This document provides an overview and examples for using the REST API of the HP EnterpriseView software. It describes HTTP return codes and error messages, an example Spring application context, and examples for authenticating and accessing different resource endpoints for asset data like asset reconciliation, compliance scores, control maturity scores, and aggregate asset scores.
Additional License Authorizations
For Applications Delivery Management, Enterprise Security, Information Management and Governance, IT Operations Management and Platform software products
This whitepaper, highlights the pros and cons of using two different aspects of SharePoint Add-ins which would enable enterprises to contextualize the use of SharePoint Add-ins...
l Software Version number, which indicates the software version.
l Document Release Date, which changes each time the document is updated.
l Software Release Date, which indicates the release date of this version of the software.
To check for recent updates or to verify that you are using the most recent edition of a document, visit the
Knowledge Base on the HPE Big Data Customer Support Site.
Additional License Authorizations
For Applications Delivery Management, Enterprise Security, Information Management and Governance, IT Operations Management and Platform software products
This whitepaper, highlights the pros and cons of using two different aspects of SharePoint Add-ins which would enable enterprises to contextualize the use of SharePoint Add-ins...
l Software Version number, which indicates the software version.
l Document Release Date, which changes each time the document is updated.
l Software Release Date, which indicates the release date of this version of the software.
To check for recent updates or to verify that you are using the most recent edition of a document, visit the
Knowledge Base on the HPE Big Data Customer Support Site.
Unleash Unlimited Potential with One-Time Purchase
BoxLang is more than just a language; it's a community. By choosing a Visionary License, you're not just investing in your success, you're actively contributing to the ongoing development and support of BoxLang.
Quarkus Hidden and Forbidden ExtensionsMax Andersen
Quarkus has a vast extension ecosystem and is known for its subsonic and subatomic feature set. Some of these features are not as well known, and some extensions are less talked about, but that does not make them less interesting - quite the opposite.
Come join this talk to see some tips and tricks for using Quarkus and some of the lesser known features, extensions and development techniques.
Advanced Flow Concepts Every Developer Should KnowPeter Caitens
Tim Combridge from Sensible Giraffe and Salesforce Ben presents some important tips that all developers should know when dealing with Flows in Salesforce.
Check out the webinar slides to learn more about how XfilesPro transforms Salesforce document management by leveraging its world-class applications. For more details, please connect with sales@xfilespro.com
If you want to watch the on-demand webinar, please click here: https://www.xfilespro.com/webinars/salesforce-document-management-2-0-smarter-faster-better/
Your Digital Assistant.
Making complex approach simple. Straightforward process saves time. No more waiting to connect with people that matter to you. Safety first is not a cliché - Securely protect information in cloud storage to prevent any third party from accessing data.
Would you rather make your visitors feel burdened by making them wait? Or choose VizMan for a stress-free experience? VizMan is an automated visitor management system that works for any industries not limited to factories, societies, government institutes, and warehouses. A new age contactless way of logging information of visitors, employees, packages, and vehicles. VizMan is a digital logbook so it deters unnecessary use of paper or space since there is no requirement of bundles of registers that is left to collect dust in a corner of a room. Visitor’s essential details, helps in scheduling meetings for visitors and employees, and assists in supervising the attendance of the employees. With VizMan, visitors don’t need to wait for hours in long queues. VizMan handles visitors with the value they deserve because we know time is important to you.
Feasible Features
One Subscription, Four Modules – Admin, Employee, Receptionist, and Gatekeeper ensures confidentiality and prevents data from being manipulated
User Friendly – can be easily used on Android, iOS, and Web Interface
Multiple Accessibility – Log in through any device from any place at any time
One app for all industries – a Visitor Management System that works for any organisation.
Stress-free Sign-up
Visitor is registered and checked-in by the Receptionist
Host gets a notification, where they opt to Approve the meeting
Host notifies the Receptionist of the end of the meeting
Visitor is checked-out by the Receptionist
Host enters notes and remarks of the meeting
Customizable Components
Scheduling Meetings – Host can invite visitors for meetings and also approve, reject and reschedule meetings
Single/Bulk invites – Invitations can be sent individually to a visitor or collectively to many visitors
VIP Visitors – Additional security of data for VIP visitors to avoid misuse of information
Courier Management – Keeps a check on deliveries like commodities being delivered in and out of establishments
Alerts & Notifications – Get notified on SMS, email, and application
Parking Management – Manage availability of parking space
Individual log-in – Every user has their own log-in id
Visitor/Meeting Analytics – Evaluate notes and remarks of the meeting stored in the system
Visitor Management System is a secure and user friendly database manager that records, filters, tracks the visitors to your organization.
