I am trying to test the Sumo Logic API by updating the information of my collector. The second curl command is the one that is causing the issue 'curl: (55) Failed sending PUT request'. It works in my terminal but not in the bash script.
#!/bin/bash
readonly etag=$(curl -u '<accessId>:<accessKey>' -I -X GET https://api.sumologic.com/api/v1/collectors/<id> | grep -Fi etag | awk '{print $2}' | tr -d \''"\')
echo ${etag}
curl -vvv -u '<accessId>:<accessKey>' -X PUT -H "Content-Type: application/json" -H "If-Match: \"${etag}\"" -T updated_collector.json https://api.sumologic.com/api/v1/collectors/<id>
set -x
The first curl command is assigned to the variable called 'etag' which stores the necessary etag. The etag is used in the second curl command to make a request to update the information stored in the 'updated_collector.json'. The updated_collector.json file is not the issue as I have successfully updated the information via the terminal with it. I suspect the content-type is not being sent in the header because someone ran the script on their end and it was not showing that information with the -vvv tag.
Here you can find the Sumo Logic Collector API Methods and Examples from which I got the curl commands to test the API: https://help.sumologic.com/APIs/Collector-Management-API/Collector-API-Methods-and-Examples
Update: I retieved the etag and then ran the second command in a bash script. I manually inserted the etag into the ${etag} portion of the second curl command. I then ran the script and it worked. Therefore, the etag variable isn't correctly formatted inside the second curl command. I do not know how to fix this.
The issue was partially the syntax but after fixing that, I was still getting an error. "If-Match: \"${etag}\" in my command should be "If-Match: ${etag}" instead. I had to add the --http1.1 flag for it to work. I'm sure this is a sumo logic issue. I am able to execute GET requests no problem using http2.0.
Related
This question was closed for lack of clarity in a previous post and i was given the option to either edit or re-post the question. I decided to repost the question so others that may had seen it before could see it again but with better clarity. Thanks
i have a folder (e.g. FOLDERX) in a Sharepoint Online Document Library where i use microsoft graph API to GET files by their FILENAME
MS Graph API: https://graph.microsoft.com/v1.0/drives/{drive-id}/root:/filename.txt:/content
Note: these API can only GET files by their filename. The files were the same generic filename each day so i knew what filename to expect hence, i could easily just use the filename in the API call
i run a cron job that GET these file using cURL once a day
so for example, if the file being PUT in the folder each day is "FileA.csv", the API call my in script will look like this which then outputs the file into the remote ubuntu server where the script runs
#!/bin/bash
TOKEN=$(<curl command to retrieve the token needed for the api call>)
#api call that from sharepoint online that outputs to a csv file on remote server
curl -L -X GET "https://graph.microsoft.com/v1.0/drives/<driveID>/root:/FOLDERX/FileA.csv:/content" -H "Authorization: Bearer ${TOKEN}" > FileA.csv
Now, that generic filename isn't generic anymore. the filename is now either "FileA.csv" or "FileB.csv". it's either one each day and i can't keep manually editing the filename on my API call each day.
So i was trying to write an IF statement to first check what filename is available on the Sharepoint Online folder (FOLDERX) each day so when the script is run, the API curl knows which filename to GET using the API curl
Below is where i'm at after trying different IF statement scenarios for over a week now. The API calls are working perfectly. Pls, i just need help writing an IF statement that checks the remote Sharepoint Online folder to see what filename is present and then cURL it using the API call.
#!/bin/bash
TOKEN=$(<curl command to retrieve the token needed for the api call>)
if [ <not sure what to put in here> ];
then
curl -L -X GET "https://graph.microsoft.com/v1.0/drives/<driveID>/root:/FOLDERX/FileA.csv:/content" -H "Authorization: Bearer ${TOKEN}" > FileA.csv
else
curl -L -X GET "https://graph.microsoft.com/v1.0/drives/<driveID>/root:/FOLDERX/FileB.csv:/content" -H "Authorization: Bearer ${TOKEN}" > FileA.csv
fi
EDIT : I do not know how to write the IF statement, that's why i brought it on here.
Just try both, using --fail to make curl let the shell know when it got a 404, 503, or similar.
curl --fail -L -X GET "https://graph.microsoft.com/v1.0/drives/<driveID>/root:/FOLDERX/FileA.csv:/content" -H "Authorization: Bearer ${TOKEN}" >File.csv \
|| curl --fail -L -X GET "https://graph.microsoft.com/v1.0/drives/<driveID>/root:/FOLDERX/FileB.csv:/content" -H "Authorization: Bearer ${TOKEN}" >File.csv \
|| { echo "ERROR: Could not retrieve either FileA or FileB" >&2; exit 1; }
I am trying to do a script to get me access of advance scan option of nessus in localhost. So I want advance scan operation through shell script without GUI. I want all operations like login, advance scan and export report are performed through shell script without GUI access.
Why do you want to do it with bash script?
You can do this much easier with the nessus API.
Have a look at the link below
https://github.com/jfalken/nessus_enterprise_rest_client
the simplest way of doing automatisation in nessus is to use the nessus API.
its located at https://NessusServerIP:8834/ - if you visit it, you will be greeted by the API-Documentation.
