FirePower bulk API GET request

meidanmeshulam · ‎08-04-2022

Hi all,

I'm trying to export a huge amount of data from FMC.
Because of that, I must use many requests and the process takes a lot of time (in my case 20 hours, it's a huge network with many policies and objects).
I looked at the API docs and came across a request limit of 120 per minute.
I initially thought of running a parallel get request but that will not work because of a request limit of 120.
Can someone suggest how to execute multiple GET requests at a time, or include many objects (group,host,domain,subnets,ect) in a single request?

Any help will be much appreciated

Thanks!

pglave · ‎09-02-2022

This is Pier, from Cisco CX (Customer Experience) team.

I’ll try to help you with your need.

Indeed, the limit of 120 requests per minute is real, and it’s not even possible to be configured.

This is according to the FMC REST API documentation: https://www.cisco.com/c/en/us/td/docs/security/firepower/70/api/REST/firepower_management_center_rest_api_quick_start_guide_70.pdf

The only things that I found, that can be helpful for you, are:

The possibility to increase the “limit” parameter in GET queries.
By default, a GET request will return only up to 25 items, but this can be increased to 1000 using an explicit “limit” parameter.
There is a possibility to use “bulk” requests.
However, this is only used in case of POST requests, i.e. when you are creating items.
It’s helpful, because you can pass many objects, structured as a JSON array (as described in https://www.cisco.com/c/en/us/support/docs/security/firepower-management-center/215972-push-objects-in-bulk-to-fmc-using-rest-a.html).
But, I understand that this isn’t probably helpful for you, because you’re trying just to export data, not to configure them, right?

Could you share some examples of the API queries that you are calling?
Maybe, depending on the kind of calls that you’re using, we can find other solutions that can help you.

Best regards.