Generating SPS support bundle using REST
Generate a support bundle using the SPS REST API.
Previously, generating a support bundle for SPS was possible only from the SPS Web Interface, at Basic Settings > Troubleshooting > Create support bundle. Using the /support-bundle endpoint, administrators can start support bundle generation jobs and download a snapshot of the current state of the specified SPS appliance. To troubleshoot multiple SPS appliances, you must generate the support bundle for each appliance.
NOTE: A support bundle is automatically deleted after 24 hours. If the issue with your SPS appliance persists, you must download a new support bundle.
URL
https://<IP-address-of-SPS>/api/troubleshooting/support-bundle |
Cookies
session_id |
Contains the authentication token of the user |
Required |
The value of the session ID cookie received from the REST server in the authentication response, for example, a1f71d030e657634730b9e887cb59a5e56162860. For more information on authentication, see Authenticate to the SPS REST API.
NOTE: This session ID refers to the connection between the REST client and the SPS REST API. It is not related to the sessions that SPS records (and which also have a session ID, but in a different format). |
HTTP operations
HTTP operations with the /support-bundle endpoint include:
POST |
/api/troubleshooting/support-bundle |
Start generating a SPS support bundle |
|
POST |
Start a SPS support bundle generation job while an another job is in progress |
|
GET |
Retrieve the status of all generated SPS support bundles |
|
GET |
/api/troubleshooting/support-bundle/<the-key-of-the-generated-support-bundle-job> |
Retrieve the status of a single generated SPS support bundle |
|
GET |
/api/troubleshooting/support-bundle/<the-key-of-the-generated-support-bundle-job>/download |
Download a SPS support bundle |
|
DELETE |
/api/troubleshooting/support-bundle/<the-key-of-the-generated-support-bundle-job> |
Remove a SPS support bundle |
You can cancel a SPS support bundle generation job while it is in progress. |
Sample request
The following command starts the generation of a SPS support bundle.
curl -X POST -b "${COOKIE_PATH}" https://<IP-address-of-SPS>/api/troubleshooting/support-bundle |
Sample response
The following is a sample response received if the request was successful.
{ |
"items": [ |
{ |
"body": { |
"error": null, |
"file_name": null, |
"info": null, |
"start_time": null, |
"status": "queued" |
}, |
"key": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX", |
"meta": { |
"href": "/api/troubleshooting/support-bundle/XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX", |
"parent": "/api/troubleshooting" |
} |
} |
], |
"meta": { |
"href": "/api/troubleshooting/support-bundle", |
"parent": "/api/troubleshooting" |
} |
} |
|
Elements of the response message body include:
error |
string | null |
Describes the nature of the error during SPS support bundle job generation. |
For example, "Timeout expired while waiting for creation of support-bundle." |
info |
string | null |
|
|
file_name |
string | null |
The name of the SPS support bundle file. |
|
start_time |
string (date-time) |
The starting point of the SPS support bundle generation job. |
YYYY-MM-DDThh:mm:ss+hh:mm is used as the date-time format. For example, 2022-03-30T12:00:01+00:00. |
status |
enum |
The status of the SPS support bundle generation jobs. |
Possible values:
-
in-progress - The support bundle generation job is in progress.
-
failed - The support bundle generation job was not successful.
-
finished - The support bundle generation job is completed.
-
queued - The support bundle generation job is queued for processing. |
key |
string |
The unique key generated by SPS to identify the support bundle job. |
|
For more information on the meta object, see Message format.
Sample request
The following command retrieves the status of all generated SPS support bundles.
curl -X GET -b "${COOKIE_PATH}" https://<IP-address-of-SPS>/api/troubleshooting/support-bundle |
Sample response
The following is a sample response received if the request was successful.
{ |
"items": [ |
{ |
"body" : { |
"error": null, |
"info" : null, |
"file_name" : null, |
"start_time": "2022-03-30T12:00:01+00:00", |
"status" : "in-progress" |
}, |
"key": "22222222-2222-2222-2222-222222222222", |
"meta": { |
"href": "/api/troubleshooting/support-bundle/22222222-2222-2222-2222-222222222222", |
"parent": "/api/troubleshooting" |
} |
}, |
{ |
"body" : { |
"error": "Timeout expired while waiting for creation of support-bundle.", |
"info" : null, |
"file_name" : null, |
"start_time": "2022-03-30T12:00:01+00:00", |
"status": "failed" |
}, |
"key" : "33333333-3333-3333-3333-333333333333", |
"meta" : { |
"href" : "/api/troubleshooting/support-bundle/33333333-3333-3333-3333-333333333333", |
"parent": "/api/troubleshooting" |
} |
}, |
{ |
"body" : { |
"error": null, |
"info" : null, |
"file_name" : "44444444-4444-4444-4444-444444444444-debug_info.zip", |
"start_time": "2022-03-30T12:00:01+00:00", |
"status": "finished" |
}, |
"key" : "44444444-4444-4444-4444-444444444444", |
"meta" : { |
"href" : "/api/troubleshooting/support-bundle/44444444-4444-4444-4444-444444444444", |
"parent": "/api/troubleshooting" |
} |
}, |
{ |
"body" : { |
"error": null, |
"info" : null, |
"file_name" : null, |
"start_time": null, |
"status": "queued" |
}, |
"key" : "11111111-1111-1111-1111-111111111111", |
"meta" : { |
"href" : "/api/troubleshooting/support-bundle/11111111-1111-1111-1111-111111111111", |
"parent": "/api/troubleshooting" |
} |
} |
], |
"meta": { |
"href": "/api/troubleshooting/support-bundle", |
"parent": "/api/troubleshooting" |
} |
} |
|
For parameter descriptions, see Element.
Sample request
The following command attempts to download a SPS support bundle from a failed generation job.
curl -X GET -b "${COOKIE_PATH}" https://<IP-address-of-SPS>/api/troubleshooting/support-bundle/<the-key-of-the-generated-support-bundle-job>/download |
Sample response
The following is a sample response received if the request was successful.
{ |
"error": { |
"details": { |
"mount_point": "/troubleshooting/support-bundle", |
"resource": "44444444-4444-4444-4444-444444444444/download" |
}, |
"message": "Resource was not found", |
"type": "ResourceNotFound" |
}, |
"meta": { |
"href": "/api/troubleshooting/support-bundle/44444444-4444-4444-4444-444444444444/download", |
"parent": "/api/troubleshooting/support-bundle/44444444-4444-4444-4444-444444444444" |
} |
} |
|
Elements of the response message body include:
details |
object |
|
|
details.mount_point |
string |
The reference URL of the endpoint at which the error has occurred. |
|
details_resource |
|
The reference URL of the resource which could not be downloaded. |
|
message |
string |
The content of the error message. |
|
type |
string |
The type of the error message. |
|
For more information on the meta object, see Message format.
Sample request
The following command removes the information on a finished SPS support bundle generation job.
curl -X DELETE -b "${COOKIE_PATH}" https://<IP-address-of-SPS>/api/troubleshooting/support-bundle/<the-key-of-the-generated-support-bundle-job> |
An example of the request message body:
{ |
"error": null, |
"info" : null, |
"file_name" : "22222222-2222-2222-2222-222222222222-debug_info.zip" |
} |
|
Sample response
The response status of the deletion is a standard HTTP 200 OK.
HTTP response codes
For more information and a list of standard HTTP response codes, see Application level error codes.
Basic settings
Detailed information about this topic
Retrieve basic firmware and host information
The /api/info endpoint contains generic information about the SPS host. Note that part of this information is available without authentication.
URL
GET https://<IP-address-of-SPS>/api/info
Cookies
session_id |
Contains the authentication token of the user |
Required |
The value of the session ID cookie received from the REST server in the authentication response, for example, a1f71d030e657634730b9e887cb59a5e56162860. For more information on authentication, see Authenticate to the SPS REST API.
NOTE: This session ID refers to the connection between the REST client and the SPS REST API. It is not related to the sessions that SPS records (and which also have a session ID, but in a different format). |
Sample request
The following command displays the information about SPS that is available without authentication.
curl https://10.40.255.171/api/info
The following command displays the information about SPS that is available for authenticated users.
curl --cookie cookies.txt https://<IP-address-of-SPS>/api/info
Response
The following is a sample response received by an anonymous user.
For more information on the meta object, see Message format.
{
"body": {
"domainname": "example",
"hostname": "scbwriter",
"nickname": null,
"plugin_sdk_version": {
"feature": "1.4",
"full": "1.4.4"
},
"support_link": "mailto:scb-administrator@example.com"
},
"key": "about_info",
"meta": {
"href": "/api/info",
"parent": "/api"
}
}
The following is a sample response received by an authenticated user.