"Secure Your Premises with VizMan (VMS) – Get It Now"
Climate Science Flows: Enabling Petabyte-Scale Climate Analysis with the Eart...Globus
The Earth System Grid Federation (ESGF) is a global network of data servers that archives and distributes the planet’s largest collection of Earth system model output for thousands of climate and environmental scientists worldwide. Many of these petabyte-scale data archives are located in proximity to large high-performance computing (HPC) or cloud computing resources, but the primary workflow for data users consists of transferring data, and applying computations on a different system. As a part of the ESGF 2.0 US project (funded by the United States Department of Energy Office of Science), we developed pre-defined data workflows, which can be run on-demand, capable of applying many data reduction and data analysis to the large ESGF data archives, transferring only the resultant analysis (ex. visualizations, smaller data files). In this talk, we will showcase a few of these workflows, highlighting how Globus Flows can be used for petabyte-scale climate analysis.
SOCRadar Research Team: Latest Activities of IntelBrokerSOCRadar
The European Union Agency for Law Enforcement Cooperation (Europol) has suffered an alleged data breach after a notorious threat actor claimed to have exfiltrated data from its systems. Infamous data leaker IntelBroker posted on the even more infamous BreachForums hacking forum, saying that Europol suffered a data breach this month.
The alleged breach affected Europol agencies CCSE, EC3, Europol Platform for Experts, Law Enforcement Forum, and SIRIUS. Infiltration of these entities can disrupt ongoing investigations and compromise sensitive intelligence shared among international law enforcement agencies.
However, this is neither the first nor the last activity of IntekBroker. We have compiled for you what happened in the last few days. To track such hacker activities on dark web sources like hacker forums, private Telegram channels, and other hidden platforms where cyber threats often originate, you can check SOCRadar’s Dark Web News.
Stay Informed on Threat Actors’ Activity on the Dark Web with SOCRadar!
How to Position Your Globus Data Portal for Success Ten Good PracticesGlobus
Science gateways allow science and engineering communities to access shared data, software, computing services, and instruments. Science gateways have gained a lot of traction in the last twenty years, as evidenced by projects such as the Science Gateways Community Institute (SGCI) and the Center of Excellence on Science Gateways (SGX3) in the US, The Australian Research Data Commons (ARDC) and its platforms in Australia, and the projects around Virtual Research Environments in Europe. A few mature frameworks have evolved with their different strengths and foci and have been taken up by a larger community such as the Globus Data Portal, Hubzero, Tapis, and Galaxy. However, even when gateways are built on successful frameworks, they continue to face the challenges of ongoing maintenance costs and how to meet the ever-expanding needs of the community they serve with enhanced features. It is not uncommon that gateways with compelling use cases are nonetheless unable to get past the prototype phase and become a full production service, or if they do, they don't survive more than a couple of years. While there is no guaranteed pathway to success, it seems likely that for any gateway there is a need for a strong community and/or solid funding streams to create and sustain its success. With over twenty years of examples to draw from, this presentation goes into detail for ten factors common to successful and enduring gateways that effectively serve as best practices for any new or developing gateway.
We describe the deployment and use of Globus Compute for remote computation. This content is aimed at researchers who wish to compute on remote resources using a unified programming interface, as well as system administrators who will deploy and operate Globus Compute services on their research computing infrastructure.
First Steps with Globus Compute Multi-User EndpointsGlobus
In this presentation we will share our experiences around getting started with the Globus Compute multi-user endpoint. Working with the Pharmacology group at the University of Auckland, we have previously written an application using Globus Compute that can offload computationally expensive steps in the researcher's workflows, which they wish to manage from their familiar Windows environments, onto the NeSI (New Zealand eScience Infrastructure) cluster. Some of the challenges we have encountered were that each researcher had to set up and manage their own single-user globus compute endpoint and that the workloads had varying resource requirements (CPUs, memory and wall time) between different runs. We hope that the multi-user endpoint will help to address these challenges and share an update on our progress here.
Understanding Globus Data Transfers with NetSageGlobus
NetSage is an open privacy-aware network measurement, analysis, and visualization service designed to help end-users visualize and reason about large data transfers. NetSage traditionally has used a combination of passive measurements, including SNMP and flow data, as well as active measurements, mainly perfSONAR, to provide longitudinal network performance data visualization. It has been deployed by dozens of networks world wide, and is supported domestically by the Engagement and Performance Operations Center (EPOC), NSF #2328479. We have recently expanded the NetSage data sources to include logs for Globus data transfers, following the same privacy-preserving approach as for Flow data. Using the logs for the Texas Advanced Computing Center (TACC) as an example, this talk will walk through several different example use cases that NetSage can answer, including: Who is using Globus to share data with my institution, and what kind of performance are they able to achieve? How many transfers has Globus supported for us? Which sites are we sharing the most data with, and how is that changing over time? How is my site using Globus to move data internally, and what kind of performance do we see for those transfers? What percentage of data transfers at my institution used Globus, and how did the overall data transfer performance compare to the Globus users?
Innovating Inference - Remote Triggering of Large Language Models on HPC Clus...Globus
Large Language Models (LLMs) are currently the center of attention in the tech world, particularly for their potential to advance research. In this presentation, we'll explore a straightforward and effective method for quickly initiating inference runs on supercomputers using the vLLM tool with Globus Compute, specifically on the Polaris system at ALCF. We'll begin by briefly discussing the popularity and applications of LLMs in various fields. Following this, we will introduce the vLLM tool, and explain how it integrates with Globus Compute to efficiently manage LLM operations on Polaris. Attendees will learn the practical aspects of setting up and remotely triggering LLMs from local machines, focusing on ease of use and efficiency. This talk is ideal for researchers and practitioners looking to leverage the power of LLMs in their work, offering a clear guide to harnessing supercomputing resources for quick and effective LLM inference.
Developing Distributed High-performance Computing Capabilities of an Open Sci...Globus
COVID-19 had an unprecedented impact on scientific collaboration. The pandemic and its broad response from the scientific community has forged new relationships among public health practitioners, mathematical modelers, and scientific computing specialists, while revealing critical gaps in exploiting advanced computing systems to support urgent decision making. Informed by our team’s work in applying high-performance computing in support of public health decision makers during the COVID-19 pandemic, we present how Globus technologies are enabling the development of an open science platform for robust epidemic analysis, with the goal of collaborative, secure, distributed, on-demand, and fast time-to-solution analyses to support public health.
Experience our free, in-depth three-part Tendenci Platform Corporate Membership Management workshop series! In Session 1 on May 14th, 2024, we began with an Introduction and Setup, mastering the configuration of your Corporate Membership Module settings to establish membership types, applications, and more. Then, on May 16th, 2024, in Session 2, we focused on binding individual members to a Corporate Membership and Corporate Reps, teaching you how to add individual members and assign Corporate Representatives to manage dues, renewals, and associated members. Finally, on May 28th, 2024, in Session 3, we covered questions and concerns, addressing any queries or issues you may have.
For more Tendenci AMS events, check out www.tendenci.com/events
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I ...Juraj Vysvader
In 2015, I used to write extensions for Joomla, WordPress, phpBB3, etc and I didn't get rich from it but it did have 63K downloads (powered possible tens of thousands of websites).
OpenFOAM solver for Helmholtz equation, helmholtzFoam / helmholtzBubbleFoamtakuyayamamoto1800
In this slide, we show the simulation example and the way to compile this solver.
In this solver, the Helmholtz equation can be solved by helmholtzFoam. Also, the Helmholtz equation with uniformly dispersed bubbles can be simulated by helmholtzBubbleFoam.
TROUBLESHOOTING 9 TYPES OF OUTOFMEMORYERRORTier1 app
Even though at surface level ‘java.lang.OutOfMemoryError’ appears as one single error; underlyingly there are 9 types of OutOfMemoryError. Each type of OutOfMemoryError has different causes, diagnosis approaches and solutions. This session equips you with the knowledge, tools, and techniques needed to troubleshoot and conquer OutOfMemoryError in all its forms, ensuring smoother, more efficient Java applications.
