cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1480
Views
1
Helpful
3
Replies

Compliance Report via API

Jason Belk
Cisco Employee
Cisco Employee

Hi all,

 

Assuming I am using a system install NSO, with typical cisco NEDs, and I issue a RESTCONF call like this:

curl --location --request PATCH 'https://10.10.20.49:443/restconf/data/tailf-ncs:compliance' \
--header 'Content-Type: application/yang-data+xml' \
--header 'Authorization: Basic YWRtaW46YWRtaW4=' \
--header 'Accept: application/yang-data+json' \
--header 'Authorization: Basic ZGV2ZWxvcGVyOkMxc2NvMTIzNDU=' \
--header 'Content-Type: text/plain' \
--data-raw '<compliance xmlns="http://tail-f.com/ns/ncs">
               <reports>
                 <report>
                   <name>DNS_COMPLIANCE_REPORT</name>
                   <compare-template>
                     <template-name>SET-DNS-SERVER</template-name>
                     <device-group>ALL</device-group>
                   </compare-template>
                 </report>
               </reports>
             </compliance>'

and I have my device group set up / device template set up, where does the compliance report go?

 

I know for local install if run via CLI it goes into current working directory, but for system install and using API, not sure where to look? I checked in:

/var/opt/ncs/*

/opt/ncs/current/*

 

1 Accepted Solution

Accepted Solutions

Jason Belk
Cisco Employee
Cisco Employee

I think I might have partially answered my own question. The above API call was to create the report, but not to run it. Here is what I did to run it:

curl --location --request POST 'https://10.10.20.49:443/restconf/data/tailf-ncs:compliance/reports/report=DNS_COMPLIANCE_REPORT/run' \
--header 'Content-Type: application/yang-data+xml' \
--header 'Authorization: Basic YWRtaW46YWRtaW4=' \
--header 'Accept: application/yang-data+json' \
--header 'Authorization: Basic ZGV2ZWxvcGVyOkMxc2NvMTIzNDU=' \
--header 'Content-Type: text/plain' \
--data-raw '<input>
	<outformat>html</outformat>
</input>'

and got the following response:

{
  "tailf-ncs:output": {
    "id": 1,
    "compliance-status": "violations",
    "info": "Checking 8 devices and no services",
    "location": "https://localhost:443/compliance-reports/report_1_developer_1_2020-10-13T15:48:40:0.html"
  }
}

and found it in the running directory state:

[developer@nso compliance-reports]$ ls
report_1_developer_1_2020-10-13T15:48:40:0.html
[developer@nso compliance-reports]$ pwd
/var/opt/ncs/state/compliance-reports
[developer@nso compliance-reports]$

 

 

 

View solution in original post

3 Replies 3

Jason Belk
Cisco Employee
Cisco Employee

I think I might have partially answered my own question. The above API call was to create the report, but not to run it. Here is what I did to run it:

curl --location --request POST 'https://10.10.20.49:443/restconf/data/tailf-ncs:compliance/reports/report=DNS_COMPLIANCE_REPORT/run' \
--header 'Content-Type: application/yang-data+xml' \
--header 'Authorization: Basic YWRtaW46YWRtaW4=' \
--header 'Accept: application/yang-data+json' \
--header 'Authorization: Basic ZGV2ZWxvcGVyOkMxc2NvMTIzNDU=' \
--header 'Content-Type: text/plain' \
--data-raw '<input>
	<outformat>html</outformat>
</input>'

and got the following response:

{
  "tailf-ncs:output": {
    "id": 1,
    "compliance-status": "violations",
    "info": "Checking 8 devices and no services",
    "location": "https://localhost:443/compliance-reports/report_1_developer_1_2020-10-13T15:48:40:0.html"
  }
}

and found it in the running directory state:

[developer@nso compliance-reports]$ ls
report_1_developer_1_2020-10-13T15:48:40:0.html
[developer@nso compliance-reports]$ pwd
/var/opt/ncs/state/compliance-reports
[developer@nso compliance-reports]$

 

 

 

thandoan@cisco.com
Cisco Employee
Cisco Employee

hi Jason,

I follow a long the response and get the location url and try to open the url for report, it would return a login page to python program. How can we get it authenticated and open the report right away?

Not sure if you ever figured this out but here is how I did it in Python:

web_ui_auth_body = {"jsonrpc":"2.0","id":2,"method":"login","params":{"user":"cisco","passwd":"C1sco12345"}}
cookie_response = requests.post(url="http://198.18.134.28:8080/jsonrpc/login", json=web_ui_auth_body) # This is so we can get valid session cookie

nso_cookies = cookie_response.cookies.items()[0]

headers = {
'Accept': 'application/yang-data+xml',
'Authorization': 'Basic Y2lzYxc6Qz46545xMjM0NQ==',
"Cookie": nso_cookies[0]+"="+nso_cookies[1]
}
response = requests.request("GET", url="http://198.18.134.28:8080/compliance-reports/report_2024-01-29T22:43:21.684715+00:00.xml", headers=headers)

print(response.text)