Octomation系统功能对接接口 - flagify-com/OctoMation GitHub Wiki

1.文档说明

1.1接口使用对象

本文档仅适用于使用Octomation 1.1.0及以上版本的用户。本文档记录将会根据项目需求,保持一定的迭代更新。如有修改请另行拷贝该文档并声明文档的修改版本号,例如:update 1.0.0。 本文档的API用于与Octomation的系统间对接,与用户权限无关。

1.2接口URL说明

默认请求示例中的请求地址为编者自己的服务地址:https://192.168.2.186,客户拷贝时需要修改为自己的服务地址

1.3接口认证字段

默认所有的请求都要先经过认证的,认证方式为:header请求头里面添加一个token字段(该字段需要从系统中:系统配置-->认证授权-->Token管理)。该字段是jwt类型的认证信息 token无需设定角色。

curl --location --request GET 'https://192.168.2.186/接口URI' \
--header 'token: xxx'

2.接口说明

2.1公共响应体格式

名称 类型 是否必须 描述 示例
data json 返回结果数据 {"eventName":"openAPItest",...}
code 数字(integer) 返回码 200
message 字符串(String) 返回信息 ok

2.2返回码

返回码 描述
200 服务器操作成功或者成功返回用户请求的数据
201 用户新建或修改数据成功
202 表示一个请求已经被服务器接收,进入后台排队(异步任务)
204 用户删除数据成功
400 用户发出的请求有错误
401 表示用户没有权限(令牌、用户名、密码错误)
404 表示用户得到授权,但是访问是被禁止的
406 用户发出的请求针对的是不存在的记录,服务器没有进行操作
412 用户请求的资源被永久删除,且不会再得到的
413 用户请求超时
500 服务器发生错误,用户将无法判断发出的请求是否成功

3.接口列表

3.1事件API接入

请求类型

POST

path

/odp/api/pre/event

请求参数
参数名称 参数类型 是否必须 描述 示例
preApiName 字符串(String) 事件接入名称 在Octomation中“事件接入”中创建的API方式的接入名称
log 字符串(String) body 传入的日志
请求示例
curl --location --request POST 'https://192.168.2.123/odp/api/pre/event'  -k -i \
--header 'Content-Type: application/json' \
--header 'token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJhZG1pbiIsInN1YiI6Ik9wZW5BUEkgb2Ygd3V6aGktYWkuY29tIiwiYXBwSWQiOjE4MDY0NDI3NzE4MjgxODYsImlzcyI6Ind1emhpLWFpLmNvbSIsImlhdCI6MTU3OTQyNzM1MH0.gnUsUyrklREAK0-C51zT4B2XjkQzX1X4tXDT56bumE0' \
-d '{
    "preApiName":"test_token",
    "log":"hhhhhhhhhhhhhhhhhh"
}'
import json
 
import requests
 
 
if __name__ == '__main__':
    token="eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJ3dXBpYW95dSIsInN1YiI6Ik9wZW5BUEkgb2Ygd3V6aGktYWkuY29tIiwiYXBwSWQiOjM5NTI0Njc4NzU3NzA5MjUsImlzcyI6Ind1emhpLWFpLmNvbSIsImV4cCI6MTYxMjE4MDYwNSwiaWF0IjoxNjEyMTc3MDA1fQ.vQzi75dMjZvXUN9IaQXC-1PYtis2tE9GcMyV88RMN-w"
    pre="api_test2"
    header={
        "token":token,
        "Content-Type": "application/json"
    }
    log ={"severity":"10","extensions.act":"blocked a |","extensions.src":"10.0.0.1","deviceProduct":"threatmanager","deviceVersion":"1.0","extensions.dst":"1.1.1.1"}
    data={
            "preApiName":pre,
            "log":json.dumps(log)
    }
    res = requests.post("https://192.168.2.241/odp/api/pre/event",data=json.dumps(data),headers=header,verify=False)
    print(res)
响应参数
参数名称 参数类型 是否必须 描述 示例
data json 返回结果数据 {"eventName":"openAPItest",...}
code 数字(integer) 返回码 200
message 字符串(String) 返回信息 ok
响应示例
{
    "message": "internal server error",
    "code": 500
}

