REST API:获取所有电脑
REST API: get all computers
我的 REST API 脚本有问题,在我将趋势科技服务器深度安全防护系统从 11.2.225 升级到 20.0.366 之前它一直有效。错误发生在“for computer in api_comp.search_computers(api_version, search_filter=search_filter).computers:”这一行
执行脚本时出现的错误如下所示:
2021-06-21 13:38:00,529 root INFO Start Initialization
2021-06-21 13:38:00,536 root INFO Start read RuleIDs from DSCycle File
2021-06-21 13:38:00,539 root INFO Start read RuleIDs from Exception List File
2021-06-21 13:38:00,614 root INFO get all subpolicies of DS3
2021-06-21 13:38:01,997 root INFO get all applicationtypes for further filtering
2021-06-21 13:38:02,053 root INFO start policy DS3 Windows
Traceback (most recent call last):
File "E:\Script\ApplyNewIPSRulesInCycle.py", line 144, in <module>
for computer in api_comp.search_computers(api_version, search_filter=search_filter).computers:
File "E:\PythonInstall\lib\site-packages\deepsecurity\api\computers_api.py", line 614, in
search_computers
(data) = self.search_computers_with_http_info(api_version, **kwargs) # noqa: E501
File "E:\PythonInstall\lib\site-packages\deepsecurity\api\computers_api.py", line 698, in
search_computers_with_http_info
collection_formats=collection_formats)
File "E:\PythonInstall\lib\site-packages\deepsecurity\api_client.py", line 322, in call_api
_preload_content, _request_timeout)
File "E:\PythonInstall\lib\site-packages\deepsecurity\api_client.py", line 153, in __call_api
_request_timeout=_request_timeout)
File "E:\PythonInstall\lib\site-packages\deepsecurity\api_client.py", line 365, in request
body=body)
File "E:\PythonInstall\lib\site-packages\deepsecurity\rest.py", line 275, in POST
body=body)
File "E:\PythonInstall\lib\site-packages\deepsecurity\rest.py", line 228, in request
raise ApiException(http_resp=r)
deepsecurity.rest.ApiException: (400)
Reason:
HTTP response headers: HTTPHeaderDict({'X-Frame-Options': 'SAMEORIGIN', 'X-XSS-Protection':
'1;mode=block', 'Cache-Control': 'no-cache,no-store', 'Pragma': 'no-cache', 'X-DSM-Version':
'Deep Security/20.0.366', 'Content-Type': 'application/json', 'Content-Length': '82', 'Date':
'Mon, 21 Jun 2021 11:38:01 GMT', 'Connection': 'close'})
HTTP response body: {"message":"Invalid SearchFilter: choiceTest is not supported for field
policyID"}
需要的脚本部分:
# Get all subpolicies of basepolicy
logger.info("get all subpolicies of %s", basePolicy_d.name)
all_subpolicies = []
tempnew_policies = []
temp_policies = api_policy.search_policies(api_version, search_filter=search_filter).policies
while len(temp_policies) > 0:
for p in temp_policies:
search_criteria.numeric_value = p.id
search_filter = deepsecurity.SearchFilter(None, [search_criteria])
tempnew_policies.extend(api_policy.search_policies(api_version, search_filter=search_filter).policies)
all_subpolicies.extend(temp_policies)
temp_policies = tempnew_policies
tempnew_policies = []
# Get all ApplicationTypes with incoming direction
search_criteria = deepsecurity.SearchCriteria()
search_criteria.field_name = "direction"
search_criteria.choice_test = "equal"
search_criteria.choice_value = "incoming"
search_filter = deepsecurity.SearchFilter(None, [search_criteria])
appltypesid = []
logger.info("get all applicationtypes for further filtering")
appltypes = api_appltype.search_application_types(api_version, search_filter=search_filter).application_types
for a in appltypes:
appltypesid.append(a.id)
f = open("e:\script\export\export.txt", "a")
# Go trough all the policies that are under the D-Group
for policy in all_subpolicies:
logger.info("start policy %s", policy.name)
mailmsg_add = ""
