2. Examples v2¶
This section contains examples of API requests and responses. Please note that the JSON response in some case does not contain the full response (e.g. in case of long lists).
2.1. Interfaces¶
2.1.1. Get Interface Data¶
curl
curl -s -u admin:admin "http://localhost:3000/lua/rest/v2/get/interface/data.lua?ifid=0"
Response:
{
"rc": 0
"rc_str": "OK",
"rsp": {
"profiles": {
"SampleProfile": 0
},
"ifname": "enp0s8",
"uptime": "00:42",
"num_local_hosts": 3,
"remote_bps": 0,
"localtime": "17:14:42 +0200",
"flow_export_rate": 0.0,
"throughput": {
"download": {
"pps": 0.79980963468552002,
"bps": 86.379440307617003
},
"upload": {
"pps": 0.39990481734276001,
"bps": 63.184963226317997
}
},
"bytes": 141035,
"has_alerts": true,
"num_flows": 4,
"throughput_bps": 149.56440734863,
"flow_export_drops": 0,
"drops": 0,
"bytes_upload": 103734,
"alerted_flows": 0,
"remote2local": 0,
"is_view": false,
"packets_download": 361,
"packets_upload": 251,
"bytes_download": 37301,
"system_host_stats": {
"mem_total": 4046248,
"dropped_alerts": 0,
"mem_ntopng_resident": 187756,
"mem_ntopng_virtual": 1732120,
"cpu_load": 3.6400001049042001,
"mem_sreclaimable": 81460,
"mem_shmem": 30200,
"mem_used": 590148,
"alerts_queries": 3,
"mem_cached": 1052396,
"written_alerts": 9,
"mem_free": 2186336,
"mem_buffers": 166108,
"cpu_states": {
"nice": 0.0,
"softirq": 0.11173184357542,
"steal": 0.0,
"idle": 96.201117318436005,
"system": 2.0111731843574998,
"guest_nice": 0.0,
"iowait": 0.11173184357542,
"guest": 0.0,
"user": 1.5642458100559,
"irq": 0.0
}
},
"tcpPacketStats": {
"retransmissions": 0,
"lost": 0,
"out_of_order": 0
},
"num_live_captures": 0,
"local2remote": 0,
"periodic_stats_update_frequency_secs": 5,
"throughput_pps": 1.1997145414352,
"dropped_alerts": 0,
"ts_alerts": [],
"epoch": 1590160482,
"ifid": "0",
"hosts_pctg": 1,
"speed": 1000,
"num_hosts": 3,
"macs_pctg": 1,
"flows_pctg": 1,
"flow_export_count": 0,
"packets": 612,
"engaged_alerts": 0,
"remote_pps": 0,
"num_devices": 2
},
}
2.1.2. Get interface IP addresses¶
curl
curl -u admin:admin "http://localhost:3000/lua/rest/v2/get/interface/address.lua?ifid=0"
Response:
{
"rc_str": "OK",
"rsp": {
"addresses": [
"192.168.1.1/32",
"fe80::a00:27ff:fe80:f433/128"
]
},
"rc": 0
}
2.1.3. Get L7 statistics for an interface¶
curl
curl -u admin:admin "http://localhost:3000/lua/rest/v2/get/interface/l7/stats.lua?ifid=0&ndpistats_mode=count"
Response:
{
"rc_str": "OK",
"rsp": [
{
"value": 62,
"label": "TLS"
},
{
"value": 36,
"label": "DNS"
},
{
"value": 34,
"label": "HTTP"
},
{
"value": 20,
"label": "Google"
},
{
"value": 11,
"label": "Facebook"
},
{
"value": 15,
"label": "Other"
}
],
"rc": 0
}
2.1.4. Get actively monitored interfaces¶
curl
curl -u admin:admin "http://localhost:3000/lua/rest/v2/get/ntopng/interfaces.lua"
Response:
{
"rc_str": "OK",
"rsp": [
{
"ifid": 0,
"ifname": "test_01.pcap"
},
{
"ifid": 1,
"ifname": "test_02.pcap"
}
],
"rc": 0
}
2.2. Hosts¶
2.2.1. Get active hosts¶
curl
curl -u admin:admin "http://localhost:3000/lua/rest/v2/get/host/active.lua?ifid=0"
Response:
{
"rc_str": "OK",
"rc": 0,
"rsp": {
"data": [
{
"is_localhost": false,
"last_seen": 1589741869,
"thpt": {
"bps": 0,
"pps": 0
},
"is_broadcast": false,
"country": "US",
"num_alerts": 0,
"is_multicast": false,
"num_flows": {
"total": 1,
"as_client": 0,
"as_server": 1
},
"key": "8__241__92__250",
"bytes": {
"total": 2356772,
"recvd": 34148,
"sent": 2322624
},
"vlan": 0,
"is_broadcast_domain": false,
"name": 0,
"ip": "8.241.92.250",
"is_blacklisted": false,
"os": 0,
"first_seen": 1589741868
},
{
"is_localhost": false,
"last_seen": 1589741869,
"thpt": {
"bps": 0,
"pps": 0
},
"is_broadcast": false,
"country": "",
"num_alerts": 0,
"is_multicast": false,
"num_flows": {
"total": 34,
"as_client": 0,
"as_server": 34
},
"key": "2__23__155__233",
"bytes": {
"total": 41945,
"recvd": 23013,
"sent": 18932
},
"vlan": 0,
"is_broadcast_domain": false,
"name": 0,
"ip": "2.23.155.233",
"is_blacklisted": false,
"os": 0,
"first_seen": 1589741865
}
],
"currentPage": 1,
"perPage": 10,
"sort": [
[]
]
}
}
2.2.2. Get host data¶
curl
curl -u admin:admin "http://localhost:3000/lua/rest/v2/get/host/data.lua?ifid=0&host=8.241.92.250"
Response:
{
"rc_str": "OK",
"rc": 0,
"rsp": {
"icmp.bytes.rcvd.anomaly_index": 0,
"tcp.bytes.sent.anomaly_index": 0,
"packets.rcvd": 494,
"childSafe": false,
"os": 0,
"tcpPacketStats.rcvd": {
"retransmissions": 0,
"keep_alive": 0,
"lost": 0,
"out_of_order": 0
},
"throughput_bps": 0,
"icmp.packets.rcvd": 0,
"other_ip.bytes.sent.anomaly_index": 0,
"tcp.packets.seq_problems": false,
"systemhost": false,
"active_alerted_flows": 0,
"udp.bytes.rcvd": 0,
"flows.as_client": 0,
"icmp.bytes.rcvd": 0,
"num_triggered_alerts": {
"hour": 0,
"5mins": 0,
"day": 0,
"min": 0
},
"privatehost": false,
"packets.rcvd.anomaly_index": 0,
"udp.bytes.sent.anomaly_index": 0,
"ip": "8.241.92.250",
"has_blocking_shaper": false,
"num_alerts": 0,
"tcp.packets.sent": 1556,
"active_http_hosts": 0,
"asn": 3356,
"hassh_fingerprint": [],
"ja3_fingerprint": {
"5d79edf64e03689ff559a54e9d9487bc": {
"num_uses": 1,
"app_name": ""
}
},
"is_blacklisted": false,
"flows.as_server": 1,
"asname": "LEVEL3",
"udp.bytes.sent": 0,
"seen.last": 1589741869,
"seen.first": 1589741868,
"tcp.bytes.rcvd.anomaly_index": 0,
"throughput_pps": 0,
"bins": {
"server": {
"frequency": {
"> 300": 0,
"<= 300": 0,
"<= 60": 0,
"<= 3": 0,
"<= 30": 0,
"<= 5": 0,
"<= 1": 0,
"<= 10": 0
},
"duration": {
"> 300": 0,
"<= 300": 0,
"<= 60": 0,
"<= 3": 0,
"<= 30": 0,
"<= 5": 0,
"<= 1": 0,
"<= 10": 0
}
},
"client": {
"frequency": {
"> 300": 0,
"<= 300": 0,
"<= 60": 0,
"<= 3": 0,
"<= 30": 0,
"<= 5": 0,
"<= 1": 0,
"<= 10": 0
},
"duration": {
"> 300": 0,
"<= 300": 0,
"<= 60": 0,
"<= 3": 0,
"<= 30": 0,
"<= 5": 0,
"<= 1": 0,
"<= 10": 0
}
}
},
"host_unreachable_flows.as_client": 0,
"total_flows.as_server": 1,
"bytes.ndpi.unknown": 0,
"vlan": 0,
"other_ip.bytes.sent": 0,
"tskey": "8.241.92.250",
"broadcast_domain_host": false,
"mac": "10:13:31:F1:39:76",
"city": "",
"icmp.bytes.sent.anomaly_index": 0,
"packets.sent.anomaly_index": 0,
"latitude": 37.750999450684,
"udp.packets.sent": 0,
"pktStats.recv": {
"size": {
"upTo128": 487,
"upTo256": 5,
"above9000": 0,
"upTo2500": 0,
"upTo64": 0,
"upTo9000": 0,
"upTo512": 2,
"upTo1024": 0,
"upTo6500": 0,
"upTo1518": 0
},
"tcp_flags": {
"finack": 0,
"syn": 1,
"rst": 0,
"synack": 0
}
},
"drop_all_host_traffic": false,
"localhost": false,
"bytes.sent.anomaly_index": 0,
"misbehaving_flows.as_server": 0,
"continent": "NA",
"names": [],
"num_flow_alerts": 0,
"os_detail": "",
"host_pool_id": 0,
"ifid": 0,
"icmp.bytes.sent": 0,
"other_ip.packets.rcvd": 0,
"throughput_trend_pps": 0,
"name": "",
"contacts.as_server": 0,
"tcpPacketStats.sent": {
"retransmissions": 0,
"keep_alive": 0,
"lost": 0,
"out_of_order": 0
},
"contacts.as_client": 0,
"is_broadcast": false,
"total_activity_time": 5,
"misbehaving_flows_status_map.as_server": 0,
"active_flows.as_server": 1,
"active_flows.as_client": 0,
"udpBytesSent.non_unicast": 0,
"udpBytesSent.unicast": 0,
"score": 0,
"longitude": -97.821998596191,
"bytes.sent": 2322624,
"hiddenFromTop": false,
"other_ip.packets.sent": 0,
"icmp.packets.sent": 0,
"udp.packets.rcvd": 0,
"misbehaving_flows_status_map.as_client": 0,
"tcp.bytes.sent": 2322624,
"total_alerts": 0,
"other_ip.bytes.rcvd.anomaly_index": 0,
"ndpi_categories": {
"Web": {
"bytes.sent": 2322624,
"bytes": 2356772,
"bytes.rcvd": 34148,
"category": 5,
"duration": 5
}
},
"tcp.packets.rcvd": 494,
"packets.sent": 1556,
"host_unreachable_flows.as_server": 0,
"unreachable_flows.as_server": 0,
"dhcpHost": false,
"ndpi": {
"TLS": {
"bytes.sent": 2322624,
"num_flows": 0,
"packets.sent": 1556,
"bytes.rcvd": 34148,
"packets.rcvd": 494,
"duration": 5,
"breed": "Safe"
}
},
"unreachable_flows.as_client": 0,
"misbehaving_flows.as_client": 0,
"ipkey": 150035706,
"throughput_trend_bps": 0,
"bytes.rcvd": 34148,
"other_ip.bytes.rcvd": 0,
"total_flows.as_client": 0,
"udp.bytes.rcvd.anomaly_index": 0,
"tcp.bytes.rcvd": 34148,
"has_blocking_quota": false,
"bytes.rcvd.anomaly_index": 0,
"pktStats.sent": {
"size": {
"upTo128": 8,
"upTo256": 2,
"above9000": 0,
"upTo2500": 0,
"upTo64": 0,
"upTo9000": 0,
"upTo512": 0,
"upTo1024": 7,
"upTo6500": 0,
"upTo1518": 1539
},
"tcp_flags": {
"finack": 0,
"syn": 0,
"rst": 0,
"synack": 1
}
},
"country": "US",
"is_multicast": false,
"devtype": 0,
"duration": 2
}
}
2.2.3. Get host custom data¶
Get custom host data: “ip,bytes.sent=tdb,packets.sent” for host: “10.222.222.119” on monitoring interface (ifid): 0. Available fields can be found from the output of “Get host data” above. Each field can have an optional alias name. Use the “field=alias” syntax to define a field alias. Separate each field / field alias with a comma.
curl
curl --silent --insecure -u "admin:admin" \
-H "Content-Type: application/json" -d '{"ifid": 0, "host": "10.222.222.119", "field_alias": "ip,bytes.sent=tdb,packets.sent"}' \
"https://localhost:3001/lua/rest/v2/get/host/custom_data.lua"
Response:
{
"rc_str": "OK",
"rc": 0,
"rsp": {
"tdb": 71787960,
"ip": "10.222.222.119",
"packets.sent": 243977
}
}
Get custom host data: “ip,bytes.sent=tdb,packets.sent=tdp” for all hosts on monitoring interface (ifid): 0.
curl
curl --silent --insecure -u "admin:admin" \
-H "Content-Type: application/json" -d '{"ifid": 0, "field_alias": "ip,bytes.sent=tdb,packets.sent=tdp"}' \
"https://localhost:3001/lua/rest/v2/get/host/custom_data.lua"
Response:
{
"rc_str": "OK",
"rc": 0,
"rsp": [
{
"ip": "ff02::1:ff00:1",
"tdb": 0,
"tdp": 0
},
{
"ip": "10.222.222.96",
"tdb": 106980522,
"tdp": 452276
},
{
"ip": "ff02::1:ffb7:97bf",
"tdb": 0,
"tdp": 0
},
{
"ip": "10.222.222.119",
"tdb": 76788610,
"tdp": 264447
}
]
}
Get all host data for all hosts on monitoring interface (ifid): 0.
curl
curl --silent --insecure -u "admin:admin" \
-H "Content-Type: application/json" -d '{"ifid": 0"}' \
"https://localhost:3001/lua/rest/v2/get/host/custom_data.lua"
Response:
{
"rc_str": "OK",
"rc": 0,
"rsp": [
{
All host data for "ip": "ff02::1:ff00:1"
},
{
All host data for "ip": "10.222.222.96"
},
{
All host data for "ip": "ff02::1:ffb7:97bf"
},
{
"All host data for "ip": "10.222.222.119",
}
]
}
2.2.4. Get L7 statistics for a host¶
curl
curl -u admin:admin "http://localhost:3000/lua/rest/v2/get/host/l7/stats.lua?ifid=0&host=8.241.92.250"
Response:
{
"rsp": [
{
"duration": 5,
"value": 2356772,
"label": "TLS"
}
],
"rc_str": "OK",
"rc": 0
}
2.2.5. Get host interfaces¶
curl
curl -u admin:admin "http://localhost:3000/lua/rest/v2/get/host/interfaces.lua?host=8.241.92.250"
Response:
{
"rc_str": "OK",
"rsp": {
"8.241.92.250": [
{
"ifid": 1
},
{
"ifid": 0
}
]
},
"rc": 0
}
2.3. Flows¶
2.3.1. Get flow counters for L4 protocols¶
curl
curl -u admin:admin "http://localhost:3000/lua/rest/v2/get/flow/l4/counters.lua?ifid=0"
Response:
{
"rc": 0,
"rc_str": "OK",
"rsp": [
{
"id": 6,
"count": 132
},
{
"id": 17,
"count": 46
}
]
}
2.3.2. Get flow counters for L7 protocols¶
curl
curl -u admin:admin "http://localhost:3000/lua/rest/v2/get/flow/l7/counters.lua?ifid=0"
Response:
{
"rc_str": "OK",
"rsp": [
{
"count": 1,
"name": "Cloudflare"
},
{
"count": 45,
"name": "DNS"
},
{
"count": 11,
"name": "Facebook"
},
{
"count": 20,
"name": "Google"
},
{
"count": 96,
"name": "TLS"
},
{
"count": 82,
"name": "Unknown"
}
],
"rc": 0
}
2.3.3. Get active flows¶
curl
curl -u admin:admin "http://localhost:3000/lua/rest/v2/get/flow/active.lua?ifid=0"
Response:
{
"rc": 0,
"rsp": {
"data": [
{
"thpt": {
"pps": 0,
"bps": 0
},
"hash_id": "163",
"client": {
"name": "192.168.1.93",
"port": 61683,
"is_blacklisted": false,
"is_dhcp": false,
"ip": "192.168.1.93",
"is_broadcast_domain": false
},
"first_seen": 1589741868,
"score": "0",
"vlan": 0,
"server": {
"name": "8.241.92.250",
"port": 443,
"is_blacklisted": false,
"is_dhcp": false,
"ip": "8.241.92.250",
"is_broadcast": false
},
"last_seen": 1589741869,
"bytes": 2356772,
"key": "3382381902",
"protocol": {
"l4": "TCP",
"l7": "TLS"
},
"duration": 1,
"breakdown": {
"srv2cli": 99,
"cli2srv": 1
}
},
{
"thpt": {
"pps": 0,
"bps": 0
},
"hash_id": "23",
"client": {
"name": "192.168.1.93",
"port": 61567,
"is_blacklisted": false,
"is_dhcp": false,
"ip": "192.168.1.93",
"is_broadcast_domain": false
},
"first_seen": 1589741865,
"score": "0",
"vlan": 0,
"server": {
"name": "31.13.86.4",
"port": 443,
"is_blacklisted": false,
"is_dhcp": false,
"ip": "31.13.86.4",
"is_broadcast": false
},
"last_seen": 1589741865,
"bytes": 188958,
"key": "3753284184",
"protocol": {
"l4": "TCP",
"l7": "TLS.Facebook"
},
"duration": 0,
"breakdown": {
"srv2cli": 96,
"cli2srv": 4
}
}
],
"currentPage": 1,
"perPage": 10,
"totalRows": 178,
"sort": [
[
"column_",
"desc"
]
]
},
"rc_str": "OK"
}
2.3.4. Get historical flows¶
curl
curl -u admin:admin -H "Content-Type: application/json" -d '{"ifid": 0, "select_clause": "*", "where_clause": "IPV4_SRC_ADDR = 192.168.56.1", "begin_time_clause": 1590480290, "end_time_clause": 1590480590, "maxhits_clause": 10}' http://localhost:3000/lua/pro/rest/v2/get/db/flows.lua
Response:
{
"rc":0,
"rc_str":"OK",
"rsp":[
{
"FLOW_TIME":"1590480421",
"FIRST_SEEN":"1590480420",
"LAST_SEEN":"1590480421",
"VLAN_ID":"0",
"IP_PROTOCOL_VERSION":"4",
"IPV4_SRC_ADDR":"192.168.56.1",
"IPV4_DST_ADDR":"192.168.56.103",
"IPV6_SRC_ADDR":"::",
"IPV6_DST_ADDR":"::",
"PROTOCOL":"6",
"IP_SRC_PORT":"61900",
"IP_DST_PORT":"22",
"L7_PROTO":"92",
"SRC2DST_BYTES":"908",
"DST2SRC_BYTES":"2968",
"PACKETS":"22",
"TOTAL_BYTES":"3876",
"SRC_COUNTRY_CODE":"0",
"DST_COUNTRY_CODE":"0",
"SRC_LABEL":"",
"DST_LABEL":"",
"NTOPNG_INSTANCE_NAME":"ubuntuvm",
"INTERFACE_ID":"6",
"PROFILE":"",
"STATUS":"0",
"INFO":""
}
]
}
2.4. Alerts¶
2.4.1. Get alerts timeseries¶
curl
curl -u admin:admin -H "Content-Type: application/json" -d '{"ifid": "0", "status": "historical-flows", "epoch_begin": 1590710400, "epoch_end": 1590796800}' http://localhost:3000/lua/rest/v2/get/alert/ts.lua
Response:
{
"rsp": {
"1590710400": [
0,
0,
0,
0,
0,
0,
0,
37,
3,
4,
6,
13,
9,
0,
15,
0,
3,
0,
0,
0,
0,
0,
0,
0
],
"1590796800": [
0,
0,
1,
0,
0,
2,
0,
0,
0,
1,
0,
0,
0,
16,
0,
0,
3,
34,
48,
13,
0,
0,
2,
0
]
},
"rc": 0,
"rc_str": "OK"
}
2.4.2. Get alerts data¶
curl
curl -u admin:admin -H "Content-Type: application/json" -d '{"ifid": "0"}' http://localhost:3000/lua/rest/v2/get/interface/alert/list.lua
Response:
{
"rc":0,
"rc_str_hr":"Success",
"recordsTotal":1,
"recordsFiltered":1,
"rc_str":"OK",
"rsp":{
"records":[
{
"alert_name":"<i class=\"fas fa-fw fa-arrow-circle-up\"></i> Threshold Cross",
"duration":156,
"row_id":"00000000-0000-0000-0000-000000000000",
"user_label":"",
"alert_id":{
"label":"<i class=\"fas fa-fw fa-arrow-circle-up\"></i> Threshold Cross",
"value":"4136"
},
"subtype":"throughput",
"family":"interface",
"tstamp":{
"value":1642028429,
"label":"13/01/2022 00:00:29",
"highlight":"#ff3231"
},
"score":{
"value":100,
"label":"100",
"color":"#ff3231"
},
"script_key":"throughput",
"count":1,
"severity":{
"value":5,
"label":"<i class='fas fa-fw fa-exclamation-triangle text-danger' style='color: #ff3231!important' title='Error'></i> ",
"color":"#ff3231"
},
"msg":{
"fullname":"Threshold Cross",
"description":"Minute <b>throughput</b> crossed by interface <a href='/lua/if_stats.lua?ifid=4&page=historical&epoch_begin=1642425875&epoch_end=1642429475'>eno1</a> [22.49 > 1]",
"name":"Threshold Cross",
"value":4136,
"configset_ref":" <a href=\"/lua/admin/edit_configset.lua?subdir=interface&check=throughput#all\"><i class=\"fas fa-cog\" title=\"Edit Configuration\"></i></a>"
}
},
]
}
}
2.4.3. Get alert severity constants¶
curl
curl -u admin:admin http://localhost:3000/lua/rest/v2/get/alert/severity/consts.lua
Response:
{
"rsp": [
{
"severity": "info",
"id": 0
},
{
"severity": "error",
"id": 2
},
{
"severity": "warning",
"id": 1
}
],
"rc": 0,
"rc_str": "OK"
}
2.4.4. Get alert type constants¶
curl
curl -u admin:admin http://localhost:3000/lua/rest/v2/get/alert/type/consts.lua
Response:
{
"rc_str": "OK",
"rc": 0,
"rsp": [
{
"key": 9,
"type": "alert_flow_blocked"
},
{
"key": 40,
"type": "alert_request_reply_ratio"
},
{
"key": 18,
"type": "alert_internals"
},
{
"key": 38,
"type": "alert_quota_exceeded"
},
{
"key": 21,
"type": "alert_login_failed"
},
{
"key": 53,
"type": "alert_user_activity"
},
{
"key": 47,
"type": "alert_tcp_syn_scan"
}
]
}
2.4.5. Get counters per severity¶
curl
curl -u admin:admin "http://localhost:3000/lua/rest/v2/get/alert/severity/counters.lua?ifid=0"
Response:
{
"rc": 0,
"rc_str": "OK",
"rsp": {
"historical-flows": [
{
"count": "37",
"severity": "error"
}
],
"historical": []
}
}
2.4.6. Get counters per type¶
curl
curl -u admin:admin "http://localhost:3000/lua/rest/v2/get/alert/type/counters.lua?ifid=0"
Response:
{
"rsp": {
"historical-flows": [
{
"count": "37",
"type": "alert_potentially_dangerous_protocol"
}
],
"historical": []
},
"rc": 0,
"rc_str": "OK"
}
2.5. L7 Application Protocols¶
2.5.1. Get L7 application protocol constants¶
curl
curl -u admin:admin http://localhost:3000/lua/rest/v2/get/l7/application/consts.lua
Response:
{
"rc_str": "OK",
"rsp": [
{
"name": "PS_VUE",
"cat_id": 26,
"appl_id": 64
},
{
"name": "Lando",
