KSC API use cases examples - host isolation with KES\KEA [KSC for Windows]

Antipova Anna · November 11, 2023

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.

Description and cautions

The article is giving some use cases examples of KSC API calls to ease one's start using the API. In that KB we are looking at host isolation with KES/KEA scenario.

For the Windows version of cURL, you need to specify that the arguments need to be escaped with "\", otherwise there will be an error. For example: 'Authorization: KSCBasic user=\"YXBpLXVzZXI=\", pass=\"cGFzc3dvcmQ=\", internal=\"1\"'

Details

Prerequisites

internal user: api-user

Example

KSC address - 127.0.0.1 (the address can also be external)
API Port - 13299 (default)
User: api-user (intrental KSC user), base64: YXBpLXVzZXI=
Password: password, base64: cGFzc3dvcmQ=

Credentials:

	User	Password
	api-user	password
Base64:	YXBpLXVzZXI=	cGFzc3dvcmQ=

Authentication, type: Authenticated session, other types: KSC Open API description
Requests are in cUrl and http formats, as an alternative it is also possible to use Python library (KlAkOAPI Python package)

Login

Start connection to KSC (Session::StartSession)

Session::StartSession

curl --location --request POST 'https://127.0.0.1:13299/api/v1.0/Session.StartSession' \

--header 'Authorization: KSCBasic user="YXBpLXVzZXI=", pass="cGFzc3dvcmQ=", internal="1"'

Username and password should be encoded to base64 format as part of a secure HTTPS session. For example, https://www.base64encode.org/ can be used for encoding.

Response

{

"PxgRetVal": "nsPbUpP1oAVZlM1lODEbg8A=="

}

Use this token in request header

Find Host

Find host by filter string (HostGroup::FindHosts)

Filter string, contains a condition over host attributes, see also Search filter syntax.

We use "KLHST_WKS_DN" - Host display name

HostGroup::FindHosts

POST /api/v1.0/HostGroup.FindHosts HTTP/1.1

Host: localhost:13299

X-KSC-Session: nH4iKWCdxuBJWO5U4ATKSew==

Content-Type: application/json

Content-Length: 170

{

"vecFieldsToReturn": [

"KLHST_WKS_HOSTNAME",

"KLHST_WKS_DN"

],

"lMaxLifeTime": 1200,

"wstrFilter": "(KLHST_WKS_DN=\"WIN10-*\")"

}

Response ID

Response

{"strAccessor":"ppYeO5rmkvKcMUm8vQzOK2","PxgRetVal":18}

Copy Accessor for next request (ChunkAccessor::GetItemsChunk)

ChunkAccessor::GetItemsChunk

curl -L -X POST "https://127.0.0.1:13299/api/v1.0/ChunkAccessor.GetItemsChunk" -H "X-KSC-Session: noOxgI9Ny7O5Whg/97qvcVg==" -H "Content-Type: application/json" --data-raw "{

\"strAccessor\":\"fb07haDqXIKZbQzyDsMwx1\",

\"nStart\": 0,

\"nCount\": 100

}"

Response info about host:

Response

{

"pChunk": {

"KLCSP_ITERATOR_ARRAY": [

{

"type": "params",

"value": {

"KLHST_WKS_DN": "WIN10-OPTIMUM-1",

"KLHST_WKS_HOSTNAME": "c0816918-fbc5-4fbc-8fed-6f245756120e"

}

},

{

"type": "params",

"value": {

"KLHST_WKS_DN": "WIN10-KES-11-OLD",

"KLHST_WKS_HOSTNAME": "ab365e11-a1c7-492b-a981-e84402b33a8f"

}

]

},

........

"PxgRetVal": 18

}

Copy value "KLHST_WKS_HOSTNAME" for next request

KEA Isolation

HostGroup.GetHostInfo

Acquire specified host attributes. (HostGroup::GetHostInfo)

strHostName	(wstring) host name, a unique server-generated string (see KLHST_WKS_HOSTNAME attribute). It is NOT the same as computer network name (DNS-, FQDN-, NetBIOS-name)
pFields2Return	(array) array of names of host attributes to return. See List of host attributes for attribute names

HostGroup.GetHostInfo

POST /api/v1.0/HostGroup.GetHostInfo HTTP/1.1

Host: localhost:13299

X-KSC-Session: nH4iKWCdxuBJWO5U4ATKSew==

Content-Type: application/json

Content-Length: 185

{

"strHostName":"ab365e11-a1c7-492b-a981-e84402b33a8f",

"pFields2Return": [

"KLHST_WKS_HOSTNAME",

"KLHST_WKS_DN",

"KLHST_APP_INFO"

]

}

HostGroup.SS_GetNames

Get section names from host settings storage. (HostGroup::SS_GetNames)

Parameters values should be taken from the previous response.