# Get all computers in that policy
search_criteria.field_name = "policyID"
search_criteria.numeric_value = policy.id
search_filter = deepsecurity.SearchFilter(None, [search_criteria])
rulesToAdd = []
for computer in api_comp.search_computers(api_version, search_filter=search_filter).computers:
try:
# Get all Recommendations per Computer
recommendation_comp = api_rec_comp.list_intrusion_prevention_rule_ids_on_computer(computer.id, api_version)
if recommendation_comp.recommended_to_assign_rule_ids is not None:
for rule_id in recommendation_comp.recommended_to_assign_rule_ids:
# Check if ConnectionDirection of recommended IPS is incoming
rule = api_ipsrule.describe_intrusion_prevention_rule(rule_id, api_version)
logger.debug("check rule %s for list of policy %s", (str(rule.id) + ": " + rule.name), policy.name)
if rule.application_type_id in appltypesid and rule.id in dscycle_ruleids and rule.id not in exception_ruleids:
# TODO:Add to a list per Policy to add new policies
if rule.id not in rulesToAdd:
mailmsg_add += "- add rule " + (str(rule.id) + ": " + rule.name) + " \r\n"
logger.info("add rule %s to list of policy %s", (str(rule.id) + ": " + rule.name), policy.name)
rulesToAdd.append(rule.id)
f.write(policy.name + ";" + computer.host_name + ";" + str(rule.id) + ": " + rule.name + "\n")
except Exception as e:
logging.exception("Exception on Computer ", computer.id)
有没有人知道失败的原因、发生了什么变化以及我能做什么?
日志告诉我们问题发生在策略循环中。错误消息(“无效的 SearchFilter:字段 policyID 不支持 choiceTest”)告诉我们问题是 SearchFilter 在尝试搜索 policyID 字段时包含 choiceTest。
查看代码,我看到 search_criteria 变量被重新使用。这意味着第三次使用它时,它将沿用第二次使用时的 choiceTest
值。
尝试这样的操作(创建新的搜索条件):
# Get all computers in that policy
search_criteria_policy = deepsecurity.SearchCriteria()
search_criteria_policy.field_name = "policyID"
search_criteria_policy.numeric_value = policy.id
P.S。我在趋势科技研发部门工作
我的 REST API 脚本有问题,在我将趋势科技服务器深度安全防护系统从 11.2.225 升级到 20.0.366 之前它一直有效。错误发生在“for computer in api_comp.search_computers(api_version, search_filter=search_filter).computers:”这一行 执行脚本时出现的错误如下所示:
2021-06-21 13:38:00,529 root INFO Start Initialization
2021-06-21 13:38:00,536 root INFO Start read RuleIDs from DSCycle File
2021-06-21 13:38:00,539 root INFO Start read RuleIDs from Exception List File
2021-06-21 13:38:00,614 root INFO get all subpolicies of DS3
2021-06-21 13:38:01,997 root INFO get all applicationtypes for further filtering
2021-06-21 13:38:02,053 root INFO start policy DS3 Windows
Traceback (most recent call last):
File "E:\Script\ApplyNewIPSRulesInCycle.py", line 144, in <module>
for computer in api_comp.search_computers(api_version, search_filter=search_filter).computers:
File "E:\PythonInstall\lib\site-packages\deepsecurity\api\computers_api.py", line 614, in
search_computers
(data) = self.search_computers_with_http_info(api_version, **kwargs) # noqa: E501
File "E:\PythonInstall\lib\site-packages\deepsecurity\api\computers_api.py", line 698, in
search_computers_with_http_info
collection_formats=collection_formats)
File "E:\PythonInstall\lib\site-packages\deepsecurity\api_client.py", line 322, in call_api
_preload_content, _request_timeout)
File "E:\PythonInstall\lib\site-packages\deepsecurity\api_client.py", line 153, in __call_api
_request_timeout=_request_timeout)
File "E:\PythonInstall\lib\site-packages\deepsecurity\api_client.py", line 365, in request
body=body)
File "E:\PythonInstall\lib\site-packages\deepsecurity\rest.py", line 275, in POST
body=body)
File "E:\PythonInstall\lib\site-packages\deepsecurity\rest.py", line 228, in request
raise ApiException(http_resp=r)
deepsecurity.rest.ApiException: (400)
Reason:
