Enterprise Recon v1 API

All Documentation > ER2 v1 API > Examples > Add and Scan Local Files On A Server Target

Add and Scan Local Files On A Server Target

This example describes the workflow and sequence of requests to make to add a server or workstation Target to a new Target Group and execute a local files scan using the Enterprise Recon API.

Step 1 - Create Target Group
Step 2 - Add Server Target
Step 3 - Install and Get Node Agent ID
Step 4 - Verify Node Agent
Step 5 - Add Local Storage Files Target Location
Step 6 - Get Data Type Profile ID
Step 7 - Scan Local Storage Files

Some of the sample requests or responses may have been trimmed for readability but should not impact the clarity of the content.

Defaults and Assumptions

This example uses the following default values and makes the following assumptions:

"My-Linux-Server" is the host name of the Linux server to be added as a Target.
A suitable Node Agent will be installed locally on the "My-Linux-Server" host.

Step 1 - Create Target Group

POST

https://er-master:8339/v1/groups

Create a new Target Group for "My-Linux-Server", where:

name is the name for the new Target Group, and
comments is a descriptive comment about the Target Group.

Sample Request

cURL

curl --request POST 'https://er-master:8339/v1/groups' \
--user apiuser:password123 \
--header "Content-Type: application/json" \
--data-raw '{
  "name": "Linux-Unix-Servers",
  "comments": "Only Linux and Unix Targets"
}'

Expected Response

201 Created

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: xxx
{
  "id": "16145931871908944000"
}  

The Target Group id (16145931871908944000) created from this request will be required when adding "My-Linux-Server" as a server Target in Step 2.

Step 2 - Add Server Target

POST

https://er-master:8339/v1/targets

Next, add the server Target to the Target Group created in Step 1, where:

name is the host name for the Target ("My-Linux-Server"),
group_id is the Target Group id created in Step 1, and
platform is the platform type for "My-Linux-Server".

Sample Request

cURL

curl --request POST 'https://er-master:8339/v1/targets' \
--user apiuser:password123 \
--header "Content-Type: application/json" \
--data-raw '{
  "name": "My-Linux-Server",
  "group_id": "16145931871908944000",
  "platform": "Linux Debian Jessie/Ubuntu Trusty 64 bit"
}'

Expected Response

201 Created

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: xxx
{
  "id": "4759598330602895744"
}  

The Target id (4759598330602895744) created from this request will be required when adding locations to "My-Linux-Server" in Step 5.

Step 3 - Install and Get Node Agent ID

GET

https://er-master:8339/v1/agents

Once you have added the Linux Target, install a Linux Agent on the "My-Linux-Server" host, and get the Agent ID of the installed Agent.

Sample Request

cURL

curl --request GET 'https://er-master:8339/v1/agents?agent_name=My-Linux-Server' \
--user apiuser:password123 \
--header "Accept: application/json"

Expected Response

200 OK

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: xxx
[
    {
        "id": "3519591954114186070",
        "name": "My-Linux-Server",
        "type": "node",
        "version": "2.5",
        "platform_compatibility": "Linux Debian Jessie/Ubuntu Trusty 64 bit",
        "verified": false,
        "connected": true,
        "connected_ip": "10.52.100.55",
        "time_difference": 0,
        "proxy": false
    }
]

The agent id (3519591954114186070) returned in this request will be required when verifying the Node Agent in Step 4.

Step 4 - Verify Node Agent

POST

https://er-master:8339/v1/agents/<agent_id>/verify

Before you can use the Node Agent to scan Targets that are added to the Master Server, you will need to verify the Node Agent, where:

agent_id is Node Agent ID returned in Step 3.

Sample Request

cURL

curl --request POST 'https://er-master:8339/v1/agents/3519591954114186070/verify' \
--user apiuser:password123 \
--header "Content-Type: application/json"

Expected Response

204 No Content

Verifying the Node Agent allows the Node Agent to be automatically selected when scanning local storage files for the "My-Linux-Server" Target.

Step 5 - Add Local Storage Files Target Location

POST

https://er-master:8339/v1/targets/<target_id>/locations

After completing Step 1 to Step 4, you will have all the information required to add local storage as a Target Location, where:

target_id is the Target id created in Step 2,
path can be left blank, and
protocol is file.

Sample Request

cURL

curl --request POST 'https://er-master:8339/v1/targets/4759598330602895744/locations' \
--user apiuser:password123 \
--header "Content-Type: application/json" \
--data-raw '{
  "path": "",
  "protocol": "file"
}'

Expected Response

201 Created

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: xxx
{
  "id": "9832457584012239212"
}  

The Target Location id (15792178316638465022) created from this request will be required to set up scan schedules for the "My-Linux-Server" Target in Step 7.

Step 6 - Get Data Type Profile ID

GET

https://er-master:8339/v1/datatypes/profiles

Next, get the data type profile ID of the data type profiles to enable when scanning the "My-Linux-Server" Target.

Sample Request

cURL

curl --request GET 'https://er-master:8339/v1/datatypes/profiles' \
--user apiuser:password123 \
--header "Accept: application/json"

Expected Response

200 OK

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: xxx
[
    {
        "id": "1",
        "label": "PCI Compliance",
        "version": 1,
        "owner": "0",
        "modified": 1632129035,
        "default": true,
        "disabled": false,
        "global": true,
        "sealed": true
    },
    {
        "id": "2",
        "label": "All Cardholder Data",
        "version": 1,
        "owner": "0",
        "modified": 1632129035,
        "default": true,
        "disabled": false,
        "global": true,
        "sealed": true
    },
    ...
    {
        "id": "14",
        "label": "USA Protected Health Information (PHI)",
        "version": 1,
        "owner": "0",
        "modified": 1632129035,
        "default": true,
        "disabled": false,
        "global": true,
        "sealed": true
    }
]

The data type profile id(s) returned in this request will be required when setting up scan schedules for the "My-Linux-Server" Target in Step 7.

Step 7 - Scan Local Storage Files

POST

https://er-master:8339/v1/schedules

Schedule a scan for the newly added "My-Linux-Server" Target, where:

label is a descriptive label for the scan,
targets.id is the Target id returned in Step 2,
targets.locations.id is the Target Location id created in Step 5,
targets.locations.subpath is the folder or file to scan, and
profiles is the data type profile id(s) returned in Step 6.

Sample Request

cURL

curl --request POST 'https://er-master:8339/v1/schedules' \
--user apiuser:password123 \
--header "Content-Type: application/json" \
--data-raw '{
  "label": "My-Linux-Server API scan",
  "targets": {
    "id": "4759598330602895744",
    "locations": [
      {
        "id": "9832457584012239212",
        "subpath": "/home/userA/Documents"
      },
      {
        "id": "9832457584012239212",
        "subpath": "/home/userA/Downloads"      
      }
    ]
  },
  "profiles": [
    "1",
    "2",
    "3"
  ],
  "cpu": "low",
  "throughput": 0,
  "memory": 0,
  "capture": true,
  "trace": false,
  "match_detail": "balanced"
}'

Expected Response

201 Created

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: xxx
{
  "id": "102"
}  

You can check the status and progress of the scan using the scan schedule id (102) created in this request.