Using wget to run reports

  • Question
  • Updated 4 years ago
  • Answered
Version 8.4 of LANGuardian introduces a REST style API that allows you to run a report using a command line tool such as wget and receive the results in CSV file. You can run any report, including Custom Reports and specify any filters also. This enables you to automate running reports on LANGuardian and integrate report results with other systems that you may have (for example, a script on a Unix system can query LANGuardian for traffic stats and make some decisions based on the output).

Here’s an example of a command using wget (on Unix) to run a Top Clients report on LANGuardian, with some explanation of the various parameters used.

wget -S -o messages.txt -O output_human.txt --no-check-certificate "https:// 213.94.197.139/netmon/view.cgi?View=View&csv&human&nrows=23&lg_login_username=Administrator&lg_login_password=Administrator&rid=45&t=20100417100000-20100417190000&senid=all&proto=any&dport=any"

This is a bit involved; lets look at the arguments in a bit more detail

First off we have a call to wget.

wget is a command line tool for retrieving http (https & ftp) pages. You can get it here http://www.gnu.org/software/wget

Next are some parameters and flags for wget.

-S - Get headers in the respone, useful for debugging, but not needed normally. -o messages.txt- Store debug and information messages about the execution in message.txt. Again, useful for debugging.

-O output_human.txt – Place the output of the report in this file. This will be a CSV file.

--no-check-certificate – Don’t check the server certificate against the certificate authorities. Required as LANGuardian uses a self signed certificate.

Next follows the URI that we want to retrieve (i.e the report to run). You’ll recognize this from the address bar of your browser whenever you run a LANGuardian report, but there are some extra parameters here.

Again, it’s appears a bit involved; lets look at what it contains:

https:// 213.94.197.139/netmon/view.cgi? View=View – Base of URI to access the LANGuardian report engine where the management IP address is 213.94.197.139. This is the IP address of the Netfort Technologies online demo system (demo.netfortechnologies.com).

Feel free to use this IP address for any testing you want to do.

&csv – Run the report and return a CSV file, instead of the standard GUI page. This the new parameter that allows a script to get a CSV file as report output.

&human –Return the data in human readable format. For example, byte counts will appear as 1.2MB instead of 1258291 bytes. IP addresses are returned in dotted decimal and resolved to hostnames etc. The resolution to human readable format can take some time. If the report returns many thousands of results, it will take a long time to execute the report. If you plan to post process the results with another script or import into a spreadsheet, you can omit the &human parameter and get better performance.

&nrows=23 – Only return 23 rows of output in the report. If you only plan to use the top ten results, then set nrows=10. This is useful if you also specify &human.

&lg_login_username=Administrator – Login authentication – in this case we’re using the Administrator account

&lg_login_password=Administrator – Login authentication – the password for the Administrator account

&rid=45 – This is the report ID that specifies the report that you want to run. Currently the only way to determine the report ID is to access the GUI, find the report you want to run and examine the URI in the browser address bar. We’ll update this so that you can specify a report name in a subsequent release. I’ll post some common report names and RID in a follow up post.

t=20100417100000-20100417190000 – The time filter for the report that I want to run. The format is &t=From-To, where the data format is yyyymmddhhmmss. The caveat here is that the month is zero indexed, so that January is 0, February is 01 and so on. 20100425120000 equates to 12:00:00 on May 25th 2010 for example. Always use UTC time for running reports, as this is how the database stores data.

Times can also be specified as &t=last+24+hours (or 4 hours or 1 hour).

&senid=all – Filter for sensor ID. In this case select from all sensors

&proto=any – Filter for traffic protocol. In this case select from any protocol

&dport=any – Filter for destination (server) port number. In this case select from any.

I'll post some more filter examples in follow up posts.

After running the report, you’ll get the output in output_human.txt.

Here’s a report that was returned from the online demo system.

(Top Clients, last 24 hours, no filters. Access the GUI to compare results)

Sensor,Client,Total

1,192.168.0.10,1.20 GB

1,192.168.0.7,1.05 GB

1,192.168.0.9,997.04 MB

1,192.168.0.5,885.44 MB

1,192.168.0.6,804.57 MB

1,192.168.0.8,802.53 MB

1,192.168.0.3,786.66 MB

1,192.168.0.4,747.01 MB

1,192.168.0.2,650.74 MB

5,192.168.0.3,310.97 MB

5,192.168.0.4,302.15 MB

5,192.168.0.6,291.75 MB

5,192.168.0.8,267.57 MB

5,192.168.0.9,255.17 MB

5,192.168.0.10,240.57 MB

5,192.168.0.5,232.37 MB

5,192.168.0.7,226.06 MB

5,192.168.0.2,221.06 MB

6,192.168.0.7,171.84 MB

6,192.168.0.3,122.85 MB

6,192.168.0.5,122.82 MB

6,192.168.0.9,120.56 MB

If you any questions or comments about using this, please let us know as support@netforttechnologies.com

NetFort

  • 185 Posts
  • 2 Likes

Posted 4 years ago

  • 1

Michael Finn

  • 35 Posts
  • 5 Likes
Version 8.4 of LANGuardian introduces a REST style API that allows you to run a report using a command line tool such as wget and receive the results in CSV file. You can run any report, including Custom Reports and specify any filters also. This enables you to automate running reports on LANGuardian and integrate report results with other systems that you may have (for example, a script on a Unix system can query LANGuardian for traffic stats and make some decisions based on the output).

