Solved: McAfee Support Community - Logon Collector API

bblanchard · ‎10-02-2015

I'm trying to query the MLC 3.0 API in order to get login information. I'd like to use the ListAllLogins API.

The beginning of the doc mentions this:

Authentication is needed to access the APIs.

Should I use the Login API call for the authentication ?

If so, the documentation provides the following:

POST https://<MLC_IP>:<port>/rest/MLC/v1/bindingstore/{domain

{

"ipaddress": "192.168.1.1",

"username": "user1",

"computername": "computer1",

"logintime": "1405593089629",

"timeout": "28800"

}

I tried to create a login entry by using the following command:

curl -H "Content-Type: application/json" -X POST -d '{"ipaddress:<my ip address>","username:<my domain account>","computername:<my computer>","logintime:1443811496000","timeout:28800"}' https://<mlc server>:8444/rest/MLC/v1/bindingstore/{mydomain.example}

The server returning an "not authorized" error.

What am i doing wrong ?

sliedl · ‎10-06-2015

Here is the answer I got back from development:

"Yes, it is standard authentication which can be done through script. There are different options available.

For example, using curl, one can do a GET as below

curl -k -u admin:123 https://10.1.1.1:8444/rest/MLC/v1/bindingstore/mydomain.com

and a POST can be done as below

curl -i -k -u admin:123 -H "Content-Type: application/json" -X POST -d “{"ipaddress":"10.1.2.3","username":"user1","logintime":"1437370108462"}” https://10.1.1.1:8444/rest/MLC/v1/bindingstore/mydomain.com

here, admin is username and 123 is password .

This can also be done in python with using httplib or requests package. "

exbrit · ‎10-02-2015

Moved to Firewall Enterprise which I assume this is about.

---

Peter

Moderator

sliedl · ‎10-05-2015

I forwarded your post to Development and this was their response:

"A http authentication to MLC server from the api client will do.

MLC server's username and password should be used for authentication (the one which is used to login into MLC UI)."

bblanchard · ‎10-05-2015

It looks like whenever I authenticate to the MLC console first, my queries to the API are accepted.

Here's what I'm trying to do though:

Via a script, I'd like to query the API for specific things like ListAllLogin or GetLoginForUser. If I run my script from a linux server that does not have a GUI, I can't really authenticate first.

Is there a way to authenticate myself to the MLC via a script instead of going through a browser ?

sliedl · ‎10-06-2015

Here is the answer I got back from development:

"Yes, it is standard authentication which can be done through script. There are different options available.

For example, using curl, one can do a GET as below

curl -k -u admin:123 https://10.1.1.1:8444/rest/MLC/v1/bindingstore/mydomain.com

and a POST can be done as below

curl -i -k -u admin:123 -H "Content-Type: application/json" -X POST -d “{"ipaddress":"10.1.2.3","username":"user1","logintime":"1437370108462"}” https://10.1.1.1:8444/rest/MLC/v1/bindingstore/mydomain.com

here, admin is username and 123 is password .

This can also be done in python with using httplib or requests package. "

bblanchard · ‎10-06-2015

that works. thanks !

Logon Collector API

Re: Logon Collector API

Re: Logon Collector API

Re: Logon Collector API

Re: Logon Collector API

Re: Logon Collector API

Re: Logon Collector API