Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
877
Views
0
Helpful
0
Replies

Problem with REST API using PUT

BenjaminChemla
Level 1
Level 1

‎10-24-2019 07:36 AM - edited ‎02-21-2020 09:37 AM

Hello community,

 

I currently have a problem using the CISCO FMC API.

 

I want to activate the logBegin and logEnd on all the rules of a policy (about 3000), I get all the rules with a GET request and then I loop on it to send a PUT request to modify the rules.

The PUT request I'm using is :

/api/fmc_config/v1/domain/{domain}/policy/accesspolicies/{uuid}/accessrules/{accessrules}

Everything works fine but i notice than if the rules have an "application" field then the request will send a status code 200 SUCCESS, but when I go back to my FMC I cannot access the “Access policy” anymore (I have a loading loop).

 

Capture_problem_application.PNG

And If I don't send the field "application" this one is automatically removed from the rule.

 

Do you know how to modify rules that contains a condition on the Field “applications” ?

 

here is the problem rule: 

Capture_problem_application_the_rules.PNG

 

Here is the body I send with my PUT request and that does not work:

{
  "id": "xxxxxxxxxx",
  "applications": {
    "inlineApplicationFilters": [
      {
        "risks": [
          {
            "type": "ApplicationRisk",
            "id": "VERY_LOW",
            "name": "Very Low"
          },
          {
            "type": "ApplicationRisk",
            "id": "LOW",
            "name": "Low"
          }
        ]
      }
    ]
  },
  "vlanTags": {},
  "logBegin": true,
  "logEnd": true,
  "variableSet": {
    "name": "Default Set",
    "id": "xxxxxxxxxxxxxxxxxx",
    "type": "VariableSet"
  },
  "logFiles": false,
  "sendEventsToFMC": false,
  "type": "AccessRule",
  "action": "ALLOW",
  "name": "rule_application_test",
  "enabled": true
}

Here is a body without the application that works

 

{
  "id": "xxxxxxxxxx",
  "vlanTags": {},
  "logBegin": true,
  "logEnd": true,
  "variableSet": {
    "name": "Default Set",
    "id": "xxxxxxxxxxxxxxxxxx",
    "type": "VariableSet"
  },
  "logFiles": false,
  "sendEventsToFMC": false,
  "type": "AccessRule",
  "action": "ALLOW",
  "name": "rule_application_test",
  "enabled": true
}

I want to clarify that the PUT works well with all the other Fields like syslog, destinationPorts, sourcesports, sourceZones, etc..

In addition I make all my requests (for the test) by going directly through the API-Explorer and nothing else and i'm using FMC version 6.2.2

 

 

In addition, is there a simple way to enable logging on all the rules of a policy directly (maybe bulk parameters) ?

 

Thank you for you precious help.

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card