Search Standards
Use this API to retrieve the list of standards in the
Control Compliance Suite
12.5 Standards Manager.Authentication
To grant access to users to view or execute
Control Compliance Suite
RESTful APIs, you must generate an authentication token.Authorization requirements
You must have the permission to execute the following task to use the Search Standards API:
- View standards
To use the Search Standards API, you must have the permission to access sub-folders in the Standards folder. You may not require permissions on the entire Standards hierarchy.
Request method
To retrieve the list of standards in the
Control Compliance Suite
Standards Manager, create a GET
request. HTTPS request components for Search Standards API
Create a GET request by using the following components:
Request component | Value |
|---|---|
URL |
You can also use the Fully Qualified Domain Name (FQDN) as the hostname. You can configure the port number from the Integration Services Endpoint Configuration dialog box from Settings > Deployment View on the Control Compliance Suite console. You must restart the Symantec Application Server Service after you configure the port. If you do not configure the port, the default port is considered in the request. The default port is 12431. |
Content type | application/json |
HTTPS request parameters for Search Standards API
The following table contains the description of the HTTPS request parameters for the Search Standards API:
Field name | Field type | Data type | Description |
|---|---|---|---|
Attributes | Mandatory | String | This is a comma-separated list of standard attributes and their respective values joined by an operator. The ‘OP’ placeholder in the HTTPS request components for Search Standards API section indicates a query operator, which can be any of the following:
All these query operators are case-sensitive. Comma used in the list of attributes is treated as 'AND.' Wildcard character asterisk (*) is supported in values to be specified. The Search Standards API returns a list of standards along with their total count.The following attributes are supported for this parameter:
These attribute names are not case-sensitive. |
Container path | Optional | String | This is the folder in which the search operation is executed. The default value of this parameter is Standards , which is the default root folder in the Control Compliance Suite standards hierarchy. |
SearchSubtree | Optional | Boolean | By using this parameter, you can decide whether to search for the assets in the sub-folders recursively. The default value of this parameter is ‘True.’ |
Response body for Search Standards API
The GET request for the Search Standards API returns the response body in the following structure:
Success Response: [ { TotalCount:{Int}, StandardDetails":[ { "ID": {String}, "Name":{String}, "Version": {String}, "Author":{String}, "TargetTypes":[Array], "CreationDate":{Date}, "ModifiedDate":{Date}, "IsPredefined":{Boolean} }.. ]
The dates that are returned in the response are in UTC format.
Sample HTTPS request for Search Standards API
The following is a sample HTTPS request for your reference. We have used asset display name as an attribute in the sample:
GET https://<hostname>:<port number>/ccs/api/v1/Standards?searchCriteria=displayname=std&container=standards&Searchsubtree=true
Sample HTTPS response for Search Standards API
The sample HTTPS request that you created earlier returns the following response:
{"TotalCount":2,"StandardDetails":[{"ID":"c983af4c-eb09-48bd-96af-ca170a12f373","Name":"std","Version":"1.3.0", "Author":"<domain name>\\<user name>","CreationDate":"2018-07-30T09:14:50","ModifiedDate":"2018-07-30T09:15:18","IsPredefined":false}, {"ID":"ed237ad3-c07c-42a3-abfb-dede5820a48b","Name":"std","Version":"1.0.0","Author":"<domain name>\\<user name>", "CreationDate":"2018-09-25T13:37:34","ModifiedDate":"2018-09-25T13:37:34","IsPredefined":false}]}
HTTPS response codes for Search Standards API
Depending on the success or the failure of your API request, you see the following response codes for the Search Standards API:
Response Code | Response Type | Description |
|---|---|---|
200 | OK | The list of standards is available with the following details:
|
200 (with Total Count: 0 in response body) | OK | The request is completed successfully. However, there are no records matching the request parameters. In this case, the following response is returned. The total count of standards in this case is zero:
|
403 | Forbidden | The following error message is displayed: You are not authorized to perform this task. Access is denied. |
401 | Unauthorized | This may be because of an invalid or expired access token in an API request. |
400 | Bad Request (Client Error) | The following error message is displayed:
|
500 | Internal Server Error (Server Error) | The following error message is displayed:
|
Sample Python script for Search Standards API
Click to view a sample Python script for Search Standards API
#Script to retrieve the list of standards based on the search criteria mentioned in the request. import requests from requests.packages.urllib3.exceptions import InsecureRequestWarning # Declare Variables # Replace the <hostname> with CCS application server host name # Replace the <port number> with the configured port number for REST API, Default Port Number : 12431 # Replace the <user name> and <password> with valid CCS user name and password for example: UserName = domain1\\administrator, password = <Base64 encoded> HostName = '<hostname>' PortNumber = '<port number>' UserName = '<user name>' Password = '<password>' #<Base64 encoded> # Function to generate CCS REST API access token def getToken(): urlToken = "https://" + HostName + ":" + PortNumber + "/ccs/api/v1/oauth/tokens" payload = "grant_type=password&username=" + UserName + "&password=" + Password +"" headers = {'Content-Type': "application/json"} responseToken = requests.request("POST", urlToken, data=payload, headers=headers, verify=False) autheticationresult = responseToken.status_code if (autheticationresult!=200) : print("\nToken Generation Failed. Please check if the REST API is enabled and User name and password is correct\n") exit() tokenDict = responseToken.json() token = tokenDict['access_token'] refreshToken = tokenDict['refresh_token'] return token #Search Standard API endpoint URL url = "https://" + HostName + ":" + PortNumber + "/ccs/api/v1/Standards" #Search based on displayName of the standard and by using Contains Operator querystring = {"attributes":"displayName Contains red hat", "ContainerPath":"standards\\predefined\\unix", "Searchsubtree":"true"} #Search based on Symc-Standard-Author of the standard by using '=' Operator and displayName of the standard by using StartsWith Operator #querystring = {"attributes":"displayName Contains cis,Symc-Standard-Author=symantec", "ContainerPath":"standards\\predefined\\unix", "Searchsubtree":"true"} #Search based on displayName of the standard and TargetTypeIDs #querystring = {"attributes":"displayName Contains apache,symc-Standard-TargetTypeIDs=97546792-56b0-4020-9d88-f8786371f2d9", "ContainerPath":"standards\\predefined\\unix", "Searchsubtree":"true"} requests.packages.urllib3.disable_warnings(InsecureRequestWarning) bearertoken = "Bearer " + getToken() headers = { 'Authorization': bearertoken , 'Content-Type': "application/json" } response = requests.request("GET", url, headers=headers, params=querystring, verify=False) print(response.text) print(response.json)