Prerequisites

When using the API, the following will be used on all requests:

  • authToken - The authentication token from Plixer Scrutinizer that allows access to API

  • rm - The runmode for accessing the API. It is specific to each section of the product. ipgroups will be used for each of the following examples

  • action - The list of available actions will change with each request. Below are the actions available within the user_api run mode:

Action

Description

saveRule

Create a defined IP Group

update

Redefine or modify an existing IP Group

loadTreeRootFast

Load condensed list all IP Group names and IDs

search

Search for an IP Group by name

loadRules

View all rule definitions for an IP Group

deleteRule

Remove a rule from an IP Group

delete

Delete an IP Group

deleteAll

Delete all defined IP Groups from Plixer Scrutinizer

Rules

IP host

One or multiple IPs can be used to define a rule.

[
 {
  "type": "ip",
  "sip": "10.1.1.1"
  }
]
[
 {
  "type": "ip",
  "sip": "192.168.1.1"
 },
 {
  "type": "ip",
  "sip": "192.168.2.2"
 }
]

IP range

Uses a range of IPs instead of multiple IP rules.

[
 {
  "type": "range",
  "sip": "10.1.1.1",
  "eip": "10.1.1.254"
 }
]

Note

The ‘range’ IP rule type requires a start IP (sip) and end IP (eip) to define the start and end of the range.

IP subnet

Uses a subnet and mask instead of multiple IP rules or ranges.

[
 {
  "type": "network",
  "address": "192.168.0.0",
  "mask": "16"
 }
]

Note

A subnet rule uses the ‘network’ type. A subnet mask is required.

All IPs

Specifies all IPs to be used in an IP Group definition.

[
 {
  "type": "ipall",
  "all": 1
 }
]

Wildcard

Specifies a rule based on mask of bits that indicates which parts of an IP address are to be used for defining the IP Group hosts.

[
 {
  "type": "wildcard",
  "address": "10.0.4.0",
  "mask": "0.255.0.255"
 }
]

Note

The example above tags all hosts with the first octet of ‘10’ and the third octet of ‘4’. Therefore, IPs such as 10.1.4.1, 10.2.4.250, 10.99.4.98, etc., would be included in the defined IP Group as the first and third octets match in the wildcard rule.

Child group

Nests IP Groups to create a hierarchy with child groups’ rules being more specific than their parent.

[
 {
  "type": "child",
  "child_id": "16900062"
 }
]

Important

A child group definition is based on the parent group. Define smaller and more distinct child groups, then create the parent group so that you can add the child group that already exists.

  1. Create UK Datacenter and UK Office groups for their respective subnets/IPs.

  2. Create a parent group, UK, that will include child groups, UK Datacenter and UK Office.

  3. Create Germany Datacenter and Germany Office groups for their respective subnets/IPs.

  4. Create a parent group, Germany, that will include child groups, Germany Datacenter and Germany Office.

  5. Create a parent group European Offices that will include child groups UK and Germany.

The workflow above will create the following hierarchy:

* European Offices         10.0.0.0/8
  ** UK                       10.30.0.0/16
        *** UK Datacenter           10.30.10.1/32
        *** UK Office               10.30.20.0/24
  ** Germany                   10.40.0.0/16
         *** Germany Datacenter      10.40.10.1/32
         *** Germany Office          10.40.20.0/24