Translate ppkeys to hostnames.

15 views
Skip to first unread message

redbeard_m

unread,
Sep 11, 2017, 5:32:18 PM9/11/17
to help-cfengine


Hi all, 
This is my first post to this group.
I have a list of ppkeys and I would like to know what hosts these belong to. I am running cf-agent version 3.1.4. Is there a command that finds a hostname from a ppkey?

Thanks
redbeard_m

Sean Johnson

unread,
Sep 11, 2017, 7:45:07 PM9/11/17
to help-cfengine
I am running cf-agent version 3.1.4

That's a _really_ old version. You should seriously consider upgrading. :) 

Is there a command that finds a hostname from a ppkey?

On your policy server, run `cf-key -s` 

That will show the a list of the last seen hosts that connected to the policy server. If you have 25 or less hosts, you might want to consider running Enterprise, which centrally (on the policy server) collects a lot of extra information about the hosts that are using it. 

Cheers,

sean

--
You received this message because you are subscribed to the Google Groups "help-cfengine" group.
To unsubscribe from this group and stop receiving emails from it, send an email to help-cfengin...@googlegroups.com.
To post to this group, send email to help-c...@googlegroups.com.
Visit this group at https://groups.google.com/group/help-cfengine.
For more options, visit https://groups.google.com/d/optout.

Nick Anderson

unread,
Sep 11, 2017, 8:12:26 PM9/11/17
to redbeard_m, help-cfengine
Welcome to CFEngine readbeard_m,

You can use =cf-key -s= to display information about connections
made recently
(as defined by
[[https://docs.cfengine.com/docs/3.10/reference-components.html#lastseenexpireafter][lastseenexpireafter]]).

#+BEGIN_EXAMPLE
# cf-key -s
Direction IP Name
Last connection Key
Incoming 172.30.0.136
myhost.example.com Tue Sep 12 01:51:53 2017
SHA=a297a110a4d7417924d872e2b1f64f92210cd805fea7368059b6c12a77661f19
Outgoing 172.30.0.136
myhost.example.com Tue Sep 12 01:50:51 2017
SHA=a297a110a4d7417924d872e2b1f64f92210cd805fea7368059b6c12a77661f19
Total Entries 2
#+END_EXAMPLE

You can use a simple one-liner to extract the hostname or ip from
matching keys:

#+BEGIN_SRC bash
cf-key -s | awk
'/SHA=a297a110a4d7417924d872e2b1f64f92210cd805fea7368059b6c12a77661f19/
{print $3;exit}'
#+END_SRC

#+BEGIN_EXAMPLE
myhost.example.com
#+END_EXAMPLE

In Enterprise you can query the API.

#+BEGIN_EXAMPLE
curl --user username:password
https://hub/api/host/a297a110a4d7417924d872e2b1f64f92210cd805fea7368059b6c12a77661f19
#+END_EXAMPLE

#+BEGIN_EXAMPLE
{
"data": [
{
"firstseen": "1483983635",
"hostname": "ip-172-30-0-136.cfengine.com",
"id":
"SHA=a297a110a4d7417924d872e2b1f64f92210cd805fea7368059b6c12a77661f19",
"ip": "172.30.0.136",
"lastreport": "1505174453"
}
],
"meta": {
"count": 1,
"page": 1,
"timestamp": 1505174504,
"total": 1
}
}
#+END_EXAMPLE

I hope this helps!

redbeard_m

unread,
Sep 12, 2017, 6:38:08 PM9/12/17
to help-cfengine
Thanks, Sean and Nick.
The simple answer gave me as much as I needed.

Dave
Reply all
Reply to author
Forward
0 new messages