Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2059
Views
0
Helpful
7
Replies

Enable logging using on multiples rules

O.Zang
Level 1
Level 1

‎04-28-2019 05:48 PM - edited ‎02-21-2020 09:05 AM

Hello Team,

 

I have to enable logging on more than 3000 policy rules.

Can you please share a way to do this ?

 

Thanks in advance for your helps.

 

Regards,

 

Zanga

Labels:
0 Helpful
7 Replies 7

Francesco Molino
VIP Alumni
VIP Alumni

‎04-28-2019 09:26 PM

Hi

Are using fmc or fdm?
Using FMC, you can make API calls to modify your access policies logging.
Go to your fmc webpage by adding: ..../api/api-explorer and take a look on policy apis.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

O.Zang
Level 1
Level 1
In response to Francesco Molino

‎04-29-2019 08:19 AM

Hi Francesco,

I am using Fmc.
Please how can i find the policy id to edit ?
Do i have to specify each rules it the script ?

Thanks for your Helps.
regards,
Zanga
0 Helpful

Francesco Molino
VIP Alumni
VIP Alumni
In response to O.Zang

‎04-30-2019 02:14 PM

You will need to get your container-id which corresponds to your parent ACP (Access Control Policy) using URL:

https://fmc.supportlan.com/api/fmc_config/v1/domain/Domain-UUID/policy/accesspolicies

This will return your contained-id.

Once done, you will read all access rules into this container id using url:

https://fmc.supportlan.com/api/fmc_config/v1/domain/Domain-UUID/policy/accesspolicies/Container-UUID/accessrules

 

And then you will get all your rules with their ID. Finally, just do a loop for every rules you have to modify your logging configuration.

 

Hope that clarify a bit


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

O.Zang
Level 1
Level 1
In response to Francesco Molino

‎06-25-2019 09:20 AM

Hello Francesco,

Thanks for your answer.

I am still not able to enable loggin, Can you please help me ?

 

api.PNG

0 Helpful

Francesco Molino
VIP Alumni
VIP Alumni
In response to O.Zang

‎06-26-2019 09:25 PM

What do you mean you're not able to connect? I see a get success on your print screen.

Are you trying to access from outside the dcloud? Not sure you can do that.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

O.Zang
Level 1
Level 1
In response to Francesco Molino

‎06-27-2019 03:05 AM

Hello Francesco,

yes did a get which shows the rules .

I am failling at this step: And then you will get all your rules with their ID. Finally, just do a loop for every rules you have to modify your logging configuration.

I got syntax error each time I tryed.

Regards,
Zanga
0 Helpful

Francesco Molino
VIP Alumni
VIP Alumni
In response to O.Zang

‎06-28-2019 02:39 PM

Can you share what you've done so far and show where you're getting the syntax error.
This WE is a long weekend in Canada but I'm going to do my best to answer soon.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card