AnsweredAssumed Answered

API Use Case - Scanning Assets with Dynamic IPs

Question asked by Tarek Naja Employee on Dec 24, 2019

Hi all,

 

We recently had a request from a customer to help with an operational challenge and we were able to offer help using APIs. I would like to share with you the approach and hopefully get your feedback.

 

The situation is as follows:

  • Multiple geo locations with hosts tracked using DNS/NetBIOS
  • A scanner user in each location

 

Requirement:

  • Scan several hosts on demand
  • Hosts have dynamic IPs and tracked using DNS/NetBIOS
  • They want to scan selected hosts and do not want to scan the entire asset group

 

Limitations:

  • They are not ready to adopt our cloud agent
  • Scanner user cannot view scan results if “Scan by hostname” feature is enabled, and user can scan asset group(s) with hostnames only
  • There is not option to scan specific hostnames. They will have to scan the entire asset group (which isn't something they want)

 

The proposed solution was to create a script that uses our APIs to do the following:

  1. Read hostnames from an excel sheet
  2. Resolve the IP of each hostname
  3. Save the IPs in a text file and pause the script
  4. Wait for the user to review the IPs and continue running the script
  5. Launch a scan job with all IPs in the text file

 

We managed to do this with a quick python script. I’m not a scripting expert and would appreciate any input or feedback on how to enhance the approach and/or the script (happy to share the full code in private).

 

Mainly some enhancement on the script would be great, including things like:

  • Exception handling – as is, if the script fails to resolve one IP it will stop
  • Accepting username and password as input in a secure way instead of hard-coding

 

Thanks in advance

Tarek

Outcomes