The API consists of a
.php file to which we can make calls from a browser or by command line with tools such as curl, native to GNU/Linux systems.
The security system of the API is triple: based on allowed IP addresses, based on API password, and based on user credentials.
In order to use this utility we must previously configure its security options from the Pandora FMS’ Console.
To do this, we go to Setup -> Setup -> General setup, and look for the fields “IP list with API access” and “API password“.
In the first field we add the IP addresses from which we want to have access to the API, being an IP address for each line, and we can also use the wildcard
* to give access from any IP (not recommended).
In the second field we introduce the password we want, it is important to know that later this password will be passed as a parameter when making the HTTP call to the API, along with the password of the user that is used to make the call, so it is recommended that communications are secure by using HTTPS to encrypt the channel.
Once these two parameters have been correctly configured, we can make use of all the functions available to the API. As an example we can make the following call from a browser executed on a machine whose IP address has been authorized in the parameter “IP list with API access”:
As we see the call is composed of the path to the file
api.php, followed by
? for the parameters step, then we will separate each parameter with
&. Each parameter is defined by
Let’s see an example to return information from the module groups:
The possibilities offered by the API are many, and the call can be quite complicated depending on the operation we are going to perform and the number of parameters we need to pass, so we must be careful and test little by little to gain ease with the use of this powerful utility.
In the following link of the documentation you will find more information about its use: