Intro to Using the Automox API: How to View Non-compliant Hosts

Continuing on our exploration of the Automox API, we are going to look at how to view non-compliant hosts. Remember the API interface is protected with a key which can be found in the console.

There are a number of API features to use which can be found here: https://docs.automox.com/api/ . In this example we will go over using the reports/noncompliance API call using Python. Be sure to log in to the console, navigate to Settings, and you’ll find the API Key at the bottom of the page.

The data from the API is in JSON format. In this example we will look at the noncompliance call in the API and convert the output to a CSV or a plain text table. The fields in the noncompliance JSON are:

{
 "total": 0,
 "low": 0,
 "medium": 0,
 "high": 0,
 "other": 0,
 "devices": [
   {
     "id": 0,
     "name": "string",
     "customName": "string",
     "serverCreateTime": "2018-06-19T18:47:43.697Z",
     "lastCheckinTime": "2018-06-19T18:47:43.697Z",
     "lastRefreshTime": "2018-06-19T18:47:43.697Z",
     "needsReboot": true,
     "groupId": 0,
     "os_family": "string",
     "policies": [
       {
         "id": 0,
         "name": "string",
         "type": "string",
         "reasonForFail": "string",
         "policyCreateTime": "2018-06-19T18:47:43.697Z",
         "severity": "string",
         "packages": [
           {
             "id": 0,
             "name": "string",
             "severity": "string",
             "packageVersionId": 0,
             "createTime": "2018-06-19T18:47:43.697Z"
           }
         ]
       }
     ]
   }
 ]
}

In this example, we will only look at out of compliance hosts for the current day. To access the data, we will use Python and the requests package. The simplest example would be to just return all the data to the screen.

import requests

pageText=requests.get("https://console.automox.com/api/reports/noncompliance?api_key=yourKey").json()
print(pageText)
 

You may notice that there is just too much data to read. We will focus on just a few fields:

  • Name of Host
  • Operating system
  • Reboot Required
  • Missing Packages

The JSON object that is returned is called nonCompliant, each machine is a new item in the dictionary, and each missing package is a new item in the tree. This requires us to do a few nested loops.

for item in pageText['nonCompliant']['devices']:
   missingPackages=None
   for item2 in item['policies']:
       for item3 in item2['packages']:
           if missingPackages == None:
               missingPackages=item3['name']
           else:
               missingPackages= missingPackages + ",” + item3['name']
    print("{} , {} , {}, \"{}\" ".format(item['name'], item['os_family'],
       item['needsReboot'], missingPackages))
 

This would print out a CSV on the screen of missing patches.  

To improve on this, we can use the ArgParse package to supply the API Key on the command line. We can also use PrettyTable to print table on the screen or write to a CSV file.

#!/usr/bin/env python3
#File: noncomp.py : A script to get non compliant devices from the Automox API
#Auth: Joe McManus mcmanus@automox.com
#Ver : Version 1.0 2018/06/19 import json
import requests
from prettytable import PrettyTable
import argparse
from datetime import datetime
parser = argparse.ArgumentParser(description='Automox API Example')
parser.add_argument('--limit', help="Limit results to X", type=int)
parser.add_argument('--csv', help="Output as CSV",  action="store_true")
parser.add_argument('--table', help="Output as table",  action="store_true")
parser.add_argument('apiKey', help="API Key ", type=str)
args=parser.parse_args()
baseUrl="https://console.automox.com/api/reports/noncompliance?api_key="
url=baseUrl + args.apiKey  + "&startDate=" + datetime.now().strftime('%Y-%m-%d')
print(url)
i=0
pageText=requests.get(url).json()

if args.csv:
   filename=datetime.now().strftime('%Y-%m-%d %H:%M:%S') + "-noncomp.csv"
   fh=open(filename, "w+")

table=PrettyTable(["Host",  "OS", "Reboot Rqd", "packages"])
for item in pageText['nonCompliant']['devices']:
   missingPackages=None
   for item2 in item['policies']:
       for item3 in item2['packages']:
           if missingPackages == None:
               missingPackages=item3['name']
           else:
               missingPackages= missingPackages + "\n" + item3['name']
   if args.table:
       table.add_row([item['name'], item['os_family'], item['needsReboot'], missingPackages])
   if args.csv:
       fh.write("{} , {} , {}, \"{}\" ".format(item['name'], item['os_family'], item['needsReboot'], str(missingPackages).replace("\n", ",")))
   if args.limit:
       if i >= args.limit:
           break
   i+=1

if args.table:
   print(table)
if args.csv:
   fh.close()
 

Now that you have begun to dive deeper in to the Automox API you can continue to customize the automated features of your patch management. If you have any questions, you can reach us at support@automox.com!

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.

Get Instant Updates on Vulnerabilities

Subscribe to receive Automox vulnerability alerts

Reduce your threat surface by up to 80%

Make all of your corporate infrastructure more resilient by automating the basics of cyber hygiene.

Take 15 days to raise your security confidence!
Start a Free Trial