wapi documentation...wapi documentation ... 20

WAPI DocumentationRelease 2.9

Infoblox

July 11, 2018

CONTENTS

1 Introduction 11.1 Notation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11.2 Transport and Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11.3 Backward Compatibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21.4 General Syntax and Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21.5 Naming and Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31.6 Object Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.7 Function Calls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41.8 Extensible Attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51.9 Use Flags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51.10 Data Formats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61.11 XML Format . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61.12 Error Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

2 Methods 92.1 GET . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92.2 POST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152.3 PUT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162.4 DELETE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

3 Objects 183.1 ad_auth_service : Active Directory Authentication Service object. . . . . . . . . . . . . . . . . . . . 183.2 admingroup : Admin Group object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223.3 adminrole : Admin Role object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263.4 adminuser : Admin User object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293.5 allendpoints : All Endpoints object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373.6 allnsgroup : All NS Group object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403.7 allrecords : AllRecords object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433.8 allrpzrecords : DNS All RPZ Records object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493.9 approvalworkflow : The approval workflow object. . . . . . . . . . . . . . . . . . . . . . . . . . . . 563.10 authpolicy : The authentication policy object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 643.11 awsrte53taskgroup : AWS Route53 task group object. . . . . . . . . . . . . . . . . . . . . . . . . . 673.12 awsuser : AWS User object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 733.13 bfdtemplate : BFD template object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 763.14 bulkhost : Bulkhost object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 803.15 bulkhostnametemplate : The bulk host name template object. . . . . . . . . . . . . . . . . . . . . . 873.16 cacertificate : CA Certificate object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 903.17 capacityreport : Grid member capacity report object. . . . . . . . . . . . . . . . . . . . . . . . . . . 933.18 captiveportal : Captive portal object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96

i

3.19 certificate:authservice : Certificate authentication service object. . . . . . . . . . . . . . . . . . . . . 1073.20 ciscoise:endpoint : Cisco ISE Endpoint object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1143.21 csvimporttask : CSV Import task object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1243.22 db_objects : The DB Objects object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1313.23 dbsnapshot : The DBSnapshot WAPI object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1363.24 ddns:principalcluster : DDNS Principal Cluster object. . . . . . . . . . . . . . . . . . . . . . . . . . 1383.25 ddns:principalcluster:group : DDNS Principal Cluster Group object. . . . . . . . . . . . . . . . . . . 1403.26 deleted_objects : The Deleted Objects object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1423.27 dhcp:statistics : DHCP Statistics object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1433.28 dhcpfailover : DHCP Failover Association object. . . . . . . . . . . . . . . . . . . . . . . . . . . . 1473.29 dhcpoptiondefinition : DHCP option definition object. . . . . . . . . . . . . . . . . . . . . . . . . . 1613.30 dhcpoptionspace : DHCP option space object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1643.31 discovery : Discovery object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1673.32 discovery:device : Discovery Device object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1713.33 discovery:devicecomponent : Device Component object. . . . . . . . . . . . . . . . . . . . . . . . . 1863.34 discovery:deviceinterface : Device Interface object. . . . . . . . . . . . . . . . . . . . . . . . . . . . 1893.35 discovery:deviceneighbor : Device Neighbor object. . . . . . . . . . . . . . . . . . . . . . . . . . . 2063.36 discovery:devicesupportbundle : Device support bundle object. . . . . . . . . . . . . . . . . . . . . 2093.37 discovery:diagnostictask : The discovery diagnostic task object. . . . . . . . . . . . . . . . . . . . . 2123.38 discovery:gridproperties : The Grid discovery properties object. . . . . . . . . . . . . . . . . . . . . 2153.39 discovery:memberproperties : The Grid discovery member properties object. . . . . . . . . . . . . . 2253.40 discovery:status : Discovery Status object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2313.41 discovery:vrf : The VRF object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2383.42 discoverytask : The discovery task object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2413.43 distributionschedule : Distribution schedule object. . . . . . . . . . . . . . . . . . . . . . . . . . . . 2503.44 dns64group : DNS64 synthesis group object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2553.45 dtc : DTC object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2593.46 dtc:allrecords : DTC AllRecords object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2613.47 dtc:certificate : DTC Certificate object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2643.48 dtc:lbdn : DTC LBDN object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2683.49 dtc:monitor : DTC monitor object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2753.50 dtc:monitor:http : DTC HTTP monitor object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2803.51 dtc:monitor:icmp : DTC ICMP monitor object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2893.52 dtc:monitor:pdp : DTC PDP monitor object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2923.53 dtc:monitor:sip : DTC SIP monitor object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2963.54 dtc:monitor:snmp : DTC SNMP monitor object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3023.55 dtc:monitor:tcp : DTC TCP monitor object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3083.56 dtc:object : DTC object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3113.57 dtc:pool : DTC Pool object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3173.58 dtc:record:a : DTC A Record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3253.59 dtc:record:aaaa : DTC AAAA Record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3293.60 dtc:record:cname : DTC CNAME Record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3333.61 dtc:record:naptr : DTC NAPTR Record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3363.62 dtc:record:srv : DTC SRV Record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3423.63 dtc:server : DTC Server object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3473.64 dtc:topology : DTC Topology object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3523.65 dtc:topology:label : DTC Topology Label object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3553.66 dtc:topology:rule : DTC Topology Rule object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3573.67 dxl:endpoint : The Data Exchange Layer endpoint object. . . . . . . . . . . . . . . . . . . . . . . . 3603.68 extensibleattributedef : Extensible Attribute Definition object. . . . . . . . . . . . . . . . . . . . . . 3683.69 fileop : File operations object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3733.70 filterfingerprint : DHCP Fingerprint Filter object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3893.71 filtermac : DHCP MAC Address Filter object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3913.72 filternac : DHCP NAC Filter object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395

ii

3.73 filteroption : DHCP filter option object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3993.74 filterrelayagent : The filter relay agent object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4043.75 fingerprint : DHCP Fingerprint object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4093.76 fixedaddress : DHCP Fixed Address object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4143.77 fixedaddresstemplate : The fixed address template object. . . . . . . . . . . . . . . . . . . . . . . . 4763.78 ftpuser : FTP user object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4863.79 grid : Grid object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4893.80 grid:cloudapi : Grid Cloud API object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5153.81 grid:cloudapi:cloudstatistics : Grid Cloud Statistics object. . . . . . . . . . . . . . . . . . . . . . . . 5173.82 grid:cloudapi:tenant : Grid Cloud API Tenant object. . . . . . . . . . . . . . . . . . . . . . . . . . . 5213.83 grid:cloudapi:vm : Grid Cloud API vm object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5253.84 grid:cloudapi:vmaddress : Grid Cloud API VM address object. . . . . . . . . . . . . . . . . . . . . 5343.85 grid:dashboard : Grid Dashboard object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5493.86 grid:dhcpproperties : Grid DHCP properties object. . . . . . . . . . . . . . . . . . . . . . . . . . . . 5553.87 grid:dns : Grid DNS properties object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5863.88 grid:filedistribution : Grid file distribution object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6343.89 grid:license_pool : Grid License Pool object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6383.90 grid:license_pool_container : Grid License Pool Container object. . . . . . . . . . . . . . . . . . . . 6443.91 grid:maxminddbinfo : Topology DB Info object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6463.92 grid:member:cloudapi : Member Cloud API object. . . . . . . . . . . . . . . . . . . . . . . . . . . . 6493.93 grid:servicerestart:group : Service Restart Group object. . . . . . . . . . . . . . . . . . . . . . . . . 6553.94 grid:servicerestart:group:order : Restart Group Order object. . . . . . . . . . . . . . . . . . . . . . . 6603.95 grid:servicerestart:request : Restart Request object. . . . . . . . . . . . . . . . . . . . . . . . . . . . 6613.96 grid:servicerestart:request:changedobject : Grid service restart request changed object. . . . . . . . . 6663.97 grid:servicerestart:status : Restart Status object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6713.98 grid:threatanalytics : Grid threat analytics object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6763.99 grid:threatprotection : The Grid threat protection object. . . . . . . . . . . . . . . . . . . . . . . . . 6823.100 grid:x509certificate : X509Certificate object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6883.101 hostnamerewritepolicy : Hostname rewrite policy object. . . . . . . . . . . . . . . . . . . . . . . . . 6913.102 hsm:allgroups : All Hardware Security Module groups object. . . . . . . . . . . . . . . . . . . . . . 6943.103 hsm:safenetgroup : The Hardware Security Module SafeNet group object. . . . . . . . . . . . . . . . 6953.104 hsm:thalesgroup : The Thales Harware Security Module group object. . . . . . . . . . . . . . . . . . 7003.105 ipam:statistics : IPAM statistics object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7053.106 ipv4address : IPAM IPv4Address object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7093.107 ipv6address : IPAM IPv6Address object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7563.108 ipv6dhcpoptiondefinition : DHCP IPv6 option definition object. . . . . . . . . . . . . . . . . . . . . 8043.109 ipv6dhcpoptionspace : DHCP IPv6 option space object. . . . . . . . . . . . . . . . . . . . . . . . . 8073.110 ipv6fixedaddress : DHCP IPv6 Fixed Address object. . . . . . . . . . . . . . . . . . . . . . . . . . . 8093.111 ipv6fixedaddresstemplate : The IPv6 fixed address template object. . . . . . . . . . . . . . . . . . . 8643.112 ipv6network : DHCP IPv6Network object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8703.113 ipv6networkcontainer : DHCP IPv6NetworkContainer object. . . . . . . . . . . . . . . . . . . . . . 9033.114 ipv6networktemplate : DHCP IPv6 network template object. . . . . . . . . . . . . . . . . . . . . . . 9293.115 ipv6range : DHCP IPv6 Range object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9453.116 ipv6rangetemplate : IPv6 DHCP Range template object. . . . . . . . . . . . . . . . . . . . . . . . . 9593.117 ipv6sharednetwork : DHCP IPv6 Shared Network object. . . . . . . . . . . . . . . . . . . . . . . . 9643.118 kerberoskey : Kerberos key object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9763.119 ldap_auth_service : The LDAP authentication service object. . . . . . . . . . . . . . . . . . . . . . 9803.120 lease : DHCP Lease object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9863.121 license:gridwide : Gridwide license object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10403.122 localuser:authservice : Local user authentication service object. . . . . . . . . . . . . . . . . . . . . 10443.123 macfilteraddress : MAC Filter Address object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10463.124 mastergrid : Master Grid object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10563.125 member : Member object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10623.126 member:dhcpproperties : Member DHCP properties object. . . . . . . . . . . . . . . . . . . . . . . 1090

iii

3.127 member:dns : Member DNS object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11453.128 member:filedistribution : Grid member file distribution object. . . . . . . . . . . . . . . . . . . . . . 12173.129 member:license : Member License object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12253.130 member:parentalcontrol : Member mobile security properties object. . . . . . . . . . . . . . . . . . 12313.131 member:threatanalytics : Grid member threat analytics object. . . . . . . . . . . . . . . . . . . . . . 12323.132 member:threatprotection : Member threat protection object. . . . . . . . . . . . . . . . . . . . . . . 12353.133 msserver : Microsoft Server object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12433.134 msserver:adsites:domain : Active Directory Domain object. . . . . . . . . . . . . . . . . . . . . . . 12453.135 msserver:adsites:site : Active Directory Site object. . . . . . . . . . . . . . . . . . . . . . . . . . . . 12483.136 msserver:dhcp : Microsoft Server DHCP properties object. . . . . . . . . . . . . . . . . . . . . . . . 12513.137 msserver:dns : Microsoft Server DNS properties object. . . . . . . . . . . . . . . . . . . . . . . . . 12563.138 mssuperscope : Microsoft DHCP superscope object. . . . . . . . . . . . . . . . . . . . . . . . . . . 12593.139 namedacl : Named ACL object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12653.140 natgroup : Network Address Translation group object. . . . . . . . . . . . . . . . . . . . . . . . . . 12693.141 network : DHCP Network object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12703.142 network_discovery : Network discovery object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13193.143 networkcontainer : DHCP Network Container object. . . . . . . . . . . . . . . . . . . . . . . . . . . 13203.144 networktemplate : DHCP Network template object. . . . . . . . . . . . . . . . . . . . . . . . . . . . 13583.145 networkuser : Network User object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13843.146 networkview : DHCP NetworkView object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13913.147 notification:rest:endpoint : The notification RESTful endpoint object. . . . . . . . . . . . . . . . . . 13973.148 notification:rest:template : The notification REST template object. . . . . . . . . . . . . . . . . . . . 14063.149 notification:rule : Notification rule object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14113.150 nsgroup : DNS name server group object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14193.151 nsgroup:delegation : NS group delegation object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14243.152 nsgroup:forwardingmember : Forwarding Member Name Server Group object. . . . . . . . . . . . . 14263.153 nsgroup:forwardstubserver : Forward Stub Server Name Server Group object. . . . . . . . . . . . . . 14283.154 nsgroup:stubmember : Stub Member Name Server Group object. . . . . . . . . . . . . . . . . . . . 14313.155 orderedranges : Ordered DHCP ranges object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14333.156 orderedresponsepolicyzones : Ordered Response Policy Zones object. . . . . . . . . . . . . . . . . . 14353.157 outbound:cloudclient : OutBoundCloudClient object. . . . . . . . . . . . . . . . . . . . . . . . . . . 14363.158 parentalcontrol:avp : The parental control AVP object. . . . . . . . . . . . . . . . . . . . . . . . . . 14393.159 parentalcontrol:ipspacediscriminator : Parental control IP space discriminator properties object. . . . 14433.160 parentalcontrol:subscriber : The parental control subscriber object. . . . . . . . . . . . . . . . . . . 14453.161 parentalcontrol:subscribersite : Subscriber site parental control properties object. . . . . . . . . . . . 14553.162 permission : Permissions object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14613.163 radius:authservice : The RADIUS authentication service object. . . . . . . . . . . . . . . . . . . . . 14683.164 range : DHCP Range object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14743.165 rangetemplate : DHCP Range template object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15103.166 record:a : DNS A record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15333.167 record:aaaa : DNS AAAA record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15813.168 record:alias : DNS Alias record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16303.169 record:caa : DNS CAA record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16373.170 record:cname : DNS CNAME record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16453.171 record:dhcid : DNS DHCID record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16533.172 record:dname : DNS DNAME record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16583.173 record:dnskey : DNS DNSKEY record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16663.174 record:ds : DNS DS record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16733.175 record:dtclbdn : DTC LBDN object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16803.176 record:host : DNS Host record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16853.177 record:host_ipv4addr : IPv4 Host address object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16993.178 record:host_ipv6addr : IPv6 Host address object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17503.179 record:mx : DNS MX record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18003.180 record:naptr : DNS NAPTR record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1809

iv

3.181 record:ns : DNS NS record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18203.182 record:nsec : DNS NSEC record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18253.183 record:nsec3 : DNS NSEC3 record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18313.184 record:nsec3param : DNS NSEC3 record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18383.185 record:ptr : DNS PTR record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18453.186 record:rpz:a : Response Policy Zone Substitute A Record Rule object. . . . . . . . . . . . . . . . . . 18953.187 record:rpz:a:ipaddress : Response Policy Zone Substitute IPv4 Address Rule object. . . . . . . . . . 19003.188 record:rpz:aaaa : Response Policy Zone Substitute AAAA Record Rule object. . . . . . . . . . . . . 19053.189 record:rpz:aaaa:ipaddress : Response Policy Zone Substitute IPv6 Address Rule object. . . . . . . . 19103.190 record:rpz:cname : DNS Response Policy Zone CNAME record object. . . . . . . . . . . . . . . . . 19153.191 record:rpz:cname:clientipaddress : DNS RPZ CNAMEClientIpAddress record object. . . . . . . . . 19203.192 record:rpz:cname:clientipaddressdn : Substitute Domain Name Based on Client IP Address rule object.19253.193 record:rpz:cname:ipaddress : DNS RPZ CNAMEIpAddress record object. . . . . . . . . . . . . . . 19303.194 record:rpz:cname:ipaddressdn : Substitute Domain Name Based on IP Address rule object. . . . . . . 19353.195 record:rpz:mx : Response Policy Zone Substitute MX Record Rule object. . . . . . . . . . . . . . . 19403.196 record:rpz:naptr : Response Policy Zone Substitute NAPTR Record Rule object. . . . . . . . . . . . 19463.197 record:rpz:ptr : Response Policy Zone Substitute PTR Record Rule object. . . . . . . . . . . . . . . 19533.198 record:rpz:srv : Response Policy Zone Substitute SRV Record Rule object. . . . . . . . . . . . . . . 19593.199 record:rpz:txt : Response Policy Zone Substitute TXT Record Rule object. . . . . . . . . . . . . . . 19653.200 record:rrsig : DNS RRSIG record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19703.201 record:srv : DNS SRV record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19793.202 record:tlsa : DNS TLSA record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19893.203 record:txt : DNS TXT record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19953.204 recordnamepolicy : Record name policy object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20043.205 request : WAPI handler object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20063.206 restartservicestatus : Restart service status object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20083.207 rir : Regional Internet Registry object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20113.208 rir:organization : Regional Internet Registry organization object. . . . . . . . . . . . . . . . . . . . . 20143.209 roaminghost : DHCP Roaming Host object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20183.210 ruleset : DNS Ruleset object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20383.211 scavengingtask : DNS scavenging task object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20413.212 scheduledtask : Scheduled Task object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20453.213 search : Search object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20573.214 sharednetwork : DHCP Shared Network object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20643.215 sharedrecord:a : DNS Shared A record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20843.216 sharedrecord:aaaa : DNS Shared AAAA record object. . . . . . . . . . . . . . . . . . . . . . . . . . 20883.217 sharedrecord:cname : DNS Shared CNAME record object. . . . . . . . . . . . . . . . . . . . . . . . 20923.218 sharedrecord:mx : DNS Shared MX record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . 20973.219 sharedrecord:srv : DNS Shared SRV record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . 21023.220 sharedrecord:txt : DNS Shared TXT record object. . . . . . . . . . . . . . . . . . . . . . . . . . . . 21083.221 sharedrecordgroup : DNS Shared Record Group object. . . . . . . . . . . . . . . . . . . . . . . . . 21123.222 smartfolder:children : Smart Folder children object. . . . . . . . . . . . . . . . . . . . . . . . . . . 21163.223 smartfolder:global : Global Smart Folder object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21193.224 smartfolder:personal : Personal Smart Folder object. . . . . . . . . . . . . . . . . . . . . . . . . . . 21223.225 snmpuser : SNMP user object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21263.226 superhost : SuperHost object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21303.227 superhostchild : Super Host Child object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21333.228 tacacsplus:authservice : The TACACS+ authentication service object. . . . . . . . . . . . . . . . . . 21393.229 taxii : Taxii Member object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21433.230 tftpfiledir : TFTP file or directory object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21463.231 threatanalytics:moduleset : Threat analytics module set object. . . . . . . . . . . . . . . . . . . . . . 21503.232 threatanalytics:whitelist : Threat analytics whitelist object. . . . . . . . . . . . . . . . . . . . . . . . 21513.233 threatinsight:cloudclient : Threat Insight Cloud Client object. . . . . . . . . . . . . . . . . . . . . . 21533.234 threatprotection:grid:rule : Threat protection custom rule object. . . . . . . . . . . . . . . . . . . . . 2156

v

3.235 threatprotection:profile : The Threat Protection profile object. . . . . . . . . . . . . . . . . . . . . . 21613.236 threatprotection:profile:rule : Threat Protection Profile Rule object. . . . . . . . . . . . . . . . . . . 21673.237 threatprotection:rule : Member Threat Protection Rule object. . . . . . . . . . . . . . . . . . . . . . 21703.238 threatprotection:rulecategory : Threat protection rule category object. . . . . . . . . . . . . . . . . . 21733.239 threatprotection:ruleset : The Grid threat protection ruleset object. . . . . . . . . . . . . . . . . . . . 21763.240 threatprotection:ruletemplate : Threat protection rule template object. . . . . . . . . . . . . . . . . . 21793.241 threatprotection:statistics : Threat protection statistics object. . . . . . . . . . . . . . . . . . . . . . 21833.242 upgradegroup : Upgrade group object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21843.243 upgradeschedule : Upgrade schedule object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21913.244 upgradestatus : The upgrade status object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21953.245 userprofile : User profile object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22143.246 vdiscoverytask : Discovery task object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22243.247 view : DNS View object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22383.248 zone_auth : DNS Authoritative Zone object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22683.249 zone_auth_discrepancy : Zone discrepancy information object. . . . . . . . . . . . . . . . . . . . . 23143.250 zone_delegated : DNS Delegated Zone object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23183.251 zone_forward : DNS Forward Zone object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23293.252 zone_rp : DNS Response Policy Zone object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23403.253 zone_stub : DNS Stub Zone object. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2359

4 Structs 23744.1 ad_auth_server : Active Directory Authentication Server. . . . . . . . . . . . . . . . . . . . . . . . . 23744.2 addressac : Address ac. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23764.3 awsrte53recordinfo : ‘Aws Rte53 Record Info. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23764.4 awsrte53task : AWS Route53 task. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23804.5 awsrte53zoneinfo : ‘Aws Rte53 Zone Info. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23844.6 bgpas : BGP (Border Gateway Protocol) Autonomous System (AS) . . . . . . . . . . . . . . . . . . 23864.7 bgpneighbor : BGP (Border Gateway Protocol) Neighbor. . . . . . . . . . . . . . . . . . . . . . . . 23884.8 capacityreport:objectcount : Type count struct. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23904.9 captiveportal:file : Captive portal file. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23914.10 changedobject : Changed object information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23924.11 ciscoise:eaassociation : Cisco ISE extensible attribute association struct. . . . . . . . . . . . . . . . 23934.12 ciscoise:publishsetting : Cisco ISE publish settings struct. . . . . . . . . . . . . . . . . . . . . . . . 23944.13 ciscoise:subscribesetting : Cisco ISE subscribe settings struct. . . . . . . . . . . . . . . . . . . . . . 23954.14 clientsubnetdomain : The client subnet domain structure. . . . . . . . . . . . . . . . . . . . . . . . . 23964.15 dhcpddns : Ddns Zone Primary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23964.16 dhcpmember : Grid member serving DHCP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23984.17 dhcpoption : DHCP option. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23994.18 discovery:advancedpollsetting : The advanced polling settings structure. . . . . . . . . . . . . . . . . 24004.19 discovery:autoconversionsetting : This struct contains settings for automatic conversion . . . . . . . 24044.20 discovery:basicpollsettings : Basic Poll Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24064.21 discovery:ciscoapicconfiguration : The cisco apic configuration structure. . . . . . . . . . . . . . . . 24094.22 discovery:clicredential : CLI credential. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24114.23 discovery:conversion_attributes : Discovery Data Conversion attributes. . . . . . . . . . . . . . . . . 24124.24 discovery:device:portstatistics : Port statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24144.25 discovery:devicedatacollectionstatus : Device Data Collection Status struct. . . . . . . . . . . . . . . 24164.26 discovery:devicesupportinfo : Device Support Info struct. . . . . . . . . . . . . . . . . . . . . . . . 24164.27 discovery:discoverydataconversionresult : Discovery Data Conversion result. . . . . . . . . . . . . . 24174.28 discovery:ifaddrinfo : IfAddr information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24194.29 discovery:jobprocessdetails : Discovery Job Process Details. . . . . . . . . . . . . . . . . . . . . . . 24204.30 discovery:networkdeprovisioninfo : Network Deprovision Info. . . . . . . . . . . . . . . . . . . . . 24214.31 discovery:networkinfo : Network info. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24224.32 discovery:port : The discovery port structure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24234.33 discovery:port:config:adminstatus : Port Config Admin Status. . . . . . . . . . . . . . . . . . . . . . 2424

