I was asked to initiate Tripwire Scan on all VMs deployed by vRealize Automation. This requirement was an issue raised by compliance audit finding. After some talks to Tripwire team, we decided on an approach to assign a tag to a host in Tripwire this will force initial VM scan.
VM is registered in Tripwire during agent installation this is handled by SCCM, Salt or Ansible respectively depending on underlaying operating system.
Additionally for the code to work you will have to create a REST endpoint for a Tripwire host using basic authentication. In my case the url is just Tripwire server fqdn over https.
First we have to find the VM Id in Tripwire. I’m in a lucky situation that all VM names are unique in all vCenters. Each VM name is equal to hostname part of its fqdn. Therefore a vSphere vmname will be used to find the asset in Tripwire.
//INPUTS:
//restHost <REST:RESTHost>: Tripwire vRO endpoint
//hostname <String>: vSphere vmname
operationUrl = "/assetview/api/assets";
request = restHost.createRequest("GET", operationUrl);
request.setHeader("Content-Type", "application/json");
request.setHeader("Accept", "application/json");
response = request.execute();
//Evaluate response
var found = false;
if(response.statusCode < 400){
System.debug("Response Status Code: " + response.statusCode);
devices = JSON.parse(response.contentAsString)["computing-device"];
for each (device in devices){
var id = device["synthetic-id"][0]["@id"];
var curHostname = device["hostname"].split(".")[0].toLowerCase();
if (curHostname.indexOf(hostname) == 0 ){
found = true;
System.log("Found hostname: " + hostname);
System.log("id: " + id);
break;
}
}
if(!found){
//did not found the VM
throw "Error can't find the VM " + hostname + " in Tripwire.";
}
}
else {
throw "Error invoicing REST call - Url: " + operationUrl + ", returned Status Code: " + response.statusCode + ", response: " + response.contentAsString
}