Meraki

Community

Use API call to get non-compliant device.

Bikk3l
Comes here often
‎May 28 2021 2:54 PM
‎May 28 2021 2:54 PM

Use API call to get non-compliant device.

Hi, 

 

Currently I am trying to make a script which gets devices which are in violation with a security policy I made. The problem seems to be however that it's not possible to make this call, it seems like the api does not recognize/acknowledge security policy tags in the tag field. I find it hard to believe that nobody before me wants to get a list of non-compliant devices via API.

 

https://api.meraki.com/api/v1/networks/%7BNetworkId%7D/sm/devices?scope[]=withAll&&scope[]=Windows_t... - violating_devices

 

Maybe someone can tell me what I'm doing wrong?

 

Thanks in advance.

Labels:
0 Kudos
3 Replies 3
Bate5a
New here
‎May 29 2021 11:26 PM
‎May 29 2021 11:26 PM

Hi <h1>Hello</h1>

sadasda
0 Kudos
PaulF
Meraki Employee
Meraki Employee
‎Jun 4 2021 2:16 AM
‎Jun 4 2021 2:16 AM

So, the first thing you'll need is the policy ID: If you go to Systems Manager > Policies and click on the policy that you want to use as a criteria, you'll now be able to get the policy ID from the URL:

 

https://XXXX.meraki.com/General/n/XXXXXXX/manage/configure/pcc_security_policy#security_policy=68116...

 

So, now that we have the ID, we can go to the API call:

 

https://api.meraki.com/api/v0/networks/{{NetworkID}}/sm/devices?fields=ip&scope=withAll,auto:security_policy_uncompliant681169443639788406

 

If you don't know your network (or Org) IDs, you'll need to do the following two API calls:

 

Orgs

curl --location --request GET 'https://api.meraki.com/api/v1/organizations' \
--header 'X-Cisco-Meraki-API-KEY: {{APIKEY}}'
 
Returns:
[ { "id": "2930418", "name": "My organization", "url": "https://dashboard.meraki.com/o/VjjsAd/manage/organization/overview" } ]
 
This brings back a list of your orgs. You probably only have the one. Grab the id. Then, we....
 
Networks
curl --location -g --request GET 'https://api.meraki.com/api/v0/organizations/2930418/networks' --header 'X-Cisco-Meraki-API-KEY: {{APIKEY}}'
 
This will bring back a list of networks.
 
[ { "id": "L_123456", "organizationId": "2930418", "name": "Long Island Office", "timeZone": "America/Los_Angeles", "tags": [ "tag1", "tag2" ], "productTypes": [ "appliance", "switch", "wireless" ], "enrollmentString": "long-island-office", "notes": "Combined network for Long Island Office" } ]
 
Grab your network id
 

 

 

 

 

 

0 Kudos
In response to PaulF
PaulF
Meraki Employee
Meraki Employee
‎Jun 4 2021 2:17 AM
‎Jun 4 2021 2:17 AM

You'll find https://developer.cisco.com/meraki/api-v1/#!get-organization-networks a really excellent resource for prototyping

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.