Constructor(pid = None)
Returns an object of class OtDevice.
The object can be initialized by passing a Portable Inventory Data set as an argument.
loadREST(deviceId, host, auth, prot = 'https', cert = None)
Initialize an OtDevice object with asset data loaded from OTbase Inventory via the REST API.
Arguments
deviceId = device identifier
The device identifier of the device for which asset information shall be loaded.
host = host name of a computer system where OTbase Asset Center is running
Note that only the host name or IP address of the server needs to be specified, not a URL or path.
auth = (userid, password)
Authentification data for connecting to OTbase Inventory.
prot = 'http' | 'https'
The protocol that shall be used for connecting to OTbase Inventory. By default, https is used.
cert = client certificate
Filename(s) of client certificate(s) that are required to open a connection via HTTPS to a secure OTbase Inventory, such as in OTbase Cloud. The client certificate is passed as a file name (path name). Note that the client certificate must be in the .pem format. If the certificate file contains both public and private key, one file name is sufficient. If you have split public and private key in separate files, pass the two file names as a tuple; public key first, private key second. -- You can generate a .pem file from a .p12 file using openssl, like "openssl pkcs12 -in mycert.p12 -out mycert.pem -nodes".
Example
d = OtDevice()
d.loadREST('AD66.PLC6', '192.168.0.5', (user, password))
Id
The device identifier of the device. (Read/write)
name
The name of the device, usually the DNS name or host name. (Read/write)
installationDate
The installation date in ISO 8601 format. (Read/write)
stage
Lifecycle stage of the device (Planned, Installed, Testing, Operational, Decommissioned). Values other than Planned can be written.
serialNumber
The serial number of the device. (Read/write)
zone
The network zone of the device. (Read/write)
criticality
The criticality of the device. (Read/write)
exposure
Network exposure of the device. (Read-only)
description
Description of the device. (Read/write)
location
Name of the location where the device is located. (Read-only)
locationId
Location ID of the device. (Read-only)
referenceLocation
The name of the reference location for this device. The reference location is usually the site. (Read-only)
otSystem
The name of the OT system of which the device is a component of (if any). (Read/write)
deviceGroup
The name of the device group of which the device is a member (if any). (Read/write)
tags
List of tags assigned to the device (if any). (Read-only)
addTag(tag)
Adds a tag to the device.
removeTag(tag)
Removes a tag from the device.
vendor
The hardware vendor of the device. (Read-only)
hwType
The hardware type of the device. (Read-only)
hwModel
The hardware model of the device. (Read-only)
os
The operating system name for the device (if any). (Read-only)
firmware
The firmware version for the device (if any). (Read-only)
modules
Hardware modules installed (if any), returned as a dictionary. (Read-only)
connectedTo
List of devices (identified by their device IDs) to which the device is physically connected. (Read-only)
ipList
List of IP addresses used by the device. (Read-only)
macList
List of MAC addresses used by the device. (Read-only)
networks
List of network names associated with the device. (Read-only)
networkAddresses
List of network addresses associated with the device. (Read-only)
nPatches
Number of security patches installed on the device. (Read-only)
getPatches(includeDates = 'no')
Security patches installed on the device. If the argument includeDates = 'yes' is provided, the result will include patch names and installation dates, expressed as a list of dictionaries. Otherwise, the patch names will be returned as a list of strings.
nVulns(category)
Number of known vulnerabilities for the device. The category argument can be 'critical', 'high', 'medium', 'low', 'all'.
vulnList(category)
CVE identifiers of known vulnerabilities for the device. The category argument can be 'critical', 'high', 'medium', 'low', 'all'.
getExtended(field = None)
Extended (custom) fields for the device, if any, along with their values. If a field name is passed in the field argument, the value for this field (if existing) is returned. If a field name is omitted, all extended fields along with their values are returned as a dictionary.
setExtended(field, value)
Sets the value of an extended field to the value passed in the value argument.
clone(prefix, mul = 1)
Clone a device. The following attributes will not be copied but rather set to empty values: serialNumber, exposure, release, connections. The stage attribute will be set to "Planned".
Arguments
prefix
A string that is used to build a device ID for the new device(s). The prefix will be followed by a dot, the device type, and a counter.
mul
Multiplication factor. This argument determines how many copies shall be made.
Return value
List of cloned devices, of the type OtDevice. Note that you can pass this list to an OtDeviceSet constructor for further processing.
toAssetCenter(host, auth, prot = 'https', cert = None, overwrite = True)
Exports asset data of the device to OTbase Inventory using the REST API. You need to have an online connection to OTbase Inventory and an active user account.
Arguments
host = IP address or hostname
Identifies the endpoint where OTbase Inventory is hosted, either as an IP address or symbolic hostname.
prot = 'http' | 'https'
The protocol to be used. Default is https.
auth = (user ID, password)
Access credentials, expressed as a tuple
cert = client certificate
Filename(s) of client certificate(s) that are required to open a connection via HTTPS to a secure OTbase Inventory, such as in OTbase Cloud. The client certificate is passed as a file name (path name). Note that the client certificate must be in the .pem format. If the certificate file contains both public and private key, one file name is sufficient. If you have split public and private key in separate files, pass the two file names as a tuple; public key first, private key second. -- You can generate a .pem file from a .p12 file using openssl, like "openssl pkcs12 -in mycert.p12 -out mycert.pem -nodes".
overwrite = True | False
Specifies if an existing device entry in OTbase Inventory shall be updated. If set to False, the method will not overwrite existing device entries. It will, however, create a new device entry in Asset Center if the device ID doesn't exist yet. The overwrite = False setting is particularly useful when specifying new devices, for example using the clone() method. In this case, overwrite = False makes sure that no existing data is accidentally overwritten because newly assigned device IDs already exist in OTbase Inventory.
Example
d.toAssetCenter('192.168.178.5', (user, password), prot = 'http')
Return value
The status code of the HTTP request (200 = OK), or an error message ('device ID already exists').
Comments
0 comments
Please sign in to leave a comment.