CRAZYROV STUDIO

NetWorker REST API - Basics


The NetWorker REST API provides a mechanism to access the functions provided by NetWorker software. The API interface helps you to build client applications and automate NetWorker operations by using any programming language that supports JSON over HTTP. Inshort this how the HTML 5 NetWorker UI interacts with NetWorker and we can leverage this as well.

You can use the NetWorker REST API to perform the following functions, you can pause the video and read through it.

  • Client management to backup the data that you want to protect.
  • Managing devices, media pools, storage nodes and volumes.
  • Enabling Data protection using policies, workflows and actions.
  • Monitoring jobs, alerts, licenses and enabling notifications.
  • Support for Restricted Data Zones and user management.
  • Customization through probes, directives and rules.
  • Application level protection for Microsoft SQL VDI and SAP HANA.

Authentication

So, let's talk about authentication, because unless you are authorized to access the contents of the NEtWorker server you wont get any useful from the NetWorker API server. You can supply the user name and password by plain text as shown here. The credentials that you need to use for the API calls is the same one that you use to login into the NMC or the NetWorker HTML UI.

Plain Text Authentication
curl -X GET -k -u Administrator:password@123 \
        -H "Content-Type: application/json" https://nsr-linux:9090/nwrestapi/v3/global/alerts

P.S: in case you are planning on using this format it's best to surround the password string within single quotes.

You can also use encoded credentials. You can use the basic scheme that is supported by HTTP, It is a simple authentication scheme built into the HTTP protocol. The client sends HTTP requests with the Authorization header that contains the word Basic, followed by a space and a base64-encoded(non-encrypted) string username: password. For example, to authorize as username / Pa$$w0rd the client would send.

This is only encoded and not encrypted so if you know which encode format is used we can decode it back.

Encoding is pretty simple:

Encoding using base64
echo -n username:'password'|base64

In our example the output from the above command is YWRtaW5pc3RyYXRvcjpQQCQkdzByZDI=, replace this command is all the upcoming examples to test it in your enviornment with the encded sring that you get from your enocded credentials.

File details here
curl -X GET -H "Content-Type: application/json" \
 -H "Authorization: Basic YWRtaW5pc3RyYXRvcjpQQCQkdzByZDI= ,Content-Type: application/json" \
 https://nsr-linux:9090/nwrestapi/v3/global/alerts -k

Either way the REST API is using HTTPS which is a secure version of HTTP and unlike HTTP, the HTTPs protocol encrypts the payload before transferring it over to the API server. My recommendation is to use an authentication method in your application if you are using it for creating a tool so that the user name and password are passed to it during runtime and not stored anywhere.

Now, let's look at how to query the REST API for information. The format to be used is /endpoint?q=AttributeName:Value where endpoint is the name of the resource, the AttributeName is the name of any of the known attributes of that client and value well the parameter value. If you just use the endpoint then everything related to that NetWorker resource will be displayed. So with the query string the command will look like this and you can see that we are using the GET method

File details here
curl -X GET -k -H "Content-Type: application/json" \
         -H "Authorization: Basic YWRtaW5pc3RyYXRvcjpQQCQkdzByZDI= ,Content-Type: application/json" \
          https://192.168.31.50:9090/nwrestapi/v3/global/clients?q=hostname:nsr-linux

And without the query url parameter it should look similar to the below command

File details here
curl -X GET -k -H "Content-Type: application/json" \
        -H "Authorization: Basic YWRtaW5pc3RyYXRvcjpQQCQkdzByZDI= ,Content-Type: application/json" \
        https://192.168.31.50:9090/nwrestapi/v3/global/clients

HTTP Methods

Next, let's take a quick look at the HTTP methods that are supported. If you are new to this topic, in short this is about what you want to do: create, query, update or delete a resource.

Method Action
GET Used to query the API endpoint
PUT Used to send update request to the API endpoint
POST Used to request creation of new resources to the respective endpoint
DELETE Used to request deleting of any resource or records to the respective endpoint
OPTIONS This is just to check what are the hearders parameters supported with the respective endpoint

Examples

Here are a few example commands for your reference

Get backup information
curl -X GET -k -H "Content-Type: application/json" \
        -H "Authorization: Basic YWRtaW5pc3RyYXRvcjpQQCQkdzByZDI="" \
        https://192.168.31.50:9090/nwrestapi/v3/global/backups

Get client information for a specific client
curl -X GET -k -H "Content-Type: application/json" \
        -H "Authorization: Basic YWRtaW5pc3RyYXRvcjpQQCQkdzByZDI=" \
        https://192.168.31.50:9090/nwrestapi/v3/global/backups?q=clienthostname:"nsr-linux.crazyrov.com"

Creating a new client, this API request is using a HTTP POST method
curl -X POST -k -H "Content-Type: application/json" \
        -H "Authorization: Basic YWRtaW5pc3RyYXRvcjpQQCQkdzByZDI=" \
        --data '{                                           
        "backupCommand": "save",
        "backupType": "Filesystem",
        "hostname": "sql1.crazyrov.com",
        "saveSets": [
          "C:\\"
        ],
        "protectionGroups": [
          "Demo_DC"
          ]
        }' https://192.168.31.50:9090/nwrestapi/v3/global/clients

For the PUT and DELETE requests you will need to pass the resource id of the respective resource. You will be able to get this information from the get request for the respective resource.

Updating a client with the HTTP PUT method
[root@snmp-trap ~]# curl -i -X PUT -k -H "Content-Type: application/json" \
          -H "Authorization: Basic YWRtaW5pc3RyYXRvcjpQQCQkdzByZDI=" \
          --data '{
            "backupCommand": "save",
            "backupType": "Filesystem",
            "hostname": "sql1.crazyrov.com",
            "saveSets": [
              "All"
            ],
            "protectionGroups": [
              "Demo_DC"
            ]
            }' https://192.168.31.50:9090/nwrestapi/v3/global/clients/49.0.201.6.0.0.0.0.147.73.150.96.192.168.31.50

Deleting a client using the DELETE method call to the NEtWorker API
curl -i -X DELETE -k -H "Content-Type: application/json" \
          -H "Authorization: Basic YWRtaW5pc3RyYXRvcjpQQCQkdzByZDI=" \
          https://192.168.31.50:9090/nwrestapi/v3/global/clients/48.0.201.6.0.0.0.0.147.73.150.96.192.168.31.50?q="protectionGroups:Demo_DC" -k

This video/article is around the basics of using NetWorker REST API. I am planning on following up with another video/article that will show you how to use this with python. Again all this is described clearly in the NetWorker REST API started guide. The other best place to get all the information related to the available endpoints and schema is https://backup_server/nwrestapi/v3. Use these resources and explore more about how to use the REST API in NetWorker.


Thank you for visting www.crazyrov.com, you can also check out my YouTube channel - crazyRov Studios for Data protection and cloud related technical videos.

CRAZYROVSTUDIO