/
API Connection Guide

API Connection Guide

Owned by Mark Zuk
Last updated: Oct 01, 2024
10 min read

Introduction

The purpose of this document is to provide instructions to apply API (Application Programming Interface) connection to GYTPOL server from a third-party tools.

Overview

Gytpol API v1.0 covers the following use cases:

  • Getting misconfigurations for a given computer

  • Getting misconfigurations for all computers

  • Getting the list of all computers that had misconfigurations

These use cases are addressed accordingly by the following REST API functions:

  • get_miscon_by_computer

  • get_misconfigurations_start to set a filter and get a token for following calls to get_misconfigurations_next

  • get_miscon_computers_start to set a filter and get a token for following calls to get_miscon_computers_next

  • add_to_group - to add computers to your custom group

 

All methods are POST.

The on-prem server API permits only 100 reads per minute. To prevent surpassing this limit, it's recommended to integrate a timeout or pause within the PS1 script between loops.

 

For example:

# Your existing code here # Add a pause of 2 seconds (adjust as needed) between each iteration Start-Sleep -Seconds 2

API Keys

All HTTPS requests for REST API functions must include the x-api-key parameter in the request header, as illustrated in the examples below.

SaaS customers are advised to reach out to their customer success manager to obtain the necessary x-api-key.

 

On-Prem Customers:

To generate an API key in the GYTPOL UI, navigate to the gear icon > Settings > GYTPOL API Keys. To create a new key, click the + (Plus) icon and assign a name that corresponds to the system. The key will expire after 1 year by default.

 

API Port

For On-Prem customers, the default port for API access is 9191. If you wish to use a different port, you can make the adjustment by modifying the port in the file located at c:\gytpol\data\webserv_config.json.

After changing the port, be sure to restart the gytpol Web UI service to apply the modifications.

 

For SaaS customers, there is no need to specify a port, as the URL utilizes port 443.

Base URL

The Base URL variable in both the scripts and the examples provided below should be set to your GYTPOL URL.

For on-premises customers, it's necessary to append the port after the GYTPOL server URL, like so: https://gytpol.domain.local:9191/gytpolapi/v2.0/<function-name>.

However, SaaS customers can simply utilize the URL of their tenant without the port: https://gytpol.eu.cloud.gytpol.com/gytpolapi/v2.0/<function-name>.

get_miscon_by_computer

This REST API function returns misconfigurations given a computer name and optionally Windows domain name.

Request Structure

JSON string of the following structure:

 

computer

string

mandatory

Computer name

domainName

string

optional

For windows computers, Windows domain name

Response Structure

JSON string of the following structure:

 

computers

object array

 

 

 

 

latestHostReportingDt

datetime

 

Latest date and time the computer reported to Gytpol

 

latestScanDt

datetime

 

Gytpol sensor scans computers for misconfigurations and sends the report to Gytpol backend. This is the date and time of the latest misconfiguration scan reported for this computer.

 

computer

string

 

Computer name

 

computerOu

string

 

Name of organizational unit define on this computer

 

domainName

string

 

For windows computers, Windows domain name

 

clientVer

string

 

Gytpol sensor version currently installed on this computer

 

ipAddress

string

 

Computer’s IP address

 

os

string

 

Computer’s operating system

 

isVdi

bool

 

Is this computer a VDI

 

isServer

bool

 

Is this computer a server

 

isDC

bool

 

Is this computer a domain controller

 

miscon

object array

 

Array of misconfigurations reported for this computer

 

 

topicCode

string

 

 

 

user

string

Username logged into the computer when this misconfiguration had been found

 

 

severity

string

Specifies minimal severity of returned misconfigurations. Supported values are:

Low

Medium

High

 

 

addInfo

string

Additional information describing this misconfiguration (this is json string) with \ before “ in order to prevent breaking the structure of the response json

 

 

param

string

Parameter providing more details for the misconfiguration

 

 

paramExtra

string

Parameter providing even more details for the misconfiguration

 

 

isRemediable

bool

Is this misconfiguration remediable

 

 

isMuted

bool

Is this misconfiguration muted by one of the mute rules