Skip to main content

HPE Aruba ClearPass

This Integration is part of the HPE Aruba Clearpass Pack.#

Supported versions

Supported Cortex XSOAR versions: 6.0.0 and later.

Aruba ClearPass Policy Manager provides role and device-based network access control for employees, contractors, and guests across any multi-vendor wired, wireless, and VPN infrastructure. This integration was integrated and tested with version 6.9 of HPE Aruba ClearPass.

Configure HPE Aruba ClearPass in Cortex#

ParameterDescriptionRequired
Your server URL (e.g., https://example.net)True
Client IDHPE Aruba ClearPass client identifier.True
Client SecretHPE Aruba ClearPass client secret.True
Trust any certificate (not secure)False
Use system proxy settingsFalse

Commands#

You can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

aruba-clearpass-endpoints-list#


Get a list of endpoints. An endpoint device is an Internet-capable hardware device on a TCP/IP network (e.g. laptops, smart phones, tablets, etc.)

Base Command#

aruba-clearpass-endpoints-list

Input#

Argument NameDescriptionRequired
mac_addressMAC address of the required endpoint. If not given, all the endpoints will be returned.Optional
statusStatus of the required endpoint. Possible values: Known, Unknown, Disabled.Optional
offsetZero based offset to start from. Defaut is 0.Optional
limitMaximum number of items to return in the range of 1 – 1000. Default is 25.Optional

Context Output#

PathTypeDescription
HPEArubaClearPass.Endpoints.idNumberThe ID of the endpoint.
HPEArubaClearPass.Endpoints.mac_addressstringThe MAC address of the endpoint.
HPEArubaClearPass.Endpoints.descriptionstringThe description of the endpoint.
HPEArubaClearPass.Endpoints.statusstringThe status of the endpoint.
HPEArubaClearPass.Endpoints.device_insight_tagsUnknownList of Device Insight Tags.
HPEArubaClearPass.Endpoints.attributesUnknownAdditional attributes (key/value pairs) that may be stored with the endpoint.

Command Example#

!aruba-clearpass-endpoints-list

Context Example#

{
"HPEArubaClearPass": {
"endpoints": [
{
"attributes": {
"A": "B",
"C": "D",
"test": "b",
"test": "bad"
},
"description": "test",
"id": 3001,
"mac_address": "005056894ae2",
"status": "Known"
},
{
"attributes": {
"test": "aaaaa"
},
"description": "aaaa",
"id": 3002,
"mac_address": "001b44113ab7",
"status": "Known"
}
]
}
}

Human Readable Output#

HPE Aruba ClearPass endpoints#

attributesdescriptionidmac_addressstatus
A: B
C: D
test: bad
test: b
test3001005056894ae2Known
test: aaaaaaaaa3002001b44113ab7Known

aruba-clearpass-endpoint-update#


Updates some fields of an endpoint.

Base Command#

aruba-clearpass-endpoint-update

Input#

Argument NameDescriptionRequired
endpoint_idNumeric ID of the endpoint.Required
mac_addressMAC address of the endpoint to be set. If not given, all the endpoints will be returned.Optional
statusStatus of the endpoint to be set. Can be Known/Unknown/Disabled. Possible values: Known, Unknown, Disabled.Optional
descriptionDescription of the endpoint to be set.Optional
device_insight_tagsA comma-separated list of Device Insight Tags.Optional
attributesAdditional attributes (key/value pairs) that may be stored with the endpoint. For example: [{"test1": "aaaaa"},{"test2":"good"}].Optional

Context Output#

PathTypeDescription
HPEArubaClearPass.Endpoints.idNumberThe ID of the endpoint.
HPEArubaClearPass.Endpoints.mac_addressstringThe MAC address of the endpoint.
HPEArubaClearPass.Endpoints.descriptionstringThe description of the endpoint.
HPEArubaClearPass.Endpoints.statusstringThe status of the endpoint.
HPEArubaClearPass.Endpoints.device_insight_tagsUnknownList of Device Insight Tags.
HPEArubaClearPass.Endpoints.attributesUnknownAdditional attributes (key/value pairs) that may be stored with the endpoint.