HTTP response headers: HTTPHeaderDict({'X-Frame-Options': 'SAMEORIGIN', 'X-XSS-Protection':
'1;mode=block', 'Cache-Control': 'no-cache,no-store', 'Pragma': 'no-cache', 'X-DSM-Version':
'Deep Security/20.0.366', 'Content-Type': 'application/json', 'Content-Length': '82', 'Date':
'Mon, 21 Jun 2021 11:38:01 GMT', 'Connection': 'close'})
HTTP response body: {"message":"Invalid SearchFilter: choiceTest is not supported for field
policyID"}
需要的脚本部分:
# Get all subpolicies of basepolicy
logger.info("get all subpolicies of %s", basePolicy_d.name)
all_subpolicies = []
tempnew_policies = []
temp_policies = api_policy.search_policies(api_version, search_filter=search_filter).policies
while len(temp_policies) > 0:
for p in temp_policies:
search_criteria.numeric_value = p.id
search_filter = deepsecurity.SearchFilter(None, [search_criteria])
tempnew_policies.extend(api_policy.search_policies(api_version, search_filter=search_filter).policies)
all_subpolicies.extend(temp_policies)
temp_policies = tempnew_policies
tempnew_policies = []
# Get all ApplicationTypes with incoming direction
search_criteria = deepsecurity.SearchCriteria()
search_criteria.field_name = "direction"
search_criteria.choice_test = "equal"
search_criteria.choice_value = "incoming"
search_filter = deepsecurity.SearchFilter(None, [search_criteria])
appltypesid = []
logger.info("get all applicationtypes for further filtering")
appltypes = api_appltype.search_application_types(api_version, search_filter=search_filter).application_types
for a in appltypes:
appltypesid.append(a.id)
f = open("e:\script\export\export.txt", "a")
# Go trough all the policies that are under the D-Group
for policy in all_subpolicies:
logger.info("start policy %s", policy.name)
mailmsg_add = ""
# Get all computers in that policy
search_criteria.field_name = "policyID"
search_criteria.numeric_value = policy.id
search_filter = deepsecurity.SearchFilter(None, [search_criteria])
rulesToAdd = []
for computer in api_comp.search_computers(api_version, search_filter=search_filter).computers:
try:
# Get all Recommendations per Computer
recommendation_comp = api_rec_comp.list_intrusion_prevention_rule_ids_on_computer(computer.id, api_version)
if recommendation_comp.recommended_to_assign_rule_ids is not None:
for rule_id in recommendation_comp.recommended_to_assign_rule_ids:
# Check if ConnectionDirection of recommended IPS is incoming
rule = api_ipsrule.describe_intrusion_prevention_rule(rule_id, api_version)
logger.debug("check rule %s for list of policy %s", (str(rule.id) + ": " + rule.name), policy.name)
if rule.application_type_id in appltypesid and rule.id in dscycle_ruleids and rule.id not in exception_ruleids:
# TODO:Add to a list per Policy to add new policies
if rule.id not in rulesToAdd:
mailmsg_add += "- add rule " + (str(rule.id) + ": " + rule.name) + " \r\n"
logger.info("add rule %s to list of policy %s", (str(rule.id) + ": " + rule.name), policy.name)
rulesToAdd.append(rule.id)
f.write(policy.name + ";" + computer.host_name + ";" + str(rule.id) + ": " + rule.name + "\n")
except Exception as e:
logging.exception("Exception on Computer ", computer.id)
有没有人知道失败的原因、发生了什么变化以及我能做什么?
日志告诉我们问题发生在策略循环中。错误消息(“无效的 SearchFilter:字段 policyID 不支持 choiceTest”)告诉我们问题是 SearchFilter 在尝试搜索 policyID 字段时包含 choiceTest。
查看代码,我看到 search_criteria 变量被重新使用。这意味着第三次使用它时,它将沿用第二次使用时的 choiceTest
值。
尝试这样的操作(创建新的搜索条件):
# Get all computers in that policy
search_criteria_policy = deepsecurity.SearchCriteria()
search_criteria_policy.field_name = "policyID"
search_criteria_policy.numeric_value = policy.id
P.S。我在趋势科技研发部门工作