Extract the device list through the REST API

You can extract the list of devices being monitored by an ExtraHop appliance through the ExtraHop REST API. If you extract the list through the REST API with a script, you can export the list in a format that can be read by third-party CMDB applications. In this topic, we will demonstrate methods for both the REST API and the REST API Explorer.

Before you begin

  • You must log into the ExtraHop appliance with an account that has full system privileges to generate an API key.
  • You need a valid API key to make changes through the REST API and complete the procedures below. (See Generate an API key.)
  • Familiarize yourself with the ExtraHop REST API Guide to learn how to navigate the ExtraHop REST API Explorer.

Extract the device list through the REST API Explorer

  1. In a browser, navigate to the ExtraHop API Explorer.
    The URL is the hostname or IP address of your ExtraHop Discover or Command appliance, followed by /api/v1/explore/. For example, if your hostname is seattle-eda, the URL is https://seattle-eda/api/v1/explore/.
  2. Paste or type your API Key into the api_key field at the top of the page.
  3. Click Device and then click GET/devices.
  4. In the limit field, set the maximum number of devices you want to include in your list.
  5. Click Try it out!.
    The Response Body displays the device list in JSON format.

Python script example

The following example Python script extracts the device list from an ExtraHop appliance and writes the list to a csv file that can be read by Microsoft Excel. The script includes the following configuration variables:

HOST: The IP address or hostname of the Discover appliance

APIKEY: The API key

FILENAME: The file that output will be written to

MAXDEVICES: The maximum number of devices to extract

SAVEL2: Determines whether L2 devices are included

import httplib
import json
import httplib
import json
import re
import csv
import datetime
import ssl

HOST = 'example.extrahop.com'
APIKEY = "f6876657888a7c1f24ac77827"
FILENAME = "devices.csv"
MAXDEVICES = 250
SAVEL2 = False

headers = {}
headers['Accept'] = 'application/json'
headers['Authorization'] = 'ExtraHop apikey='+APIKEY

conn = httplib.HTTPSConnection(HOST)
conn.request('GET', '/api/v1/devices?limit=%d&offset=%d&search_type=any'%(MAXDEVICES,0), headers=headers)
resp = conn.getresponse()
if resp.status == 200:
    dTable = json.loads(resp.read())
    conn.close()
else:
    print "Error retrieving Device list"
    print resp.status, resp.reason
    resp.read()
    dTable = None
    conn.close()

if (dTable != None):
    print " - Saving %d devices in CSV file" % len(dTable)
    with open(FILENAME, 'w') as csvfile:
        csvwriter = csv.writer(csvfile,dialect='excel')
        csvwriter.writerow(dTable[0].keys())
        w = 0
        s = 0
        for d in dTable:
            if d['is_l3'] | SAVEL2:
                w += 1
                d['mod_time'] = datetime.datetime.fromtimestamp(d['mod_time']/1000.0)
                d['user_mod_time'] = datetime.datetime.fromtimestamp(d['user_mod_time']/1000.0)
                d['discover_time'] = datetime.datetime.fromtimestamp(d['discover_time']/1000.0)
                csvwriter.writerow(d.values())
            else:
                s += 1
        print " - Wrote %d devices, skipped %d devices " % (w,s)
Published 2018-02-19 17:31