vi

4.34 discovery:port:config:description : Port Config Descrition. . . . . . . . . . . . . . . . . . . . . . . . 24244.35 discovery:port:config:vlaninfo : Port Config VLAN info. . . . . . . . . . . . . . . . . . . . . . . . . 24254.36 discovery:port:control:info : Port Control info. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24264.37 discovery:port:control:taskdetails : Port Control Task Details. . . . . . . . . . . . . . . . . . . . . . 24294.38 discovery:scaninterface : The discovery scan interface structure. . . . . . . . . . . . . . . . . . . . . 24304.39 discovery:seedrouter : The seed router structure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24314.40 discovery:snmp3credential : SNMP v3 Credential. . . . . . . . . . . . . . . . . . . . . . . . . . . . 24314.41 discovery:snmpcredential : SNMP Credential. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24344.42 discovery:statusinfo : Status information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24344.43 discovery:vlaninfo : VLAN information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24354.44 discovery:vrfmappingrule : This struct contains VRF Mapping Rule. . . . . . . . . . . . . . . . . . 24364.45 discoverydata : Discovered data. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24374.46 discoverytaskport : The network discovery TCP port. . . . . . . . . . . . . . . . . . . . . . . . . . . 24634.47 discoverytaskvserver : VMWare discovery server. . . . . . . . . . . . . . . . . . . . . . . . . . . . 24634.48 dnsseckey : DNSSEC Key. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24654.49 dnsseckeyalgorithm : DNSSEC Key Algorithm. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24674.50 dnsseckeyparams : DNSSEC Key parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24684.51 dnssectrustedkey : DNSSEC Trusted Key. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24734.52 dtc:health : Health information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24754.53 dtc:monitor:snmp:oid : DTC SNMP Monitor OID. . . . . . . . . . . . . . . . . . . . . . . . . . . . 24764.54 dtc:pool:consolidated_monitor_health : Consolidated monitor health structure. . . . . . . . . . . . . 24784.55 dtc:pool:link : DTC Pool link. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24794.56 dtc:query:result : Query records. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24794.57 dtc:server:link : DTC Server link. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24814.58 dtc:server:monitor : DTC Server Monitor. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24814.59 dtc:topology:rule:source : DTC topology rule source. . . . . . . . . . . . . . . . . . . . . . . . . . . 24824.60 dxl:endpoint:broker : The Data Exchange Layer endpoint broker structure. . . . . . . . . . . . . . . 24834.61 eaexpressionop : Extensible attribute expression operand. . . . . . . . . . . . . . . . . . . . . . . . 24844.62 exclusionrange : Exclusion range. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24864.63 exclusionrangetemplate : Exclusion range template. . . . . . . . . . . . . . . . . . . . . . . . . . . 24874.64 expressionop : Expression operand. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24884.65 extensibleattributedef:descendants : Descendants. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24904.66 extensibleattributedef:listvalues : List of values. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24914.67 extserver : External Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24924.68 extsyslogbackupserver : External syslog backup server. . . . . . . . . . . . . . . . . . . . . . . . . . 24944.69 filetransfersetting : File Transfer Setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24964.70 filterrule : Filter rule. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24974.71 fireeye:alertmap : FireEye Alert Map. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24984.72 fireeye:rulemapping : Fireeye Rule Mapping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24994.73 forwardingmemberserver : Forwarding Member Server. . . . . . . . . . . . . . . . . . . . . . . . . 25004.74 grid:attackdetect : DNS attack detection settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25014.75 grid:attackmitigation : DNS Attack Mitigation object. . . . . . . . . . . . . . . . . . . . . . . . . . 25034.76 grid:autoblackhole : DNS Auto Blackhole settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . 25054.77 grid:cloudapi:gateway:config : Gateway config. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25074.78 grid:cloudapi:gateway:endpointmapping : Endpoint mapping. . . . . . . . . . . . . . . . . . . . . . 25084.79 grid:cloudapi:info : Cloud Information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25084.80 grid:cloudapi:user : Cloud user. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25114.81 grid:consentbannersetting : Consent banner setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . 25124.82 grid:cspapiconfig : Csp Api config. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25134.83 grid:dns:fixedrrsetorderfqdn : Fixed RRset order FQDN. . . . . . . . . . . . . . . . . . . . . . . . . 25144.84 grid:informationalbannersetting : Informational level banner setting. . . . . . . . . . . . . . . . . . . 25154.85 grid:licensesubpool : Licese sub-pool settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25164.86 grid:loggingcategories : Grid logging setting information. . . . . . . . . . . . . . . . . . . . . . . . 25174.87 grid:ntp : The Grid Network Time Protocol (NTP) settings structure. . . . . . . . . . . . . . . . . . 2522

vii

4.88 grid:responseratelimiting : DNS Response Rate Limiting. . . . . . . . . . . . . . . . . . . . . . . . 25234.89 grid:restartbannersetting : Restart Banner Setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . 25244.90 grid:servicerestart : Restart Setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25254.91 grid:servicerestart:group:schedule : Restart Group Schedule. . . . . . . . . . . . . . . . . . . . . . . 25264.92 gridmember_soamname : Per-master SOA MNAME Information. . . . . . . . . . . . . . . . . . . . 25274.93 gridmember_soaserial : Per-master SOA Serial Information. . . . . . . . . . . . . . . . . . . . . . . 25284.94 hotfix : Upgrade process hotfix. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25294.95 hsm:safenet : SafeNet Hardware Security Module. . . . . . . . . . . . . . . . . . . . . . . . . . . . 25304.96 hsm:thales : Thales Hardware Security Module. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25324.97 interface : IPv6/IPv4 interfaces settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25344.98 ipv6setting : IPv6 Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25364.99 lan2portsetting : LAN2 Port Setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25384.100 lanhaportsetting : LAN/HA Port Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25404.101 ldap_eamapping : The LDAP extensible attribute mapping. . . . . . . . . . . . . . . . . . . . . . . 25414.102 ldap_server : The LDAP server structure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25424.103 logicfilterrule : Logic Filter rule. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25454.104 lomnetworkconfig : The LOM network configuration structure. . . . . . . . . . . . . . . . . . . . . 25454.105 lomuser : The Lights Out Management (LOM) user. . . . . . . . . . . . . . . . . . . . . . . . . . . 25464.106 member:dnsgluerecordaddr : ‘Member DNS glue record address. . . . . . . . . . . . . . . . . . . . 25484.107 member:dnsip : Member DNS additional IP structure. . . . . . . . . . . . . . . . . . . . . . . . . . 25494.108 member:ntp : The member Network Time Protocol (NTP) settings structure. . . . . . . . . . . . . . 25504.109 member:pnodetoken : Pysical Node Token. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25534.110 memberserver : Member Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25544.111 memberservicecommunication : Member Service Communication. . . . . . . . . . . . . . . . . . . 25554.112 memberservicestatus : Member Service Status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25574.113 mgmtportsetting : MGMT Port Setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25584.114 msdhcpoption : Microsoft DHCP Options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25594.115 msdhcpserver : MS DHCP server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25614.116 msdnsserver : Msserver Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25624.117 msserver:aduser : Microsoft Server AD user. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25634.118 msserver:aduser:data : Active Directory User Data. . . . . . . . . . . . . . . . . . . . . . . . . . . . 25674.119 msserver:dcnsrecordcreation : An Infoblox Active Directory Domain Controller object. . . . . . . . 25674.120 natsetting : NAT Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25684.121 networkview:assocmember : Network View Associated Members structure. . . . . . . . . . . . . . . 25684.122 nodeinfo : Node Info. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25694.123 notification:rest:templateinstance : Notification REST template instance. . . . . . . . . . . . . . . . 25734.124 notification:rest:templateparameter : Notification REST template parameter. . . . . . . . . . . . . . 25744.125 notification:ruleexpressionop : Notification rule expression operand. . . . . . . . . . . . . . . . . . . 25754.126 ntpac : The Network Time Protocol (NTP) access control item structure. . . . . . . . . . . . . . . . 25784.127 ntpaccess : The Network Time Protocol (NTP) access control setting. . . . . . . . . . . . . . . . . . 25794.128 ntpkey : The Network Time Protocol (NTP) authentication key structure. . . . . . . . . . . . . . . . 25804.129 ntpserver : The Network Time Protocol (NTP) server structure. . . . . . . . . . . . . . . . . . . . . 25814.130 nxdomainrule : Rule of Ruleset. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25824.131 objectschangestrackingsetting : Objects changes tracking setting. . . . . . . . . . . . . . . . . . . . 25834.132 ocsp_responder : OCSP Responder. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25854.133 option60matchrule : Option 60 Match Rule. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25864.134 ospf : OSPF Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25884.135 outbound:cloudclient:event : Outbound cloudclient event type . . . . . . . . . . . . . . . . . . . . . 25924.136 parentalcontrol:msp : Parental control managed service provider (MSP) service. . . . . . . . . . . . 25934.137 parentalcontrol:nasgateway : NAS gateway mobile security settings. . . . . . . . . . . . . . . . . . . 25934.138 parentalcontrol:sitemember : Site member parental control settings. . . . . . . . . . . . . . . . . . . 25954.139 parentalcontrol:spm : Parental control policy management service (SPM). . . . . . . . . . . . . . . . 25964.140 physicalportsetting : Physical Port Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25964.141 preprovision : Pre-provisioning Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2597