3.2通过activityid查询执行结果

请求类型

GET

path

/odp/api/activity/{activityId}

请求参数
参数名称 参数类型 是否必须 描述 示例
activityId 字符串(String) 需要查询的activity的id 5ac2e07d-d823-4b79-bbce-e422796a6c05
请求示例


curl --location --request GET 'https://192.168.2.123/odp/api/activity/5ac2e07d-d823-4b79-bbce-e422796a6c05' \
--header 'token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJsaWxhbmciLCJzdWIiOiJPcGVuQVBJIG9mIHd1emhpLWFpLmNvbSIsImFwcElkIjoxODEwNTQ0OTA2MzQ4NDAwLCJpc3MiOiJ3dXpoaS1haS5jb20iLCJleHAiOjE1ODA1MjY3NDMsImlhdCI6MTU3OTQ4OTk0M30.IiZNaYvNJZAcckIyYFGnv5tKY61hMgT-eTjQYIQhG5g'
特别说明
大执行结果存文件(系统设置大于1MB)即nodeResults.*.assetResultModels.*.fileData=true时需要调用获取nodeResults.*.assetResultModels.*.detailModels.*.jsonData,或者将系统配置的mgmt_large_result_read 设置为true,将会达到原来一样的效果
响应参数
参数名称 参数类型 是否必须 描述 示例
data json 返回结果数据 如下:
code 数字(integer) 返回码 200
message 字符串(String) 返回信息 ok
data格式
{
	"activity": {
		"eventId": 1698376479860517,
		"msg": "success",
		"finishTime": "2020-02-14T08:52:41.000+0000",
		"code": 200,
		"displayName": "testfornmapttl",
		"excutorActionParams": {},
		"messageId": "",
		"updateTime": "2020-02-14 16:52:40",
		"excutorInstanceId": 1941619047639165,
		"excuteStatus": "SUCCESS",
		"createTime": "2020-02-14 16:52:40",
		"startTime": "2020-02-14 16:52:40",
		"execModel": null
	},
	"nodeResults": [{
		"nodeResultModel": {
			"nodeName": "node_fdfb2c94eb5a15157aedc970959",
			"msg": "",
			"finishTime": "2020-02-14T08:52:41.000+0000",
			"accasion": null,
			"code": 200,
			"displayName": "testforttl",
			"pname": "",
			"mnodeResultId": 0,
			"updateTime": "2020-02-14 16:52:40",
			"nodeType": "ACTION",
			"excuteStatus": "SUCCESS",
			"loopType": "NO",
			"playbookName": "playbook_d8855cd34fe4326f3ff35d9c58385a1b",
			"pnodeResultId": 0,
			"createTime": null,
			"levelType": "ROOT",
			"playbookId": 1941619047639165,
			"actionId": 1229571217827163,
			"startTime": "2020-02-14T08:52:40.000+0000",
			"nodeId": 1941619047966645,
			"actionName": "nmap.excuteNMAP"
		},
		"assetResultModels": [{
			"msg": "",

			"fileData": true,
			"detailModels": [{
				"nodeName": "node_fdfb2c94eb5a15157aedc970959",
				"finishTime": "2020-02-14T08:52:41.000+0000",
				"assetResultId": 1953440675476066,
				"updateTime": "2020-02-14 16:52:40",
				"nodeDisplay": null,
				"extend": null,
				"playbookName": "playbook_d8855cd34fe4326f3ff35d9c58385a1b",
				"jsonData": {
					"msg": "",
					"summary": {},
					"code": 200,
					"data": {},
					"param": {}
				},
				"createTime": null,
				"assetId": 1940593918650001,
				"playbookId": 1941619047639165,
				"actionId": 1229571217827163,
				"assetName": "nmaptest",
				"startTime": "2020-02-14T08:52:40.000+0000",
				"nodeId": 1941619047966645,
				"nodeResultId": 1953440675412969,
				"actionName": "excuteNMAP"
			}],
			"code": 200,
			"createTime": null,
			"assetId": 1940593918650001,
			"displayName": "nmaptestforttl",
			"detailSize": 1,