There are various API-Implementations available - if you google 'Nessus API client' you'll get a glimpse.
If you, as you said, want to to run bash-skripts than the simplest way is probably using CURL for the API-Requests.
A typical workflow will look like this:
authorize yourself to the NessusAPI (either via TOKEN or API-Key)
launch or configure a scan (and wait until it finished)
export a report (and wait until it finished)
download the exported report
CURL #1 (authorize using token):
curl -X POST --data '{"username":"NessusUser","password":"YourPassword"}' -k "https://NessusServerIp:8834/session"
--header "Content-Type:application/json" | python -m json.tool
..which will yield you following JSON yielding an Token which you need for the other API-Calls:
{"token": "e411e443521adee4496d79823a510cc68c5bf05aeda6e6eb"}
CURL #2 (launch a scan):
curl -X POST -H 'X-Cookie: token=e411e443521adee4496d79823a510cc68c5bf05aeda6e6eb' -H 'Content-Type:application/json'
--data '{"scan_id":"21", "alt_targets":[127.0.0.1]}'
-k "https://NessusServerIp:8834/scans/21/launch" | python -m json.tool
...which will be answered with a JSON like this, containing the ID of the just startet scan:
{"scan_uuid":"c1c30d8f-5f79-2e4b-2d03-05b8b3c595f1e768e03195abdfa2"}
CURL #3 (exporting a scan):
curl -X POST -H 'X-Cookie: token=766ef7a2302780c189ba563b89c5eb3706140c0ef1e4de8b' -H
'Content-Type:application/json' --data '{"scan_id":"33", "format":"html"}' -k
"https://NessusServerIP:8834/scans/33/export" | python -m json.tool
...which will yield this JSON response, containing a token to the exported file and the file_id:
{"token":"3e13ab381c480caa1e377411c0b561970c46e5d78894c5a0cb2be0e7f00fefe0","file":1434780027}
...so now we are ready to download the report. in this case, since i have specified "format: html" in the last call, its a .html you will need to safe the outcome into.
Curl #4 (download exported report):
curl -X GET -H 'X-Cookie: token=7d155aef4359d02addea29d8d56bca4a5045ca61efeb38ee' -H 'Content-Type:application/json'
--data '{"scan_id":"21", "alt_targets":127.0.0.1}'
-k "https://NessusServerIP:8834/scans/17/export/945237343/download" > report.html
...which should leave you with a report.html in the folder you started your script.
Now... how do you automatize this? Well write a Bash-Skript, put in this calls, parse the answers to extract the information you need - and then enjoy! :)
ps: i use the python -m json.tool to beautify the otherwise not very beautiful output of CURL.
Hope i have helped,
Gewure
I want to retrieve the last email I got in mailinator, in a bash script. I was hoping that curl can do that.
I tried
curl --url "http://mailinator.com/showmail.jsp?email=username&msgnum=1"
and
curl http://mailinator.com/inbox.jsp?to=username
and also the first command with inbox.jsp instead of showmail.jsp, but to no avail.
Alright, here's what I'm trying to do. I'm attempting to write a quick build script in bash that will check out a private repository from GitHub on a remote server. To do this a "hands off" as possible, I want to generate a local RSA key set on the remote server and add the public key as a Deploy Key for that particular repository. I know how to do this using GitHub's API, but I'm having trouble building the JSON payload using Bash.
So far, I have this particular process included below:
#!/bin/bash
ssh-keygen -t rsa -N '' -f ~/.ssh/keyname -q
public_key=`cat ~/.ssh/keyname.pub`
curl -u 'username:password' -d '{"title":"Test Deploy Key", "key":"'$public_key'"}' -i https://api.github.com/repos/username/repository/keys
It's just not properly building the payload. I'm not an expert when it comes to string manipulation in Bash, so I could seriously use some assistance. Thanks!
It's not certain, but it may help to quote where you use public_key, i.e.
curl -u 'username:password' \
-d '{"title":"Test Deploy Key", "key":"'"$public_key"'"}' \
-i https://api.github.com/repos/username/repository/keys
Otherwise it will be much easier to debug if you use the shell's debugging options set -vx near the top of your bash script.
You'll see each line of code (or block (for, while, etc) as it is in your file. Then you see each line of code with the variables expanded to their values.
If you're still stuck, edit your post to show the expanded values of variables for the problem line in your script. What you have looks reasonable at first glance.
A simple example of Snaplet and Session here
$ curl http://localhost:8000/sessioin -d "key=k&value=v"
k
getter
$ curl http://localhost:8000/sessioin
getter
I cannot get session in the 2nd request.
Depending on your definition of with, you probably forgot to commit your session after you set values in it.
Also, you're using curl to test this system. curl doesn't preserve cookies by default, which is why your session cookie is lost. Try using this (works on my machine):
curl -c cookies.txt http://localhost:8000/session -d "key=k&value=v"
curl -b cookies.txt http://localhost:8000/session
See also the revised answer to your previous question.