HP ArcSight EnterpriseView REST API Developer's Guide
1. HP EnterpriseView
For the Windows Operating System
Software Version: 2.0
REST API Developer Guide
Document Release Date: June 2013
Software Release Date: June 2013
5. Documentation Updates
The title page of this document contains the following identifying information:
l Software Version number, which indicates the software version.
l Document Release Date, which changes each time the document is updated.
l Software Release Date, which indicates the release date of this version of the software.
To check for recent updates or to verify that you are using the most recent edition of a document, go
to:
http://h20230.www2.hp.com/selfsolve/manuals
This site requires that you register for an HP Passport and sign in. To register for an HP Passport
ID, go to:
http://h20229.www2.hp.com/passport-registration.html
Or click the New users - please register link on the HP Passport login page.
You will also receive updated or new editions if you subscribe to the appropriate product support
service. Contact your HP sales representative for details.
HP EnterpriseView (2.0) Page 5 of 34
REST API Developer Guide
7. Support
Visit the HP Software Support Online web site at:
http://www.hp.com/go/hpsoftwaresupport
This web site provides contact information and details about the products, services, and support
that HP Software offers.
HP Software online support provides customer self-solve capabilities. It provides a fast and
efficient way to access interactive technical support tools needed to manage your business. As a
valued support customer, you can benefit by using the support web site to:
l Search for knowledge documents of interest
l Submit and track support cases and enhancement requests
l Download software patches
l Manage support contracts
l Look up HP support contacts
l Review information about available services
l Enter into discussions with other software customers
l Research and register for software training
Most of the support areas require that you register as an HP Passport user and sign in. Many also
require a support contract. To register for an HP Passport ID, go to:
http://h20229.www2.hp.com/passport-registration.html
To find more information about access levels, go to:
http://h20230.www2.hp.com/new_access_levels.jsp
HP EnterpriseView (2.0) Page 7 of 34
REST API Developer Guide
11. REST API Overview
Using the EnterpriseView REST API you can import and export asset data in the following ways:
l Import assessments on assets from any external security system or tool, eliminating the need to
manually assess assets in EnterpriseView.
l Export assessments on assets to any external security system or tool.
Note: You can import or export assessment information only for assets of type IP; this
assessment information is aggregate to top-level assets as in manual assessments
l Exporting asset aggregate scores to any external security system or tool, including:
n The aggregate risk score of the asset
n The aggregate compliance score of the asset
n The aggregate control maturity score of the asset
n The aggregate asset vulnerability score of the asset
n The aggregate ESM threat score of the asset
Prerequisites:
Make sure that the following entities and parameters are identical in both EnterpriseView and the
Security Automation tool:
l Assets of type IP
l Policy names
l Control paragraph numbers
The following HTTP request methods for importing and exporting asset data are available:
l GET: Reads one of the following resources from the EnterpriseView server:
n Asset ID
n P5 control maturity scores for multiple (1-5) factors
n Compliance score of an asset with a control
n Note on a control that is applied to an asset
n The aggregate scores of an asset
l PUT: Updates/creates the following resources on the EnterpriseView server:
HP EnterpriseView (2.0) Page 11 of 34
12. n P5 control maturity score for a single factor
n P5 control maturity scores for multiple (1-5) factors
n Compliance score of an asset with a control
l POST: Inserts notes on a control that is applied to an asset on the EnterpriseView server.
The first step of a client application is authenticating the user, as described in "Authentication" on
page 21. After a client is authenticated, it can work with EnterpriseView resources.
HP EnterpriseView (2.0)Page 12 of 34
REST API Developer Guide
REST API Overview
13. HTTP Return Codes
Unless otherwise specified, these HTTP return codes are used:
Code Cause
200 Successful operations
204 No content
400 Bad request
401 Unauthorized
403 Unauthorized operations
404 Resource not found
409 Conflict
500 Internal server error
HP EnterpriseView (2.0) Page 13 of 34
15. Error Messages
These are the application error messages returned by the REST API.
