Hi all.
We use Cisco Firepower Rest API for integration with our application.
And it can randomly return 200 and 404 on the same requests. I was able to find different response for same request at cisco firepower logs.
E.g. from usmsharedsvcs.log files
01-Jul-2019 10:16:41.003,[INFO],(DefenseCenterServiceImpl.java:1314)
com.cisco.nm.vms.api.dc.DefenseCenterServiceImpl, pool-12-thread-4113
** REST Request [ CSM ]
** ID : 212422d7-2567-4b17-aed4-b3a3b9eb65ca
** URL: POST /audit
{
"version": "6.2.3",
"requestId": "212422d7-2567-4b17-aed4-b3a3b9eb65ca",
"data": {
"userName": "algosec",
"subsystem": "API",
"message": "GET https://10.255.3.11/api/fmc_platform/v1/info/serverversion Not Found (404) - The server has not found anything matching the request URI",
"sourceIP": "10.255.3.64",
"domainUuid": "e276abec-e0f2-11e3-8169-6d9ed49b625f",
"time": "1561976200942"
},
"deleteList": []
}
01-Jul-2019 10:17:56.532,[INFO],(DefenseCenterServiceImpl.java:1314)
com.cisco.nm.vms.api.dc.DefenseCenterServiceImpl, pool-12-thread-4113
** REST Request [ CSM ]
** ID : eeb93c31-ee4d-4c15-8517-b6617f19a0e8
** URL: POST /audit
{
"version": "6.2.3",
"requestId": "eeb93c31-ee4d-4c15-8517-b6617f19a0e8",
"data": {
"userName": "algosec",
"subsystem": "API",
"message": "GET https://10.255.3.11/api/fmc_platform/v1/info/serverversion OK (200) - The request has succeeded",
"sourceIP": "10.255.3.64",
"domainUuid": "e276abec-e0f2-11e3-8169-6d9ed49b625f",
"time": "1561976274845"
},
"deleteList": []
}
Also it can happend with another urls
01-Jul-2019 10:50:57.138,[INFO],(DefenseCenterServiceImpl.java:1334)
com.cisco.nm.vms.api.dc.DefenseCenterServiceImpl, ajp-nio-127.0.0.1-9009-exec-1353
** REST Response [ DC ]
** ID : 5732fa38-3ea6-43bb-b67d-374ff20b4be5
** URL: GET /internal_rest_api/device/92158902-74e3-11e6-82e6-dd9f02155243
{
"version": "6.0.1",
"error": {
"description": "The 'file' parameter (\"/etc/sf/smart_agent.conf\") to SF::System::chown did not pass the 'Type Validator (system.file)' callback\n",
"code": 400
},
"requestID": "5732fa38-3ea6-43bb-b67d-374ff20b4be5",
"code": 400
}
01-Jul-2019 10:50:57.140,[INFO],(DefenseCenterServiceImpl.java:1314)
com.cisco.nm.vms.api.dc.DefenseCenterServiceImpl, pool-12-thread-4127
** REST Request [ CSM ]
** ID : a3f4e77c-4849-40b3-aa63-4cfe526ccb7f
** URL: POST /audit
{
"version": "6.2.3",
"requestId": "a3f4e77c-4849-40b3-aa63-4cfe526ccb7f",
"data": {
"userName": "algosec",
"subsystem": "API",
"message": "GET https://10.255.3.11/api/fmc_config/v1/domain/e276abec-e0f2-11e3-8169-6d9ed49b625f/devices/devicerecords/92158902-74e3-11e6-82e6-dd9f02155243/bridgegroupinterfaces?expanded=true&offset=0&limit=1000 Not Found (404) - The server has not found anything matching the request URI",
"sourceIP": "10.255.3.64",
"domainUuid": "e276abec-e0f2-11e3-8169-6d9ed49b625f",
"time": "1561978256556"
},
"deleteList": []
}
Any ideas why it can happend on cisco side ? Any option how to prevent return 404 for such calls.
Thanks.