RESTful API Quick Start Guide

Edit online

About

Edit online

The RESTful API is an important part of the integration layer for SevOne products.

Representational State Transfer (REST) is by definition an architectural style. There are clear principles for the implementation of RESTful API backend. The most notable one is statelessness. This refers to not relying on a temporary state (not part of the persistent model) to assure the calls are cached and forwarded to less busy appliances. However, the rules about RESTful API design from the user's perspective are not as strict or widely accepted.

There are multiple approaches as well as many guidelines and best practices for designing the RESTful API. These are imperative in order to deliver a stable and intuitive RESTful API across multiple teams and departments. Established standards and uniform design ensure better alignment between development teams, expert labs, support, and customers.

SevOne's RESTful API implements the Swagger specification for API documentation. You can view SevOne API Documentation and perform operations related to SevOne NMS data using the Swagger User Interface. This document covers the use of Swagger User Interface with SevOne API.

  • Alerts
  • DeviceGroupRulesAlerts
  • DeviceGroups
  • Devices
  • DeviceTypes
  • Discovery (queue management)
  • Indicators
  • Maintenance Windows
  • Metadata
  • Metadata Attribute
  • Metadata Namespace
  • NetFlow
  • ObjectGroup
  • ObjectGroupRules
  • Objects
  • Peers
  • Plugins
  • Policies, Policy Conditions
  • Report Attachments
    • Alerts
    • Device Groups
    • Devices
    • FlowFalcon
    • Group Metrics
    • Metadata
    • Object Groups
    • Objects
    • Performance Metrics
    • StatusMap
    • TopN
    • Topology
  • Reports
  • Tags
  • Thresholds
  • TopNViews
  • Topology
  • User Permissions
  • User RolesDeviceTypes
  • Users
  • WorkHours
Note: Quality of Service Configuration

RESTful API is shipped with predefined concurrency limit which is configurable per group. The configuration properties can be found in /usr/local/share/rest-api/rest-api-prod.properties file in each peer.

By default, three groups (default, slow, and reports) are configured and the configuration properties of these can be modified in /usr/local/share/rest-api/rest-api-prod.properties file. To enable or disable this feature, set variable request.filter.enabled to true / false respectively.

Each group is defined by the following variables.

  • name - name of the group. It can be default, slow, or reports.
    • default - is for all endpoints.
    • slow - allows you to add one or more endpoints of your choice.
    • reports - allows you to add one or more endpoints of your choice.
  • limit - limit of simultaneous active requests per group per NMS appliance.
  • retry - number of retries before re-dispatch.
  • wait-between - the time in milliseconds between retries.
  • priority - requests are organized from lowest to highest priority. The default value is 5. It must be an integer.
  • endpoints - for slow or reports, add one or more endpoints of your choice, separated by commas.
    Example
    #Request filter configurations
request.filter.enabled=true
 
request.filter.group=default,slow,reports
 
request.filter.group.default.limit=200
request.filter.group.default.retry=5
request.filter.group.default.wait-between=200
request.filter.group.default.priority=5
 
request.filter.group.slow.limit=50
request.filter.group.slow.retry=10
request.filter.group.slow.wait-between=500
request.filter.group.slow.priority=3
request.filter.group.slow.endpoints=/api/v2/devices/filter,api/v1/devices/filter,/api/v2/devices/objects/filter,/api/v1/devices/objects/filter,\
/api/v2/objectgroups/filter,/api/v1/objectgroups/filter,/api/v2/objectgroups/members/filter,/api/v1/alerts/filter,/api/v2/alerts/filter,/api/v2/metadata/attribute/filter,\
/api/v2/reports/attachments
 
request.filter.group.reports.limit=50
request.filter.group.reports.retry=10
request.filter.group.reports.wait-between=500
request.filter.group.reports.priority=2
request.filter.group.reports.endpoints=/api/v2/reports/attachments/alerts/run,/api/v2/reports/attachments/alerts/{id}/run,\
  /api/v2/reports/attachments/flow-falcon/performance-metrics/run,/api/v2/reports/attachments/flow-falcon/run,/api/v2/reports/attachments/flow-falcon/topn/run,\
  /api/v2/reports/attachments/flow-falcon/views/{id}/drill-down,/api/v2/reports/attachments/flow-falcon/{id}/run,/api/v2/reports/attachments/group-metrics/run,\
  /api/v2/reports/attachments/group-metrics/{id}/run,/api/v2/reports/attachments/performance-metrics/run,/api/v2/reports/attachments/performance-metrics/{id}/run,\
  /api/v2/reports/attachments/topn/run,/api/v2/reports/attachments/topn/{id}/run,/api/v2/reports/attachments/topology/run,/api/v2/reports/attachments/topology/{id}/run

After /usr/local/share/rest-api/rest-api-prod.properties file is modified, restart of RESTful API is required.



$ podman exec -it nms-nms-nms /bin/bash

$ supervisorctl restart SevOne-restapi

RESTful API does not accept more requests from a group after the limit is reached. It waits for the requests to complete / cancelled to free the resources before additional request(s) are accepted. The amount of data varies as it is based on your environment.

For additional details, please contact SevOne Support.

Important: Starting SevOne NMS 6.7.0, MySQL has moved to MariaDB 10.6.12.

Prerequisites

Edit online

A valid account in SevOne NMS is required.

Note: For information about RESTful API and SevOne NMS port requirements, please refer to SevOne Best Practices Guide - Cluster, Peer, and HSAguide for details.
Important: To access API documents from SevOne NMS, launch the user interface by entering the URL from a browser of your choice.
Example: Launch SevOne NMS
http://<PAS hostname or IP address>

Click the Administration menu and select API Docs. You may choose Version 2 or Version 3.

