November 23, 2017


get_hostids_logs.py

get_hostids_logs.py
"""
Get the host IDS logs.

Important manual pages:
http://sldn.softlayer.com/reference/services/SoftLayer_Software_Component_HostIps
http://sldn.softlayer.com/reference/services/SoftLayer_Software_Component_HostIps/getObject
http://sldn.softlayer.com/reference/datatypes/SoftLayer_Software_Component_HostIps

License: http://sldn.softlayer.com/article/License
Author: SoftLayer Technologies, Inc. <sldn@softlayer.com>
"""

import SoftLayer
import json

# Your SoftLayer API username and key.
USERNAME = 'set me'
API_KEY = 'set me'

hostidsId = 2665230

client = SoftLayer.Client(username=USERNAME, api_key=API_KEY)
hostidsService = client['SoftLayer_Software_Component_HostIps']

objectMask = "mask[ipsEvents[signature],blockedApplicationEvents]"

try:
    response = hostidsService.getObject(id=hostidsId, mask=objectMask)
    print(json.dumps(response, sort_keys=True, indent=2, separators=(',', ': ')))
except SoftLayer.SoftLayerAPIError as e:
    print("Unable to get the logs. faultCode=%s, faultString=%s" % (e.faultCode, e.faultString))

"""
Note: currently the ipsEvents and blockedApplicationEvents are not
visible via REST customer needs to use a SOAP request.

<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="http://api.service.softlayer.com/soap/v3/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns="http://www.w3.org/2001/XMLSchema-instance" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
  <SOAP-ENV:Header>
    <authenticate xsi:type="ns1:authenticate">
      <username xsi:type="xsd:string">username</username>
      <apiKey xsi:type="xsd:string">token</apiKey>
    </authenticate>
    <ns1:SoftLayer_Software_Component_HostIpsInitParameters xmlns:default="http://www.w3.org/2001/XMLSchema-instance" default:type="ns1:SoftLayer_Software_Component_HostIpsInitParameters">
      <id>6114923</id>
    </ns1:SoftLayer_Software_Component_HostIpsInitParameters>
    <ns1:SoftLayer_Software_Component_HostIpsObjectMask>
      <mask>
        <ipsEvents>
          <signature/>
        </ipsEvents>
        <blockedApplicationEvents/>
        <virtualGuest>
          <managedResourceFlag/>
        </virtualGuest>
      </mask>
    </ns1:SoftLayer_Software_Component_HostIpsObjectMask>
  </SOAP-ENV:Header>
  <SOAP-ENV:Body>
    <ns1:getObject/>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>
"""