Search Backup Host Keys
The API will search host keys and its information from the backup inventory.
Before you begin
- Keys should be backed up and present in AppViewX.
Request Structure
| Endpoint: | /ssh/search/hostKeysNote: The same API has been used for the
following: |
| Type: | POST |
| Sample URL: | https://<IP/HostName/TenantName>:<GWPORT>/avxapi/ssh/search/hostKeys?gwsource=externalTo understand the elements of the sample URL, click here. |
| Headers: | |
| Content-Type: | application/json |
| Name | Description |
|---|---|
| sessionId
|
(Mandatory) Session ID received after
login. Type: String Constraints: Required if username and password are not provided. |
| username
|
(Mandatory) AppViewX login username Type: String Constraints: Required if sessionId is not provided. |
| password
|
(Mandatory) AppViewX login password Type: String Constraints: Required if sessionId is not provided. |
| Content-Type
|
(Mandatory) Specifies the nature of the data in the
payload Type: String Constraints: The value of the param should be ‘application/json’. |
| gwsource
|
(Mandatory) Source from which the request is
triggered. (E.g. external) Type: String |
| keysFrom
|
Inventory Name Possible Values: rotatedInventory or deletedInventory. If this value not given, hosts will be fetched from user key inventory. Type: String |
| Payload
|
(Mandatory) Contains all the parameters to be sent
in the request body for the post request Type: Payload |
Payload
| Name | Description |
|---|---|
| input | (Optional) Input Parameters to fetch host keys from
backup inventory. Type: Input |
| filter | (Mandatory) Filter parameters to fetch host keys
from backup inventory. Type: Filter |
| Name | Description |
|---|---|
| freeSearch | Search text to find host key information from backup
inventory. Type: String |
| keywordSearch | Keyword and value tosearch and retrieve host key
information. Example: {"keyname":"RotateKeys_admin_1716367661908-B0-001"} |
| Name | Description |
|---|---|
| sortColumn | Column name to be sorted. Type: String |
| sortOrder | Order to be sorted. Possible values: asc, desc |
| start | Start count of the host keys to be fetched from backup inventory. Type: String |
| max | Count of the host keys to be fetched from backup inventory. Type: String |
Response Structure
200 OK returns string of type application/json with the following body params.
| Name | Description |
|---|---|
| response | Contains the response attributes for the host keys
Type: response |
| message | Success message of the action or failure description
in case of error. Will be non-null for failure
response Type: String |
| appStatusCode | Application-specific status code for the response.
Will be non-null for failure response Type: String |
| tags | More info in case of failure response |
| Name | Description |
|---|---|
| data | List of host key information which matches the search criteria. Type: List |
| totalCount | Total number of host keys available for the search criteria. |
Status Codes
| HTTP Status code | appStatusCode | Message and Possible remediation |
|---|---|---|
| 200 OK | NA | Host keys retrieved successfully |
| 401 Unauthorized | AVX_GW_003 | Authentication failed, reason - Invalid
Credentials Possible remediation: Ensure that valid username and password or valid sessionId is provided as the header param. |
| 400 Bad Request | AVX-VLDTN-001 | Mandatory field is missing or invalid values
specified - <<field name>> Possible remediation: Check and ensure that valid value is provided for <<field name>> field in the request. |
Sample Request/Response
To search backup host key “RotateKeys_admin_1716367184410-B0-001” using /search/hostKeys API.