HostGroup::SS_GetNames

POST /api/v1.0/HostGroup.SS_GetNames HTTP/1.1

Host: localhost:13299

X-KSC-Session: nqH6Qma75t/wBcQm8vlyqvQ==

Content-Type: application/json

Content-Length: 148

{

"strHostName":"ab365e11-a1c7-492b-a981-e84402b33a8f",

"strType":"SS_SETTINGS",

"strProduct":"SOYUZ",

"strVersion":"4.0.0.0"

}

Response:

Response

{

"PxgRetVal": [

".KLNAG_SECTION_REBOOT_REQUEST",

"85",

"AccountLogonSettings",

"ApplicationSettings",

"AutoStartEntriesNotifySettings",

"ConnectionSettings",

"CreateProcessSettings",

"FileChangeNotificationSettsEdr",

"KLEVP_NF_SECTION",

"KsnServiceSettings",

"LoadImageSettingsEdr",

"MaintenanceSettings",

"MdrServiceSettings",

"MessageBrokerSettings",

"NetworkConnectionSettingsEdr",

"NetworkIsolationProfilesSetts",

"NetworkIsolationSettings", #copy this field setting

"PasswordSettings",

"PreventionSettings",

"ProductPermissionSettings",

"QuarantineSettings",

"SandboxSettings",

"SelfDefenceSettings",

"UserModeApiMonitorSrvSettings",

"WMIActivitySettings",

"WindowsEventLogSettingsEdr",

"WindowsRegistrySettings"

]

}

With NWC web console KSC create local network exteption for VPN:

1) Open host properties → Applications → KEA

2) Open tab APP Settings → Network Isolation → Isolation on detection

3) Add rule for RDP → click "OK" → click "Save"

HostGroup.SS_Read

Read data from host settings storage. (HostGroup::SS_Read)

Parameters values should be taken from two previous responses

HostGroup::SS_Read

POST /api/v1.0/HostGroup.SS_Read HTTP/1.1

Host: localhost:13299

X-KSC-Session: nqc+0P0UI+Wzuu+FREB74yQ==

Content-Type: application/json

Content-Length: 194

{

"strHostName":"ab365e11-a1c7-492b-a981-e84402b33a8f",

"strType":"SS_SETTINGS",

"strProduct":"SOYUZ",

"strVersion":"4.0.0.0",

"strSection":"NetworkIsolationSettings"

}

Response info about Network Isolation with RDP rule exception:

Response

{

"PxgRetVal": {

"BaseSettings": {

"type": "params",

"value": {

"Revision": {

"type": "long",

"value": 0

},

"__VersionInfo": [

1,

0

]

}

},

"Enable": false,

"Exclusions": [

{

"type": "params",

"value": {

"Description": "Custom (user-defined)",

"Name": "Custom (user-defined)",

"Rules": [

{

"type": "params",

"value": {

"AppProtocolName": "RDP",

"Applications": [],

"Direction": 3,

"Enable": true,

"LocalAddress": "",

"LocalPort": {

"type": "params",

"value": {

"MaxPort": 3389,

"MinPort": 3389,

"__VersionInfo": [

1,

0

]

}

},

"Protocol": 0,

"RemoteAddress": "",

"RemotePort": {

"type": "params",

"value": {

"MaxPort": 0,

"MinPort": 0,

"__VersionInfo": [

1,

0

]

}

},

"UseApplications": false,

"UseLocalAddress": false,

"UseLocalPort": true,

"UseProtocol": false,

"UseRemoteAddress": false,

"UseRemotePort": false,

"__VersionInfo": [

1,

1

]

}

],

"__VersionInfo": [

1,

0

]

}

],

"IsolationTimeout": 1800,

"NotifyUser": true,

"UseIsolationTimeout": true,

"__VersionInfo": [

1,

2

]

}

Copy all response for next request.