viii

4.142 preprovisionhardware : Pre-provisioning Hardware Settings. . . . . . . . . . . . . . . . . . . . . . . 25984.143 properties:blackoutsetting : Blackout Setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26004.144 queriesuser : Queries user. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26014.145 radius:server : The RADIUS authentication server structure. . . . . . . . . . . . . . . . . . . . . . . 26024.146 remoteddnszone : Remote DDNS Zone structure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26044.147 scheduledbackup : Scheduled backup settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26064.148 servicestatus : Node Service Status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26134.149 setting:atpoutbound : Outbound settings for ATP events . . . . . . . . . . . . . . . . . . . . . . . . 26164.150 setting:dnsresolver : DNS resolver Setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26164.151 setting:dynamicratio : Dynamic Ratio Setting for DTC Pool. . . . . . . . . . . . . . . . . . . . . . . 26174.152 setting:email : The email settings for the Grid member. . . . . . . . . . . . . . . . . . . . . . . . . . 26184.153 setting:httpproxyserver : HTTP Proxy Server Setting. . . . . . . . . . . . . . . . . . . . . . . . . . 26194.154 setting:ipam:threshold : IPAM Threshold Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . 26224.155 setting:ipam:trap : IPAM Trap Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26224.156 setting:msserver : Microsoft server settings structure. . . . . . . . . . . . . . . . . . . . . . . . . . . 26234.157 setting:network : Network settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26264.158 setting:password : Password settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26284.159 setting:scavenging : DNS scavenging settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26304.160 setting:schedule : Schedule Setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26334.161 setting:security : Security settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26364.162 setting:securitybanner : Security banner settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26394.163 setting:snmp : SNMP setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26414.164 setting:syslogproxy : Syslog proxy settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26444.165 setting:viewaddress : Notify and query source settings. . . . . . . . . . . . . . . . . . . . . . . . . . 26464.166 smartfolder:groupby : Smart Folder group by structure. . . . . . . . . . . . . . . . . . . . . . . . . . 26494.167 smartfolder:groupbyvalue : Smart Folder group by value structure. . . . . . . . . . . . . . . . . . . 26504.168 smartfolder:queryitem : Smart Folder query item structure. . . . . . . . . . . . . . . . . . . . . . . . 26514.169 smartfolder:queryitemvalue : Smart Folder query item value structure. . . . . . . . . . . . . . . . . . 26534.170 sortlist : DNS Sortlist. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26544.171 subjectalternativename : Subject alternative name structure. . . . . . . . . . . . . . . . . . . . . . . 26554.172 syslogserver : Syslog server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26564.173 tacacsplus:server : The TACACS+ server structure. . . . . . . . . . . . . . . . . . . . . . . . . . . . 26614.174 taxii:rpzconfig : Taxii Member RPZ Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . 26634.175 threatprotection:natport : NAT Threat Protection Port. . . . . . . . . . . . . . . . . . . . . . . . . . 26634.176 threatprotection:natrule : NAT Threat Protection Rule. . . . . . . . . . . . . . . . . . . . . . . . . . 26644.177 threatprotection:ruleconfig : Threat protection rule configuration. . . . . . . . . . . . . . . . . . . . 26664.178 threatprotection:ruleparam : Threat protection rule parameter. . . . . . . . . . . . . . . . . . . . . . 26674.179 threatprotection:statinfo : Threat protection statistical information. . . . . . . . . . . . . . . . . . . . 26694.180 thresholdtrap : The Grid SNMP threshold trap structure. . . . . . . . . . . . . . . . . . . . . . . . . 26714.181 trapnotification : The Grid SNMP trap notification structure. . . . . . . . . . . . . . . . . . . . . . . 26724.182 trapreceiver : Trap receiver. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26754.183 tsigac : TSIG ac. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26764.184 updatesdownloadmemberconfig : Updates Download Member Configuration. . . . . . . . . . . . . . 26774.185 upgradegroup:member : Upgrade group member structure. . . . . . . . . . . . . . . . . . . . . . . . 26784.186 upgradegroup:schedule : Upgrade schedule group structure. . . . . . . . . . . . . . . . . . . . . . . 26814.187 upgradestep : Upgrade process step. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26854.188 vtftpdirmember : Virtual TFTP directory member. . . . . . . . . . . . . . . . . . . . . . . . . . . . 26864.189 zoneassociation : Zone association. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26874.190 zonenameserver : Zone Name Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26894.191 zonerolloverinfo : The zone rollover information structure. . . . . . . . . . . . . . . . . . . . . . . . 2689

5 Additional Information and Examples 26915.1 Examples accessing WAPI using Curl . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26915.2 Examples using object body requests . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2706

ix

5.3 Valid values for extensible attributes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27085.4 Extensible attributes inheritance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27085.5 Extensible attributes search . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27105.6 Extensible attributes update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27105.7 Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27115.8 Object restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2711

x

CHAPTER

ONE

INTRODUCTION

The Infoblox WAPI is an interface based on REST (REpresentational State Transfer), also called a RESTful web API.It uses HTTP methods for operations and supports input and output in JSON and XML.

1.1 Notation

The following conventions are used to describe syntax for WAPI methods and objects:

What Descriptionobjref A reference to an object. This must be a reference returned from an earlier call. For more

information, see Object Reference.WAPI Used as a generic start in an URL. In real calls, this needs to be replaced with

/wapi/v2.9 or similar syntax.objtype The name of an object type, such as network.field The name of a field, such as comment.value The value of an item, such as a field. The value must be quoted according to where it is

used. For information, see Naming and Values.[thing] These brackets are used to signify an optional value.a | b The symbol | is used to indicate that either a or b can be used.thing... ... is used at the end of an item to signify that it can be repeated multiple times. Items

must be separated in accordance with where they are used, such as & in arguments.{ } These brackets are used to group information in descriptions.

1.2 Transport and Authentication

WAPI uses HTTPS (HTTP over SSL/TLS) as the transport mechanism. The server certificate used for WAPI is thesame certificate used by NIOS for the GUI and PAPI.

WAPI supports only authentication that uses HTTP Basic Authentication. It is supported to use the connection formultiple requests. In this case, authentication is handled by supplying the cookie (ibapauth) that was returned afterthe initial authentication. This cookie can be invalidated by sending a POST request to /wapi/v2.9/logout

WAPI supports the same underlying authentication methods that NIOS supports for username and password. AllWAPI users must have permissions that grant them access to the API (same as PAPI).

1

http://www.ietf.org/rfc/rfc2616.txthttp://www.ietf.org/rfc/rfc2246.txt

1.3 Backward Compatibility

The Infoblox WAPI has a versioning scheme that is independent of the NIOS versioning scheme. The current WAPIversion is 2.9.

A current WAPI version is backward compatible with WAPI releases that have the same major WAPI version or withdesignated earlier major versions. Though the protocol itself may not be strictly backward compatible, the serveremulates the correct behavior, when necessary.

For example, a client that uses WAPI version X behaves the same way in version Y if X is supported by Y (that is X islower than Y and X has the same major version as Y or X uses a major version that is supported by Y).

The WAPI protocol is versioned (see URL in General Syntax and Options) independently from NIOS. Refer to therelease notes for information about the WAPI version.

Requirements and exceptions:

• Rely on errors returned by HTTP Error Status only, not by text messages or other components.

• New objects and fields may exist in a later WAPI version. Thus, additional fields may be returned and must beignored.

• New syntaxes and values may be supported. Do not rely on receiving errors for illegal usage.