			"assetName": "nmaptest",
			"updateTime": "2020-02-14 16:52:40",
			"prettyResult": "",
			"nodeResultId": 1953440675412969
		}]
	}]
}
响应示例
{
    "code": 200,
    "message": "ok",
    "data": {
        "activity": {
            "excutorInstanceId": 1941619047639165,
            "excutorActionParams": {},
            "eventId": 1698376479860517,
            "displayName": "testfornmapttl",
            "messageId": "",
            "execModel": null,
            "excuteStatus": "SUCCESS",
            "createTime": "2020-02-14 16:52:40",
            "updateTime": "2020-02-14 16:52:40",
            "startTime": "2020-02-14 16:52:40",
            "finishTime": "2020-02-14T08:52:41.000+0000",
            "code": 200,
            "msg": "success"
        },
        "nodeResults": [{
            "nodeResultModel": {
                "nodeId": 1941619047966645,
                "nodeName": "node_fdfb2c94eb5a15157aedc970959",
                "pnodeResultId": 0,
                "mnodeResultId": 0,
                "pname": "",
                "accasion": null,
                "displayName": "testforttl",
                "nodeType": "ACTION",
                "loopType": "NO",
                "levelType": "ROOT",
                "playbookId": 1941619047639165,
                "playbookName": "playbook_d8855cd34fe4326f3ff35d9c58385a1b",
                "actionId": 1229571217827163,
                "actionName": "nmap.excuteNMAP",
                "excuteStatus": "SUCCESS",
                "createTime": null,
                "updateTime": "2020-02-14 16:52:40",
                "startTime": "2020-02-14T08:52:40.000+0000",
                "finishTime": "2020-02-14T08:52:41.000+0000",
                "code": 200,
                "msg": ""
            },
            "assetResultModels": [{
                "assetId": 1940593918650001,
                "assetName": "nmaptest",
                "nodeResultId": 1953440675412969,
                "displayName": "nmaptestforttl",
                "detailSize": 1,
                "prettyResult": "<div ant-table-default ant-table-bordered class=\"ant-table ant-table-default ant-table-bordered\">    <div>        <p>开始时间: <span>Fri Feb 14 16:52:40 2020</span></p>        <p>执行参数: <span>/usr/bin/nmap --datadir /usr/share/nmap -T3 -p20 -oX - 192.168.2.123</span></p>        <p>耗时: <span>0.35</span>秒</p>        <p>协议: <span>tcp</span></p>        <p>服务数量:<span>1</span></p>    </div>    <div class=\"ant-table-content\">        <div class=\"ant-table-body\" >            <table>                <thead class=\"ant-table-thead\">                <tr >                    <th>\t\t\t\t\t\t<span class=\"ant-table-header-column\">\t\t\t\t\t\t<div><span class=\"ant-table-column-title\">地址</span><span class=\"ant-table-column-sorter\"></span></div>\t\t\t\t\t\t</span>                    </th>                    <th>\t\t\t\t\t\t<span class=\"ant-table-header-column\">\t\t\t\t\t\t<div><span class=\"ant-table-column-title\">主机名</span><span class=\"ant-table-column-sorter\"></span></div>\t\t\t\t\t\t</span>                    </th>                </tr>                </thead>                <tbody class=\"ant-table-tbody\">                <tr class=\"ant-table-row\"  >                    <td>                        <table>                            <tbody class=\"ant-table-tbody\">                            <tr>                                <p> <span>ipv4</span>: <span>192.168.2.123</span></p>                            </tr>                            <tr>                                <p> <span>mac</span>: <span>30:B4:9E:FA:60:63</span></p>                            </tr>                            </tbody>                            </table>                    </td>                    <td>                        <table>                            <tbody class=\"ant-table-tbody\">                            <tr>                                <p> </p>                            </tr>                            </tbody>                        </table>                    </td>                </tr>                </tbody>            </table>        </div>        <div class=\"ant-table-body\">            <table>                <thead class=\"ant-table-thead\">                <tr>                    <th>                                    <span class=\"ant-table-header-column\">                                    <div><span class=\"ant-table-column-title\">端口</span><span                                            class=\"ant-table-column-sorter\"></span></div>                                    </span>                    </th>                    <th>                                    <span class=\"ant-table-header-column\">                                        <div><span class=\"ant-table-column-title\">协议</span><span                                                class=\"ant-table-column-sorter\"></span></div>                                    </span>                    </th>                    <th>                                    <span class=\"ant-table-header-column\">                                        <div><span class=\"ant-table-column-title\">服务</span><span                                                class=\"ant-table-column-sorter\"></span></div>                                    </span>                    </th>                    <th>                                    <span class=\"ant-table-header-column\">                                        <div><span class=\"ant-table-column-title\">状态</span><span                                                class=\"ant-table-column-sorter\"></span></div>                                    </span>                    </th>                </tr>                </thead>                <tbody class=\"ant-table-tbody\">                <tr class=\"ant-table-row\">                <td >                        <p> <span>20</span></p>                    </td>                    <td >                        <p> <span>tcp</span></p>                    </td>                    <td >                        <p><span>ftp-data</span></p>                    </td>                    <td>                        <p><span>filtered</span></p>                    </td>                </tr>                </tbody>            </table>        </div>    </div></div>",
                "detailModels": [{
                    "assetResultId": 1953440675476066,
                    "nodeResultId": 1953440675412969,
                    "nodeId": 1941619047966645,
                    "nodeName": "node_fdfb2c94eb5a15157aedc970959",
                    "nodeDisplay": null,
                    "extend": null,
                    "playbookId": 1941619047639165,
                    "playbookName": "playbook_d8855cd34fe4326f3ff35d9c58385a1b",
                    "actionId": 1229571217827163,
                    "actionName": "excuteNMAP",
                    "assetId": 1940593918650001,
                    "assetName": "nmaptest",
                    "jsonData": {
                        "param": {
                            "includeHosts": "192.168.2.123",
                            "params": "-p20"
                        },
                        "data": {
                            "args": "/usr/bin/nmap --datadir /usr/share/nmap -T3 -p20 -oX - 192.168.2.123",
                            "startstr": "Fri Feb 14 16:52:40 2020",
                            "xmloutputversion": "1.04",
                            "hosts": [{
                                "addresses": [{
                                        "addrtype": "ipv4",
                                        "addr": "192.168.2.123"
                                    },
                                    {
                                        "addrtype": "mac",
                                        "addr": "30:B4:9E:FA:60:63"
                                    }
                                ],
                                "times": {
                                    "rttvar": 5000,
                                    "srtt": 2573,
                                    "to": 100000
                                },
                                "hostnames": {},
                                "startTime": 1581670360,
                                "endTime": 1581670360,
                                "ports": {
                                    "ports": [{
                                        "protocol": "tcp",
                                        "service": {
                                            "method": "table",
                                            "name": "ftp-data",
                                            "conf": "3"
                                        },
                                        "state": {
                                            "reason": "no-response",
                                            "reason_ttl": 0,
                                            "state": "filtered"
                                        },
                                        "portId": 20
                                    }]
                                },
                                "status": {
                                    "reason": "arp-response",
                                    "state": "up"
                                }
                            }],
                            "scanner": "nmap",
                            "start": "1581670360",
                            "debugging": {
                                "level": 0
                            },
                            "scanInfo": {
                                "protocol": "tcp",
                                "numservices": 1,
                                "services": "20",
                                "type": "syn"
                            },
                            "version": "6.40",
                            "runStats": {
                                "hosts": {
                                    "total": 1,
                                    "up": 1,
                                    "down": 0
                                },
                                "finished": {
                                    "elapsed": "0.35",
                                    "time": "1581670360",
                                    "timestr": "Fri Feb 14 16:52:40 2020"
                                }
                            },
                            "verbose": {
                                "level": 0
                            }
                        },
                        "summary": {
                            "statusCode": 200
                        },
                        "code": 200,
                        "msg": ""
                    },
                    "createTime": null,
                    "updateTime": "2020-02-14 16:52:40",
                    "startTime": "2020-02-14T08:52:40.000+0000",
                    "finishTime": "2020-02-14T08:52:41.000+0000"
                }],
                "createTime": null,
                "updateTime": "2020-02-14 16:52:40",
                "code": 200,
                "msg": ""
            }]
        }]
    }
}