Code Exception Can happen when
400 Cannot execute your request. Parameters
are missing.
Attempting to retrieve an asset ID by the
asset's IP address, MAC address or
DNS name. Parameters are not passed.
404 Cannot find asset IP Address: {IP_Address}
or
Cannot find asset MAC Address: {MAC_
Address}
or
Cannot find asset DNS Name: {DNS_
Name}
Attempting to retrieve an asset ID by the
asset's IP address, MAC address or
DNS name.
Cannot find policy: {Policy_Name} Attempting to update or retrieve P5
score/compliance score/note for a
specific control.
403 Access is forbidden An unauthorized user tries to access
EnterpriseView.
409 Cannot find control: {Control_Paragraph_
Number}
Attempting to update or retrieve P5
score/compliance score/note for a
specific control.
HP EnterpriseView (2.0) Page 15 of 34
16. Code Exception Can happen when
500 Cannot find asset: {Asset_ID} Attempting to retrieve an asset ID by the
asset's IP address, MAC address or
DNS name.
More than one asset matches the request.
You can add additional parameters to filter
the results.
Attempting to retrieve an asset ID by the
asset's IP address, MAC address or
DNS name.
Score is out of range. Range should be
between 0-100.
Attempting to input a compliance score
that is out of range.
Score is out of range. Range should be
between 0-5.
Attempting to input a P5 control maturity
factor score that is out of range.
Score value must be either numeric or
"NotAssessed".
Attempting to input a P5 control maturity
factor score or a compliance score that
is not numeric or "NotAssessed".
Score value must be an integer. Attempting to input a P5 control maturity
factor score or a compliance score that
is not an integer.
Control {Control_Paragraph_Number} is not
applied to asset {Asset_ID}. Scores cannot
be updated.
Attempting to input a P5 control maturity
factor score or a compliance score for a
control that is not applied to an asset.
HP EnterpriseView (2.0)Page 16 of 34
REST API Developer Guide
Error Messages
17. Example Application
The following examples are based on Spring framework version 3.0.
Application Context
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://www.springframework.org/schema/context http://www.springframework.
org/schema/context/spring-context-3.0.xsd">
<context:annotation-config/>
<context:component-scan base-package="com.hp.redcat.restsample"/>
<bean id="credentials" class="org.apache.commons.httpclient.UsernamePassword
Credentials">
<constructor-arg value="admin"/>
<constructor-arg value="admin"/>
</bean>
<bean id="secureHttpClient" factory-bean="httpClientFactoryBean" factory-met
hod="getHttpClient"/>
<bean id="httpClientFactory" class="org.springframework.http.client.CommonsC
lientHttpRequestFactory">
<constructor-arg ref="secureHttpClient"/>
</bean>
<bean id="restTemplate" class="org.springframework.web.client.RestTemplate">
<constructor-arg ref="httpClientFactory"/>
</bean>
</beans>
HTTP Client Factory Bean
package com.hp.redcat.restsample;
import org.apache.commons.httpclient.Credentials;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.auth.AuthScope;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
HP EnterpriseView (2.0) Page 17 of 34
18. @Component
public class HttpClientFactoryBean {
private HttpClient httpClient;
@Autowired
public HttpClientFactoryBean(Credentials credentials) {
this.httpClient = new HttpClient();
this.httpClient.getState().setCredentials(AuthScope.ANY, credentials);
}
public HttpClient getHttpClient() {
return httpClient;
}
}
Example
package com.hp.redcat.restsample;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestTemplate;
import java.util.HashMap;
import java.util.Map;
@Component
public class RestSample {
@Autowired
private RestTemplate restTemplate;
/**
* @param assetIdInEnterpriseView is the asset ID in EnterpriseView.
* Follow the instructions in "Asset Reconciliation" on page 23 to get it.
*
**/
public void putP5Assessment(String assetIdInEnterpriseView) {
Map<String, String> variables = new HashMap<String, String>();
variables.put("assetId", assetIdInEnterpriseView);
variables.put("policyKey", "Cobit 4.1");
variables.put("controlParagraph", "PO1.1");
variables.put("p5type", "People");
HP EnterpriseView (2.0)Page 18 of 34
REST API Developer Guide
Example Application
19. final String url = "http://hostname:8080/redcat/rest/" +
"assets/{assetId}/policy/audit/{policyKey}/{controlParagraph}/p
5/{p5type}";
restTemplate.put(url, "1", variables);
}
HP EnterpriseView (2.0) Page 19 of 34
REST API Developer Guide
Example Application
21. Authentication
The application must perform HTTP basic authentication.
The user must have the following permissions:
l Login
l Read Policy Assessment
l Edit Policy Assessment
l Read Assets
The user must have access rights to all the relevant assets. For more information, see the
Business Model Authorization section in the HP EnterpriseView user Guide.
HP EnterpriseView (2.0) Page 21 of 34
23. Resource References
This section includes the following resources:
Asset Reconciliation 23
Compliance Score 25
P5 Control Maturity Factor Score (Single) 26
P5 Control Maturity Factors Scores (Multiple) 26
Notes 28
Aggregate Risk Score 30
Aggregate Vulnerability Score 30
Aggregate ESM Threat Score 31
Aggregate Compliance Score 32
Aggregate Control Maturity Score 33
Asset Reconciliation
Description
Reconciliation is the process of identifying and matching entities from different data repositories, for
example, in HP Server Automation (SA) and EnterpriseView. This process is designed to assure
unique identification of assets in EnterpriseView.
The asset ID is passed as a parameter in all of the other methods. Therefore, retrieving the asset
ID is always the first action.
Parameters
The asset ID can be retrieved with one or more of the following parameters:
l IP Address
l MAC Address
l Host Name
URL
http://{host}:{port}/redcat/rest/reconcile/
asset?ipAddress={ipAddress}
http://{host}:{port}/redcat/rest/reconcile/
asset?macAddress={macAddress}
http://{host}:{port}/redcat/rest/reconcile/
asset?hostname={hostname}
Or any combination of parameters. For example:
HP EnterpriseView (2.0) Page 23 of 34
24. http://{host}:{port}/redcat/rest/reconcile/
asset?hostname={hostname}&macAddress=
{macAddress}&ipAddress={ipAddress}
Note: The IP Address, MAC Address and Host Name of an asset can change. In this case,
using these parameters may return a different asset ID. If your connector has a unique key for
this asset that is made up of the Connector Asset ID and the Connector Name, then we
recommend using these parameters to make sure that the same asset is always returned.
URL
http://{host}:{port}/redcat/rest/reconcile/
asset?connectorName={connectorName}&connectorAssetId=
{connectorAssetId}&hostname={hostname}
http://{host}:{port}/redcat/rest/reconcile/
asset?connectorName={connectorName}&connectorAssetId=
{connectorAssetId}&ipAddress={ipAddress}
http://{host}:{port}/redcat/rest/reconcile/
asset?connectorName={connectorName}&connectorAssetId=
{connectorAssetId}&macAddress={macAddress}
Or any combination of parameters. For example:
http://{host}:{port}/redcat/rest/reconcile/
asset?connectorName=MyConnector&connectorAssetId=17&ipAddress=
192.168.0.1&hostname=assetHost&macAddress=assetMAC
Remark
EnterpriseView can return only one asset ID. If more than one asset is found with this method, then
404 error code is returned. None of the parameters (IP address, MAC address, host name) are
mandatory in EnterpriseView. Using your knowledge of EnterpriseView, construct your queries to
match a unique asset.
GET
Action Returns one asset ID.
Request Body None
Returns <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<asset>
<id>{asset ID}</id>
</asset>
Example GET http://127.0.0.1:8080/redcat/rest/reconcile/asset?
ipAddress=192.168.0.1
HP EnterpriseView (2.0)Page 24 of 34
REST API Developer Guide
Resource References
25. Compliance Score
Description
A score between 0 and 100 (inclusive) representing the asset compliance with a specific control.
URL
http://{host}:{port}/redcat/rest/assets/{asset_id}/policy/audit/{policy_name}/{c
ontrol_paragraph}/compliance
Remark
Attempting to create/update a compliance score that is not in the range of 0 and 100, results in a
500 exception.
All parameters are case-sensitive.
GET
Action Returns the compliance score for a specific control in a specific policy
for a specific asset.
