Zabbix API のパケットキャプチャ結果
Zabbix API で使っているJSON-RPCの形式がよくわからなかったので、「tcpdump -X -s 1500 dst port 80」と「tcpdump -X -s 1500 src port 80」パケットとってみてみた。
その結果が以下。(IPは伏せています)
ちゃんとエントリ書く時間がないので、メモがわりにとりあえずそのまま貼っときます。詳細は時間があるときに。
■認証パケット
POST /zabbix/api_jsonrpc.php HTTP/1.1
Accept: */*
Connection: close
Content-Type: application/json-rpc
User-Agent: Zbx.Ruby.CLI
Content-Length: 111
Host: xxx.xxx.xxx.xxx
{"auth":null,"method":"user.authenticate","id":0,"params":{"password":"zabbix","user":"Admin"},"jsonrpc":"2.0"}
■認証結果パケット
HTTP/1.1 200 OK
Date: Wed, 24 Nov 2010 16:10:25 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Set-Cookie: zbx_sessionid=3a34208604fed0da7add9af3361efbb2
Set-Cookie: zbx_sessionid=23d76c60f9acf8c81b5808b7c3d4bdc2
Set-Cookie: zbx_sessionid=deleted; expires=Tue, 24-Nov-2009 16:10:25 GMT
Content-Length: 68
Connection: close
Content-Type: application/json
{"jsonrpc":"2.0","result":"3a34208604fed0da7add9af3361efbb2","id":0}
■get.hostを投げるパケット
POST /zabbix/api_jsonrpc.php HTTP/1.1
Accept: */*
Connection: close
Content-Type: application/json-rpc
User-Agent: Zbx.Ruby.CLI
Content-Length: 129
Host: xxx.xxx.xxx.xxx
{"auth":"3a34208604fed0da7add9af3361efbb2","method":"host.get","id":2,"params":{"extendoutput":true,"limit":100},"jsonrpc":"2.0"}
■get.hostのレスポンス
HTTP/1.1 200 OK
Date: Wed, 24 Nov 2010 16:12:32 GMT
Server: Apache/2.2.3 (CentOS)
X-Powered-By: PHP/5.1.6
Content-Length: 697
Connection: close
Content-Type: application/json
{"jsonrpc":"2.0","result":[{"maintenances":[{"maintenanceid":"0"}],"hostid":"10017","proxy_hostid":"0","host":"Zabbix server","dns":"","useip":"1","ip":"127.0.0.1","port":"10050","status":"0","disable_until":"0","error":"","available":"1","errors_from":"0","lastaccess":"0","inbytes":"0","outbytes":"0","useipmi":"0","ipmi_port":"623","ipmi_authtype":"0","ipmi_privilege":"2","ipmi_username":"","ipmi_password":"","ipmi_disable_until":"0","ipmi_available":"0","snmp_disable_until":"0","snmp_available":"0","maintenanceid":"0","maintenance_status":"0","maintenance_type":"0","maintenance_from":"0","ipmi_ip":"","ipmi_errors_from":"0","snmp_errors_from":"0","ipmi_error":"","snmp_error":""}],"id":2}
■認証パケットを tcpdump -X -s 1500 dst port 80 でとった結果の例
0x0000: 4510 00b7 6668 4000 4006 92d1 cb8e d4cc E...fh@.@.......
0x0010: cb8e d50d 84c7 0050 76c1 5642 7738 4cfb .......Pv.VBw8L.
0x0020: 8018 002e 4888 0000 0101 080a 2bad 3c37 ....H.......+.<7
0x0030: 2bad 3bfc 7b22 6175 7468 223a 2235 3266 +.;.{"auth":"52f
0x0040: 3365 6164 3161 3333 6136 3364 3231 3637 3ead1a33a63d2167
0x0050: 3466 3737 6666 6164 6463 3362 3622 2c22 4f77ffaddc3b6","
0x0060: 6d65 7468 6f64 223a 2268 6f73 742e 6765 method":"host.ge
0x0070: 7422 2c22 6964 223a 322c 2270 6172 616d t","id":2,"param
0x0080: 7322 3a7b 2265 7874 656e 646f 7574 7075 s":{"extendoutpu
0x0090: 7422 3a74 7275 652c 226c 696d 6974 223a t":true,"limit":
0x00a0: 3130 307d 2c22 6a73 6f6e 7270 6322 3a22 100},"jsonrpc":"
0x00b0: 322e 3022 7d0d 0a 2.0"}..