3.3向事件中添加成员

请求类型

POST

path

/odp/api/assignee

请求参数
参数名称 参数类型 是否必须 描述 示例
eventId 字符串(string) 成员被添加到的事件的ID 4557713135100055
assigneeId 数组(set) 添加的成员的ID 4528597808391388
请求示例
curl --location --request POST 'https://192.168.2.241/odp/api/assignee' \
--header 'token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJsaXRhb3RhbyIsInN1YiI6Ik9wZW5BUEkgb2Ygd3V6aGktYWkuY29tIiwiYXBwSWQiOjQ1NTc4ODAyNzYwODM4NjEsImlzcyI6Ind1emhpLWFpLmNvbSIsImlhdCI6MTYyMTQxMDk1NH0.PRu7CdNYIzOystJ3TzGHiRbvGoJAt1jD2D9iBqOQXhc' \ --header 'Content-Type: application/json' \ --data-raw '{ "eventId":"4557713135100055", "assigneeId":[4528597808391388] }'

响应参数
参数名称 参数类型 是否必须 描述 示例
code 数字(Integer) 返回码 200
messge 字符串(String) 返回信息 ok
响应示例
{
"code": 200,
"message": "ok"
 }

3.4设置当前系统风险等级

请求类型

POST

path

/odp/api/riskLevel

请求参数
参数名称 参数类型 是否必须 描述 示例
orderNo 整数(Integer) 风险等级 1
请求示例
curl --location --request POST 'https://192.168.2.241/odp/api/riskLevel' \
--header 'token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJsaXRhb3RhbyIsInN1YiI6Ik9wZW5BUEkgb2Ygd3V6aGktYWkuY29tIiwiYXBwSWQiOjQ1NTc4ODAyNzYwODM4NjEsImlzcyI6Ind1emhpLWFpLmNvbSIsImlhdCI6MTYyMTQxMDk1NH0.PRu7CdNYIzOystJ3TzGHiRbvGoJAt1jD2D9iBqOQXhc' \
--header 'Content-Type: application/json' \
--data-raw '{
    "orderNo":"1"
}'

响应参数
参数名称 参数类型 是否必须 描述 示例
code 数字(Integer) 返回码 200
messge 字符串(String) 返回信息 ok
响应示例
{
    "code": 200,
    "message": "ok"
}

3.5更新当前事件状态

POST

path

/odp/api/event/status

请求参数
参数名称 参数类型 是否必须 描述 示例
id 字符串(String) 要修改状态的事件id 4567963091579944
eventStatus 字符串(String) 事件状态 RESOLVED
请求示例
curl --location --request POST 'https://192.168.2.241/odp/api/event/status' \
--header 'token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJsaXRhb3RhbyIsInN1YiI6Ik9wZW5BUEkgb2Ygd3V6aGktYWkuY29tIiwiYXBwSWQiOjQ1NTc4ODAyNzYwODM4NjEsImlzcyI6Ind1emhpLWFpLmNvbSIsImlhdCI6MTYyMTQxMDk1NH0.PRu7CdNYIzOystJ3TzGHiRbvGoJAt1jD2D9iBqOQXhc' \
--header 'Content-Type: application/json' \
--data-raw '{
    "id":"4567963091579944",
    "eventStatus":"RESOLVED"
}'
响应参数
参数名称 参数类型 是否必须 描述 示例
code 数字(Integer) 返回码 200
messge 字符串(String) 返回信息 ok
响应示例
{
    "code": 200,
    "message": "ok"
}

3.6在作战室给指定用户发送消息

请求类型

POST

Path

/odp/api/message/push

请求参数
参数名称 参数类型 是否必须 描述 示例
toUserIds 数组(List) 发送签到消息的用户Id [4556425986377948]
eventId 字符串(String) 事件Id 4567963091579944
messageCategory 字符串(String) 发送的消息类别 COMMON_MESSAGE(普通消息)
content 字符串(String) 发送的消息内容 摩西摩西!
请求示例
curl --location --request POST 'https://192.168.2.241/odp/api/message/push' \
--header 'token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJsaXRhb3RhbyIsInN1YiI6Ik9wZW5BUEkgb2Ygd3V6aGktYWkuY29tIiwiYXBwSWQiOjQ1NTc4ODAyNzYwODM4NjEsImlzcyI6Ind1emhpLWFpLmNvbSIsImlhdCI6MTYyMTQxMDk1NH0.PRu7CdNYIzOystJ3TzGHiRbvGoJAt1jD2D9iBqOQXhc' \
--header 'Content-Type: application/json' \
--data-raw '{
     
    "toUserIds":[4556425986377948],
    "eventId":"4567963091579944",
    "messageCategory":"COMMON_MESSAGE",
    "content":"摩西摩西!"
}'
响应参数
参数名称 参数类型 是否必须 描述 示例
code 数字(Integer) 返回码 200
messge 字符串(String) 返回信息 ok
响应示例
{
    "code": 200,
    "message": "ok"
}

3.7获取当前风险等级

请求类型

GET

Path

/odp/api/riskLevel/current

请求参数
请求示例
curl --location --request GET 'https://test201.wuzhi-ai.com/odp/api/riskLevel/current' \
--header 'token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJhbW9zIiwic3ViIjoiT3BlbkFQSSBvZiB3dXpoaS1haS5jb20iLCJhcHBJZCI6NjU3MzIzMTA5OTQzNTg4OCwiaXNzIjoid3V6aGktYWkuY29tIiwiZXhwIjoxNjUyMjQ5MTY3LCJpYXQiOjE2NTIxNjI3Njd9.7xHD1285DpNkmDUInFLSp8MUd7FrmBfLUeeiTs6V8Ew' \
--data-raw ''
响应参数
参数名称 参数类型 是否必须 描述 示例
code 数字(Integer) 返回码 200
messge 字符串(String) 返回信息 ok
响应示例
{
    "message": "ok",
    "data": [
        {
            "createdNickName": null,
            "orderNo": 1,
            "color": "{\"r\":43,\"g\":175,\"b\":79,\"a\":1}",
            "activeRisk": true,
            "active": true,
            "updateTime": 1652167572000,
            "bussId": 3402409291142484,
            "deleted": false,
            "createTime": 1614052344000,
            "createdBy": "admin",
            "name": "正常",
            "modifiedBy": "chengfengwen",
            "modifiedNickName": null,
            "status": "ON"
        }
    ],
    "code": 200
}
⚠️ **GitHub.com Fallback** ⚠️