Note: If the compliance is not assessed, GET returns the parameter
"NotAssessed" instead of a score.
Request
Body
None
Returns <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<compliance>
<complianceScore>{compliance Score}</complianceScore>
</compliance>
Example GET http://127.0.0.1:8080/redcat/rest/assets/189/policy/
audit/Cobit%204.1/PO1.1/compliance
PUT
Action Creates/updates the compliance score for a specific control in a specific policy for
a specific asset.
Note: If the compliance that you want to create/update is not assessed, you
need to pass the parameter "NotAssessed" instead of a score.
Request
Body
The compliance score
HP EnterpriseView (2.0) Page 25 of 34
REST API Developer Guide
Resource References
26. PUT
Example PUT http://127.0.0.1:8080/redcat/rest/assets/189/policy/
audit/Cobit%204.1/PO1.1/compliance
(Request body) 100
P5 Control Maturity Factor Score (Single)
Description
A score between 1-5 (inclusive) representing the control maturity of a single P5 factor in reference
to a specific asset.
URL
http://{host}:{port}/redcat/rest/assets/{asset_id}/policy/audit/{policy_name}/{c
ontrol_paragraph}/p5/{p5 factor}
P5 factors: people, proof, procedure, process, product
Remark
All parameters are case-sensitive.
PUT
Action Creates/updates the P5 control maturity score for one factor on a
specific control in a specific policy for a specific asset.
Note: If the P5 factor that you want to create/update is not
assessed, pass the parameter "NotAssessed" instead of a
score.
Request
Body
The P5 control maturity score
Example PUT http://127.0.0.1:8080/redcat/rest/assets/189/policy/
audit/Cobit%204.1/PO1.1/p5/people
(Request body) 5
P5 Control Maturity Factors Scores (Multiple)
Description
A score between 1-5 (inclusive) representing the control maturity of one or more (maximum five) P5
factors in reference to a specific asset.
URL
HP EnterpriseView (2.0)Page 26 of 34
REST API Developer Guide
Resource References
27. http://{host}:{port}/redcat/rest/assets/{asset_id}/policy/audit/{policy_name}/{c
ontrol_paragraph}/p5
Remark
All parameters are case-sensitive.
GET
Action Returns the P5 control maturity score for multiple factors on a specific control
in a specific policy for a specific asset. If a specific P5 factor is not applied to
the control, then it will not be returned.
Note: If a P5 factor is not assessed, GET returns the parameter
"NotAssessed" instead of a score.
Request
Body
None
Returns <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<p5>
<people>{people}</people>
<procedure>{procedure}</procedure>
<process>{process}</process>
<product>{product}</product>
<proof>{proof}</proof>
</p5>
Example GET http://127.0.0.1:8080/redcat/rest/assets/189/policy/
audit/Cobit%204.1/PO1.1/p5/
PUT
Action Creates/updates the P5 control maturity score for multiple factors
on a specific control in a specific policy for a specific asset.
Note:
l If the P5 factor that you want to create/update is not
assessed, you need to pass the parameter "NotAssessed"
instead of a score.
l If you try to create or update a P5 factor that is not applied to
the control, you get a 500 error code.
HP EnterpriseView (2.0) Page 27 of 34
REST API Developer Guide
Resource References
28. PUT
Request
Header
content-type: application/xml
Request
Body
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<p5>
<people>{people}</people>
<procedure>{procedure}</procedure>
<process>{process}</process>
<product>{product}</product>
<proof>{proof}</proof>
</p5>
Example <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<p5>
<people>3</people>
<procedure>3</procedure>
<process>4</process>
<product>5</product>
<proof>NotAssessed</proof>
</p5>
Notes
Description
Any number of notes can be attached to a control in a specific policy for a specific asset.
URL
http://{host}:{port}/redcat/rest/assets/{asset_id}/policy/audit/{policy_name}/{c
ontrol_paragraph}/notes
Remark
POST creates a single note. GET returns all notes for the control.
HP EnterpriseView (2.0)Page 28 of 34
REST API Developer Guide
Resource References
29. GET
Action Returns all of the notes for a specific control in a specific policy for a specific
asset.
