Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1220
Views
1
Helpful
3
Replies

Compliance Report via API

Go to solution
Jason Belk
Cisco Employee
Cisco Employee

‎10-13-2020 03:46 PM

Hi all,

 

Assuming I am using a system install NSO, with typical cisco NEDs, and I issue a RESTCONF call like this:

curl --location --request PATCH 'https://10.10.20.49:443/restconf/data/tailf-ncs:compliance' \
--header 'Content-Type: application/yang-data+xml' \
--header 'Authorization: Basic YWRtaW46YWRtaW4=' \
--header 'Accept: application/yang-data+json' \
--header 'Authorization: Basic ZGV2ZWxvcGVyOkMxc2NvMTIzNDU=' \
--header 'Content-Type: text/plain' \
--data-raw '<compliance xmlns="http://tail-f.com/ns/ncs">
               <reports>
                 <report>
                   <name>DNS_COMPLIANCE_REPORT</name>
                   <compare-template>
                     <template-name>SET-DNS-SERVER</template-name>
                     <device-group>ALL</device-group>
                   </compare-template>
                 </report>
               </reports>
             </compliance>'

and I have my device group set up / device template set up, where does the compliance report go?

 

I know for local install if run via CLI it goes into current working directory, but for system install and using API, not sure where to look? I checked in:

/var/opt/ncs/*

/opt/ncs/current/*

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jason Belk
Cisco Employee
Cisco Employee

‎10-13-2020 03:53 PM - edited ‎10-13-2020 03:56 PM

I think I might have partially answered my own question. The above API call was to create the report, but not to run it. Here is what I did to run it:

curl --location --request POST 'https://10.10.20.49:443/restconf/data/tailf-ncs:compliance/reports/report=DNS_COMPLIANCE_REPORT/run' \
--header 'Content-Type: application/yang-data+xml' \
--header 'Authorization: Basic YWRtaW46YWRtaW4=' \
--header 'Accept: application/yang-data+json' \
--header 'Authorization: Basic ZGV2ZWxvcGVyOkMxc2NvMTIzNDU=' \
--header 'Content-Type: text/plain' \
--data-raw '<input>
	<outformat>html</outformat>
</input>'

and got the following response:

{
  "tailf-ncs:output": {
    "id": 1,
    "compliance-status": "violations",
    "info": "Checking 8 devices and no services",
    "location": "https://localhost:443/compliance-reports/report_1_developer_1_2020-10-13T15:48:40:0.html"
  }
}

and found it in the running directory state:

[developer@nso compliance-reports]$ ls
report_1_developer_1_2020-10-13T15:48:40:0.html
[developer@nso compliance-reports]$ pwd
/var/opt/ncs/state/compliance-reports
[developer@nso compliance-reports]$

 

 

 

View solution in original post

3 Replies 3

Go to solution
Jason Belk
Cisco Employee
Cisco Employee

‎10-13-2020 03:53 PM - edited ‎10-13-2020 03:56 PM

I think I might have partially answered my own question. The above API call was to create the report, but not to run it. Here is what I did to run it:

curl --location --request POST 'https://10.10.20.49:443/restconf/data/tailf-ncs:compliance/reports/report=DNS_COMPLIANCE_REPORT/run' \
--header 'Content-Type: application/yang-data+xml' \
--header 'Authorization: Basic YWRtaW46YWRtaW4=' \
--header 'Accept: application/yang-data+json' \
--header 'Authorization: Basic ZGV2ZWxvcGVyOkMxc2NvMTIzNDU=' \
--header 'Content-Type: text/plain' \
--data-raw '<input>
	<outformat>html</outformat>
</input>'

and got the following response:

{
  "tailf-ncs:output": {
    "id": 1,
    "compliance-status": "violations",
    "info": "Checking 8 devices and no services",
    "location": "https://localhost:443/compliance-reports/report_1_developer_1_2020-10-13T15:48:40:0.html"
  }
}

and found it in the running directory state:

[developer@nso compliance-reports]$ ls
report_1_developer_1_2020-10-13T15:48:40:0.html
[developer@nso compliance-reports]$ pwd
/var/opt/ncs/state/compliance-reports
[developer@nso compliance-reports]$

 

 

 

Go to solution
thandoan@cisco.com
Cisco Employee
Cisco Employee

‎04-13-2023 02:44 AM

hi Jason,

I follow a long the response and get the location url and try to open the url for report, it would return a login page to python program. How can we get it authenticated and open the report right away?

0 Helpful

Go to solution
anersess
Cisco Employee
Cisco Employee
In response to thandoan@cisco.com

‎01-29-2024 02:54 PM

Not sure if you ever figured this out but here is how I did it in Python:

web_ui_auth_body = {"jsonrpc":"2.0","id":2,"method":"login","params":{"user":"cisco","passwd":"C1sco12345"}}
cookie_response = requests.post(url="http://198.18.134.28:8080/jsonrpc/login", json=web_ui_auth_body) # This is so we can get valid session cookie

nso_cookies = cookie_response.cookies.items()[0]

headers = {
  'Accept': 'application/yang-data+xml',
  'Authorization': 'Basic Y2lzYxc6Qz46545xMjM0NQ==',
  "Cookie": nso_cookies[0]+"="+nso_cookies[1]
}
response = requests.request("GET", url="http://198.18.134.28:8080/compliance-reports/report_2024-01-29T22:43:21.684715+00:00.xml", headers=headers)

print(response.text)



0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the NSO Developer community:

Customers Also Viewed These Support Documents