Command Example#

!aruba-clearpass-endpoint-update endpoint_id=3001 description="test" status=Known

Context Example#

{
"HPEArubaClearPass": {
"endpoints": {
"attributes": {
"A": "B",
"C": "D",
"test1": "b",
"test2": "bad"
},
"description": "test",
"id": 3001,
"mac_address": "005056894ae2",
"status": "Known"
}
}
}

Human Readable Output#

HPE Aruba ClearPass endpoints#

attributesdescriptionidmac_addressstatus
A: B
C: D
test1: bad
test2: b
test3001005056894ae2Known

aruba-clearpass-attributes-list#


Get a list of attributes. Attributes allows you to specify unique sets of criteria for local users, guest users, endpoints, and devices. If no arguments were given, all of the attributes will be displayed.

Base Command#

aruba-clearpass-attributes-list

Input#

Argument NameDescriptionRequired
attribute_idNumeric ID of the required attribute.Optional
nameName of the required attribute.Optional
entity_nameEntity name of the required attribute. Possible values are: Device, LocalUser, GuestUser, Endpoint, Onboard.Optional
offsetZero-based offset to start from. Default is 0.Optional
limitMaximum number of items to return in the range of 1 – 1000. Default is 25.Optional

Context Output#

PathTypeDescription
HPEArubaClearPass.Attributes.idNumberThe ID of the attribute.
HPEArubaClearPass.Attributes.namestringThe name of the attribute.
HPEArubaClearPass.Attributes.entity_namestringThe entity name of the attribute.
HPEArubaClearPass.Attributes.data_typestringThe data type of the attribute (can be one of the following - Boolean, Date, Day, IPv4Address, Integer32, List, MACAddress, String, Text, Time, TimeOfDay).
HPEArubaClearPass.Attributes.mandatoryBooleanWhether this attribute is mandatory for the given entity_name.
HPEArubaClearPass.Attributes.default_valueUnknownDefault value of the attribute.
HPEArubaClearPass.Attributes.allow_multipleBooleanWhether to allow multiple values of the attribute with data type String only (API limitation).
HPEArubaClearPass.Attributes.allowed_valueUnknownThe allowed value for attribute with data type List (e.g., example1,example2,example3).

Command Example#

!aruba-clearpass-attributes-list

Context Example#

{
"HPEArubaClearPass": {
"attributes": [
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "Device",
"id": 35,
"mandatory": false,
"name": "Controller Id"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "Device",
"id": 32,
"mandatory": false,
"name": "Device Vendor"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "Device",
"id": 34,
"mandatory": false,
"name": "Location"
},
{
"allow_multiple": false,
"data_type": "Boolean",
"entity_name": "Device",
"id": 3011,
"mandatory": false,
"name": "new123"
},
{
"allow_multiple": false,
"data_type": "Boolean",
"entity_name": "Device",
"id": 3043,
"mandatory": false,
"name": "new_attribute_aviya"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "Device",
"id": 31,
"mandatory": false,
"name": "new_name"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "Device",
"id": 33,
"mandatory": false,
"name": "OS Version"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "Device",
"id": 38,
"mandatory": false,
"name": "sysContact"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "Device",
"id": 37,
"mandatory": false,
"name": "sysLocation"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "Device",
"id": 36,
"mandatory": false,
"name": "sysName"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "LocalUser",
"id": 5,
"mandatory": false,
"name": "Department"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "LocalUser",
"id": 6,
"mandatory": false,
"name": "Designation"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "LocalUser",
"id": 2,
"mandatory": false,
"name": "Email"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "LocalUser",
"id": 1,
"mandatory": false,
"name": "Phone"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "LocalUser",
"id": 3,
"mandatory": false,
"name": "Sponsor"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "LocalUser",
"id": 4,
"mandatory": false,
"name": "Title"
},
{
"allow_multiple": false,
"data_type": "String",
"entity_name": "GuestUser",
"id": 41,
"mandatory": false,
"name": "airgroup_enable"
},
{
"allow_multiple": false,
"data_type": "String",
"entity_name": "GuestUser",
"id": 42,
"mandatory": false,
"name": "airgroup_shared"
},
{
"allow_multiple": false,
"data_type": "String",
"entity_name": "GuestUser",
"id": 46,
"mandatory": false,
"name": "airgroup_shared_group"
},
{
"allow_multiple": false,
"data_type": "String",
"entity_name": "GuestUser",
"id": 45,
"mandatory": false,
"name": "airgroup_shared_location"
},
{
"allow_multiple": false,
"data_type": "String",
"entity_name": "GuestUser",
"id": 44,
"mandatory": false,
"name": "airgroup_shared_role"
},
{
"allow_multiple": false,
"data_type": "String",
"entity_name": "GuestUser",
"id": 47,
"mandatory": false,
"name": "airgroup_shared_time"
},
{
"allow_multiple": false,
"data_type": "String",
"entity_name": "GuestUser",
"id": 43,
"mandatory": false,
"name": "airgroup_shared_user"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "GuestUser",
"id": 16,
"mandatory": false,
"name": "Company Name"
},
{
"allow_multiple": true,
"data_type": "String",
"entity_name": "GuestUser",
"id": 15,
"mandatory": false,
"name": "Designation"
}
]
}
}

Human Readable Output#

HPE Aruba ClearPass attributes#

allow_multipledata_typeentity_nameidmandatoryname
trueStringDevice35falseController Id
trueStringDevice32falseDevice Vendor
trueStringDevice34falseLocation
falseBooleanDevice3011falsenew123
falseBooleanDevice3043falsenew_attribute_aviya
trueStringDevice31falsenew_name
trueStringDevice33falseOS Version
trueStringDevice38falsesysContact
trueStringDevice37falsesysLocation
trueStringDevice36falsesysName
trueStringLocalUser5falseDepartment
trueStringLocalUser6falseDesignation
trueStringLocalUser2falseEmail
trueStringLocalUser1falsePhone
trueStringLocalUser3falseSponsor
trueStringLocalUser4falseTitle
falseStringGuestUser41falseairgroup_enable
falseStringGuestUser42falseairgroup_shared
falseStringGuestUser46falseairgroup_shared_group
falseStringGuestUser45falseairgroup_shared_location
falseStringGuestUser44falseairgroup_shared_role
falseStringGuestUser47falseairgroup_shared_time
falseStringGuestUser43falseairgroup_shared_user
trueStringGuestUser16falseCompany Name
trueStringGuestUser15falseDesignation

aruba-clearpass-attribute-create#


Create a new attribute.

Base Command#

aruba-clearpass-attribute-create

Input#

Argument NameDescriptionRequired
nameName of the attribute to be set.Required
entity_nameEntity name of the attribute to be set. Possible values: Device, LocalUser, GuestUser, Endpoint, Onboard.Required
data_typeData Type of the attribute to be set. Possible values: Boolean, Date, Day, IPv4Address, Integer32, List, MACAddress, String, Text, Time, TimeOfDay.Required
mandatoryWhether to make this attribute mandatory for the given entity_name. Default is False. Possible values are: True, False.Optional
default_valueDefault value of the attribute. Default is an empty string.Optional
allow_multipleWhether to allow multiple values of the attribute with data type String only (API limitation). Default is False. Possible values are: True, False.Optional
allowed_valuePossible value for attribute with data type List only (API limitation) (e.g., example1,example2,example3). Default is an empty string.Optional

Context Output#

PathTypeDescription
HPEArubaClearPass.Attributes.idNumberThe ID of the attribute.
HPEArubaClearPass.Attributes.namestringThe name of the attribute.
HPEArubaClearPass.Attributes.entity_namestringThe entity name of the attribute.
HPEArubaClearPass.Attributes.data_typestringThe data type of the attribute. Can be one of the following: Boolean, Date, Day, IPv4Address, Integer32, List, MACAddress, String, Text, Time, TimeOfDay.
HPEArubaClearPass.Attributes.mandatoryBooleanWhether this attribute is mandatory for the given entity_name.
HPEArubaClearPass.Attributes.default_value.UnknownDefault value of the attribute.
HPEArubaClearPass.Attributes.allow_multipleBooleanWhether to allow multiple values of the attribute with data type String only (API limitation).
HPEArubaClearPass.Attributes.allowed_valueUnknownThe allowed value for attribute with data type List (e.g., example1,example2,example3).

Command Example#

!aruba-clearpass-attribute-create data_type=Boolean entity_name=Device name="new_attribute"

Context Example#

{
"HPEArubaClearPass": {
"attributes": {
"allow_multiple": false,
"data_type": "Boolean",
"entity_name": "Device",
"id": 3044,
"mandatory": false,
"name": "new_attribute"
}
}
}

Human Readable Output#

HPE Aruba ClearPass new attribute#

allow_multipledata_typeentity_nameidmandatoryname
falseBooleanDevice3044falsenew_attribute

aruba-clearpass-attribute-update#


Update some fields of an attribute by the attribute's ID.