HostGroup.SS_Write

Write data to host settings storage for isolation workstation with RDP rule. (HostGroup::SS_Write)

1) Use previous value parameters

2) for nOption use 7

7 - "Clear", replaces existing section contents with pData, i.e. existing section contents will deleted and variables from pData will be written to the section.

3) for pSettings past previous response and change

"Enable": true

HostGroup::SS_Write

POST /api/v1.0/HostGroup.SS_Write HTTP/1.1

Host: localhost:13299

X-KSC-Session: nbpsiiOAAxiDWfMSVkgciWQ==

Content-Type: application/json

Content-Length: 1066

{

"strHostName":"bdcae680-eeaa-4279-a822-92a0d3e01dfb",

"strType":"SS_SETTINGS",

"strProduct":"SOYUZ",

"strVersion":"4.0.0.0",

"strSection":"NetworkIsolationSettings",

"nOption":7,

"pSettings":{

"BaseSettings": {

"type": "params",

"value": {

"Revision": {

"type": "long",

"value": 0

},

"__VersionInfo": [

1,

0

]

}

},

"Enable": true, #Isolation ON

"Exclusions": [

{

"type": "params",

"value": {

"Description": "Custom (user-defined)",

"Name": "Custom (user-defined)",

"Rules": [

{

"type": "params",

"value": {

"AppProtocolName": "RDP", #custom rule for RDP

"Applications": [],

"Direction": 3,

"Enable": true,

"LocalAddress": "",

"LocalPort": {

"type": "params",

"value": {

"MaxPort": 3389,

"MinPort": 3389,

"__VersionInfo": [

1,

0

]

}

},

"Protocol": 0,

"RemoteAddress": "",

"RemotePort": {

"type": "params",

"value": {

"MaxPort": 0,

"MinPort": 0,

"__VersionInfo": [

1,

0

]

}

},

"UseApplications": false,

"UseLocalAddress": false,

"UseLocalPort": true,

"UseProtocol": false,

"UseRemoteAddress": false,

"UseRemotePort": false,

"__VersionInfo": [

1,

1

]

}

],

"__VersionInfo": [

1,

0

]

}

],

"IsolationTimeout": 1800,

"NotifyUser": true,

"UseIsolationTimeout": true,

"__VersionInfo": [

1,

2

]

}

Response

Response

{ }

Host isolated successfully.

For off isolation you must change for pSettings past previous response and change

"Enable": false

KES Isolation (11.7 and upper)

FindHost

Find Host with previous method and copy value "KLHST_WKS_HOSTNAME"

For example:

"KLHST_WKS_DN":"KEDRO-1","KLHST_WKS_HOSTNAME":"a20da5de-49e5-469a-92ea-41b5adb74ea4"

SrvView

Find srvview data by filter string (SrvView::ResetIterator)

"wstrViewName" - check List of supported srvviews.

"vecFieldsToReturn" - check https://support.kaspersky.com/help/KSC/13.1/KSCAPI/a00307.html

SrvView::ResetIterator

POST /api/v1.0/SrvView.ResetIterator HTTP/1.1

Host: localhost:13299

X-KSC-Session: nXo75DRoFMRjNp2jwByKlfg==

Content-Type: application/json

Content-Length: 614

{

"wstrViewName": "HostTasksSrvView",

"vecFieldsToReturn": [

"nState",

"strTask",

"TASK_NAME",

"txtDisplayName",

"TASKID_PRODUCT_NAME",

"TASKID_PRODUCT_VERSION",

"bCannotBeDeleted",

"bSystem"

],

"vecFieldsToOrder": [

{

"type": "params",

"value": {

"Name": "TASK_NAME",

"Asc": "true"

}

],

"lifetimeSec": 100,

"pParams": {

"strHostId": "a20da5de-49e5-469a-92ea-41b5adb74ea4"

},

"wstrFilter": ""

}

Response ID

Response

{"wstrIteratorId":"67D74142AE0FA1A3D05CD696B957902B"}

GetRecordRange from Response data (SrvView.GetRecordRange)

SrvView.GetRecordRange

curl -L -X POST "https://127.0.0.1:13299/api/v1.0/SrvView.GetRecordRange" -H "X-KSC-Session: noOxgI9Ny7O5Whg/97qvcVg==" -H "Content-Type: application/json" --data-raw "{