Here’s an example of a command using wget (on Unix) to run a Top Clients report on LANGuardian, with some explanation of the various parameters used.

wget -S -o messages.txt -O output_human.txt --no-check-certificate "https:// 213.94.197.139/netmon/view.cgi?View=View&csv&human&nrows=23&lg_login_username=Administrator&lg_login_password=Administrator&rid=45&t=20100417100000-20100417190000&senid=all&proto=any&dport=any"

This is a bit involved; lets look at the arguments in a bit more detail

First off we have a call to wget.

wget is a command line tool for retrieving http (https & ftp) pages. You can get it here http://www.gnu.org/software/wget

Next are some parameters and flags for wget.

-S - Get headers in the respone, useful for debugging, but not needed normally. -o messages.txt- Store debug and information messages about the execution in message.txt. Again, useful for debugging.

-O output_human.txt – Place the output of the report in this file. This will be a CSV file.

--no-check-certificate – Don’t check the server certificate against the certificate authorities. Required as LANGuardian uses a self signed certificate.

Next follows the URI that we want to retrieve (i.e the report to run). You’ll recognize this from the address bar of your browser whenever you run a LANGuardian report, but there are some extra parameters here.

Again, it’s appears a bit involved; lets look at what it contains:

https:// 213.94.197.139/netmon/view.cgi? View=View – Base of URI to access the LANGuardian report engine where the management IP address is 213.94.197.139. This is the IP address of the Netfort Technologies online demo system (demo.netfortechnologies.com).

Feel free to use this IP address for any testing you want to do.

&csv – Run the report and return a CSV file, instead of the standard GUI page. This the new parameter that allows a script to get a CSV file as report output.

&human –Return the data in human readable format. For example, byte counts will appear as 1.2MB instead of 1258291 bytes. IP addresses are returned in dotted decimal and resolved to hostnames etc. The resolution to human readable format can take some time. If the report returns many thousands of results, it will take a long time to execute the report. If you plan to post process the results with another script or import into a spreadsheet, you can omit the &human parameter and get better performance.

&nrows=23 – Only return 23 rows of output in the report. If you only plan to use the top ten results, then set nrows=10. This is useful if you also specify &human.

&lg_login_username=Administrator – Login authentication – in this case we’re using the Administrator account

&lg_login_password=Administrator – Login authentication – the password for the Administrator account

&rid=45 – This is the report ID that specifies the report that you want to run. Currently the only way to determine the report ID is to access the GUI, find the report you want to run and examine the URI in the browser address bar. We’ll update this so that you can specify a report name in a subsequent release. I’ll post some common report names and RID in a follow up post.

t=20100417100000-20100417190000 – The time filter for the report that I want to run. The format is &t=From-To, where the data format is yyyymmddhhmmss. The caveat here is that the month is zero indexed, so that January is 0, February is 01 and so on. 20100425120000 equates to 12:00:00 on May 25th 2010 for example. Always use UTC time for running reports, as this is how the database stores data.

Times can also be specified as &t=last+24+hours (or 4 hours or 1 hour).

&senid=all – Filter for sensor ID. In this case select from all sensors

&proto=any – Filter for traffic protocol. In this case select from any protocol

&dport=any – Filter for destination (server) port number. In this case select from any.

I'll post some more filter examples in follow up posts.

After running the report, you’ll get the output in output_human.txt.

Here’s a report that was returned from the online demo system.

(Top Clients, last 24 hours, no filters. Access the GUI to compare results)

Sensor,Client,Total

1,192.168.0.10,1.20 GB

1,192.168.0.7,1.05 GB

1,192.168.0.9,997.04 MB

1,192.168.0.5,885.44 MB

1,192.168.0.6,804.57 MB

1,192.168.0.8,802.53 MB

1,192.168.0.3,786.66 MB

1,192.168.0.4,747.01 MB

1,192.168.0.2,650.74 MB

5,192.168.0.3,310.97 MB

5,192.168.0.4,302.15 MB

5,192.168.0.6,291.75 MB

5,192.168.0.8,267.57 MB

5,192.168.0.9,255.17 MB

5,192.168.0.10,240.57 MB

5,192.168.0.5,232.37 MB

5,192.168.0.7,226.06 MB

5,192.168.0.2,221.06 MB

6,192.168.0.7,171.84 MB

6,192.168.0.3,122.85 MB

6,192.168.0.5,122.82 MB

6,192.168.0.9,120.56 MB

If you any questions or comments about using this, please let us know as support@netforttechnologies.com