Trigger Network Scan for Range of IP Addresses
The API will initiate network scans for specified IP address ranges.
Before you begin
N/A
Request Structure
| Endpoint: | /ssh/discovery/create |
| Type: | POST |
| Sample URL: | https://<IP/HostName/TenantName>:<GWPORT>/avxapi/ssh/discovery/create?gwsource=externalTo understand the elements of the sample URL, click here. |
| Headers: | |
| Content-Type: | application/json |
| Name | Description |
|---|---|
| sessionId
|
(Mandatory) Session ID received after
login. Type: String Constraints: Required if username and password are not provided. |
| username
|
(Mandatory) AppViewX login username Type: String Constraints: Required if sessionId is not provided. |
| password
|
(Mandatory) AppViewX login password Type: String Constraints: Required if sessionId is not provided. |
| Content-Type
|
(Mandatory) Specifies the nature of the data in the
payload Type: String Constraints: The value of the param should be ‘application/json’. |
| gwsource
|
(Mandatory) Source from which the request is
triggered. (E.g. external) Type: String |
| isUpdate queryParam |
(Mandatory) Is this an update to already existing
discovery or not Type: Boolean |
| Payload
|
(Mandatory) Contains all the parameters to be sent
in the request body for the post request Type: Payload |
Payload
| Name | Description |
|---|---|
| data | Contains request parameters to trigger a new
discovery. Type: Data |
| Name | Description |
|---|---|
| name | (Mandatory) Name of the discovery to be
triggered Type: String |
| description | (Optional) Description of the discovery to be
triggered Type: String |
| discoveryMode | (Mandatory) Mode of the discovery Type: String Possible values: ipRange, subnet |
| scheduleType | (Mandatory) Schedule type of the
discovery Type: String Possible values: instant, scheduled |
| keyGroupName | (Mandatory) Name of the Key compliance group to
which the hosts in discovery should be added Type: String |
| inventoryAction | (Mandatory) Inventory action for the
host Type: String Possible values: Manage, Monitor, Do Not Move |
| ipRangeBean | (Mandatory) Contains the details of IP ranges to be
discovered Type: IpRangeBean |
| hostGroupNames | (Mandatory) List of host compliance group names the
hosts in discovery belong to Type: List |
| isSudoUser | (Mandatory) Is sudo user or not Type: Boolean |
| accessElevation | (Mandatory) Access elevation of the
user Type: String Possible values: sudo, dzdo |
| accessType | (Mandatory) Access type of the hosts to be
discovered Type: String Possible values: Key, Certificate |
| sshSyncKeyDetail | (Mandatory) SSH sync key detail of the host Type: SshSyncKeyDetail |
| Name | Description |
|---|---|
| startIp | (Mandatory) Start IP of the IP range to be
discovered Type: String |
| endIp | (Mandatory) End IP of the IP range to be
discovered Type: String |
| ipPerBatch | (Mandatory) Number of IP addresses to be discovered
per batch Type: Number Possible values: 1, 2, 4, 8, 16, 32, 64, 128 |
| isSelectPort | (Mandatory) List of app infra access groups where
the host belongs to Type: String |
| port | (Mandatory) Port number to connect to the host
from Type: Number |
| userName | (Mandatory) Username to login to the
host Type: String |
| loginType | (Mandatory) Login type for the host Type: String Possible values: Password, Identity Key |
| fileContent | (Mandatory) Identity Key file content, applicable
only if “Identity Key” loginType is selected Content-Type: application/octet-stream |
| fileName | (Mandatory) Name of the Identity key file,
applicable only if “Identity Key” loginType is selected
Type: String |
| password | (Mandatory) Password to login to the
host Type: String |
| credentialType | (Mandatory) Credential type for authentication to
login to the host Type: String Possible values: Manual Entry, Credential List - AppViewX, Credential List - CyberArk, Credential List - Thycotic Secret |
| credentialName | (Mandatory) Credential name (null for “Manual Entry”
credentialType) Type: String |
| dataCenter | Name of the data center the hosts belong
to Type: String |
| Name | Description |
|---|---|
| sshScanType | (Mandatory) SSH scan type Type: String Possible values: Default, Full, Directory |