\"wstrIteratorId\":\"67D74142AE0FA1A3D05CD696B957902B\",

\"nStart\": 0,

\"nEnd\": 100

}"

Copy value "strTask" for Task "xdr_networkisolation_start" and "xdr_networkisolation_stop"

For example:

Isolation ON => "TASK_NAME":"xdr_networkisolation_start" .... "strTask":"_LOCAL_2212c5ce-c23d-4c55-8bca-656221d5f056"

Isolation OFF => "TASK_NAME":"xdr_networkisolation_stop .... "strTask":"_LOCAL_f0395954-c011-445c-b2e3-0a1074a2cf8d"

Isolation ON

GetHostTasks

Return server specific identity to acquire and manage host tasks. (HostGroup::GetHostTasks)

HostGroup.GetHostTasks

POST /api/v1.0/HostGroup.GetHostTasks HTTP/1.1

Host: localhost:13299

X-KSC-Session: nXo75DRoFMRjNp2jwByKlfg==

Content-Type: application/json

Content-Length: 58

{

"strHostName":"a20da5de-49e5-469a-92ea-41b5adb74ea4"

}

Response:

Response

{"PxgRetVal":"8122017D5C4081753E8FDE94244DC1AF"}

HostTasks

GetTaskData

Acquire task settings. (HostTasks::GetTaskData)

strSrvObjId - server object ID that got from HostGroup.GetHostTasks

strTask - storage identifier of the task (such as returned by HostTasks.AddTask)

HostTasks::GetTaskData

POST /api/v1.0/HostTasks.GetTaskData HTTP/1.1

Host: localhost:13299

X-KSC-Session: nXo75DRoFMRjNp2jwByKlfg==

Content-Type: application/json

Content-Length: 112

{

"strTask":"_LOCAL_2212c5ce-c23d-4c55-8bca-656221d5f056",

"strSrvObjId":"8122017D5C4081753E8FDE94244DC1AF"

}

Response:

