cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
648
Views
0
Helpful
1
Replies

FMC API PUT Failure When Inspection is Enabled

DinoC_ZAR
Level 1
Level 1

Good day wonderful people,

Expected Outcome: Partially edit existing rules via automation to enable syslog,logend,sendeventstofmc via PUT request. 

Issue: The partial modification works successfully, unless Inspection is enabled on the rule, then an error is thrown and a 500 status is raised. If Inspection is not enabled, the request completes and updates as required, and i am able to iterate through all rules via a list in a python script. The only way to work around the Inspection portion is to include the inspection object in the body. Unfortunately, i would need to identify every rule (1000+ rules where Inspection is enabled), and identify their individual settings to include in the body so as not to overwrite or modify those. How do i avoid this issue, if anyone has come across it and found a simple solution? 

Request Body:

 

 

{
  "sendEventsToFMC": true,
  "id": "0050568F-427B-0ed3-0000-000268434454",
  "enabled": true,
  "enableSyslog": true,
  "logBegin": false,
  "logEnd": true,
  "newComments": [
    "updated via postman api"
  ]
}

 

 

Response Output:

 

 

{
    "error": {
        "category": "OTHER",
        "messages": [
            {}
        ],
        "severity": "ERROR"
    }
}

 

 

 

1 Reply 1

Marcel Zehnder
Spotlight
Spotlight

Hi, which API endpoint are you using?