Use REST API calls to retrieve egress details

This document (000020936) is provided subject to the disclaimer at the end of this document.


There are use cases where the manager is not running, and all tasks are completed through CLI or REST API.  In the WebUI there are some reports in the dashboard that the Manager generates.  One example is the Ingress and Egress Exposure reports.  For this case, a REST API call is available to return the conversations that can be used to gather the same information.

The REST API endpoint /v1/conversation will return connections.  The JSON result contains two sections: conversations and endpoints.  You will need to filter with to/from external to find the IDs, and they reference the IDs from the endpoints for the display_name.  Here's the jq example to identify the pods for egress.  

❯ cat conversation.json | jq -r '.conversations[] | select(.to == "external") | .from' | sort | uniq | while read FROM; do cat conversation.json | jq -r --arg v $FROM '.endpoints[] | select(.id == $v and .state != "exit") | .display_name';done
To see the egress server IP addresses, you must make subsequent calls to /v1/conversation/<container_id>/external.  Here's a script that will save each connection detail into a JSON file named with friendly display_name.


# please remember to specify the controller ip address here

curl -k -H "Content-Type: application/json" -d '{"password": {"username": "'$_neuvectorUsername_'", "password": "'$_neuvectorPassword_'"}}' "https://$_controllerIP_:$_controllerRESTAPIPort_/v1/auth" > /dev/null 2>&1 > token.json
_TOKEN_=`cat token.json | jq -r '.token.token'`

curl -k -H "Content-Type: application/json" -H "X-Auth-Token: $_TOKEN_" "https://$_controllerIP_:$_controllerRESTAPIPort_/v1/conversation" > /dev/null 2>&1 > conversation.json
_FROM_=`cat conversation.json | jq -r '.conversations[] | select(.to == "external") | .from' | sort | uniq`

while IFS= read -r line
_DISPLAYNAME_=`cat conversation.json | jq -r --arg v $line '.endpoints[] | select(.id == $v and .state != "exit") | .display_name'`
curl -k -H "Content-Type: application/json" -H "X-Auth-Token: $_TOKEN_" "https://$_controllerIP_:$_controllerRESTAPIPort_/v1/conversation/$line/external" >> $_DISPLAYNAME_.json
done < <(printf '%s\n' "$_FROM_")

curl -k -X 'DELETE' -H "Content-Type: application/json" -H "X-Auth-Token: $_TOKEN_" "https://$_controllerIP_:$_controllerRESTAPIPort_/v1/auth" > /dev/null 2>&1
rm token.json
The application details can be extracted from the conversations.


This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000020936
  • Creation Date: 18-Jan-2023
  • Modified Date:18-Jan-2023
    • SUSE NeuVector

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

Join Our Community

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

SUSE Customer Support Quick Reference Guide SUSE Technical Support Handbook Update Advisories
Support FAQ

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.

Go to Customer Center