Example: URL for Version 2


http://<PAS hostname or IP address>/api/docs/

Example: URL for Version 3


http://<PAS hostname or IP address>/api/v3/docs/

If you are logged into SevOne NMS user interface, authentication token is no longer required and X-AUTH-TOKEN field is automatically filled with the token.

Endpoints

Edit online

An endpoint is a URL specifier for a single instance or a collection of instances of the same type. The type of instance, possibly id, must be simple and clear. Anything that you can name as an abstract entity in the context of your domain can be a resource. The endpoint is defined by a common understanding of the domain between the provider and consumer of RESTful API. Examples of types of instances include users, devices, reports, alerts, etc.

Example: Endpoints for single resources

  • /alerts/{id}
  • /devices/{device-id}
  • /devices/{device-id}/objects/{object-id}

Example: Endpoints for collection of resources

  • /alerts
  • /devices
  • /devices/{device-id}/objects
  • /devices/objects

When creating an endpoint, use nouns (not verbs or other parts of speech). Always use plural form of the nouns. Even when you want to specify only one entity, use plural form and then id.

There are various ways to handle composite names such as devicegroup. For example, device_group or device-group can also be used. In this case, merge of words together is used i.e., devicegroup. This is how RESTful API was initially started; SevOne has used the same approach to make the interface more intuitive for the consumers.

When you want to specify an entity in relation to another construct, the endpoint must start with the bigger entity and end with the smaller one. The idea is to go from the whole to the parts or from the generic to the specific. As a general rule, the last part of the URL is the entity that is manipulated.

Example

  • /devices/{device-id}/objects is a collection of all objects for one device with the given device-id.
  • /reports/{report-id}/attachments is all attachments of a report with the given report-id.
  • /devicegroups/{id}/members is all members in a device group with the given id. Here, devices can be used instead of members. This depends on the chosen convention. For the SevOne NMS RESTful API, members is used for all kind of collections.

Exceptions

Edit online

Below are some exceptions to keep in mind.

  • There are some places where you may want to execute a procedure to trigger business logic. First, you will need to create rules and then apply them as separate action. The application of rules is implemented as separate endpoint, i.e. /objectgroups/{id}/rules/apply. In order to make it clear that this is an exception, this endpoint must end with a verb. We cannot call GET, POST, PUT, PATCH, DELETE - it just does not have the same meaning.
    Note: /objectgroups/{id}/rules/apply is one of the few endpoints in RESTful API that contains a verb.
  • There are similar exceptions with filter endpoints. Each collection resource endpoint can have a specification /filter at the end to make additional filtering of the resources to be returned. For example, /devices/filter or /alerts/filter.
  • There are multiple run endpoints that are used on report attachments endpoints. These are used to get the result of execution of the report. For example, /reports/attachments/flow-falcon/run or /reports/attachments/alerts/run.

IDs

Edit online

In order to specify a single instance, a unique identifier must be used. This can be an ID or a unique key / name.

When a resource cannot be identified on its own with its own unique ID, this is usually a sign that the relevant entity makes sense to be part of another entity. In this case, you must use a hierarchical endpoint to identify it.

Examples

  • /alerts/{alert-id} where alert-id can be the database ID or a unique part of the alert.
  • /devices/{device-id} - where device-id can be the unique device ID.
  • /devices/{device-id}/objects/{object-id} - where object-id can be the unique object ID.

Granularity

Edit online

It is very important to select the right resources and model the resources at the correct granularity. RESTful API consumers should be able to get the desired functionality when only the allowed HTTP methods are applied. The correct resources allow you to build RESTful API that is intuitive, backwards-compatible, and maintainable.

Important: RESTful API must have backend logic. If all entities are directly mapped to the database entities, then it requires you to write your own logic, making it a wrapper for the database versus RESTful API with a backend logic.

RESTful API is a contract on the business level, including the domain and processes.

Methods

Edit online

The endpoints are used in the URL to identify resource or collection of resources that you want to perform operations on. The operations are fairly limited to simple CRUD. All that can be done on the resources is defined by the HTTP methods.

GET

Edit online

Get the Data Transfer Object (DTO) representation of the resource or collection of resources identified by the URL. The result is in the correct format, based on the HTTP headers. Currently, this is in JSON.

  • GET requests do not alter the state. There are no exceptions to this rule. No special kind of circumstances.
  • RESTful API by definition is cache-able. Keep in mind that you might be hit by the cache and served with pre-fetched result. Do not rely on some alterations being done in a result of the request on the backend.
  • Do not make requests that only be part of a workflow. For example, making a search request and then getting getNext requests to get more results.
  • All GET requests are idempotent - there is no result on the backend. So, no matter how many times the GET request is made, the result is still the same.

POST

Edit online

POST is used on collections of resources to create a new resource inside the collection. It must receive a valid DTO for the resource endpoint. Upon successful creation, it returns a HTTP status code 201 and the newly created resource or at least its ID. It is used on a single resource to modify the resource and has the same functionality as PATCH.

Important: Exception
When you need to transfer a DTO with arguments for a GET-type request, you still need to use POST. This is the case with filter request for various endpoints and also, for running reports.

PUT

Edit online

PUT is used on a single resource to fully alter the state of the resource. It changes all the properties of the resource. It sets the given values and resets all the others to default values. It returns a HTTP status code 200 to indicate that the request has completed successfully and returns the full resource to show the end result. This method is idempotent and the result does not rely on the current state.

PUT is rarely used on a collection to alter the full collection.

Important: Use with caution
If you include only part of the members of the collection, the others get deleted.

PATCH

Edit online

PATCH is used on a single resource to partially alter the state of the resource. It changes the given properties and leaves the rest as they were before the operation. It returns HTTP status code 200 to indicate that the request has completed successfully and returns the full resource to show the end result.

It is rarely used on a collection to change some members of the collection. PATCH does not have any effect on members that are not specified in the request DTO.

DELETE

Edit online

DELETE is used on a single resource to completely delete from the domain model. After this call, the resource is no longer available for further operations on it. If there is specific logic that marks a resource for deletion and there is more to this process - use PATCH instead. This method is idempotent.

It is rarely used on a collection and in those cases, it is used to delete all members of the collection.

Example: Delete on...

  • /reports/{report-id} deletes the report and all its related data.
  • /reports/{report-id}/attachments deletes all attachments associated with a report.
  • /devicegroups/{id} deletes the entire group and all its members.
  • /devicegroups/{id}/members deletes all members of the group, but not the group itself.

Configuration

Edit online

using Swagger User Interface

Edit online

Swagger User Interface allows you to perform the following types of API operations. You must sign-in to the Swagger User Interface.

  • POST - create a resource.
  • GET - retrieve one or more resources.
  • DELETE - delete a resource.
  • PATCH - partially update a resource.
  • PUT - fully update a resource.

Authentication

Edit online
  1. Go to SevOne API Documentation page. Open a browser of your choice and enter http://<PAS hostname or IP address>/api/docs/. For example, http://10.129.14.168/api/docs/
    restApi

  2. Click Authentication to view Authentication operations.
    restApiAuthentication

  3. Under Authentication, click POST.
    restApiAuthenticationPostA

  4. Under Parameters, all the way to the right, locate the Model Schema field. Click on the field to copy its content to the user field.
    restApiAuthenticationPostB

  5. On the left side of the Parameters will section, you will notice that the content now appears in the user field. Perform the following actions in the user field.
    1. After "name":, replace string with a SevOne NMS user name. Please make sure to enter it within the quotes.
    2. After "password":, replace string with the corresponding SevOne NMS password. Please make sure to enter it within the quotes.
  6. Click the nmsLogin drop-down and select one of the following options.
    • true - if the user name and password are also valid for SevOne NMS.
    • false (default) - if the user name and password are not valid for SevOne NMS (but are valid only for the API).
  7. At the bottom of the POST section, click the Try it out! button.
    restApiAuthenticationResponse

  8. Scroll down to the Response Body field. You should see a long alphanumeric string after "token". This is the token that you need. Double-click the token to select it. Then copy it.
  9. In the upper right corner of the SevOne API Documentation page, locate the Explore Api Keys... field. Paste the token into this field. You should now have permissions to perform RESTful API operations.

Versioning

Edit online

Specifying the RESTful API version is mandatory. It refers to the major version of RESTful API you want to use. Add the version (v1 or v2) at the beginning of the URL.

Note: Example

HTTP GET /api/v1/reports/{report-id}/attachments/{attachment-id}

HTTP PATCH /api/v1/devices/{deviceId}/metadata

HTTP GET /api/v2/reports/{report-id}/attachments/{attachment-id}

HTTP PATCH /api/v2/devices/{deviceId}/metadata

Only specify the major version of RESTful API. Remember that for minor versions or small-fixes, there should be no comparability difference between the endpoints.

HTTP Headers

Edit online

HTTP offers a wide range of headers to be used according to their HTTP-specified purpose.

The HTTP headers are used for metadata about the request itself and to clarify the communication between the consumer and the provider. They are not used to provide information about the content of this communication. Typical usage is authorization of tokens or active roles or format of the request or repose.

Content-Type: application/json

Accept: application/json

All dates that are sent or received by RESTful API are expressed in UNIX timestamps in milliseconds (Epoch Time multiplied by 1000). For example, 1634156442000 is Wednesday, October 13, 2021 16:20:42 PM GMT-04:00.

For all RESTful API calls with a date, it accepts timestamps and sends back timestamps regardless of whether it is a query parameter or DTP (Data Transfer Protocol) property or a HTTP method or request / response. There are no exceptions to this part of the convention.

Data Transfer Objects (DTOs)

Edit online

DTOs are used to transfer structured data between the provider and the consumer of RESTful API. Currently, API supports the JSON format only.

Example

GET /api/v2/devices

Curl

curl -X GET --header "Accept: application/json" --header "X-AUTH-TOKEN: eyJhbGciOiJIUzUxMiJ9eyJpc3MiOiJhZG1pbiJ9eRbqZj4rnXDaRJF2qI3y_XHt9pEbTkskjdfdF1JyMFPCft9Yxw4urrdnt3Bp4npRfl_SPjPMlzBNWcO9TGzWMQ" "http://10.129.14.168/api/v2/devices?page=0&size=20"

Request URL

http://10.129.14.168/api/v2/devices?page=0&size=20

Response Body

Response Code

200

In RESTful API, it is standard to have one DTO per type of resource (identified by a URL). However, this widely used pattern is not a 100% firm rule.

RESTful API services are composable which means, it allows services to be used in various combinations be achieve full workflows and scenarios. DTOs must be generic and allow for composing and re-usability. Please ensure you have re-usable DTOs.

Example

Use Case: Make a copy of an alert

/alerts - GET > {Alert DTO}/alerts - POST < {Alert DTO} - POST, PUT, and PATCH the same format that you get. Change what is required by the type of the request but definition of the resource must be kept.

Use Case: Create three reports of different types but for the same timeframes and for the same resources

The parts of the report that mean the same thing must have the same representation in the domain model (DTOs).

Please make the sub-resources and partial DTOs where appropriate.

GET /reports/{report-id}/attachments/performance-metrics/{id} returns a DTO that has a sub-resource time.

It is the same structure resource that is returned by,

  • GET /reports/{report-id}/attachments/performance-metrics/{id}/time or
  • GET /reports/{report-id}/attachments/group-metrics/{id}/time

Paging

Edit online

When there are too many resources in a collection, it is standard practice to perform the request in batches. The result set is limited, and the RESTful API consumer can request the next batch. This does not require any session information or state of the request itself to be persisted. There are various recommended ways to implement this. Paging has been chosen as a standard in SevOne API.

Example

GET /api/v2/devices

Curl

curl -X GET --header "Accept: application/json" --header "X-AUTH-TOKEN: eyJhbGciOiJIUzUxMiJ9eyJpc3MiOiJhZG1pbiJ9eRbqZj4rnXDaRJF2qI3y_XHt9pEbTkskjdfdF1JyMFPCft9Yxw4urrdnt3Bp4npRfl_SPjPMlzBNWcO9TGzWMQ" "http://10.129.14.168/api/v2/devices?page=0&size=20"

Request URL

http://10.129.14.168/api/v2/devices?page=0&size=20

Response Body

{
  "totalElements": 19,
  "content": [
    {
      "id": 1,
      "isDeleted": false,
      "isNew": false,
      "name": "localhost",
      "alternateName": "",
      "description": "Sample device added by automation",
      "ipAddress": "127.0.0.1",
      "manualIP": false,
      "peerId": 1,
      "pollFrequency": 300,
      "dateAdded": 1564093746000,
      "lastDiscovery": 1634108794000,
      "allowDelete": true,
      "disablePolling": false,
      "disableConcurrentPolling": false,
      "disableThresholding": false,
      "timezone": "America/New_York",
      "workhoursGroupId": 1,
      "numElements": 1,
      "pluginInfo": null,
      "objects": null,
      "pluginManagerId": null,
      "isQueuedForDeletion": false,
      "queuedUser": null,
      "queuedTime": null,
      "ipsUpdateTime": 1634158800.000097,
      "ips15min": 0.023333,
      "ips1hour": 0.023333,
      "ips2hour": 0.023333,
      "ips6hour": 0.023333,
      "ips24hour": 0.022453,
      "ips7day": 0.022453
    },
    {
      "id": 2,
      "isDeleted": false,
      "isNew": false,
      "name": "SNMPDevice 1",
      "alternateName": "",
      "description": "SNMP Device",
      "ipAddress": "172.21.36.21",
      "manualIP": false,
      "peerId": 2,
      "pollFrequency": 300,
      "dateAdded": 1564951351000,
      "lastDiscovery": 1564951457000,
      "allowDelete": true,
      "disablePolling": false,
      "disableConcurrentPolling": false,
      "disableThresholding": false,
      "timezone": "America/New_York",
      "workhoursGroupId": 1,
      "numElements": 27,
      "pluginInfo": null,
      "objects": null,
      "pluginManagerId": null,
      "isQueuedForDeletion": false,
      "queuedUser": null,
      "queuedTime": null,
      "ipsUpdateTime": 1634158800.000139,
      "ips15min": 0.956667,
      "ips1hour": 0.956667,
      "ips2hour": 0.956667,
      "ips6hour": 0.956667,
      "ips24hour": 0.919497,
      "ips7day": 0.919497
    },
...
...
...
    {
      "id": 18,
      "isDeleted": false,
      "isNew": false,
      "name": "COCDevice 1",
      "alternateName": "",
      "description": "COC Device",
      "ipAddress": "127.0.0.1",
      "manualIP": false,
      "peerId": 2,
      "pollFrequency": 300,
      "dateAdded": 1564951352000,
      "lastDiscovery": 1564951510000,
      "allowDelete": true,
      "disablePolling": false,
      "disableConcurrentPolling": false,
      "disableThresholding": false,
      "timezone": "America/New_York",
      "workhoursGroupId": 1,
      "numElements": 1,
      "pluginInfo": null,
      "objects": null,
      "pluginManagerId": null,
      "isQueuedForDeletion": false,
      "queuedUser": null,
      "queuedTime": null,
      "ipsUpdateTime": 1634158800.000139,
      "ips15min": 0.003333,
      "ips1hour": 0.003333,
      "ips2hour": 0.003333,
      "ips6hour": 0.003333,
      "ips24hour": 0.003207,
      "ips7day": 0.003207
    }
  ],
  "pageNumber": 0,
  "pageSize": 20,
  "totalPages": 1
}

where,

totalElements is the count of the resources that is returned if there is no paging.

pageSize is the number of resources returned in the request. This is corresponding to the size query argument.

pageNumber is the current page number. This is corresponding to the page query argument. The returned elements start at elements at index (pageNumber * pageSize).

Response Code

200

Filtering & Sorting

Edit online

Filtering

Edit online

To get filtered information, use the keyword filter at the end of the request. The filter endpoints are used only to read the resources. They cannot be used to edit any data on the server. Since a DTO needs to be sent, they are implemented via the POST operation. These requests do not change any state.

For example, POST /api/v2/devices/filter - a filter DTO is sent. This is similar to the devices DTO but not exactly the same. It is used to specify values to filter the devices on. Some or all of the values can be provided to the fields. The more data filled, the more restrictive the query. Some fields search for a concrete match such as, ids, isDeleted, allowDelete, timezone, etc. Others search for partial match such as name, description, etc. - the given value in the query must be part or all of the string value. When searching by list of values such as deviceIds, if you provide an empty list, it will limit the result set and empty result will be returned. If you provide null or do not provide the field, it will not limit the result set.

Sorting

Edit online

To define multi-level sorting, sortBy request parameter is used. The format is as follows, where '-' indicates descending sort.

Example

http://...?sortBy=property1,-property2,property3...

Swagger User Interface (UI) Examples

Edit online

View Devices

Edit online

Allows you to view which devices are on the PAS.

  1. Click Devices to view Device Handler operations.
    restApiGetV1Devices

  2. Click GET (to get all devices).
    restApiGetV1AllDevices

  3. Under Parameters, you can provide input for the following fields. If you do not provide input, the defaults will be applied. For this example, default values are chosen.
    1. page - This field allows you to specify the page that the request applies to.
    2. size - This field allows you to specify the number of rows/records/entities for the page.
  4. Click the Try it out! button.
    restApiGetV1AllDevicesResponse

  5. The following fields appear.
    • Curl - curl command. Notice that the authentication token used to sign in, is included in the command.
    • Request URL - URL that the request is being made to. The Request URL includes the following three components.
      • protocol (for example, http)
      • domain/host (for example, 10.129.14.168)
      • path (for example, /api/v1/devices)
      • query string (for example, ?page=0&size=20).
    • Response Body - the response itself. This contains the information the GET request returns in this example. Since a GET operation for devices is performed in the example, you will get details for the individual devices on the PAS, such as the device ID, IP address, date it was added, its name, etc.
    • Response Code - HTTP status code. For example, 200 indicates that the response is okay. 500, on the other hand indicates an error.
    • Response Headers - HTTP header for the API response. This is used to communicate the response code, content type, etc.

Add a Device

Edit online

Allows you to add a device to SevOne NMS.

  1. Click Devices to view Device Handler operations.
    restApiGetV1Devices

  2. Click POST (creates a new device).
    restApiPostCreateDevice

  3. Under Parameters, all the way to the right, locate the Model Schema field. Click on the field to copy its content to the device field.
    restApiPostCreateDeviceParameters

  4. On the left side of the Parameters section, you will notice that the content now appears in the device field. Provide input for the following settings, at the very least, in order to create your new device. Otherwise, you may receive error messages.
    • name - enter the name you want to give to the device you are adding.
    • ipAddress - IP address of the device you are adding.
    • pollFrequency - polling frequency of the device in seconds. This must be a number greater than 0.
    • timezone - timezone of the device.
    • objects > pluginId - plugin ID. This must be a number greater than 0.
    • objects > pluginObjectTypeId plugin object type ID. This must be a number greater than 0.
    Note: If there is a problem performing an operation such as, creating a device, you will see information for the errors found in the Response Body field.
    restApiPostDeviceFailed

  5. Once you have created your device, go to the SevOne NMS Device Manager (Devices > Device Manager) to confirm that the new device created is in the Device list.
    restApiPostDeviceAdded

Endpoints with Sample Payload

Edit online

Device Endpoints

Edit online

POST /api/v2/devices

Edit online
Important: Can add objects and indicators of the object in POST /devices payload.

Can add plugin extended details in field pluginInfo where pluginId can be used as the key.
Plugin ID Plugin Name
1 SNMP Poller
2 ICMP Poller
3 Process Poller
4 HTTP Poller
5 Proxy Ping Poller
6 NBAR Poller
7 Portshaker Poller
8 DNS Poller
9 IP SLA Poller
10 Deferred Data
11 WMI Poller
15 VMware Poller
16 Web Status Poller
17 xStats
18 MySQL Database Poller
20 Calculation Poller
23 Remote Poller

Example: POST /api/v2/devices - Request payload

Note: To add an SNMPv3 device, you must add the following variables in the extendedInfo variable where pluginInfo > pluginID = 1 (= SNMP Poller).
  • "authenticationUsername": "<enter username>"
  • "authenticationPassphrase": "<enter password>"
  • "encryptionProtocol": "<enter encryption protocol>"
  • "encryptionPassphrase": "<enter encryption key>"

Authentication Type supported are MD5, SHA, SHA-224, SHA-256, SHA-384, and SHA-512. Leave the variable as blank if authentication type is not required.

Encryption Type supported are AES, AES192, AES192C, AES256, AES256C, 3DES, and DES. Leave the variable as blank if encryption type is not required.