• In the URL, use the WAPI version that corresponds to the behavior you expect. Do not combine requests usingdifferent WAPI versions in the same session or connection.

1.4 General Syntax and Options

All WAPI requests consist of three parts; URL, Arguments and Data (body).

URL

The first part of the URL identifies the requests as a WAPI request and specifies the expected version ofWAPI. The URL syntax is wapi/v major.minor, e.g. wapi/v3.4/. The current version of the API is 2.9.

The second part of the URL identifies the resource, such as a network, on which the request operates.

Arguments

CGI query arguments (after ?) can be used to specify general options and method specific options anddata for the request. All options start with the character _ (underscore).

The general options are:

Option Description_return_type Data format for returned values; defaults to json. Valid choices: json, json-pretty, xml,

xml-pretty. -pretty variants are the same except that they are formatted for readability.For more information, see Data Formats.

_method An alternative way of specifying HTTP method and overrides the method used. The defaultis to use the actual HTTP method. Valid choices: GET, PUT, DELETE and POST

Argument key = value pairs must be separated with &. The values must be quoted using % xx notation ifthey contain the following: =, &, +, %, or space.

You can specify only atomic values as arguments (i.e. booleans, integers, or strings). You must use amethod that contains a body if lists or structures are needed. Example: POST with _method=GET can beused for searching.

In all method descriptions, you can use general options with all requests unless specifically noted.

©Infoblox Inc. All Rights Reserved 2

The methods have additional options as described in their respective sections.

The following table lists the scheduling and approval specific options. Note that you can apply theseoptions only to PUT, POST and DELETE requests.

Option Description_schedinfo.scheduled_time If set, the requested operation will be scheduled for later execution at the

specified time (specified in Epoch seconds). A reference to the createdscheduledtask object will be returned. Only one of scheduled_time andschedule_now can be set in the request.

_schedinfo.schedule_now If set to True, the operation will be scheduled for execution at the currenttime. Note that only scheduled_time or schedule_now can be set in therequest.

_schedinfo.predecessor_task Optional reference to a scheduled task that will be executed before thesubmitted task.

_schedinfo.warnlevel Optional warning level for the operation, valid values are ‘WARN’ and‘NONE’. If not specified, ‘NONE’ will be used.

_approvalinfo.comment Comment for the approval operation (this can be optional or requireddepending on the settings for the approval workflow).

_approvalinfo.query_mode Optional query mode for the approval operation. Valid values are “true”or “false”, if this is set to true and the request would have required ap-proval, an error message will be returned. The default value for this is“false”.

_approvalinfo.ticket_number Ticket number for the approval operation (this can be optional or requireddepending on the settings for the approval workflow).

Data (Body)

Contains data that is dependent on the method. For information about data format and how to specify it,see Data Formats. Only, PUT, and POST methods can have a Body on input. All methods have Body onoutput.

Example

The GET request:

https://1.2.3.4/wapi/v2.9/networkview?_return_type=xml-pretty&name=default

Returns with a body:

truenetworkview/ZG5zLm5ldHdvcmtfdmlldyQw:default/truedefault

1.5 Naming and Values

WAPI uses a leading underscore (_) for all reserved arguments, fields, and items. Example: _return_type and _ref.

Fields in objects always start with a letter (a-z) and are followed by a zero or more letters, digits, and underscores. Noother characters are used in field identifiers.

Field and argument values must be quoted according to where they are used. Examples:


URL/CGI args, x-www-form-urlencoded:

Use %xx encoding for “%”, ”;”, “/”, ”?”, ”:”, “@”, “&”, “=”, “+”, “$”, ”,” and ” ” (a space)

JSON Data:

Use JSON quoting, as specified at http://json.org

XML Data

Use XML quoting (& etc.) as needed for XML.

Values set in WAPI object fields might differ from the effective value used for that particular field during productoperation, which could be a value inherited from the Grid or the Grid Member depending on the particular object inquestion and the state of the object use flags.

1.6 Object Reference

WAPI Objects are referenced using their Object References. WAPI returns this reference when an object is created,modified, deleted or read. This reference is used to identify the object for the same operations.

An object reference is a string with the following format, without spaces:

wapitype / refdata [ : name1 [ { / nameN }... ] ]

Component Descriptionwapitype The object type being referenced. Example: network.refdata Opaque internal object identifier. A sequence of letters, digits, “-” (dash) and “_”

(underscore).nameN Object type dependent name component N. The component describes the object

being referenced. This is only returned for objects with a defined name format. Itis always optional on input and never used by the server.

The documentation for each object type describes the format of its name components. Name components are separatedby “/” (or only one component without a “/”). Each name component uses the URL quoting method (%xx notation)when necessary (for example if it contains a “/” character).

If the name is defined for the object type, it can be used by a client to get basic information about an object withoutretrieving the full object. Example: the name of a host. However, an object’s name is not guaranteed to uniquelyidentify an object unless specifically noted in its description.

The name is not used by the WAPI server on input, and any supplied value is disregarded. For example, a client is freeto send a previously returned reference to the server, with or without the name part, including the leading colon (:).The result is not affected.

Note that non-ascii values in name are returned using % notation, and should be interpreted as hex-encoded utf-8.

Example:

record:cname/ZG5 .... DE:t1.webapi16.foo.bar/default

1.7 Function Calls

Functions are associated with particular objects. The method specific option _function should be used to specify thename of function to call. Only POST method allows function calls. You can use either CGI argument key = value pairsor request’s data(body) to specify values for function arguments. Simultaneous use of CGI arguments and data(body)is not supported.


http://json.org

Example 1

The POST request:

https://1.2.3.4/wapi/v2.9/network/ZG5zLm5ldHdvcmskMTAuMC4wLjAvMjQvMA:10.0.0.0/24/default?_function=next_available_ip&num=3


{"ips": [

"10.0.0.1","10.0.0.2","10.0.0.3"

]}

Example 2

The POST request:

https://1.2.3.4/wapi/v2.9/network/ZG5zLm5ldHdvcmskMTAuMC4wLjAvMjQvMA:10.0.0.0/24/default?_function=next_available_ip

Sent with a body:

{"num": 3

}


{"ips": [

"10.0.0.1","10.0.0.2","10.0.0.3"

]}

1.8 Extensible Attributes

Object types that allow for extensible attributes have a field called extattrs, which can be read by including the namein the _return_fields option of the GET method.

Extensible attributes are sets of name value pairs in which the values can be lists, if the attribute allows for multiplevalues.

Searching for extensible attributes requires the use of a special syntax, as described under the GET method.

1.9 Use Flags

Some fields are associated with a corresponding boolean flag value that has the prefix use_. For example, ttl isassociated with the flag use_ttl. In an object, the value of this field will only take effect when its use flag is true.Otherwise, the value will be inherited from a higher level setting.


Use flags and fields that contain the flags behave mostly like other object fields. They are special in the followingways:

• All use flags have names such as “use_*”, where “*” is typically the name of the associated field. Multiple fieldsmay share the same use flag.

• Use flags can be read using _return_fields.

• If a field is part of the default fields returned on read (“basic object”), its associated use flag (if any) will also beincluded in the default set.

• Use flags can be written by PUT or POST requests.

• Writing a field that has a corresponding use flag will automatically set the use flag to true, unless the samerequest also sets the use flag to false.

1.10 Data Formats

Input

The body of the HTTP request contains data for the PUT and POST requests only. The format of the datadefaults to JSON, but it can be changed using Content-Type: header. The valid content types are:

Content Type Descriptionapplication/json JSON format, see http://json.org for more information.application/xml XML format, see XML Format for more information.text/xml Alternative way to specify application/xml.application/x-www-form-urlencoded

Arguments to method encoded in body. This is the same as specification after ?,but it can handle longer sequences and is directly supported by HTML forms. Ifarguments are encoded in the body, CGI query arguments won’t be allowed.

Output

Data returned to the client defaults to JSON, but can be changed using either Accept: header or _re-turn_type. Accept: takes the same values as Content-Type, listed above (for exceptions to this, see ErrorHandling); _return_type overrides any Accept: header.

1.11 XML Format

WAPI uses the following XML constructs:

Element Description Array, child nodes are items in list. Names of child elements are not significant (and can

be same).