Response

{"PxgRetVal":{"EVENT_TYPE":"PRTS_EVENT_NONE","FILTER_EVENTS_COMPONENT_NAME":"","FILTER_EVENTS_INSTANCE_ID":"","FILTER_EVENTS_PRODUCT_NAME":"","FILTER_EVENTS_VERSION":"","TASKID_COMPONENT_NAME":"Connector","TASKID_INSTANCE_ID":"","TASKID_PRODUCT_NAME":"KES","TASKID_VERSION":"11.0.0.0","TASKSCH_FIRST_EXECUTION_TIME":{"type":"datetime","value":"1970-01-01T00:00:00Z"},"TASKSCH_FIRST_EXECUTION_TIME_SEC":0,"TASKSCH_LIFETIME":{"type":"datetime","value":""},"TASKSCH_MS_PERIOD":0,"TASKSCH_RUN_MISSED_FLAG":false,"TASKSCH_TYPE":0,"TASK_ADDITIONAL_PARAMS":{"type":"params","value":{"CompatibilityInfo":{"type":"params","value":{"MinimalPluginVersion":"11.7.0.0"}},"PRTS_TASK_EXT_SHEDULE_FLAGS":0,"exclusionRules":[{"type":"params","value":{"applications":{"type":"params","value":{"enabled":false,"paths":[]}},"dataSource":1,"localPorts":{"type":"params","value":{"enabled":true,"portRange":[{"type":"params","value":{"end":53,"start":53}}]}},"name":"DNS","protocol":{"type":"params","value":{"enabled":true,"id":6}},"remoteAddress":{"type":"params","value":{"enabled":false,"ip":{"type":"params","value":{"octets":{"type":"binary","value":""},"zoneIPv6":""}}}},"remotePorts":{"type":"params","value":{"enabled":false,"portRange":[]}}}},{"type":"params","value":{"applications":{"type":"params","value":{"enabled":false,"paths":[]}},"dataSource":1,"localPorts":{"type":"params","value":{"enabled":true,"portRange":[{"type":"params","value":{"end":53,"start":53}}]}},"name":"DNS","protocol":{"type":"params","value":{"enabled":true,"id":17}},"remoteAddress":{"type":"params","value":{"enabled":false,"ip":{"type":"params","value":{"octets":{"type":"binary","value":""},"zoneIPv6":""}}}},"remotePorts":{"type":"params","value":{"enabled":false,"portRange":[]}}}},{"type":"params","value":{"applications":{"type":"params","value":{"enabled":true,"paths":["%systemroot%\\system32\\dns.exe"]}},"dataSource":1,"localPorts":{"type":"params","value":{"enabled":true,"portRange":[{"type":"params","value":{"end":65535,"start":49152}}]}},"name":"Large numbered TCP ports, randomly assigned by the RPC service","protocol":{"type":"params","value":{"enabled":true,"id":6}},"remoteAddress":{"type":"params","value":{"enabled":false,"ip":{"type":"params","value":{"octets":{"type":"binary","value":""},"zoneIPv6":""}}}},"remotePorts":{"type":"params","value":{"enabled":false,"portRange":[]}}}},{"type":"params","value":{"applications":{"type":"params","value":{"enabled":true,"paths":["%systemroot%\\system32\\svchost.exe"]}},"dataSource":1,"localPorts":{"type":"params","value":{"enabled":true,"portRange":[{"type":"params","value":{"end":135,"start":135}}]}},"name":"RPC Endpoint Mapper","protocol":{"type":"params","value":{"enabled":true,"id":6}},"remoteAddress":{"type":"params","value":{"enabled":false,"ip":{"type":"params","value":{"octets":{"type":"binary","value":""},"zoneIPv6":""}}}},"remotePorts":{"type":"params","value":{"enabled":false,"portRange":[]}}}},{"type":"params","value":{"applications":{"type":"params","value":{"enabled":false,"paths":[]}},"dataSource":0,"localPorts":{"type":"params","value":{"enabled":false,"portRange":[]}},"name":"DNS client","protocol":{"type":"params","value":{"enabled":true,"id":6}},"remoteAddress":{"type":"params","value":{"enabled":false,"ip":{"type":"params","value":{"octets":{"type":"binary","value":""},"zoneIPv6":""}}}},"remotePorts":{"type":"params","value":{"enabled":true,"portRange":[{"type":"params","value":{"end":53,"start":53}}]}}}},{"type":"params","value":{"applications":{"type":"params","value":{"enabled":false,"paths":[]}},"dataSource":0,"localPorts":{"type":"params","value":{"enabled":false,"portRange":[]}},"name":"DNS client","protocol":{"type":"params","value":{"enabled":true,"id":17}},"remoteAddress":{"type":"params","value":{"enabled":false,"ip":{"type":"params","value":{"octets":{"type":"binary","value":""},"zoneIPv6":""}}}},"remotePorts":{"type":"params","value":{"enabled":true,"portRange":[{"type":"params","value":{"end":53,"start":53}}]}}}},{"type":"params","value":{"applications":{"type":"params","value":{"enabled":false,"paths":[]}},"dataSource":2,"localPorts":{"type":"params","value":{"enabled":true,"portRange":[{"type":"params","value":{"end":68,"start":68}}]}},"name":"DHCP server","protocol":{"type":"params","value":{"enabled":true,"id":17}},"remoteAddress":{"type":"params","value":{"enabled":false,"ip":{"type":"params","value":{"octets":{"type":"binary","value":""},"zoneIPv6":""}}}},"remotePorts":{"type":"params","value":{"enabled":true,"portRange":[{"type":"params","value":{"end":67,"start":67}}]}}}},{"type":"params","value":{"applications":{"type":"params","value":{"enabled":false,"paths":[]}},"dataSource":2,"localPorts":{"type":"params","value":{"enabled":true,"portRange":[{"type":"params","value":{"end":67,"start":67}}]}},"name":"DHCP client","protocol":{"type":"params","value":{"enabled":true,"id":17}},"remoteAddress":{"type":"params","value":{"enabled":false,"ip":{"type":"params","value":{"octets":{"type":"binary","value":""},"zoneIPv6":""}}}},"remotePorts":{"type":"params","value":{"enabled":true,"portRange":[{"type":"params","value":{"end":68,"start":68}}]}}}},{"type":"params","value":{"applications":{"type":"params","value":{"enabled":false,"paths":[]}},"dataSource":1,"localPorts":{"type":"params","value":{"enabled":true,"portRange":[{"type":"params","value":{"end":2535,"start":2535}}]}},"name":"MADCAP","protocol":{"type":"params","value":{"enabled":true,"id":17}},"remoteAddress":{"type":"params","value":{"enabled":false,"ip":{"type":"params","value":{"octets":{"type":"binary","value":""},"zoneIPv6":""}}}},"remotePorts":{"type":"params","value":{"enabled":false,"portRange":[]}}}},{"type":"params","value":{"applications":{"type":"params","value":{"enabled":false,"paths":[]}},"dataSource":1,"localPorts":{"type":"params","value":{"enabled":true,"portRange":[{"type":"params","value":{"end":647,"start":647}}]}},"name":"DHCP failover","protocol":{"type":"params","value":{"enabled":true,"id":6}},"remoteAddress":{"type":"params","value":{"enabled":false,"ip":{"type":"params","value":{"octets":{"type":"binary","value":""},"zoneIPv6":""}}}},"remotePorts":{"type":"params","value":{"enabled":false,"portRange":[]}}}}],"isolationDuration":3600000,"klprts-TaskStorageId":"_LOCAL_2d076fbe-7e60-4a99-9177-173076a5a2b1","ksc_settings_compatibility::TaskUniqueId":"89621cce@xdr_networkisolation_start@NetworkIsolationStart","responseId":{"type":"long","value":7998665773575485050}}},"TASK_CLASS_ID":0,"TASK_DEL_AFTER_RUN_FLAG":false,"TASK_INFO_PARAMS":{"type":"params","value":{"DisplayName":"Network isolation","klprts-TaskCannotBeDeleted":true,"klprts-TaskScheduleSubtype":256}},"TASK_LAST_EXEC_TIME":{"type":"datetime","value":"1970-01-01T00:00:00Z"},"TASK_LAST_EXEC_TIME_SEC":0,"TASK_MAX_EXEC_TIME":0,"TASK_NAME":"xdr_networkisolation_start","TASK_PREP_START":0,"TASK_PRIORITY":1,"TASK_START_DELTA":0,"TASK_UNIQUE_ID":"_LOCAL_2212c5ce-c23d-4c55-8bca-656221d5f056"}}