| sshScanDetails | (Mandatory) Details of the SSH scan Type: List |
| discoverKeyType | (Mandatory) List of key types to be
discovered Type: List |
| appInfraAccessGroup | (Mandatory) List of app infra access groups where
the host belongs to Type: List |
Response Structure
200 OK returns string of type application/json with the following body params.
| Name | Description |
|---|---|
| response | Contains the response message Type: String |
| message | Success message of the action or failure description
in case of error. Will be non-null for failure
response Type: String |
| appStatusCode | Application-specific status code for the response.
Will be non-null for failure response Type: String |
| tags | More info in case of failure response |
Response
| response | Scheduler has been triggered
successfully. Type: String |
Status Codes
| HTTP Status code | appStatusCode | Message and Possible remediation |
|---|---|---|
| 200 OK | NA | Scheduler has been triggered successfully. |
| 401 Unauthorized | AVX_GW_003 | Authentication failed, reason - Invalid
Credentials Possible remediation: Ensure that valid username and password or valid sessionId is provided as the header param. |
| 400 Bad Request | AVX-VLDTN-001 | Mandatory field is missing or invalid values
specified - <<field name>> Possible remediation: Check and ensure that valid value is provided for <<field name>> field in the request. |
Sample Request/Response
To trigger network scan for range of IP addresses using trigger_network_scan_for_range_of_IP_addresses API.
https://<IP/HostName/TenantName>:<GWPORT>/avxapi/ssh/discovery/create?gwsource=external{
"data":{
"name":"test_2",
"description":"",
"discoveryMode":"ipRange",
"scheduleType":"instant",
"keyGroupName":"Default_Key_Group",
"inventoryAction":"manage",
"ipRangeBean":
{"startIp":"1.1.1.1",
"endIp":"1.1.1.4",
"ipPerBatch":"1",
"isSelectPort":"custom",
"port":"22",
"userName":"appviewx",
"loginType":"password",
"password":"dummy pwd",
"credentialType":"Manual Entry",
"credentialName":null,
"dataCenter":"absecon"},
"hostGroupNames":["Default_Host_Group"],
"isSudoUser":true,
"accessElevation":"sudo",
"source":"IP_Range_Discovery",
"accessType":"Certificate",
"sshSyncKeyDetail":
{"sshScanType":"default",
"sshScanDetails":[],
"discoverKeyType":["User Keys","Host Keys"],
"appInfraAccessGroup":["Default_Infra_Access_Group"]
}
{
"data": {
"name": "test",
"description": "",
"discoveryMode": "subnet",
"scheduleType": "instant",
"keyGroupName": "Default_Key_Group",
"inventoryAction": "manage",
"subnetBean": {
"network": "10.12.11.0/24",
"superNet": "25",
"isSelectPort": "custom",
"port": "22",
"userName": "appviewx",
"loginType": "password",
"password": "dummyPwd",
"credentialType": "Manual Entry",
"credentialName": null,
"dataCenter": "absecon"
},
"hostGroupNames": [
"Default_Host_Group"
],
"isSudoUser": true,
"accessElevation": "sudo",
"source": "Subnet_Scan_Discovery",
"accessType": "Certificate",
"sshSyncKeyDetail": {
"sshScanType": "default",
"sshScanDetails": [],
"discoverKeyType": [
"User Keys",
"Host Keys"
],
"appInfraAccessGroup": [
"Default_Infra_Access_Group"
]
}
}
}
{
"response": "Scheduler has been triggered successfully.",
"message": null,
"appStatusCode": null,
"tags": null,
"headers": null
}
Reference
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.Note: GWPORT is not required for SaaS setups.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: /ssh/host/create
- gwsource: Source or origin of a gateway, for example: external.