| Both sides previous revisionPrevious revisionNext revision | Previous revision |
| infoblox:api [2026/01/15 21:37] – bstafford | infoblox:api [2026/03/07 00:25] (current) – bstafford |
|---|
| * [[https://docs.infoblox.com/space/NIOS/35400616/NIOS|Official Doc Page]] linking to both of the links above. | * [[https://docs.infoblox.com/space/NIOS/35400616/NIOS|Official Doc Page]] linking to both of the links above. |
| |
| | ===== Convert JSON ===== |
| | The "jq" command is excellent for parsing JSON. |
| | |
| | Page on transforming JSON with jq [[www.digitalocean.com/community/tutorials/how-to-transform-json-data-with-jq|here]]. |
| ===== Quick CURL===== | ===== Quick CURL===== |
| <code>curl -X GET -H "Authorization: Token token=<API_KEY>" "https://csp.infoblox.com/tide/api/data/threats?type=host&class=bot"</code> | <code>curl -X GET -H "Authorization: Token token=<API_KEY>" "https://csp.infoblox.com/tide/api/data/threats?type=host&class=bot"</code> |
| sys.exit(1)</code> | sys.exit(1)</code> |
| ===== Reference ===== | ===== Reference ===== |
| | API Docs [[https://csp.infoblox.com/apidoc?url=https%3A%2F%2Fcsp.infoblox.com%2Fapidoc%2Fdocs%2FAtcfw#/|here]]. |
| | |
| | ===== Subnet Filter ===== |
| | |
| | |
| | <code>curl -s --location 'https://csp.eu.infoblox.com/api/ddi/v1/ipam/subnet?_offset=0&_tfilter=Type%3DHo*&_limit=5&_is_total_size_needed=true' \ |
| | --header 'Accept: application/json' \ |
| | --header 'Authorization: Token YOUR_API_KEY_HERE' \ |
| | | jq -r '.results[] | "\(.address)/\(.cidr)"' </code> |
| | |
| | This command will find all subnets that have the tag "Type" with value "Home" and return JSON data. |
| | |
| | You can then use the jq command to filter the subnet address value and the subnet CIDR value and display in format address/cidr |
| | ==== AWS IPAM ==== |
| | To get the Infoblox ID needed by AWS IPAM for management: |
| | <code>curl -s -H "Authorization: Token <YOUR_API_KEY>" https://csp.infoblox.com/v2/current_user | jq '.result.account_infoblox_id'</code> |
| | ==== Get Internal Domain List ==== |
| | The following gets the full list of Internal Domain lists (Security) as well as their contents. You can use this to get the ID of each list. |
| | <code>curl -X GET -H "Authorization: Token token=<APIKEY>" "https://csp.eu.infoblox.com/api/atcfw/v1/internal_domain_lists"</code> |
| | |
| | The code below is for when you want to filter the query to show just the contents of a specific list (in this case, the ID is 1234) |
| | <code>curl -X GET -H "Authorization: Token token=<APIKEY>" "https://csp.eu.infoblox.com/api/atcfw/v1/internal_domain_lists/1234"</code> |
| | |
| ==== Get Data of Threat Feed ==== | ==== Get Data of Threat Feed ==== |
| <code>curl -s -X GET "https://csp.infoblox.com/api/atcfw/v1/threat_feeds?_filter=((name=='AntiMalware')or(name=='FarSightNOD'))" -H "Authorization: Token token=ADD_API_KEY" -H "Content-Type: application/json"</code> | <code>curl -s -X GET "https://csp.infoblox.com/api/atcfw/v1/threat_feeds?_filter=((name=='AntiMalware')or(name=='FarSightNOD'))" -H "Authorization: Token token=ADD_API_KEY" -H "Content-Type: application/json"</code> |
