Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1185
Views
15
Helpful
2
Replies

FTD - Rest API to find usages of object

Go to solution
jon12
Level 1
Level 1

‎05-10-2021 04:07 AM

I am trying to delete certain objects using FTD Rest API such as network objects or url objects.

Whenever one of them is being used by a rule or a group, the deletion is being prevented.

 

I was trying to find a way to get all usages of an object so I could clean it up before deletion, but didn't see one.

 

Is there an API that gives back all references of an object?

 

Thank you in advance.

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
jarsmith
Cisco Employee
Cisco Employee

‎05-10-2021 12:28 PM

I wish I had a better answer for you but we don't have a usages API at the moment I can tell you this is something we have talked about internally and there were some prototypes but it hasn't made it into a release yet.  I very much understand the ask and I can totally see the usefulness as we wanted something similar to show usages in the user interface.  (I'll do my best to push for this next time I get a chance)

 

My suggestion in the meantime would be to check the usual suspects:

- Access Rules

- Decryption Rules

- Identity Rules

- RA VPN

 

And check if you have a reference to that ID value.  If you wanted to make a crude script to accomplish this you could look for any JSON document that has a nested dict with an "id" field defined with the "type" the same as the object that you are investigating.  I know this isn't super efficient but that is probably the best answer until we make a purpose-built API (which would be much simpler..).

 

 

View solution in original post

Go to solution
jarsmith
Cisco Employee
Cisco Employee
In response to jarsmith

‎05-10-2021 01:17 PM

One quick follow-up as I just received a suggestion that we also have a free text search API which could be used to simplify a bit.  For example, if you want to find all-access rules that reference a host object named "test_host" you can formulate a query as follows:

 

https://host:443/api/fdm/v6/policy/accesspolicies/default/accessrules?filter=fts:test_host

This will make it so you don't have to crawl all objects of a given type for the major policy type objects Access, Decryption(SSL), and Identity.

 

You'd still have to query per type but you'd get a more concise answer this way.  I just tried it on my FDM with 2 rules and it picked the correct rule.

View solution in original post

2 Replies 2

Go to solution
jarsmith
Cisco Employee
Cisco Employee

‎05-10-2021 12:28 PM

I wish I had a better answer for you but we don't have a usages API at the moment I can tell you this is something we have talked about internally and there were some prototypes but it hasn't made it into a release yet.  I very much understand the ask and I can totally see the usefulness as we wanted something similar to show usages in the user interface.  (I'll do my best to push for this next time I get a chance)

 

My suggestion in the meantime would be to check the usual suspects:

- Access Rules

- Decryption Rules

- Identity Rules

- RA VPN

 

And check if you have a reference to that ID value.  If you wanted to make a crude script to accomplish this you could look for any JSON document that has a nested dict with an "id" field defined with the "type" the same as the object that you are investigating.  I know this isn't super efficient but that is probably the best answer until we make a purpose-built API (which would be much simpler..).

 

 

Go to solution
jarsmith
Cisco Employee
Cisco Employee
In response to jarsmith

‎05-10-2021 01:17 PM

One quick follow-up as I just received a suggestion that we also have a free text search API which could be used to simplify a bit.  For example, if you want to find all-access rules that reference a host object named "test_host" you can formulate a query as follows:

 

https://host:443/api/fdm/v6/policy/accesspolicies/default/accessrules?filter=fts:test_host

This will make it so you don't have to crawl all objects of a given type for the major policy type objects Access, Decryption(SSL), and Identity.

 

You'd still have to query per type but you'd get a more concise answer this way.  I just tried it on my FDM with 2 rules and it picked the correct rule.

Customers Also Viewed These Support Documents