{
"body": {
"analytics_enabled": false,
"build_date": "2018-06-15T20:18:40+00:00",
"config_hash": "2abde4c81d9b544bf53fae4f4b9657fc",
"domainname": "example",
"firmware_version": "5.7.0",
"hostname": "scbwriter",
"nickname": null,
"plugin_sdk_version": {
"feature": "1.4",
"full": "1.4.4"
},
"roles": [
"central-management",
"search-master"
],
"support_link": "mailto:scb-administrator@example.com",
"version": "5 F7"
},
"key": "about_info",
"meta": {
"href": "/api/info",
"remaining_seconds": 9889
"parent": "/api"
}
}
analytics_enabled |
Indicates whether or not the One Identity Safeguard for Privileged Analytics module has been enabled. |
build_date |
Build date of the SPS firmware. This element is included in the response only for authenticated users. |
config_hash |
Contains the hash of the XML database running on the given SPS host. |
domainname |
Name of the domain used on the network. You can configure this parameter on the /api/configuration/network/naming endpoint. For details, see Naming options. |
hostname |
Name of the machine running SPS. You can configure this parameter on the /api/configuration/network/naming endpoint. For details, see Naming options. |
nickname |
The nickname of the SPS host. Use it to distinguish the devices. It is displayed in the core and boot login shells. You can configure this parameter on the /api/configuration/network/naming endpoint. For details, see Naming options. |
plugin_sdk_version |
The version number of the Plugin SDK.
|
support_link |
The e-mail address of the SPS administrator, as set in the admin_address parameter of the /api/configuration/management/email endpoint. For details, see Mail settings. |
firmware_version |
The version number of the firmware running on SPS, for example, 4.3.2a. This element is included in the response only for authenticated users. |
version |
The name of the major release running on SPS, for example, 4 F3. This element is included in the response only for authenticated users. |
Status and error codes
The following table lists the typical status and error codes for this request. For a complete list of error codes, see Application level error codes.
401 |
Unauthenticated |
The requested resource cannot be retrieved because the client is not authenticated and the resource requires authorization to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved. |
403 |
Unauthorized |
The requested resource cannot be retrieved because the client is not authorized to access it. The details section contains the path that was attempted to be accessed, but could not be retrieved. |
Listing integrated products with SPS
List basic information about products that are integrated with One Identity Safeguard for Privileged Sessions (SPS).
URL
GET https://<IP-address-of-SPS>/api/integrated_products
Cookies
session_id |
Contains the authentication token of the user |
Required |
The value of the session ID cookie received from the REST server in the authentication response, for example, a1f71d030e657634730b9e887cb59a5e56162860. For more information on authentication, see Authenticate to the SPS REST API.
NOTE: This session ID refers to the connection between the REST client and the SPS REST API. It is not related to the sessions that SPS records (and which also have a session ID, but in a different format). |
Operations
Operations with the /integrated_products endpoint include:
Retrieving information about products integrated with SPS |
GET |
/api/integrated_products |
When SPS is joined to One Identity Starling, but One Identity Starling is not available, you will receive the following warning message: Information about the integrated Starling products cannot be retrieved.
Check the following:
- The Starling cloud service is available.
- Your SPS appliance is connected to the Internet.
When your credentials to access One Identity Starling are invalid, you will receive the following warning message: The credentials used for accessing Starling are invalid. This may happen because SPS was un-joined from Starling and restored to a previous joined state. Re-join the SPS to get valid credentials. |
Sample request
The following command lists products that are integrated with SPS.
curl --cookie cookies.txt https://<IP-address-of-SPS>/api/integrated_products
Response
The following is a sample response received when SPS is joined with One Identity Starling, but not with any other products integrated with the One Identity Starling platform.
For more information on the meta object, see Message format.
{
"items": [
{
"name": "Defender",
"link": null,
"activated": false
},
{
"name": "Connect",
"link": null,
"activated": false
},
{
"name": "Governance",
"link": null,
"activated": false
},
{
"name": "RemoteAccess",
"link": null,
"activated": false
}
]
}
The following is a sample response received when SPS is joined with SPP.
{
"items": [
{
"name": "Safeguard for Privileged Passwords",
"activated": true,
"link": "https://10.10.10.10"
}
]
}
The following is a sample response received when SPS is joined with One Identity Starling, and it is integrated with certain One Identity Starling products.
{
"items": [
{
"name": "Defender",
"link": "https://2fa.cloud.oneidentity.com",
"activated": true
},
{
"name": "Connect",
"link": "https://connect.cloud.oneidentity.com",
"activated": true
},
{
"name": "Governance",
"link": null,
"activated": false
}
]
}
Elements of the response message body include:
items |
object array |
A list of One Identity Starling products that are integrated SPS. |
When there are no products integrated with SPS, the items field returns empty: {
"items": []
}
|
items.name |
string |
The name of the integrated One Identity Starling product. |
|
items.link |
format(uri) |
The URL of the integrated One Identity Starling product. |
If the product is not integrated, the value of the link parameter will be null. |
items.activated |
boolean |
Indicates whether the product is integrated with SPS or not. |
Possible values:
|
HTTP response codes
For more information and a complete list of standard HTTP response codes, see Application level error codes.