10-17-2018 09:49 AM - edited 02-21-2020 08:22 AM
We operate FMC with FTD 4140s, running 6.2.3.3.
I have a URL object group that has grown too large to maintain in the "Objects" tab. (540 entries).
My intention is to convert this to a URL Feed from an internal webserver, Then use the feed in policy.
We would then delete the old URL Object group and URL objects..
Is there a way to download the Object group as a text file?
Thank You !
Dean H.
Solved! Go to Solution.
10-17-2018 12:01 PM
Hi,
I would use Rest API to get it out as a json output.
You can connect to API through <fmc ip>/api/api-explorer/ from there you can go ahead to objects and add find the ID of the object to get a json output.
Here you can read more about the api explorer:
br, Micke
10-17-2018 01:29 PM
To add to @mikael.lahtela response, these are the following API requests you have to send:
1) Send /api/fmc_config/v1/domain/<ID>/object/urlgroups request with no object UUID
2) Find the UUID of the url object group that you need.
3) Send request#1 with UUID determined in 2)
The result will be something like this:
{ "links": { "self": "https://192.168.1.10/api/fmc_config/v1/domain/<id>/object/urlgroups/000C29E8-BB66-0ed3-0000-068719479541" }, "type": "UrlGroup", "literals": [ { "url": "cisco.*", "type": "Url" }, { "url": "apple.*", "type": "Url" }, ], "overridable": false, "description": " ", "name": "HundredPlusObject", "id": "000C29E8-0000-0ed3-0000-068719479541", "metadata": { "timestamp": 1537795383423, "lastUser": { "name": "admin" }, "domain": { "name": "Global", "id": "aaaaaaa-e0f2-11e3-8169-6d9ed49b625f" } } }
You can then extract the urls from the "literals" section.
10-18-2018 08:32 AM
Thanks !
With the use of the API explorer, and the API manual, these worked,
however, the user does need to get the "access token" for the API client .
Dean
10-17-2018 12:01 PM
Hi,
I would use Rest API to get it out as a json output.
You can connect to API through <fmc ip>/api/api-explorer/ from there you can go ahead to objects and add find the ID of the object to get a json output.
Here you can read more about the api explorer:
br, Micke
10-17-2018 01:29 PM
To add to @mikael.lahtela response, these are the following API requests you have to send:
1) Send /api/fmc_config/v1/domain/<ID>/object/urlgroups request with no object UUID
2) Find the UUID of the url object group that you need.
3) Send request#1 with UUID determined in 2)
The result will be something like this:
{ "links": { "self": "https://192.168.1.10/api/fmc_config/v1/domain/<id>/object/urlgroups/000C29E8-BB66-0ed3-0000-068719479541" }, "type": "UrlGroup", "literals": [ { "url": "cisco.*", "type": "Url" }, { "url": "apple.*", "type": "Url" }, ], "overridable": false, "description": " ", "name": "HundredPlusObject", "id": "000C29E8-0000-0ed3-0000-068719479541", "metadata": { "timestamp": 1537795383423, "lastUser": { "name": "admin" }, "domain": { "name": "Global", "id": "aaaaaaa-e0f2-11e3-8169-6d9ed49b625f" } } }
You can then extract the urls from the "literals" section.
10-18-2018 08:32 AM
Thanks !
With the use of the API explorer, and the API manual, these worked,
however, the user does need to get the "access token" for the API client .
Dean
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide