Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1785
Views
0
Helpful
3
Replies

FMC - Rest API POST command: networkgroups not working

aherraez
Level 1
Level 1

‎05-20-2022 05:21 AM - edited ‎05-20-2022 06:13 AM

Hello,

 

I am trying to add a new network group object using some existing objects in the FMC but I am receiving the following message:

description":"The group should have atleast one object reference or a literal as override is not enabled."

 I am trying to add the following networkgroup object:

 

{'name': 'Networkgroup_2', 'objects': [{'type': 'host', 'name': 'Host-2', 'id': '000C29A1-CF6B-0ed3-0000-021474836739'}, {'type': 'range', 'name': 'snmp_servers', 'id': '000C29A1-CF6B-0ed3-0000-021474836781'}], 'type': 'NetworkGroup'} 

 

As I know the names of the objects I have searched for the id of that objects to create the data to use in the POST command.

But I am receiving a 400 error message. 

 

What I am doing wrong? How have to be the payload to create the network group object? In the API documentation seems that I only need these three values for each object that I want to add.

 

Best Regards

 

0 Helpful
3 Replies 3

Marius Gunnerud
VIP
VIP

‎06-01-2022 03:38 PM

What is the 400 error you are getting? Your data format looks fine.

The following is the format I have used to add a NetworkGroup which works for me.

 

object_data1 = {"type" : "Host",
"id" : "000C29F7-A272-0ed3-0000-034359738409",
"name" : "HOST1"
}

object_data2 = {"type" : "Host",
"id" : "000C29F7-A272-0ed3-0000-034359738427",
"name" : "HOST2"
}

objectGrp = {"type" : "NetworkGroup", "name" : "objectGrp2", "objects" : [object_data1, object_data2]}
--
Please remember to select a correct answer and rate helpful posts
0 Helpful

mkioga
Level 1
Level 1
In response to Marius Gunnerud

‎11-28-2022 11:17 AM

Hi Marius. 
Thanks a lot for above post.
I am trying to add an FMC NetworkGroup object using ansible and same error message "The group should have atleast one object reference or a literal as override is not enabled".
It looks like we need to add at least one host object to this network group object while creating it.
This is the ansible code I am using. Wondering how you would modify it to add the host object data


- name: POST to create group object "objects_networkgroups_s1""
ansible.builtin.uri:
url: "https://{{server_ip}}/api/fmc_config/v1/domain/sdfgc-edfd-dddd-4444-sksksksksksks/object/networkgroups"
method: POST
headers:
"X-auth-access-token": "{{ auth_access_token }}"
Connection: keepalive
body: {
name: "{{ objects_networkgroups_s1 }}",
type: "{{ object_type }}",
#value: "{{ objects_list_inside_ip_s1 }}",
description: "{{ objects_networkgroups_s1 + ' added via API by Ansible' }}"
}
body_format: json
return_content: yes
status_code: 201
register: added_objects_networkgroups_s1
vars:
object_type: "NetworkGroup"

- name: Print all GET results from creation of Network group object added_objects_networkgroups_s1
ansible.builtin.debug:
msg: "{{ added_objects_networkgroups_s1 }}"

0 Helpful

babiojd01
Level 1
Level 1

‎08-09-2022 06:31 PM

I can help you out, what are you using? Python? I have an example for both python and powershell if interested? cisco-firepower-api/Firepower-Network-Object-Multipost.py at master · john-babio/cisco-firepower-api (github.com) Take a look at the items.txt file. If you want the powershell version i can give you that as well.

0 Helpful
Customers Also Viewed These Support Documents