint and credentials
base_url = 'https://<DNA_CENTER_IP>'
username = '<USERNAME>'
password = '<PASSWORD>'
# Authentication: Get the access token
auth_endpoint = base_url + '/dna/system/api/v1/auth/token'
auth_headers = {'Content-Type': 'application/json'}
auth_payload = {'username': username, 'password': password}
auth_response = requests.post(auth_endpoint, headers=auth_headers, json=auth_payload, verify=False)
auth_response.raise_for_status()
access_token = auth_response.json()['Token']
# WIPS endpoint
wips_endpoint = base_url + '/dna/intent/api/v1/stealthwatch/wips/rogue-aps'
# API request headers
headers = {
'Content-Type': 'application/json',
'X-Auth-Token': access_token
}
try:
# Send the API request
response = requests.get(wips_endpoint, headers=headers, verify=False)
response.raise_for_status()
# Handle the API response
wips_data = response.json()
# Extract and display the relevant information
for rogue_ap in wips_data['response']:
print("Last Seen Time:", rogue_ap['lastSeenTime'])
print("Rogue MAC Address:", rogue_ap['macAddress'])
print("Detecting AP Name:", rogue_ap['detectingAPName'])
print("Radio Type:", rogue_ap['radioType'])
print("Controller IP Address:", rogue_ap['controllerIpAddress'])
print("Detecting AP Map Location:", rogue_ap['detectingAPMapLocation'])
print("SSID:", rogue_ap['ssid'])
print("Rogue AP Channel Number:", rogue_ap['rogueApChannelNumber'])
print("Severity Score:", rogue_ap['severityScore'])
print("Classification Name:", rogue_ap['classificationName'])
print("Alarm State:", rogue_ap['alarmState'])
print("Classification Type:", rogue_ap['classificationType'])
print("On Network:", rogue_ap['onNetwork'])
print("Encryption:", rogue_ap['encryption'])
print("Switch IP Address:", rogue_ap['switchIpAddress'])
print("Switch Name:", rogue_ap['switchName'])
print("Port Description:", rogue_ap['portDescription'])
print("--------------------------------------")
except requests.exceptions.RequestException as e:
print("Error:", e)
07-24-2023 11:18 AM
For some reason I got the error:
Traceback (most recent call last):
File "/Users/Doc/DNA-C/dnac_wips.py", line 15, in <module>
auth_response.raise_for_status()
File "/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10/site-packages/requests/models.py", line 960, in raise_for_status
raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 401 Client Error: Unauthorized for url: https://<DNA_CENTER_IP>/dna/system/api/v1/auth/token
I replaced the post request for getting token then it's ok. Of cause we need to fix the indentation caused by copy and paste too.
auth_response=requests.post(auth_endpoint, auth=(username, password), verify=False)
#auth_response = requests.post(auth_endpoint, headers=auth_headers, json=auth_payload, verify=False)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide