Skip to Content

Compliance Standards functions

The following sections detail the REST API commands you can use to perform functions with BMC Database Automation (BDA) Compliance Standards.

Base URL for the API is:

https://hostManagerName/bda/rest/api

Compliance Standards List

Returns a list of current Compliance Standards

Syntax

/1.0/standards

Method

GET

Required parameters

None

Optional parameters

  • scope—Return Standards within a specific scope. Available scopes:
    • application
    • application_instance
    • db2_database
    • db2_instance
    • MSSQL_AvGrp
    • mssql_database
    • mssql_instance
    • mssql_member_instance
    • node
    • oracle_database
    • oracle_db_instance
    • oracle_home
    • oracle_pluggable_database
    • sybase_dataserver
    • sybase_dataserver_instance
    • sybase_repserver
    • sybase_repserver_instance

Response

{
 "status": "success",
 "status_code": "200",
 "data": {
     "standards": [
       {
         "id": "4",
         "name": "MODIFIED-CIS-Oracle-11gR2-V2-database-scoped",
         "fq_name": "/MODIFIED-CIS-Oracle-11gR2-V2-database-scoped",
         "description": "CIS Oracle Database 11g R2 Benchmark v2.0.0 Feb 27 2015",
         "container": "/",
         "scope": "oracle_database",
         "last_updated_by": "sysadmin",
         "last_updated_date": "08-03-2015 15:21:13",
         "last_run_date": "08-11-2015 15:04:44",
         "user_can_run": "true"
       },
       {
         "id": "2",
         "name": "NODE_STD",
         "fq_name": "/NODE_STD",
         "description": "TEST",
         "container": "/",
         "scope": "node",
         "last_updated_by": "sysadmin",
         "last_updated_date": "08-03-2015 13:51:03",
         "last_run_date": {},
         "user_can_run": "true"
       },
       {
         "id": "5",
         "name": "Test-Compliance-Standard-Win-Inst",
         "fq_name": "/Test-Compliance-Standard-Win-Inst",
         "description": "Demonstration of Compliance Rules on Windows Instance",
         "container": "/",
         "scope": "mssql_instance",
         "last_updated_by": "sysadmin",
         "last_updated_date": "08-06-2015 11:06:09",
         "last_run_date": {},
         "user_can_run": "true"
       }
      ]
 }
}

Examples

To get a list of all available Compliance Standards:

curl -k -H "x-auth-token: b4c37d824039a5f87244e17ba0d1df05" https://my.bda.manager.com/bda/rest/api/1.0/standards

To get a list of all node-scoped Compliance Standards:

curl -k -H "x-auth-token: b4c37d824039a5f87244e17ba0d1df05" https://my.bda.manager.com/bda/rest/api/1.0/standards?scope=node

Compliance Standard Information

Returns information about a specific Compliance Standard

Syntax

/1.0/standards/{standard_id}

Method

GET

Required parameters

None

Optional parameters

None

Response

{
 "status": "success",
 "status_code": "200",
 "data": {
   "id": "4",
   "name": "MODIFIED-CIS-Oracle-11gR2-V2-database-scoped",
   "fq_name": "/MODIFIED-CIS-Oracle-11gR2-V2-database-scoped",
   "description": "CIS Oracle Database 11g R2 Benchmark v2.0.0 Feb 27 2015",
   "container": "/",
   "scope": "oracle_database",
   "last_updated_by": "sysadmin",
   "last_updated_date": "08-03-2015 15:21:13",
   "last_run_date": "08-11-2015 15:04:44",
   "user_can_run": "true"
"available_to": ["/Oracle", "/Syabase"]
 }
}

Example

To get a list of Compliance Standards with id=4:

curl -k -H "x-auth-token: b4c37d824039a5f87244e17ba0d1df05" https://my.bda.manager.com/bda/rest/api/1.0/standards/4

Compliance Standards Template List

Returns a list of templates for a specific Compliance Standard

Syntax

/1.0/standards/{standard_id}/templates 

Method

GET

Required parameters

None

Optional parameters

None

Response

{
 "status": "success",
 "status_code": "200",
 "data": {
   "templates": [
       "template.xml",
       "template1.xml",
       "template3.xml"
    ]
 }
}

Example

To get a list of template candidates for a Compliance Standard with id=4:

curl -k -H "x-auth-token: b4c37d824039a5f87244e17ba0d1df05" https://my.bda.manager.com/bda/rest/api/1.0/standards/4/templates

Compliance Standard Candidates List

Returns a list of available candidates for a specific Compliance Standard

Syntax

/1.0/standards/{standard_id}/candidates 

Method

GET

Required parameters

None

Optional parameters

None

Response

Warning

Note

  • fq_name value should be used in 'run' REST API calls.
  • fq_display_name is a human readable alternative that can be used only for representation.
{
 "status": "success",
 "status_code": "200",
 "data": {
   "candidates": [
     {
"details":
 {
       "Oracle SID": "ora12",
"Database Name: "oradb",
"Instance Status": "Down",
"Hostname": /rh5-si-307.gridapp-dev.com",
"Container": "No"
 },
       "fq_name": "/9e5ccae3a07e4883/cust1/^1c9ce20cb87f9e19"
     },
     {
       "details":
 {
       "Oracle SID": "ora12",
"Database Name: "oradb",
"Instance Status": "Down",
"Hostname": /rh5-si-307.gridapp-dev.com",
"Container": "No"
 },
       "fq_name": "/9e5dd3a07e4883/cust1/^1c9ce20db76f9e19"
      },
    ]
 }
}
}

Example

To get a list of object candidates for a Compliance Standard with id=4:

curl -k -H "x-auth-token: b4c37d824039a5f87244e17ba0d1df05" https://my.bda.manager.com/bda/rest/api/1.0/standards/4/candidates

Run Compliance Standard

Runs a specific Compliance Standard for one or more BDA objects using a specified template

Syntax

/1.0/standards/{standard_id}/run

Method

POST

Required parameters

  • template—Compliance Standard template. List of available Compliance Standard templates that can be obtained using a templates REST API call.
  • candidatesA comma-separated list of object candidates.

Optional parameters

None

Response

{
 "status": "success",
 "status_code": "200",
 "data": {
   "job_id": "769",
   "result": "Standard '8' executed successfully."
 }
}

Examples

To run a Compliance Standard with id=4 using template default1.xml and candidate /9e5ccae3a07e4883:

curl -k -H "x-auth-token: b4c37d824039a5f87244e17ba0d1df05" --data "template=default1.xml&candidates=/9e5ccae3a07e4883" https://my.bda.manager.com/bda/rest/api/1.0/standards/4/run

To run a Compliance Standard with id=4 using template default1.xml and candidates /PROD_DB/^9e5ccae3a07e4883 and /DEV_DB/^5a2dcee3307e5332:

curl -k -H "b4c37d824039a5f87244e17ba0d1df05" --data "template=default1.xml&candidates=/PROD_DB/^9e5ccae3a07e4883,/DEV_DB/^5a2dcee3307e5332" https://my.bda.manager.com/bda/rest/api/1.0/standards/4/run

Compliance Standard Results

Returns results for a specific Compliance Standard

Syntax

/1.0/compliance/{standard_id}

Method

POST

Required parameters

None

Optional parameters

  • candidatesA comma-separated list of candidates for which to see compliance results.

Response

{
 "status": "success",
 "status_code": "200",
 "data": {

   "standard": {
     "id": "9",
     "name": "CIS-Oracle-11gR2-V2-27-feb-2015",
     "fq_name": "/CIS-Oracle-11gR2-V2-27-feb-2015",
     "description": "CIS Oracle Database 11g R2 Benchmark v2.0.0 27 Feb 2015",
     "container": "/",
     "scope": "oracle_db_instance",
     "last_updated_by": "sysadmin",
     "last_updated_date": "01-18-2016 16:15:11",
    },
   "compliance": [
      {
       "target": {
         "fq_display_name": "/PROD_DB/rh5-si-307.gridapp-dev.com",
         "fq_name": "/PROD_DB/^9e5ccae3a07e4883"
        },
       "checks": [
          {
           "code": "CIS_1_1",
           "status": "NON COMPLIANT",
           "name": "Ensure the Appropriate Version\/Patches for Oracle Software Is Installed (Not Scored)",
           "excluded": "0",
           "message": "The latest security patches have not been installed.",
           "recommendations": "Download and apply the latest quarterly Critical Patch Update patches.\nReferences:\n  1. http:\/\/www.oracle.com\/us\/support\/assurance\/fixing-policies\/index.html\n  2. http:\/\/www.oracle.com\/technetwork\/topics\/security\/alerts-086861.html\n  3. http:\/\/www.oracle.com\/us\/support\/library\/lifetime-support-technology-069183.pdf"
          },
          {
           "code": "CIS_2_1_2",
           "status": "COMPLIANT"
           "name": "Ensure 'extproc' Is Not Present in 'listener.ora' (Scored)",
           "excluded": "0"
          }
          ....
        ]
      }
    ]
  }
}

Examples

To get the results for a Compliance Standard with id=4 for all the objects that the standard has been run on:

curl -k -H "x-auth-token: b4c37d824039a5f87244e17ba0d1df05" -X POST https://my.bda.manager.com/bda/rest/api/1.0/compliance/4

To get the results for a Compliance Standard with id=4 for object /9e5ccae3a07e4883:

curl -k -H "x-auth-token: b4c37d824039a5f87244e17ba0d1df05" --data "candidates=/9e5ccae3a07e4883" https://my.bda.manager.com/bda/rest/api/1.0/compliance/4

To get the results for a Compliance Standard with id=4 for objects /PROD_DB/^9e5ccae3a07e4883 and /DEV_DB/^5a2dcee3307e5332:

curl -k -H "x-auth-token: b4c37d824039a5f87244e17ba0d1df05" --data "candidates=/PROD_DB/^9e5ccae3a07e4883,/DEV_DB/^5a2dcee3307e5332" https://my.bda.manager.com/bda/rest/api/1.0/compliance/4

Delete Compliance Standard Results

Removes results for a specific Compliance Standard

Syntax

/1.0/compliance/{standard_id}/delete

Method

POST

Required parameters

None

Optional parameters

  • candidatesA comma-separated list of candidates for which to remove compliance results

Response

{
 "status": "success",
 "status_code": "200",
 "data": {
   "results": [
      "Object '/Linux/Cluster/elevenR2' compliance results for standard '8' deleted successfully."
    ]
  }
}

Examples

To remove the results for a Compliance Standard with id=4 for all the objects that the standard has been run on:

curl -k -H "x-auth-token: b4c37d824039a5f87244e17ba0d1df05" -X POST https://my.bda.manager.com/bda/rest/api/1.0/compliance/4/delete

To remove the results for a Compliance Standard with id=4 for object /9e5ccae3a07e4883:

curl -k -H "x-auth-token: b4c37d824039a5f87244e17ba0d1df050" --data "candidates=/9e5ccae3a07e4883" -X POST https://my.bda.manager.com/bda/rest/api/1.0/compliance/4/delete

To remove the results for a Compliance Standard with id=4 for objects /PROD_DB/^9e5ccae3a07e4883 and /DEV_DB/^5a2dcee3307e5332:

curl -k -H "x-auth-token: b4c37d824039a5f87244e17ba0d1df05" --data "candidates==/PROD_DB/^9e5ccae3a07e4883,/DEV_DB/^5a2dcee3307e5332" -X POST https://my.bda.manager.com/bda/rest/api/1.0/compliance/4/delete

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC Database Automation 20.19