Copy some of value from response and change parameters on next request with Network isolation exclusions

RDP protocol (for example):

exclusionRules

{

"type": "params",

"value": {

"applications": {

"type": "params",

"value": {

"enabled": true,

"paths": []

}

},

"dataSource": 2, #inbound and outbound

"localPorts": {

"type": "params",

"value": {

"enabled": true,

"portRange": [

{

"type": "params",

"value": {

"end": 3389, #port

"start": 3389 #port

}

]

}

},

"name": "RDP ANY", #name

"protocol": {

"type": "params",

"value": {

"enabled": true,

"id": 0 #TCP and UDP

}

},

"remoteAddress": {

"type": "params",

"value": {

"enabled": false,

"ip": {

"type": "params",

"value": {

"octets": {

"type": "binary",

"value": ""

},

"zoneIPv6": ""

}

},

"remotePorts": {

"type": "params",

"value": {

"enabled": false,

"portRange": []

}

UpdateTask

Modify task settings. ( HostTasks::UpdateTask)

HostTasks::UpdateTask Collapse source

POST /api/v1.0/HostTasks.UpdateTask HTTP/1.1

Host: localhost:13299

X-KSC-Session: n18Zfc+1hPeedqD07uM96/A==

Content-Type: application/json

Content-Length: 32796

{

"strTask": "_LOCAL_2212c5ce-c23d-4c55-8bca-656221d5f056",

"strSrvObjId": "46A9BEBC82C3FB1121050247A0697ECC",

"pData": {

"TASKID_COMPONENT_NAME": "Connector",

"TASKID_PRODUCT_NAME": "KES",

"TASKID_VERSION": "11.0.0.0",

"TASKSCH_TYPE": 5,

"TASK_ADDITIONAL_PARAMS": {

"type": "params",

"value": {

"CompatibilityInfo": {

"type": "params",

"value": {

"MinimalPluginVersion": "11.8.0.0"

}

},

"PRTS_TASK_EXT_SHEDULE_FLAGS": 0,

"exclusionRules": [

{

"type": "params",

"value": {

"applications": {

"type": "params",

"value": {

"enabled": true,

"paths": []