Base Command#

aruba-clearpass-attribute-update

Input#

Argument NameDescriptionRequired
attribute_idNumeric ID of the attribute to be updated.Required
nameName of the attribute to be set.Optional
entity_nameEntity Name of the attribute to be set. Possible values: Device, LocalUser, GuestUser, Endpoint, Onboard.Optional
data_typeData type of the attribute to be set. Possible values are: Boolean, Date, Day, IPv4Address, Integer32, List, MACAddress, String, Text, Time, TimeOfDay.Optional
mandatoryWhether to make this attribute mandatory for the given entity_name. Default is False. Possible values are: True, False.Optional
default_valueDefault value of the attribute. Default is an empty string.Optional
allow_multipleWhether to allow multiple values of the attribute with data type String only (API limitation). Default is False. Possible values are: True, False.Optional
allowed_valuePossible value for attribute with data type List only (API limitation) (e.g., example1,example2,example3). Default is an empty string.Optional

Context Output#

PathTypeDescription
HPEArubaClearPass.Attributes.idNumberThe ID of the attribute.
HPEArubaClearPass.Attributes.namestringThe name of the attribute.
HPEArubaClearPass.Attributes.entity_namestringThe entity name of the attribute.
HPEArubaClearPass.Attributes.data_typestringThe data type of the attribute. Can be one of the following: Boolean, Date, Day, IPv4Address, Integer32, List, MACAddress, String, Text, Time, TimeOfDay.
HPEArubaClearPass.Attributes.mandatoryBooleanWhether this attribute is mandatory for the given entity_name.
HPEArubaClearPass.Attributes.default_value.UnknownDefault value of the attribute.
HPEArubaClearPass.Attributes.allow_multipleBooleanWhether to allow multiple values of the attribute with data type String only (API limitation).
HPEArubaClearPass.Attributes.allowed_valueUnknownThe allowed value for attribute with data type List (e.g., example1,example2,example3).

Command Example#

!aruba-clearpass-attribute-update attribute_id=31 name="Device Type" data_type=String

Context Example#

{
"HPEArubaClearPass": {
"attributes": {
"allow_multiple": true,
"data_type": "String",
"entity_name": "Device",
"id": 31,
"mandatory": false,
"name": "Device Type"
}
}
}

Human Readable Output#

HPE Aruba ClearPass update attribute#

allow_multipledata_typeentity_nameidmandatoryname
trueStringDevice31falseDevice Type

aruba-clearpass-attribute-delete#


Delete an attribute.

Base Command#

aruba-clearpass-attribute-delete

Input#

Argument NameDescriptionRequired
attribute_idNumeric ID of the attribute.Required

Context Output#

There is no context output for this command.

Command Example#

!aruba-clearpass-attribute-delete attribute_id=3043

Human Readable Output#

HPE Aruba ClearPass attribute with ID: 3043 deleted successfully.

aruba-clearpass-active-sessions-list#


Get a list of active sessions.

Base Command#

aruba-clearpass-active-sessions-list

Input#

Argument NameDescriptionRequired
session_idID of the active session.Optional
device_ipIP address of the client.Optional
device_mac_addressMAC address of the client device.Optional
visitor_phoneThe visitor’s phone number.Optional
limitMaximum number of items to return in the range of 1 – 1000. Default is 25.Optional

Context Output#

PathTypeDescription
HPEArubaClearPass.Sessions.IDStringID of the active session.
HPEArubaClearPass.Sessions.Device_IPStringIP address of the client.
HPEArubaClearPass.Sessions.Device_mac_addressStringMAC address of the client device.
HPEArubaClearPass.Sessions.stateStringThe current state of the session (active, stale, closed).
HPEArubaClearPass.Sessions.Visitor_phoneStringThe visitor’s phone number.

Command Example#

!aruba-clearpass-active-sessions-list

aruba-clearpass-active-session-disconnect#


Disconnect active session.

Base Command#

aruba-clearpass-active-session-disconnect

Input#

Argument NameDescriptionRequired
session_idID of the session to disconnect.Required

Context Output#

PathTypeDescription
HPEArubaClearPass.Sessions.Error_codeNumberError status code of the response (non-zero if a problem occurred).
HPEArubaClearPass.Sessions.Response_messageStringDescribes the result of the disconnected operation.

Command Example#

!aruba-clearpass-active-session-disconnect session_id=123