Object X, child nodes are members of object. X can be any value if used outside an objectcontext

Field X of object. Its value is the text of the element. Allowed types (T) are int, float,boolean and string (as in XML Schema Definition). String is the default and is not explicitlyspecified using type= on output.

Field X with value null/None.

Field syntax is used for “bare” values in list/array or as single values. X is not significant and will always be value onoutput.

No name spaces are used or specified.

Example: XML (xml-pretty style):


http://json.org

network/ZG5zLm5ldHdvcmskMTAuMC4wLjAvOC8w:20.0.0.0/8/defaultfalse20.0.0.0/8default

If X is considered an illegal XML tag name, or if it begins with “tag” and is followed by a number it will be renamedto tag0-N and an additional “name” property will be added on retrieval and expected on input. For example, the XMLfor an object with extensible attributes that contain spaces in their names would look like the following:

8.0.0.0/8

d

c

b

network/ZG5zLm5ldHdvcmskOC4wLjAuMC84LzA:8.0.0.0/8/default

1.12 Error Handling

All errors return a HTTP status code of 400 or higher.

All methods use the following generic error status codes. Specific return codes used for a method are specified foreach method.

Sta-tus

Description

400 Bad Request. The request from the client is incorrect. This could be syntax errors in the request or dataconflict issues on the server side. The request should not be repeated as is unless the error condition hasbeen cleared (i.e. either the request syntax corrected or the state of the database changed.)

500 Server Error. The error was not caused by any error in the request. Depending on the error the requestmay be successfully repeated as is. If not possible to resolve, please report to Infoblox (including the fullerror return with the “trace”).

4xx codes refer to errors caused by the request or the data. To some extent, all of these are user errors.

5xx codes refer to server or internal errors. These errors point to deficiency in the server code and are not usuallypossible under normal conditions.

When the server returns an error with status code >= 400, the body is always in JSON format, irrespective of anyAccept or _return_types.


The returned message conforms to JSON, but is formatted to ensure that the first line of the body always contains thetext “Error,” an error type, and an error message.

A client that only gives a description of the error can simply show the first returned line.

The full returned error data is an object with the following fields (all values are strings):

Field ValueError Error type (followed by an explanation after :).code Symbolic error code.text Explanation of the error.trace Debug trace from the server, only if debug is on.

Example of Error Return (trace shortened):

{ "Error": "AdmConProtoError: Unknown argument/field: netwdork","code": "Client.Ibap.Proto","text": "Unknown argument/field: netwdork","trace": " File "/infoblox/common/lib/python/info..."

}


CHAPTER

TWO

METHODS

2.1 GET

Search and Read Objects: GET Method

HTTP GET is used to read a single object or to search for objects.

Syntax

GET WAPI / objref [ ? option... ]

or

GET WAPI / objtype [ ? { option | condition }... ]

Description

GET is used to read objects. The objects to read can be specified either by using an ObjectReference (objref ) to read one specific object or by searching for objects of a specific type(objtype) with the given search conditions.

Arguments to the search (objtype) form are field names and values to match. If no argumentsare used, all object for the object type objtype are returned.

The number of objects returned is limited by the option _max_results or, if _max_results isnot specified, 1000 objects. If _max_results is not specified, the appliance returns an errorwhen the number of returned objects would exceed 1000. Similarly, if _max_results is set to-500 (maximum of 500 objecs) the appliance returns an error if the number of returned objectswould exceed 500.

Options

9

Method Option Description_max_results Maximum number of objects to be returned. If set to a negative number

the appliance will return an error when the number of returned objectswould exceed the setting. The default is -1000. If this is set to a positivenumber, the results will be truncated when necessary.

_return_fields List of returned fields separated by commas. The use of _return_fieldsrepeatedly is the same as listing several fields with commas. The defaultis the basic fields of the object.

_return_fields+ Specified list of fields (comma separated) will be returned in addition tothe basic fields of the object (documented for each object).

_return_as_object If set to 1, a results object will be returned (see below for more informa-tion). If not specified, it defaults to 0.

_paging If set to 1, the request is considered a paging request (see below for moreinformation). If not specified, it defaults to 0. If set, _max_results mustalso be set.

_page_id If set, the specified page of results will be returned._proxy_search If set to ‘GM’, the request is redirected to Grid master for processing. If

set to ‘LOCAL’, the request is processed locally. This option is applica-ble only on vConnector grid members. The default is ‘LOCAL’.

_schema If this option is specified, a WAPI schema will be returned (see below formore information).

_schema_version If this option is specified, a WAPI schema of particular version will bereturned. If options is omitted, schema version is assumed to be 1. Forthe full list of available versions please refer to information below.

_get_doc If this option is specified, a WAPI schema with documentation will bereturned. Applicable only when _schema_version is 2.

_schema_searchable If this option is specified, search only fields will also be returned. Appli-cable only when _schema_version is 2.

Arguments

There can be no arguments to objtype or it can have one or multiple conditions in the followingformat:

{ field | * attribute [ ] } [ modifiers ] = value

Where:

field is a documented field of the object.

attribute is the name of an extensible attribute. Must be prefixed by an asterisk (*) and option-ally followed by a single space.

modifiers is optional and can be one or more search modifiers supported by the field or exten-sible attribute value type.

value is the value or regular expression to search for.

When combining multiple conditions, all must be satisified in order to match an object (i.e.conditions are combined with AND).

When a field is a list or an extensible attribute that can have multiple values, the condition istrue if any value in the list matches.

If no modifiers are used, it is an exact match.

Search Modifiers

A search argument can use the following modifiers:


Modifier Functionality! Negates the condition.: Makes string matching case insensitive.~ Regular expression search. Expressions are unanchored.< Less than or equal.> Greater than or equal.

Only one of the following can be specified at one time: greater than, less than, and regularexpressions.

You can find the modifiers that are supported by each field in the respective documentation.Unsupported combinations will result in an error.

Depending on the attribute type, following are modifiers supported by extensible attributes:

integer and date support !, < and >. All other types behave like strings and support !, ~ and :.

Data Returned

In the object reference form (objref ) only one object is returned (as an object, not a list). In thesearch form (objtype) the request always returns a list of objects (even if zero or one objects isreturned).

Objects returned will by default consist of a set of basic fields, as listed in the documentation.The option _return_fields can be used to request a specific set of fields to return.

Fields that have no value (not set in the NIOS database) or that are not allowed to be accessedby the user because of group access rights will not be returned (i.e. silently left out of theresult).

Returned objects will also contain a _ref field, containing the reference of the object. This canbe used in subsequent calls that require a reference.

If a search matches no objects, an empty list will be returned.

If a results object is requested, an object with the following fields will be returned:

Field Present Descriptionresult Always Actual result of the read operation, this is a list of objects.next_page_id Optional If there was a paging request, this is the ID for the next page of results.

Some fields refer to other subobjects. Some of these fields also support nested return fields(see the field’s ‘Type’ section for more information). In the case of nested return fields, youcan request specific fields of the subobject by concatenating them to the parent field using the‘.’ (period) character.

For example, during a search for record:host, you can request the return of the ‘bootserver’field in subobject ‘ipv4addrs’ by passing a return field in the form of ‘ipv4addrs.bootserver’.You can also specify subobject fields as part of a _return_fields+ invocation. In this case,the specified return field will be returned in addition to the standard fields for the specifiedsubobject.

If an empty subobject field is passed, and the subobject field is a reference-only field, it is equiv-alent to asking for the standard fields of that subobject. This can be useful if the subobject fieldreturns only the reference of the subobject by default. For example, in the ‘permission’ object,the ‘object’ field normally contains only the reference of the object to which the permissionapplies. To request the standard fields for the object, you can pass the following return field tothe search: ‘object.’ (Note the trailing period).

If a field can support multiple object types, for example ‘record’ inside allrecords, only fieldscommon to all the multiple object types should be specified as subobject fields. Otherwise if asubobject for which the subfield is not valid exists, an error would be returned.


Return Status/ErrorsStatus Description200 Normal return. Referenced object or result of search in body.400 Results set would contain more than _max_results objects (only generated if

_max_results is negative).404 Referenced object not found (if objref form is used, empty list and 200 is returned

for empty search result)

Results paging

For searches that return a large number of results, paging is desirable.

