Hello community,
I currently have a problem using the CISCO FMC API.
I want to activate the logBegin and logEnd on all the rules of a policy (about 3000), I get all the rules with a GET request and then I loop on it to send a PUT request to modify the rules.
The PUT request I'm using is :
/api/fmc_config/v1/domain/{domain}/policy/accesspolicies/{uuid}/accessrules/{accessrules}
Everything works fine but i notice than if the rules have an "application" field then the request will send a status code 200 SUCCESS, but when I go back to my FMC I cannot access the “Access policy” anymore (I have a loading loop).
And If I don't send the field "application" this one is automatically removed from the rule.
Do you know how to modify rules that contains a condition on the Field “applications” ?
here is the problem rule:
Here is the body I send with my PUT request and that does not work:
{
"id": "xxxxxxxxxx",
"applications": {
"inlineApplicationFilters": [
{
"risks": [
{
"type": "ApplicationRisk",
"id": "VERY_LOW",
"name": "Very Low"
},
{
"type": "ApplicationRisk",
"id": "LOW",
"name": "Low"
}
]
}
]
},
"vlanTags": {},
"logBegin": true,
"logEnd": true,
"variableSet": {
"name": "Default Set",
"id": "xxxxxxxxxxxxxxxxxx",
"type": "VariableSet"
},
"logFiles": false,
"sendEventsToFMC": false,
"type": "AccessRule",
"action": "ALLOW",
"name": "rule_application_test",
"enabled": true
}
Here is a body without the application that works
{
"id": "xxxxxxxxxx",
"vlanTags": {},
"logBegin": true,
"logEnd": true,
"variableSet": {
"name": "Default Set",
"id": "xxxxxxxxxxxxxxxxxx",
"type": "VariableSet"
},
"logFiles": false,
"sendEventsToFMC": false,
"type": "AccessRule",
"action": "ALLOW",
"name": "rule_application_test",
"enabled": true
}
I want to clarify that the PUT works well with all the other Fields like syslog, destinationPorts, sourcesports, sourceZones, etc..
In addition I make all my requests (for the test) by going directly through the API-Explorer and nothing else and i'm using FMC version 6.2.2
In addition, is there a simple way to enable logging on all the rules of a policy directly (maybe bulk parameters) ?
Thank you for you precious help.