I would like to get some ideas on how to automate the following process.
I have created a location tag, let’s call it “US assets”. From a .txt file, I am importing a list of IP ranges and subnets and, I am tagging them as “US assets”. In addition, I have created a dynamic asset group that is taking all the assets labeled as “US assets”, let’s call this group, “US asset group”. I have set up a new site “US site” and I am telling it to scan the “US asset group”. So far so good, this is working and in fact I am able to replicate the same process for different locations.
Now what happens when a new subnet is included in my environment? I would have to generate a new .txt and update manually the “US assets” tag with the content. Sometimes is not just about adding subnets but also removing IP ranges that we are not longer using. I haven’t found a way to automate this process and it becomes problematic when I have to do it for a bunch of locations. I am looking for a way to leverage the API or another tool to automate the process of adding/removing IPs to a given tag based on a .txt file.
I would appreciate it if you have any suggestions.
If something is unclear I can provide more information.
Hi Brandon, thanks for the reply. I will take a look at ServiceNow, we are actually using that platform but the CMDB is not fully implemented so I know I will have limitations there.
As for your recommendation on the subnets, that’s something I’m already doing but I was wondering if there is a way to automate that task (i.e. not having to manually modify the filter with the new subnets). Maybe create a script and leverage the API to POST / REMOVE assets in the tag group, but to do that I would have to specify asset IDs and, what I have to do is actually define IP ranges and not assets itself.
yes, there is an API to update Tag filters, InsightVM API (v3)
I am lazy and hate manual effort, so I script everything. When you update make sure you capture the existing value and append to that. If you just add a filter it will replace the current value, not append to it.