Creating and scheduling a network discovery job

This example shows you how to use the Web SDK to create and schedule a new network discovery job within Trust Protection Platform. At the scheduled time, Trust Protection Platform scans ports 443, 636, and 7000-9999 of all addresses found in the IP ranges 192.168.1.0/24 and 172.16.1.0/24. If the job does not complete by 4 AM, it resumes the next day at 10 PM. This cycle repeats until processing completes.

NOTE  If you are updating an existing Network Discovery object, you should first read all of the existing Address Range values into an array using POST Config/Read, add new ranges to the array, and then call POST Config/Write to replace all of the existing attribute values with the new set.

To create and schedule a network discovery job

  1. Reuse or create a bearer token that includes the scope configuration:manage. The bearer token grants your client access to Trust Protection Platform.

    To get a bearer token, see Getting a token. For each subsequent API call, be sure to include the token in the request header.

  2. To verify that no object already exists with the desired network discovery name, call POST Config/IsValid. For example:

    POST https://tpp.venafi.example/vedsdk/Config/IsValid/
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   ObjectDN:\\VED\\Discovery\\NetworkDiscovery
}

  3. To create the network Discovery object, call POST Config/Create with a range of IP address and port ranges. For example:

    POST https://tpp.venafi.example/vedsdk/Config/Create/ 
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "ObjectDN":"\\VED\\Discovery\\NetworkDiscovery2",
   "Class":"Discovery",
   "NameAttributeList":[
      {
         "Name":"Address Range",
         "Value":"172.16.1.1-172.16.1.254:443,636,7000-9999"
      }
   ]
}

  4. To set the start of the execution window, always specify the value in Universal Coordinated Time (UTC). For example, run Network Discovery every Monday and Thursday at 10PM UTC:

    POST https://tpp.venafi.example/vedsdk/Config/Write/
Authorization:Bearer 4MyGeneratedBearerTknz==
{
   "ObjectDN":"\\VED\\Discovery\\NetworkDiscovery",
   "AttributeData":[
      {
         "Name":"Hour",
         "Value":[
            "22:00:00"
         ]
      },
      {
         "Name":"Days Of Week",
         "Value":[
            "1",
            "4"
         ]
      }
   ]
}