}

},

"dataSource": 2,

"localPorts": {

"type": "params",

"value": {

"enabled": true,

"portRange": [

{

"type": "params",

"value": {

"end": 3389,

"start": 3389

}

]

}

},

"name": "RDP ANY",

"protocol": {

"type": "params",

"value": {

"enabled": true,

"id": 0

}

},

"remoteAddress": {

"type": "params",

"value": {

"enabled": false,

"ip": {

"type": "params",

"value": {

"octets": {

"type": "binary",

"value": ""

},

"zoneIPv6": ""

}

},

"remotePorts": {

"type": "params",

"value": {

"enabled": false,

"portRange": []

}

],

"isolationDuration":28800000,

"klprts-TaskStorageId":"_LOCAL_2212c5ce-c23d-4c55-8bca-656221d5f056",

"ksc_settings_compatibility::TaskUniqueId":"89621cce@xdr_networkisolation_start@NetworkIsolationStart",

"responseId":{"type":"long","value":4294967295}}},

"TASK_CLASS_ID":0,

"TASK_DEL_AFTER_RUN_FLAG":false,

"TASK_INFO_PARAMS":

{"type":"params","value":{

"DisplayName":"Network isolation",

"klprts-TaskCannotBeDeleted":true,

"klprts-TaskScheduleSubtype":512}

},

"TASK_NAME":"xdr_networkisolation_start",

"TASK_PREP_START":0,

"TASK_PRIORITY":1,

"TASK_START_DELTA":0,

"TASK_UNIQUE_ID":"_LOCAL_2212c5ce-c23d-4c55-8bca-656221d5f056"

}

Response

Response

{ }

Host isolated successful with allowed RDP session.

Isolation OFF

For example:

Isolation OFF => "TASK_NAME":"xdr_networkisolation_stop .... "strTask":"_LOCAL_f0395954-c011-445c-b2e3-0a1074a2cf8d"

GetHostTasks

Return server specific identity to acquire and manage host tasks. (HostGroup::GetHostTasks)

HostGroup.GetHostTasks

POST /api/v1.0/HostGroup.GetHostTasks HTTP/1.1

Host: localhost:13299

X-KSC-Session: nXo75DRoFMRjNp2jwByKlfg==

Content-Type: application/json

Content-Length: 58

{

"strHostName":"a20da5de-49e5-469a-92ea-41b5adb74ea4"

}

Response:

Response

{"PxgRetVal":"8122017D5C4081753E8FDE94244DC1AF"}

HostTasks

GetTaskData

Acquire task settings. (HostTasks::GetTaskData)

strSrvObjId - server object ID that got from HostGroup.GetHostTasks

strTask - storage identifier of the task (such as returned by HostTasks.AddTask)

HostTasks::GetTaskData

POST /api/v1.0/HostTasks.GetTaskData HTTP/1.1

Host: localhost:13299

X-KSC-Session: nXo75DRoFMRjNp2jwByKlfg==

Content-Type: application/json

Content-Length: 112

{

"strTask":"_LOCAL_f0395954-c011-445c-b2e3-0a1074a2cf8d",

"strSrvObjId":"8122017D5C4081753E8FDE94244DC1AF"

}

Response:

Response

{"PxgRetVal":{"EVENT_TYPE":"PRTS_EVENT_NONE","FILTER_EVENTS_COMPONENT_NAME":"","FILTER_EVENTS_INSTANCE_ID":"","FILTER_EVENTS_PRODUCT_NAME":"","FILTER_EVENTS_VERSION":"","TASKID_COMPONENT_NAME":"Connector","TASKID_INSTANCE_ID":"","TASKID_PRODUCT_NAME":"KES","TASKID_VERSION":"11.0.0.0","TASKSCH_FIRST_EXECUTION_TIME":{"type":"datetime","value":"1970-01-01T00:00:00Z"},"TASKSCH_FIRST_EXECUTION_TIME_SEC":0,"TASKSCH_LIFETIME":{"type":"datetime","value":""},"TASKSCH_MS_PERIOD":0,"TASKSCH_RUN_MISSED_FLAG":false,"TASKSCH_TYPE":0,"TASK_ADDITIONAL_PARAMS":{"type":"params","value":{"CompatibilityInfo":{"type":"params","value":{"MinimalPluginVersion":"11.8.0.0"}},"PRTS_TASK_EXT_SHEDULE_FLAGS":0,"klprts-TaskStorageId":"_LOCAL_f0395954-c011-445c-b2e3-0a1074a2cf8d","ksc_settings_compatibility::TaskUniqueId":"59e0cc70@xdr_networkisolation_stop@NetworkIsolationStop","responseId":{"type":"long","value":4294967295}}},"TASK_CLASS_ID":0,"TASK_DEL_AFTER_RUN_FLAG":false,"TASK_INFO_PARAMS":{"type":"params","value":{"DisplayName":"Termination of network isolation","klprts-TaskCannotBeDeleted":true,"klprts-TaskScheduleSubtype":256}},"TASK_LAST_EXEC_TIME":{"type":"datetime","value":"1970-01-01T00:00:00Z"},"TASK_LAST_EXEC_TIME_SEC":0,"TASK_MAX_EXEC_TIME":0,"TASK_NAME":"xdr_networkisolation_stop","TASK_PREP_START":0,"TASK_PRIORITY":1,"TASK_START_DELTA":0,"TASK_UNIQUE_ID":"_LOCAL_f0395954-c011-445c-b2e3-0a1074a2cf8d"}}