{
  "name": "pandora",
  "alternateName": "Altname of dev 1",
  "description": "New device",
  "ipAddress": "10.129.14.168",
  "manualIP": false,
  "peerId": 1,
  "pollFrequency": 300,
  "allowDelete": true,
  "disablePolling": false,
  "disableConcurrentPolling": false,
  "disableThresholding": false,
  "timezone": "America/New_York",
  "workhoursGroupId": 1,
  "pluginInfo": {
    "1": {
      "extendedInfo": {
        "synchronizeObjectsOperStatus": "-1",
        "snmpWalkMaxRepetitions": "1",
        "contextName": "",
        "snmpVersion": "2",
        "enableSnmpIpQuery": "1",
        "snmpCounterPrefer64Bit": "-1",
        "snmpMaxPdu": "0",
        "roCommunity": "sevone",
        "authenticationProtocol": "",
        "snmpInterfaceSupportRfc2233": "-1",
        "enableSnmpTrapd": "-1",
        "snmpDelay": "0.0",
        "snmpDelayOnFailure": "0.0",
        "snmpPort": "161",
        "encryptionProtocol": "",
        "snmpTestOid": ".1.3.6.1.2.1.1.1.0",
        "snmpDiscoverPdu": "-1",
        "lockSnmpVersion": "1",
        "synchronizeObjectsAdminStatus": "-1"
      },
      "enabled": true,
      "working": false
    },
    "2": {
      "extendedInfo": {
        "packetInterval": "0",
        "packetNumber": "5",
        "packetSize": "64",
        "deviceId": "11"
      },
      "enabled": true,
      "working": false
    },
    "3": {
      "extendedInfo": null,
      "enabled": true,
      "working": false
    },
    "4": {
      "extendedInfo": null,
      "enabled": true,
      "working": false
    },
    "6": {
      "extendedInfo": null,
      "enabled": true,
      "working": false
    },
    "7": {
      "extendedInfo": null,
      "enabled": true,
      "working": false
    },
    "8": {
      "extendedInfo": null,
      "enabled": true,
      "working": false
    },
    "9": {
      "extendedInfo": {
        "complianceRevision": "0",
        "overrideComplianceRevision": "0",
        "responder": "0",
        "allowIpslaCreation": "0",
        "setResponder": "0",
        "deviceId": "11",
        "version": "null"
      },
      "enabled": true,
      "working": false
    },
    "10": {
      "extendedInfo": null,
      "enabled": true,
      "working": false
    },
    "11": {
      "extendedInfo": {
        "useNtlm": "0",
        "authenticationLevel": "Default",
        "wmiProxyId": "null",
        "impersonationLevel": "Default",
        "wmiCapable": "0",
        "deviceId": "11",
        "workgroupOrDomain": "null"
      },
      "enabled": false,
      "working": false
    },
    "14": {
      "extendedInfo": {
        "keystorePassword": "null",
        "objectFilter": "null",
        "domainFilter": "null",
        "suffix": "null",
        "deviceId": "11",
        "connectionType": "JSR160",
        "hostname": "null",
        "truststorePassword": "null",
        "typeFilter": "null",
        "port": "null",
        "keystore": "null",
        "truststore": "null",
        "nameFilter": "null",
        "authentication": "null"
      },
      "enabled": false,
      "working": false
    },
    "15": {
      "extendedInfo": null,
      "enabled": false,
      "working": false
    },
    "16": {
      "extendedInfo": null,
      "enabled": false,
      "working": false
    },
    "17": {
      "extendedInfo": null,
      "enabled": true,
      "working": false
    },
    "18": {
      "extendedInfo": null,
      "enabled": true,
      "working": false
    },
    "20": {
      "extendedInfo": null,
      "enabled": true,
      "working": false
    },
    "21": {
      "extendedInfo": null,
      "enabled": true,
      "working": false
    }
  },
  "objects": [
    {
      "pluginId": 2,
      "pluginObjectTypeId": 71,
      "name": "Object1",
      "alternateName": "Altname of obj 1",
      "description": "Device IP",
      "isEnabled": true,
      "isVisible": true,
      "isDeleted": false,
      "dateAdded": 1634177388000,
      "indicators": null,
      "extendedInfo": {
        "packetInterval": "0",
        "custom": "0",
        "ip": "10.129.14.168",
        "packetNumber": "5",
        "packetSize": "64",
        "deviceId": "1",
        "objectId": "2"
      },
      "disabledByDDQ": false
    }
  ]
}

PUT /api/v2/devices

Edit online
Important: PUT /api/v2/devices is used for a FULL update of the devices.

Example: PUT /api/v2/devices - Request payload

{
  "name": "pandora",
  "description": "Altname of dev 1",
  "ipAddress": "10.129.14.168",
  "manualIP": false,
  "peerId": 2,
  "pollFrequency": 300,
  "allowDelete": true,
  "disablePolling": false,
  "disableConcurrentPolling": false,
  "disableThresholding": false,
  "timezone": "America/New_York",
  "workhoursGroupId": 1,
  "objects": [
    {
      "id": 3,
      "pluginId": 2,
      "pluginObjectTypeId": 71,
      "name": "Object1",
      "alternateName": "Altname of obj 1",
      "description": "Device IP",
      "isEnabled": true,
      "isVisible": true,
      "isDeleted": false,
      "dateAdded": 1634177388000,
      "indicators": null,
      "extendedInfo": {
        "packetInterval": "0",
        "custom": "0",
        "ip": "10.129.14.168",
        "packetNumber": "5",
        "packetSize": "64",
        "deviceId": "1",
        "objectId": "2"
      },
      "disabledByDDQ": false
    }
  ]
}

Using Example: PUT /api/v2/devices - Request payload above, here are a few scenarios on how PUT works.

Scenario# 1

Let's say you have the following as shown in the example above.

  • Device with name = pandora
  • Object id = 3 contains alternateName = "Altname of obj 1"

Now, because variable alternateName is in the request payload, PUT keeps the value "Altname of obj 1" for the alternateName. But, if variable alternateName is not in the request payload, PUT changes alternateName to its default value, "".

Any variable not specified in the request payload gets overwritten to its respective default value.

Scenario# 2

If objects are not passed in request payload i.e., payload does not have "objects" : [...] or it has "objects" : null, the objects will not be deleted.

Scenario# 3

If objects are passed in request payload i.e. payload has "objects" : [...] or "objects" : [<payload with object id = 3>], for example, then all objects other than the ones in the request payload are deleted.

PUT performs a FULL update. All objects which are passed in the request payload are updated. Objects that are not passed in the request payload are deleted.

The same is true for indicators.

Scenario# 4

If new object(s) are being created using this endpoint, set the id of objects to 0 or null. When sending new objects for creation, you need to send the existing objects as well otherwise, the existing objects will get deleted.

Scenario# 5

If existing object(s) are being updated, provide the id of objects being updated in the request payload.

PATCH /api/v2/devices

Edit online
Important: PATCH /api/v2/devices is used for a PARTIAL update of the devices.

Example: PATCH /api/v2/devices - Request payload

{
  "name": "pandora",
  "description": "New device",
  "ipAddress": "10.129.14.168",
  "manualIP": false,
  "peerId": 2,
  "pollFrequency": 300,
  "allowDelete": true,
  "disablePolling": false,
  "disableConcurrentPolling": false,
  "disableThresholding": false,
  "timezone": "America/New_York",
  "workhoursGroupId": 1,
  "objects": [
    {
      "id": 3,
      "pluginId": 2,
      "pluginObjectTypeId": 71,
      "name": "Object1",
      "alternateName": "Altname of obj 1",
      "description": "Device IP",
      "isEnabled": true,
      "isVisible": true,
      "isDeleted": false,
      "dateAdded": 1634177388000,
      "indicators": null,
      "extendedInfo": {
        "packetInterval": "0",
        "custom": "0",
        "ip": "10.129.14.168",
        "packetNumber": "5",
        "packetSize": "64",
        "deviceId": "1",
        "objectId": "2"
      },
      "disabledByDDQ": false
    }
  ]
}

Using Example: PATCH /api/v2/devices - Request payload above, here are a few scenarios on how PATCH works.

