Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4139
Views
10
Helpful
5
Replies

FMC API Maximum Objects - 1000?

Go to solution
cyodesigns
Level 1
Level 1

‎12-06-2018 03:16 AM - edited ‎02-21-2020 08:32 AM

Hi,

I have an FMC with 1260 TCP/UDP protocol objects configured in it. However when I try to pull down all the objects via a python script using a GET request using this URL:

 

https://10.0.0.1/api/fmc_config/v1/domain/12345678-12345678/object/protocolportobjects?limit=2000 (<<notice the 2000 here)

 

Only 1000 objects are extracted.

The script writes the GET data to a file, and in the file is the "links" section:

 

"links": {
        "self": "https://10.232.6.65/api/fmc_config/v1/domain/12345678-12345678/object/protocolportobjects?offset=0&limit=1000" (<<notice the 1000 here)
    }

 

It looks like the FMC changes the 2000 to 1000 and starts using an offset of 0.

I assume I can create a loop in python and get all the objects by changing the offset value and making multiple GET requests, but is it the case the FMC will only allow 1000 objects per GET request. Does anyone know if this is a hardcoded maximum?

Regards

Mark

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-07-2018 01:25 AM

1000 is the limit in Firepower 6.2.x.

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/622/api/REST/Firepower_Management_Center_REST_API_Quick_Start_Guide_622/objects_in_the_rest_api.html#reference_zmj_lny_1cb

 

They haven't updated that guide for 6.3 yet - it may have changed as they have been working on increasing API functionality a lot.

 

View solution in original post

5 Replies 5

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-07-2018 01:25 AM

1000 is the limit in Firepower 6.2.x.

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/622/api/REST/Firepower_Management_Center_REST_API_Quick_Start_Guide_622/objects_in_the_rest_api.html#reference_zmj_lny_1cb

 

They haven't updated that guide for 6.3 yet - it may have changed as they have been working on increasing API functionality a lot.

 

Go to solution
cyodesigns
Level 1
Level 1
In response to Marvin Rhoads

‎12-07-2018 02:06 AM

Thanks Marvin!!

0 Helpful

Go to solution
Greg Terkanian
Level 1
Level 1
In response to Marvin Rhoads

‎07-19-2019 11:34 AM

Looks like the limit is still there in 6.3.  Is there a workaround?  Is the pagination support in the API?  If so, how?

Thanks.

0 Helpful

Go to solution
tyoung008
Level 1
Level 1
In response to Marvin Rhoads

‎09-27-2021 11:22 AM

This document -> https://www.cisco.com/c/en/us/td/docs/security/firepower/ftd-api/guide/ftd-rest-api.pdf up to 7.0 2021 stills says the limit is 1000 on the bottom of p. 29.  Multiple queries is still the answer.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card