search cancel

Listing A2A clients in request groups using Rest API

book

Article ID: 257342

calendar_today

Updated On:

Products

CA Privileged Access Manager (PAM)

Issue/Introduction

Is there an option to get a consolidated report for all machines (A2A clients) in a request group, for all request groups.

Environment

Release : 4.1

Resolution

This is a 2-step process using Rest API calls that are not published in the Settings > Api DOC page as of January 2023, but were tested successfully with PAM 4.0.2 and 4.1.1:

 

1) Get a list of all request groups using URL 

https://<pamserver>/cspm/ext/rest/requestGroups

Sample output:

{"data":[{"id":1,"name":"Requestors","description":"All requestor data.","type":"requestor","dynamic":true,"readOnly":true,"targetServers":[],"targetApplications":[],"targetAccounts":[],"groupClients":[],"groupScripts":[],"dynamicServerFilters":{},"dynamicApplicationFilters":{},"dynamicAccountFilters":{},"dynamicClientFilters":{},"dynamicScriptFilters":{},"secretType":false},{"id":2001,"name":"Server Control Distribution Servers","description":"Server Control Distribution Servers Request Group","type":"requestor","dynamic":true,"readOnly":true,"targetServers":[],"targetApplications":[],"targetAccounts":[],"groupClients":[],"groupScripts":[],"dynamicServerFilters":{},"dynamicApplicationFilters":{},"dynamicAccountFilters":{},"dynamicClientFilters":{},"dynamicScriptFilters":{},"secretType":false},{"id":16001,"name":"411requestgrouptest","description":null,"type":"requestor","dynamic":true,"readOnly":false,"targetServers":[],"targetApplications":[],"targetAccounts":[],"groupClients":[],"groupScripts":[],"dynamicServerFilters":{},"dynamicApplicationFilters":{},"dynamicAccountFilters":{},"dynamicClientFilters":{},"dynamicScriptFilters":{},"secretType":false}],"success":true,"total":3,"message":null}

 

2) For each request group ID returned, get the list of A2A clients in the group using URL

https://<pamserver>/cspm/ext/rest/requestGroups/showGroup/a2aClients/{id}

Sample output (truncated):

{"data":[{"createDate":1670888930000,"updateDate":1672335909000,"createUser":"client","updateUser":"super","hash":"hV2b8AwGWa8OltAxB7CXlpTBVYY=","hostName":"10.11.12.13","deviceName":"RP-GCVE-RHEL7","deviceId":29001,"type":"CLIENT","port":"28888","oldKey":null,"currentKey":"{1001}eabebd66e229780765....

 

Additional Information

To demonstrated one use of these Rest API resources, a UNIX shell script is attached that retrieves the list of request groups and then gets the list of A2A clients in each group. The attached python script is used to convert output from JSON to CSV. Note that .txt extensions were added to the files to reduce the risk of getting the downloads blocked. These scripts were tested with small sets of request groups and clients in the groups. They may not be adequate for large data sets and are meant for reference only.

Attachments

1674068338316__json2csv.py.txt get_app
1674068311978__curl_get_clients_per_req_group_py.sh.txt get_app