The ExtraHop GitHub repository contains an example Python script that creates device
groups by reading criteria from a CSV file that meets the following
specifications:
-
Go to the ExtraHop code-examples GitHub repository and
download the create_device_groups/create_device_groups.py
file to your local machine.
-
In the directory you copied the create_device_groups.py
to, create a CSV file that meets the following specifications:
- The CSV file must not contain a header row.
- Each row of the CSV file must contain the following three columns in the
specified order:
Device group name |
Description |
IP address or CIDR block |
- Each column after the first required three columns must specify an IP
address or CIDR block for the device group.
Note: | You cannot specify more than 1000 IP addresses or CIDR blocks for a
device group. |
Note: | For an example of a compatible CSV file, see the
create_device_groups/device_group_list.csv file in the ExtraHop
code-examples GitHub repository. |
-
In a text editor, open the create_device_groups.py file
and replace the configuration variables with information from your
environment.
- For sensors and ECA VMs, specify the following configuration
variables:
HOST:
The IP address or hostname of the sensor or ECA VM.
API_KEY:
The API key.
CSV_FILE:
The file that contains the list of device groups.
- For Reveal(x) 360, specify the following configuration variables:
HOST:
The hostname of the Reveal(x) 360 API. This hostname is
displayed in the Reveal(x) 360 API Access page under API
Endpoint. The hostname does not include the
/oauth/token.
ID:
The ID of the Reveal(x) 360 REST API credentials.
SECRET:
The secret of the Reveal(x) 360 REST API credentials.
CSV_FILE:
The file that contains the list of device groups.
-
Run the following command:
python create_device_groups.py
Note: | If the script returns an error message that the SSL
certificate verification failed, make sure that a trusted certificate has
been added to your sensor or console. Alternatively, you can add the
verify=False option to bypass certificate verification. However, this
method is not secure and not recommended. The following code sends an HTTP GET request
without certificate
verification:requests.get(url, headers=headers, verify=False) |
Thank you for your feedback. Can we contact you to ask follow up questions?