Scenario# 1

Let's say you have the following as shown in the example above.

  • Device with name = pandora
  • Object id = 3 contains alternateName = "Altname of obj 1"

Now, because variable alternateName is in the request payload, PATCH changes alternateName to its default value, "". If you want to retain the value "Altname of obj 1" for the alternateName, do not include this variable in the request payload.

Any variable specified in the request payload gets overwritten to its respective default value.

Scenario# 2

If objects are not passed in request payload i.e., payload does not have "objects" : [...] or it has "objects" : null, the objects will not be deleted.

Scenario# 3

If objects are passed in request payload i.e. payload has "objects" : [...] or "objects" : [<payload with object id = 3>], then no objects will be deleted.

PATCH performs a PARTIAL update. All objects which are passed in the request payload are updated. Objects that are not passed in the request payload are retained and not deleted.

The same is true for indicators.

Scenario# 4

If new object(s) are being created using this endpoint, set the id of objects to 0 or null. In PATCH, no objects get deleted. New objects will be created, if sent.

Scenario# 5

If existing object(s) are being updated, provide the id of objects being updated in the request payload.

GET /api/v2/devices

Edit online

In query params, multiple fields such as, page, size, sortBy, fields, etc. can be provided.

Usage of 'fields'

As per response DTO, the fields option must be set to determine for which field the response is needed. i.e., for id and device name, set fields as content(id,name).

Example: GET /api/v2/devices/<enter device Id>. For example, id = 20

{
  "id": 20,
  "isDeleted": false,
  "isNew": false,
  "name": "SNMPDevice 1",
  "alternateName": "",
  "description": "SNMP Device",
  "ipAddress": "172.21.36.21",
  "manualIP": false,
  "peerId": 1,
  "pollFrequency": 300,
  "dateAdded": 1659116535000,
  "lastDiscovery": 1659116608000,
  "allowDelete": true,
  "disablePolling": false,
  "disableConcurrentPolling": false,
  "disableThresholding": false,
  "timezone": "America/New_York",
  "workhoursGroupId": 1,
  "numElements": 27,
  "pluginInfo": {
    "1": {
      "extendedInfo": {
        "synchronizeObjectsOperStatus": "-1",
        "snmpWalkMaxRepetitions": "0",
        "contextName": "",
        "snmpVersion": "3",
        "enableSnmpIpQuery": "1",
        "snmpCounterPrefer64Bit": "1",
        "snmpMaxPdu": "0",
        "authenticationPassphrase": "<authentication password>",
        "roCommunity": null,
        "authenticationProtocol": "MD5",
        "authenticationUsername": "<authentication username>",
        "snmpInterfaceSupportRfc2233": "-1",
        "enableSnmpTrapd": "-1",
        "rwCommunity": "RhP7pSPSR/a+WWTkK2zPSQ==",
        "encryptionPassphrase": "<authentication key>",
        "snmpDelay": "0.0",
        "snmpDelayOnFailure": "0.0",
        "snmpPort": "161",
        "encryptionProtocol": "DES",
        "snmpTestOid": ".1.3.6.1.2.1.1.1.0",
        "snmpDiscoverPdu": "1",
        "lockSnmpVersion": "1",
        "synchronizeObjectsAdminStatus": "-1"
      },
      "statusRealtime": false,
      "statusRealtimeTimestamp": 0,
      "enabled": true,
      "working": true
    },
    "2": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "3": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "4": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "5": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "6": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "7": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "8": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "9": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "10": {
      "extendedInfo": null,
      "statusRealtime": true,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "11": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "14": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "15": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "16": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "17": {
      "extendedInfo": null,
      "statusRealtime": true,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "18": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "20": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "21": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    },
    "23": {
      "extendedInfo": null,
      "statusRealtime": false,
      "statusRealtimeTimestamp": 1659116535000,
      "enabled": false,
      "working": false
    }
  },
  "objects": null,
  "pluginManagerId": null,
  "isQueuedForDeletion": false,
  "queuedUser": null,
  "queuedTime": null,
  "ipsUpdateTime": 1697220000.000164,
  "ips15min": 0.956667,
  "ips1hour": 0.956667,
  "ips2hour": 0.956667,
  "ips6hour": 0.956667,
  "ips24hour": 0.956667,
  "ips7day": 0.95382,
  "backFilledIps15min": 0,
  "backFilledIps1hour": 0,
  "backFilledIps2hour": 0,
  "backFilledIps6hour": 0,
  "backFilledIps24hour": 0,
  "backFilledIps7day": 0
}

Object Endpoints

Edit online

POST /api/v2/objects

Edit online
Important: The indicators of the object can be added in POST /api/v2/objects request payload.