To start a paging request, the initial search request must have _paging and _return_as_object set to 1,and _max_results set to the desired page size.

The server will then return a results object that contains the next_page_id field and the result field set tothe first page of results.

Note that the next_page_id field only contains URL-safe characters so it can be used as is and no quotationcharacters are required for subsequent requests.

To get more results, you should send GET requests to the original object and set _page_id to the ID stringreturned in the previous page of results.

The server does not return a next_page_id field in the last page of results. Paging requests are consideredindependent requests, so the set of results might change between requests if objects are added or removedfrom the server at the same time when the requests are occurring.

For an invocation example, see the sample code section in the manual here.

WAPI Schema Fetching

If the _schema option is passed, the request will execute a schema fetch. Other options, suchas _max_results, _return_fields, etc., will be ignored.

The WAPI schema returned in the format requested using either the Accept: header or _re-turn_type as specified by WAPI.

Note that this is not intended to be a schema as defined by JSON or XML standards.

If a WAPI schema is requested using the _schema option without specifying objtype, an objectwith the following fields will be returned:

Field Descriptionrequested_version Actual requested version of the WAPI schema.supported_objects List of supported objects in the requested version.supported_versions List of all supported versions.

Example. Use a GET request to get the WAPI schema:

https://1.2.3.4/wapi/v1.0/?_schema

Returns with a body (lists shortened):

{ "requested_version": "1.0","supported_objects": ["ipv4address", "ipv6address", "ipv6network",

"ipv6networkcontainer", "ipv6range","macfilteraddress", "network", ...],

"supported_versions": ["1.0", "1.1", "1.2", "1.2.1", ...]}

If the described above is done specifying _schema_version=2, then following field will bereturned additionally:


Field Descriptionschema_version The version of schema description requested.supported_schema_versions List of supported versions for schema description.

Example:

https://1.2.3.4/wapi/v2.5/?_schema=1&_schema_version=2


{ "requested_version": "2.5","schema_version": "2","supported_schema_versions": ["1", "2",],"supported_objects": ["ad_auth_service", ... ],"supported_versions": ["2.3","2.5", ... ]

}

If the objtype is specified for WAPI schema fetching, an object with the following fields willbe returned:

Field Descriptioncloud_additional_restrictions List of cloud restrictions.fields List of fields of the object.restrictions List of object restrictions.type Requested objtype.version Actual requested version of the WAPI object schema.

The fields specific to schema description #2:

Field Descriptionschema_version The version of schema description requested.wapi_primitive Determines if the requested WAPI primitive is object, structure or

function call.

The list of object restrictions that contain supported operations for the object. Example of op-erations: “create”, “delete”, “read”, “update”, “function call”, “permissions”, “global search”,“scheduling”, “csv”.

The cloud_additional_restrictions field contains the list of additional unsupported operationswhen using Cloud Network Automation. Example of operations: “all”, “create”, “delete”,“read”, “update”, “function call”, “permissions”, “global search”, “scheduling”, “csv”.

The returned fields list is composed by individual objects each describing a field of the APIobject. These objects have the following members:

Parameter Descriptionis_array True if this field is an array.name Name of this field.search-able_by

String with supported search modifiers: “=”, ”!”, ”:”, “~”, “”.

stan-dard_field

True for fields that are returned by default.

supports List of supported operations: “s”, “w”, “u”, “r”.type List of supported types.wapi_primitive Determines if the requested WAPI primitive is object, structure or

function call.

The fields specific to schema description #2:


Field Descriptionschema_versionThe version of schema description requested.wapi_primitiveDetermines if the requested WAPI primitive is object, structure or function

call.sup-ports_inline_funccall

Determines if the field can be initialized by calling an inline function.

doc The documentation of this field. It’s applicable only when _get_doc=1 isused. The returned documentation string might contain ReStructuredTextdirectives.

The version #2 delivers all information regarding structures and function calls.

Please keep in mind that enum_values is changed in #2. It cannot be a dictionary, as it was in#2, but a list.

Example. Use a GET request to get the ‘networkview’ WAPI object schema for WAPI version1.4:

https://1.2.3.4/wapi/v1.4/networkview?_schema


{ "cloud_additional_restrictions": ["all"],"fields": [{

"is_array": false,"name": "comment","searchable_by": ":=~","standard_field": true,"supports": "rwus","type": ["string"]

}, {"is_array": false,"name": "name","searchable_by": ":=~","standard_field": true,"supports": "rwus","type": ["string"]

}, ...],"restrictions": ["scheduling", "csv"],"type": "networkview","version": "1.4"

}

Example of new information for version #2 (the same request as above but differt objtype andHTTP arguments:

https://1.2.3.4/wapi/v2.9/grid?_schema=1&_schema_version=2&_get_doc=1

Returns with a body (lists shortened and cut):

{ "doc": "Test connectivity to the REST API endpoint.","is_array": false,"name": "test_connection","schema": {"input_fields": [],"output_fields": [{ "doc": "The overall status of connectivity test.","enum_values": ["FAILED",


"SUCCESS"],"is_array": false,"name": "overall_status","supports": "r","type": ["enum"]

},{ "doc": "The test connectivity failed error message.","is_array": false,"name": "error_message","supports": "r","type": ["string"]

}]},"standard_field": false,"supports": "rwu","type": ["testconnectivityparams"],"wapi_primitive": "funccall"

},{ "doc": "The notification REST template instance. The parameters of

REST API endpoint template instance are prohibited tochange.",

"is_array": false,"name": "template_instance","schema": {"fields": [{ "doc": "The name of REST API template parameter.","is_array": false,"name": "template","supports": "rwu","type": ["string"]

},{ "doc": "The notification REST template parameters.","is_array": true,"name": "parameters","supports": "rwu","type": ["notification:rest:templateparameter"]

}]

},"standard_field": false,"supports": "rwu","type": ["notification:rest:templateinstance"],"wapi_primitive": "struct"

},

2.2 POST

Create Object: POST Method

The POST method is used to create a new object. It can also be used for all other operations via the thewapi object

Syntax POST WAPI / objtype [ ? { options | field = value }... ]

Description The data for the request must contain all required fields of the objtype. Data can be given as


arguments as shown above or as the body of the request (but not both).

Options

Method Option Description_return_fields A list of returned fields separated by commas. The use of _return_fields

repeatedly is the same as listing several fields with commas. The defaultis the basic fields of the object.


Options can be given only as query arguments as shown above, they cannot be included in the bodyof the request.

Arguments Arguments can be used to supply the object instead of using the body.

Data (Body) Data for object to be created. Can be used as alternative to arguments. All fields marked asrequired for the object must be supplied. All fields not supplied will be defaulted as specified for theobject. See Use Flags for information about special handling for these fields.

Data Returned Object Reference of the object created, returned as a string.

If required, specify the ‘_return_fields’ option to examine the values of fields that were set by theappliance as part of the insertion. It is possible for the appliance to return the newly inserted object,instead of a reference string.

Passing an empty value to the ‘_return_fields’ option will cause only the object reference to beset inside the returned object. Passing an empty value to the ‘_return_fields+’ option will cause thereturned object to contain its standard fields. Passing any other values will return the specified fields.

Return Status/ErrorsStatus Description201 Object created (success)

2.3 PUT

Update Object: PUT Method

The PUT method is used to update an existing object. The syntax of PUT is:

Syntax PUT WAPI / objref [ ? { option | field = value }... ]

Description PUT is used to update an existing object (given by the Object Reference, objref in therequest). Only the fields supplied are updated (except as described for Use Flags).

Options

Method Option Description_return_fields List of returned fields separated by commas. The use of _return_fields

repeatedly is the same as listing several fields with commas. The defaultis the basic fields of the object.


Options can be given only as query arguments as shown above, they cannot be included in the bodyof the request.

Arguments The data to be updated can be given as argument as shown in the syntax or as the body ofthe request (but not both).

Data (Body) Data for object to be updated. Can be used as alternative to arguments.

Data Returned


Object Reference of the object modified, returned as a string. The object reference may havebeen changed by the operation.

If required, specify the ‘_return_fields’ option to examine the values

wapi documentation...wapi documentation ... 20

Documents