Page 1 of 1

Feature Request: API Action

Posted: Fri Feb 15, 2019 1:31 am
by enuro12
I want to call an api when i block things. If we had API actions with a few variables we could do so much more than reactive monitoring.

Re: Feature Request: API Action

Posted: Mon Feb 25, 2019 9:10 am
by LTBcomputers
I have a bit of a hacky work around I thought I'd share, though I too wouldn't mind something like this, I'm not sure how widely useful it would be as API's change like the seasons, perhaps following openAPI standard?

What I did recently is this:
I wrote an artisanal mail server using nodemailer and nodejs. I'm actually testing this specific functionality over this and next month to test for performance issues before scaling out to our fleet of Tiks.

Under system logging actions, add an email action. With nodemailer, pattern matching happens server side, so I simply setup a number of logging actions for various events, dhcp, firewall, login, etc. with the email field mapped to something like identity-firewall@artisanal.mail.server so I can match on the server side and map it into a database.

Then under rules, simply pick what you want to log and monitor, then pick one of the custom actions to push it over to email.

Just make sure you're sending your email with encryption turned on so it's not sending sensitive shit in the clear.