Example: POST /api/v2/objects - Request payload

{
  "pluginId": 2,
  "pluginObjectTypeId": 71,
  "name": "IP of device - test",
  "description": "Device IP",
  "enabled": "AUTO",
  "isEnabled": true,
  "isVisible": true,
  "indicators": [
    {
      "deviceId": 2,
      "pluginId": 2,
      "pluginIndicatorTypeId": 6986,
      "name": "time_min",
      "description": "Minimum ping time",
      "dataUnits": "Milliseconds",
      "displayUnits": "Milliseconds",
      "isEnabled": true,
      "isBaselining": true,
      "isDeleted": false,
      "maxValue": 0,
      "systemMaxValue": null,
      "systemIsEnabled": null,
      "systemIsBaselining": null,
      "format": "GAUGE",
      "lastInvalidationTime": 0,
      "syntheticExpression": null,
      "evaluationOrder": 1
    }
  ]
}

Troubleshooting

Edit online

After you execute an operation, you will see an HTTP status code in the Response Code section. This code represents the status of the operation. For example, 200 indicates that the operation was successful. If an operation fails, you may see information about the problem in the Response Body field. The following screenshot shows an error that occurs if you try to perform an operation without first authenticating. The relevant HTTP status code is 401, and the description for the code is Unauthorized. In this case, additional information about the error appears after "detail":.


restApiPostCreateDeviceParameters

The following table contains some common HTTP status codes along with their descriptions. For additional details on HTTP status codes, please refer to Hypertext Transfer Protocol (HTTP) Status Code Registry (https://www.iana.org/assignments/http-status-codes/http-status-codes.xhtml).

Return Codes

Edit online

The table below lists the HTTP error codes returned when specific conditions are met during the execution of RESTful API requests.

HTTP Status Code Description
200 (OK) Request is executed successfully.
201 (Created) Request is executed successfully and new resource is created in the system.
204 (No Content) Request is executed successfully but no content is returned. It is used on all DELETE requests in RESTful API.
400 (Bad Request) Server is unable to process the request due to something that is perceived to be a client error. For example, malformed request syntax, invalid request message framing, or deceptive request routing.
401 (Unauthorized) Request is not executed because it lacks a valid authentication credentials for the target resource.
403 (Forbidden) Request is executed with a valid credentials that are not significant to gain access to the resources.
404 (Not Found)

The resource requested is not found. For example,

  • Wrong URI requested
  • Request to add device in device group, but the device group is not found
409 (Conflict) The resource could not be created/updated due to a conflict with the current state of the target resource. For example, request to create a new device, but device with that name already exists in the system
422 (Unprocessable Entity) Missing required element in the request.
424 (Failed Dependency) External system is not executed successfully. For example, RESTful API executes the NMS script which fails.
500 (Internal Server Error) Server encounters an unexpected condition that prevents it from fulfilling the request.
503 (Service Unavailable) Server is unable to handle the request due to a temporary overload or scheduled maintenance, which will likely be alleviated after some delay.

RESTful API Logs

Edit online
  1. Using a web browser of your choice, log in to RESTful API swagger user interface. 
    http://<PAS hostname or IP address>/api/docs/

    Please refer to section Authentication to obtain permissions to perform the operations.

  2. To change logging level per logger, under Application, click POST /api/v2/application/logger.
    restApiLoggerBlank

  3. Under Parameters, all the way to the right, locate the Model Schema field. Click on the field to copy its content to the logger field.
  4. On the left side of the Parameters section, you will notice that the content now appears in the logger field.
    restApiLogger

    1. After "level":, replace string with a logging level from the list below. Please make sure to enter the logging level within the quotes.

      The log levels available are the following.

      Log Level Description
      OFF The OFF has the highest possible rank and is intended to turn off logging.
      FATAL The FATAL level designates very severe error events that will presumably lead the application to abort.
      ERROR The ERROR level designates error events that might still allow the application to continue running.
      WARN The WARN level designates potentially harmful situations.
      INFO The INFO level designates information messages that highlight the progress of the application at coarse-grained level.
      DEBUG The DEBUG level designates fine-grained informational events that are most useful to debug an application.
      TRACE The TRACE level designates finer-grained informational events than the DEBUG level.
      ALL The ALL has the lowest possible rank and is intended to turn on all logging.
      Note: By default, the log level is ERROR.
    2. After "logger":, replace string with the logger you want to get the log messages for. Please make sure to enter the value within the quotes.
      Logger Description
      DATABASE Enable logs for data persistence layer.
      INDICATOR_DATA Enable logs for the indicator endpoints
      LDAP Enable logs for the LDAP module.
      LIVEMAPS Enable logs for livemaps.
      MESSAGESWITCH Enable logs for messageswitch.
      • org.hibernate.SQL
      • org.hibernate.type
      • root
      		 Enable logs for SQL queries.
      REST Enable logs for the requestd module.
      Important: Multiple combinations of (level, logger) can be specified. In order to specify <n> combinations, <n> RESTful API calls must be made. For example, you can make RESTful API call for (DEBUG, REST) and another call for (WARN, DATABASE).

      Although default value for log level is ERROR, default string for the logger does not exist. If two RESTful API calls for (DEBUG, REST) and (WARN, DATABASE) are made, two more RESTful API calls (ERROR, REST) and (ERROR, DATABASE) are required to revert them.
      Note: 'logger' field examples
      {
  "level": "DEBUG",
  "logger": "REST"
}
      Example: Enable SQL queries to the database
      {
  "level": "DEBUG",
  "logger": "org.hibernate.SQL"
}
  
{
  "level": "DEBUG",
  "logger": "org.hibernate.type"
}
      Example: Enable logging for all modules
      
{
  "level": "DEBUG",
  "logger": "root"
}
  5. At the bottom of the POST section, click the Try it out! button.
  6. Please refer to Troubleshooting for the description of the Response Code returned after executing the RESTful API operation.
  7. Using ssh, log into SevOne NMS appliance as root.
    $ ssh root@<SevOne NMS appliance IP address or hostname>
  8. Logs can be found in /var/log/rest-api/SevOne-rest-api.log.
    Important: When debugging, RESTful API's response time may be impacted because logs are being written to the log file.

    RESTful API debug settings are not persistent when SevOne-restapi is restarted.
    
$ podman exec -it nms-nms-nms /bin/bash

$ supervisorctl restart SevOne-restapi