01-07-2017 07:34 AM - edited 03-12-2019 06:14 AM
Firepower Management Center API - Object Management
One of my customers, recently migrated to Cisco Firepower Threat Defense. One of the challenges that I ran into was the ASA Configuration migration script from Cisco duplicated objects in Firepower Management Center.
To delete these objects, required clicking delete for each object. This was a painful and time consuming activity, so I built a python script to delete object utilizing the FMC API. Attached to this blog is a python script that will allow you to delete unused objects. If you need to delete a large number of objects, it will save you time.
Solved! Go to Solution.
01-19-2017 12:50 PM
I created a new python script that will utilize the API to create a CSV of the Access Control Policy. See the link below for all the FMC Python scripts.
https://github.com/scourge71/fmcapi
01-19-2017 12:50 PM
I created a new python script that will utilize the API to create a CSV of the Access Control Policy. See the link below for all the FMC Python scripts.
https://github.com/scourge71/fmcapi
03-27-2017 10:42 AM
Jason,
Nice scripts. Do you have similar on creating or adding a new access rule to an existing access control policy? Getting the following on my attempt:
{"error":{"category":"FRAMEWORK","messages":[{"description":"No data."}],"severity":"WARN"}}
Of course, my input JSON is probably not correct, since finding good reference for this has been difficult.
Any pointers to additional test scripts, or docs will be a great.
03-28-2017 07:20 PM
michmcda,
The documentation is lacking. Are you utilizing the api-explorer built-in to Firepower? I ended up do a lot of trial and error with Postman. Check out the links below too. Also, you can post your JSON syntax, so I can look at it.
Postman:
https://www.getpostman.com
CDW Blog:
http://blog.cdw.com/security/programing-ciscos-firepower-6-1-rest-api
03-29-2017 06:20 AM
michmcda,
To be sure of your code can you also provide the script you are using? Couple pointers:
The method should be PUT with the request URI :
/api/fmc_config/v1/domain/DomainUUID/policy/accesspolicies/id_of_access_policy_you_are_editing
A JSON content example would be :
{ "name": "Access Policy to Edit", "description": "Test REST API policy", "type": "AccessPolicy", "id": "id_of_access_policy_you_are_editing", "defaultAction": { "intrusionPolicy": { "id": "id_of_existing_or_new_intrusion_policy", "type": "IntrusionPolicy" },
"type": "AccessPolicyDefaultAction",
"logBegin": "true/false",
"logEnd": "true/false",
"sendEventsToFMC": "true/false",
"action": "any_allowed_action_enum",
"id": "id_of_default_action", "variableSet": { "id": "id_of_variableSet_to_be_added", "type": "VariableSet" }, "snmpConfig": { "id": "id_of_snmpConfig_object", "type": "SNMPAlert" }, "syslogConfig": { "id": "id_of_syslog_object", "type": "SyslogAlert" }, } }
05-07-2019 12:59 AM
Hello Jason,
Can i have a script which will add/remove rules in an ACP from Excel/CSV.
Looking forward for ur response.
Regards
Ismail Kalolwala
kalolwalaismail@yahoo.com
08-23-2017 11:53 PM - edited 08-25-2017 07:09 PM
got it working..thanks
05-07-2019 01:01 AM
Hello Prahant,
Can i have the script which adds/remove rules from ACP.
Regards
Ismail Kalolwala
kalolwalaismail@yahoo.com
08-26-2017 10:28 PM
Hey Mate,
Need your help please! I need to import pre-filter policy. Do you have any script for the same ?
I have retrived ACP sucessfully using your script , thanks to you.
I have migrated ASA to FTD and all policies have been migrated as a part of pre-filter policy. its good to import all of them in an excel file for futher reading.
Thanks for your help
11-20-2018 08:33 AM
Hi Jason,
Wonderful idea, and it's feature that sound be in the FMC, in my opinon.
However, I am having trouible getting it to run. I have python v3 running on my Windows 10 laptop and get syntax errors when running. Do I need to use a different version of Python?
Thanks
John
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: