Create custom devices through the REST API
You can create custom devices through the REST API that track network traffic across multiple IP addresses and ports. For example, you might want to add a custom device for each branch office. If you create the devices through a script, you can read the list of devices from a CSV file. In this topic, we will demonstrate methods for both the REST API and the ExtraHop REST API Explorer.
Before you begin
- You must log in to the ExtraHop system with an account that has unlimited privileges to generate an API key.
- You must have a valid API key to make changes through the REST API and complete the procedures below. (See Generate an API key.)
- Familiarize yourself with the ExtraHop REST API Guide to learn how to navigate the ExtraHop REST API Explorer.
Create a custom device
You can create a custom device and associate the custom device with a list of IP addresses or CIDR blocks through the POST /customdevices operation.
Python script example
This example python script creates custom devices by reading criteria from a CSV file. Each row of the CSV file must contain the following columns in the specified order:
| Name | ID | Description | IP address or CIDR block |
| Note: | The script does not accept a header row in the CSV file. There is no limit to the number of columns in the table; each column after the first four specifies an additional IP address for the device. The first four columns are required for each row. |
For example, the following CSV list contains criteria for offices in France, Holland, and California:
France,francehq,The location of our office in France,192.168.0.103,192.168.0.105,192.168.0.101 Holland,hollandhq,The location of our office in Holland,192.168.0.102 California,californiahq,The location of our office in California,192.168.0.104,192.168.0.103
The script includes the following configuration variables that you must replace with information from your environment:
HOST: The IP address or hostname of the ExtraHop system
APIKEY: The API key
CSV_FILE: The path of the CSV file relative to the location of the script file
#!/usr/bin/python3
import json
import http.client
import csv
import os.path
HOST = 'extrahop.example.com'
APIKEY = '123456789abcdefghijklmnop'
CSV_FILE = 'device_list.csv'
headers = {'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'ExtraHop apikey=%s' % APIKEY}
def readCSV():
devices = []
with open(CSV_FILE, 'rt', encoding='ascii') as f:
reader = csv.reader(f)
for row in reader:
device = {}
ips = []
device['name'] = row.pop(0)
device['extrahop_id'] = row.pop(0)
device['description'] = row.pop(0)
for ip in row:
ips.append({"ipaddr": ip})
device['criteria'] = ips
devices.append(device)
return devices
def createDevice(device):
conn = http.client.HTTPSConnection(HOST)
conn.request('POST', '/api/v1/customdevices', body=json.dumps(device), headers=headers)
resp = conn.getresponse()
if resp.status != 201:
print ("Could not create device: " + device['name'])
print (" " + json.loads(resp.read())['error_message'])
else:
print ("Created custom device: " + device['name'])
device_id = os.path.basename(resp.getheader('location'))
devices = readCSV()
for device in devices:
createDevice(device)
| Note: | If the script returns an error message that the SSL
certificate verification failed, make sure that a trusted certificate has
been added to your ExtraHop system. Alternatively, you can add the context
option and send the request over TLSv1.2 to bypass certificate verification. However,
this method is not secure and is not recommended. The following code creates an HTTP
connection over
TLSv1.2:conn = httplib.HTTPSConnection(HOST, context=ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)) |
Thank you for your feedback. Can we contact you to ask follow up questions?