"cat_id": 0,
"appl_id": 254
},
{
"name": "MapleStory",
"cat_id": 8,
"appl_id": 113
},
{
"name": "Spotify",
"cat_id": 25,
"appl_id": 156
},
{
"name": "DNS",
"cat_id": 14,
"appl_id": 5
},
{
"name": "SMTP",
"cat_id": 3,
"appl_id": 3
}
],
"rc": 0
}
2.6. L7 Application Categories¶
2.6.1. Get L7 application category constants¶
curl
curl -u admin:admin http://localhost:3000/lua/rest/v2/get/l7/category/consts.lua
Response:
{
"rc_str": "OK",
"rsp": [
{
"name": "Web",
"cat_id": 5
},
{
"name": "Database",
"cat_id": 11
},
{
"name": "Malware",
"cat_id": 100
},
{
"name": "User custom category 3",
"cat_id": 22
},
{
"name": "DataTransfer",
"cat_id": 4
},
{
"name": "SocialNetwork",
"cat_id": 6
},
{
"name": "Cloud",
"cat_id": 13
}
],
"rc": 0
}
2.7. L4 Protocols¶
2.7.1. Get L4 protocol constants¶
curl
curl -u admin:admin http://localhost:3000/lua/rest/v2/get/l4/protocol/consts.lua
Response:
{
"rc": 0,
"rsp": [
{
"name": "IP",
"id": 0
},
{
"name": "ICMP",
"id": 1
},
{
"name": "IGMP",
"id": 2
},
{
"name": "TCP",
"id": 6
},
{
"name": "UDP",
"id": 17
},
{
"name": "IPv6",
"id": 41
},
{
"name": "RSVP",
"id": 46
},
{
"name": "GRE",
"id": 47
},
{
"name": "ESP",
"id": 50
},
{
"name": "IPv6-ICMP",
"id": 58
},
{
"name": "OSPF",
"id": 89
},
{
"name": "PIM",
"id": 103
},
{
"name": "VRRP",
"id": 112
},
{
"name": "HIP",
"id": 139
},
{
"name": "ICMPv6",
"id": 58
},
{
"name": "IGMP",
"id": 2
},
{
"name": "Other IP",
"id": -1
}
],
"rc_str": "OK"
}
2.8. Pools¶
2.8.1. Add an Host Pool¶
curl
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool_name": "themaina", "pool_members": "192.168.2.0/24@0", "recipients":"0"}' http://localhost:3000/lua/rest/v2/add/host/pool.lua
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool_name": "themaina", "pool_members": "192.168.2.0/24@0,192.168.3.0/24@0", "recipients":"0"}' http://localhost:3000/lua/rest/v2/add/host/pool.lua
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool_name": "themainamac", "pool_members": "AA:BB:CC:DD:EE:FF", "recipients":"0"}' http://localhost:3000/lua/rest/v2/add/host/pool.lua
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool_name": "themainaip", "pool_members": "8.8.8.8/32@2", "recipients":"0"}' http://localhost:3000/lua/rest/v2/add/host/pool.lua
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool_name": "themainaempty", "pool_members": "", "recipients":"0"}' http://localhost:3000/lua/rest/v2/add/host/pool.lua
pool_nameIs the name of the pool.pool_membersIs a comma-separated list of one or more pool members, either networks expressed as CIDR, IP addresses or MAC addresses. Networks and IP addresses must carry the suffix@<VLAN_ID>for the VLAN. If no VLAN is present, use@0.recipientsIs a comma separated list of one or more recipient IDs that to be associated to the pool.
2.8.2. Edit an Host Pool¶
curl
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool": 1, "pool_name": "themaina", "pool_members": "192.168.3.0/24@0", "recipients":"0"}' http://localhost:3000/lua/rest/v2/edit/host/pool.lua
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool": 2, "pool_name": "themainamac", "pool_members": "AA:BB:CC:DD:EE:AA", "recipients":"0"}' http://localhost:3000/lua/rest/v2/edit/host/pool.lua
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool": 3, "pool_name": "themainaip", "pool_members": "1.1.1.1/32@2", "recipients":"0"}' http://localhost:3000/lua/rest/v2/edit/host/pool.lua
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool": 4, "pool_name": "themainaempty", "pool_members": "", "recipients":"0"}' http://localhost:3000/lua/rest/v2/edit/host/pool.lua
2.8.3. Delete an Host Pool¶
curl
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool": 1}' http://localhost:3000/lua/rest/v2/delete/host/pool.lua
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool": 2}' http://localhost:3000/lua/rest/v2/delete/host/pool.lua
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool": 3}' http://localhost:3000/lua/rest/v2/delete/host/pool.lua
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool": 4}' http://localhost:3000/lua/rest/v2/delete/host/pool.lua
2.8.4. Get an Host Pool¶
curl
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool": 1}' http://localhost:3000/lua/rest/v2/get/host/pools.lua
curl -s -u admin:admin -H "Content-Type: application/json" -d '{}' http://localhost:3000/lua/rest/v2/get/host/pools.lua
2.8.5. Get Members of an Host Pool¶
curl
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"pool": 2}' http://localhost:3000/lua/rest/v2/get/host/pool/members.lua
2.8.6. Get All Pools of Any type¶
curl -s -u admin:admin -H "Content-Type: application/json" curl http://devel:3000/lua/rest/v2/get/pools.lua
2.9. SNMP¶
2.9.1. Add an SNMP Device¶
curl
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"snmp_host":"ubnt", "snmp_read_community":"public", "snmp_version": "1"}' http://localhost:3000/lua/pro/rest/v2/add/snmp/device.lua
Response:
{
"rc": 0,
"rc_str": "OK",
"rsp": {
"added_devices": [
{"ip": "192.168.2.1", "name": "ubnt"}
]
}
}
curl
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"snmp_host":"192.168.2.169", "snmp_read_community":"public", "snmp_version": "1", "cidr":"32"}' http://localhost:3000/lua/pro/rest/v2/add/snmp/device.lua
Response:
{
"rc": 0,
"rc_str": "OK",
"rsp": {
"added_devices": [
{"ip": "192.168.2.169"}
]
}
}
curl
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"snmp_host":"192.168.2.0", "snmp_read_community":"public", "snmp_version": "1", "cidr":"24"}' http://localhost:3000/lua/pro/rest/v2/add/snmp/device.lua
Response:
{
"rc": 0,
"rc_str": "OK",
"rsp": {
"added_devices": [
{"ip": "192.168.2.169"},
{"ip": "192.168.2.1"}
]
}
}
2.9.2. Change the Status of an SNMP Device Interface¶
curl
curl -s -u admin:admin -H "Content-Type: application/json" -u admin:admin -d '{"host": "192.168.2.169", "snmp_admin_status": "up", "snmp_port_idx": 26}' http://127.0.0.1:3000/lua/pro/rest/v2/change/snmp/device/interface/status.lua
Response:
{"rc":0,
"rc_str_hr":"Success",
"rsp":[],
"rc_str":"OK"
}
curl
curl -s -u admin:admin -H "Content-Type: application/json" -u admin:admin -d '{"host": "192.168.2.169", "snmp_admin_status": "down", "snmp_port_idx": 26}' http://127.0.0.1:3000/lua/pro/rest/v2/change/snmp/device/interface/status.lua
Response:
{
"rc":0,
"rc_str_hr":"Success",
"rsp":[],
"rc_str":"OK"
}
2.10. Misc¶
2.10.1. Create a Session Cookie¶
curl
curl -s -u admin:admin -H "Content-Type: application/json" -d '{"username": "admin"}' "http://192.168.1.1:3000/lua/rest/v2/create/ntopng/session.lua"
Response:
{
"rc":0,
"rc_str":"OK",
"rc_str_hr":"Success",
"rsp":{
"session":"3ff5cf2aba7168e9ef955c20291a9ad4"
}
}
Using the session:
curl --cookie "user=admin; session=3ff5cf2aba7168e9ef955c20291a9ad4" "http://192.168.1.1:3000/lua/rest/get/interface/data.lua?ifid=1"