Copy some value from response and change parameters on the next request with Network isolation exclusions.

UpdateTask

Modify task settings. ( HostTasks::UpdateTask)

POST /api/v1.0/HostTasks.UpdateTask HTTP/1.1

Host: localhost:13299

X-KSC-Session: n18Zfc+1hPeedqD07uM96/A==

Content-Type: application/json

Content-Length: 32796

{

"strTask": "_LOCAL_f0395954-c011-445c-b2e3-0a1074a2cf8d",

"strSrvObjId": "A06A16B837CC0E73BD3BCCDAA98A3129",

"pData": {

"TASKID_COMPONENT_NAME": "Connector",

"TASKID_PRODUCT_NAME": "KES",

"TASKID_VERSION": "11.0.0.0",

"TASKSCH_MS_PERIOD": 0,

"TASKSCH_TYPE": 5, #change

"TASK_ADDITIONAL_PARAMS": {

"type": "params",

"value": {

"CompatibilityInfo": {

"type": "params",

"value": {

"MinimalPluginVersion": "11.8.0.0"

}

},

"PRTS_TASK_EXT_SHEDULE_FLAGS": 0,

"klprts-TaskStorageId": "_LOCAL_f0395954-c011-445c-b2e3-0a1074a2cf8d",

"ksc_settings_compatibility::TaskUniqueId": "59e0cc70@xdr_networkisolation_stop@NetworkIsolationStop",

"responseId": {

"type": "long",

"value": 4294967295

}

},

"TASK_CLASS_ID": 0,

"TASK_DEL_AFTER_RUN_FLAG": false,

"TASK_INFO_PARAMS": {

"type": "params",

"value": {

"DisplayName": "Termination of network isolation",

"klprts-TaskCannotBeDeleted": true,

"klprts-TaskScheduleSubtype": 512 #change

}

},

"TASK_NAME": "xdr_networkisolation_stop",

"TASK_PREP_START": 0,

"TASK_PRIORITY": 1,

"TASK_START_DELTA": 0,

"TASK_UNIQUE_ID": "_LOCAL_f0395954-c011-445c-b2e3-0a1074a2cf8d"

}

Response

Response

{ }

Host unblocked successfully.

End Session to KSC (Session::EndSession)

Session::EndSession

curl --location --request POST 'https://127.0.0.1:13299/api/v1.0/Session.EndSession' --header 'X-KSC-Session: nsPbUpP1oAVZlM1lODEbg8A==' #PxgRetVal from Session.StartSession

KSC API use cases examples - host isolation with KES\KEA [KSC for Windows]

Recommended Posts

Antipova Anna

Advice and Solutions (Forum Knowledgebase) Disclaimer. Read before using materials.

Description and cautions

Login

Find Host

KEA Isolation

HostGroup.GetHostInfo

HostGroup.SS_Read

KES Isolation (11.7 and upper)

FindHost

SrvView

GetHostTasks

HostTasks

GetTaskData

UpdateTask

Isolation OFF

GetHostTasks

HostTasks

GetTaskData

UpdateTask

Link to comment

Share on other sites

Please sign in to comment

Forum

Products

Support

Personal Account