Request
Body
None
Returns <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<notes>
<note>
<createTime>{creation date and time}
</createTime>
<creator>
<uniqueId>{user name}</uniqueId>
</creator>
<message>{note text}</message>
</note>
…
</notes>
Example GET http://127.0.0.1:8080/rest/assets/189/policy/
audit/Cobit%204.1/PO1.1/notes
POST
Action Create a new note for a specific control in a specific policy for a
specific asset.
Request
Body
The note text
Returns HTTP code 200 or an error code
Example http://127.0.0.1:8080/redcat/rest/assets/189/policy/
audit/Cobit%204.1/PO1.1/note
{note text}
HP EnterpriseView (2.0) Page 29 of 34
REST API Developer Guide
Resource References
30. Aggregate Risk Score
Description
A score between 0 and 100 (inclusive) representing the aggregate risk of an asset.
URL
http://{host}:{port}/redcat/rest/risk/score/{asset_id}
Remark
All parameters are case-sensitive.
GET
Action Returns the aggregate risk score for a specific asset.
Note: If there is no aggregate risk score for the asset, GET returns an empty
tag instead of a score.
Request
Body
None
Returns <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<RiskScore>
<AggregateScore>
{aggregate risk score}
</AggregateScore>
</RiskScore>
Example GET http://127.0.0.1:8080/redcat/rest/risk/score/189
Aggregate Vulnerability Score
Description
A score between 0 and 10 (inclusive) representing the aggregate vulnerability of an asset.
URL
http://{host}:{port}/redcat/rest/vulnerability/score/{asset_id}
Remark
All parameters are case-sensitive.
HP EnterpriseView (2.0)Page 30 of 34
REST API Developer Guide
Resource References
31. GET
Action Returns the aggregate risk score for a specific asset.
Note: If there is no aggregate vulnerability score for the asset, GET
returns "0".
Request
Body
None
Returns <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<VulnerabilityScore>
<AggregateScore>
{aggregate vulnerability score}
</AggregateScore>
</VulnerabilityScore>
Example GET http://127.0.0.1:8080/redcat/rest/vulnerability/score/189
Aggregate ESM Threat Score
Description
A score between 0 and 10 (inclusive) representing the aggregate ESM threat of an asset.
URL
http://{host}:{port}/redcat/rest/esm/score/{asset_id}
Remark
All parameters are case-sensitive.
GET
Action Returns the aggregate risk score for a specific asset.
Note: If there is no aggregate ESM threat score for the asset,
GET returns "0".
Request
Body
None
HP EnterpriseView (2.0) Page 31 of 34
REST API Developer Guide
Resource References
32. GET
Returns <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ESMScore>
<AggregateScore>
{aggregate esm threat score}
</AggregateScore>
</ESMScore>
Example GET http://127.0.0.1:8080/redcat/rest/esm/score/189
Aggregate Compliance Score
Description
A score between 0 and 100 (inclusive) representing the aggregate compliance of an asset.
URL
http://{host}:{port}/redcat/rest/compliance/score/{asset_id}
Remark
All parameters are case-sensitive.
GET
Action Returns the aggregate compliance score for a specific asset.
Note: If there is no aggregate compliance score for the asset, GET
returns an empty tag instead of a score.
Request
Body
None
Returns <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ComplianceScore>
<AggregateScore>
{aggregate compliance score}
</AggregateScore>
</ComplianceScore>
Example GET http://127.0.0.1:8080/redcat/rest/compliance/score/189
HP EnterpriseView (2.0)Page 32 of 34
REST API Developer Guide
Resource References
33. Aggregate Control Maturity Score
Description
A score between 0 and 5 (inclusive) representing the aggregate maturity of an asset.
URL
http://{host}:{port}/redcat/rest/maturity/score/{asset_id}
Remark
All parameters are case-sensitive.
GET
Action Returns the aggregate maturity score for a specific asset.
Note: If there is no aggregate maturity score for the asset, GET
returns an empty tag instead of a score.
Request
Body
None
Returns <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<MaturityScore>
<AggregateScore>
{aggregate maturity score}
</AggregateScore>
</MaturityScore>
Example GET http://127.0.0.1:8080/redcat/rest/maturity/score/189
HP EnterpriseView (2.0) Page 33 of 34
REST API Developer Guide
Resource References