https://<IP/HostName/TenantName>:<GWPORT>/avxapi/ssh/search/hostKeys?keysFrom=rotatedInventory&gwsource=externalhttps://<IP/HostName/TenantName>:<GWPORT>/avxapi/ssh/search/hostKeys?keysFrom=rotatedInventory&gwsource=external
{
"input": {
"freeSearch": "RotateKeys_admin_1716367184410-B0-001"
},
"filter": {
"sortColumn": "none",
"sortOrder": "desc",
"start": "0",
"max": "100"
}
}
{
"input": {
"keywordSearch":{"keyname":"RotateKeys_admin_1716367184410-B0-001"}
},
"filter": {
"sortColumn": "none",
"sortOrder": "desc",
"start": "0",
"max": "100"
}
}
{
"response": {
"httpStatusCode": 200,
"message": "Deleted Keys retrieved successfully for action ",
"data": [
{
"type": "ECDSA",
"name": "FetchKey_admin_1717154137217-B0-126",
"bitLength": "521",
"comment": "no comment",
"fingerPrint": "fMCeH0raF/oecufXk4f9KaP7W8y4WJF1XWfincaSEDE",
"keyStatus": "Managed",
"groupName": "Default_Key_Group",
"period": "lifetime",
"uuid": "40cd00ae-76ef-3bfc-bd58-32959dc38453",
"keyWords": [
"pe-cert-apvx-node01.lab.appviewx.net",
"discoveredKeys",
"521",
"no comment",
"fMCeH0raF/oecufXk4f9KaP7W8y4WJF1XWfincaSEDE",
"FetchKey_admin_1717154137217-B0-126",
"hostKeys",
"ECDSA"
],
"active": true,
"createdBy": "discoveredKeys",
"awsDiscoveredKey": true,
"associatedUsers": [],
"modifiedTime": 1717395307,
"sourceIp": [
"192.168.60.129"
],
"destIp": [],
"createdTime": 0,
"groupIds": [
"5767bcef3465bfbf73e44727"
],
"readWrite": false,
"renewDate": 0,
"expiryDate": 0,
"isExpired": false,
"initiatedTime": 0,
"filePaths": [
"pe-cert-apvx-node01.lab.appviewx.net~~/root/.ssh/known_hosts"
],
"symLinks": [],
"publicKeyFileProps": {
"readable": "true",
"executable": "false",
"writable": "true"
},
"clientMachineNames": [
"pe-cert-apvx-node01.lab.appviewx.net"
],
"serverMachineNames": [],
"keyFoundInDiscoverySeqIdRanges": [
{
"from": 22,
"to": 23
},
{
"from": 25,
"to": 25
},
{
"from": 27,
"to": 28
},
{
"from": 30,
"to": 30
},
{
"from": 32,
"to": 32
},
{
"from": 34,
"to": 34
},
{
"from": 37,
"to": 37
},
{
"from": 39,
"to": 40
}
],
"firstDiscovery": 1717154137239,
"previousDiscovery": 1717372835282,
"currentDiscoveredTime": 1717395222733,
"certificate": [],
"sharedType": "standalone",
"excludeFromSharedKeyReportEndTime": 0,
"excludeFromWeakKeyReportEndTime": 0,
"excludeFromOrphanKeyReportEndTime": 0,
"excludeFromSuspiciousKeyReportEndTime": 0,
"discoveryIdWithNewState": {
"22": true
},
"eligibleForRollback": false,
"parentUuid": "6659b187c07be2338021f391",
"backupAction": "Delete",
"expireAt": 1717403655705,
"audit": {
"createdOn": 1717403655705,
"createdBy": "admin",
"updatedOn": 0
},
"deletionDate": 1719995655705,
"backupKeyType": "hostKeys",
"actionCompleted": false,
"sharedKey": false,
"accessRequest": false,
"discovered": true,
"new": false,
"keyDownload": false,
"privateKeyDeleted": false,
"publicKeyDeleted": false,
"keyFilePermission": [],
"selected": false,
"weakKey": false,
"riskKey": false,
"upload": false,
"passphraseValidated": false,
"hasPrivateKey": false,
"_id": "6659b187c07be2338021f391"
}
],
"totalCount": 1
},
"message": "Host keys retrieved successfully",
"appStatusCode": null,
"tags": null,
"headers": null
}
Reference
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.Note: GWPORT is not required for SaaS setups.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: /ssh/host/create
- gwsource: Source or origin of a gateway, for example: external.
