Solved: Re: bulk fetching access-rules?

Jonatan Jonasson · ‎05-22-2018

Is it somehow possible (or what would be the best approach) to bulk-fetch multiple accessrules?

When I do a GET request on /api/fmc_config/v1/domain/DOMAIN_UUID/policy/accesspolicies/CONTAINER_UUID/accessrules I get a list of all of the accessrules, but only their name and ID.

And I would like to, for example, list all accessrules that have a specific source IP address.

(Or by other means work with the information given in all the access-rules)

But if I have 1500 access rules I can't loop through them individually due to the rate-limit on the API. (And it's impractical to create 1500 requests at a time.)

The only "bulk" information I've found relates to POST-ing multiple objects, not retrieving them.

Any thoughts?

Marvin Rhoads · ‎05-22-2018

I think you are correct. As of 6.2.3 we can POST bulk but not GET bulk.

https://www.cisco.com/c/en/us/td/docs/security/firepower/623/api/REST/Firepower_Management_Center_REST_API_Quick_Start_Guide_623/Objects_in_the_REST_API.html#reference_frz_mmy_1cb

Watch for release 6.3 later this year - we're told it will feature significant API enhancements.

View solution in original post

Marvin Rhoads · ‎05-22-2018

I think you are correct. As of 6.2.3 we can POST bulk but not GET bulk.

https://www.cisco.com/c/en/us/td/docs/security/firepower/623/api/REST/Firepower_Management_Center_REST_API_Quick_Start_Guide_623/Objects_in_the_REST_API.html#reference_frz_mmy_1cb

Watch for release 6.3 later this year - we're told it will feature significant API enhancements.