Closed derekchung closed 5 years ago
@derekchung This is a good add; however, the API doesn't appear to provide this data (at least as of FMC v6.2.3)
Here is the API response for an ACP Rule from FMC. This rule has an Application Filter applied, as well as an SGT and URL Category (which you can also see are not present in the response):
{
"action": "ALLOW",
"destinationNetworks": {
"objects": [{
"id": "0050568C-D66C-0ed3-0000-171798712676",
"name": "some_dest",
"type": "Host"
},
{
"id": "0050568C-D66C-0ed3-0000-171798696020",
"name": "172_Private",
"type": "Network"
}
]
},
"destinationPorts": {
"objects": [{
"id": "1834e5f0-38bb-11e2-86aa-62f0c593a59a",
"name": "Bittorrent",
"protocol": "TCP",
"type": "ProtocolPortObject"
}]
},
"destinationZones": {
"objects": [{
"id": "8b59a038-7ecf-11e8-8f7e-9ede74934a97",
"name": "services",
"type": "SecurityZone"
}]
},
"enabled": true,
"id": "0050568C-D66C-0ed3-0000-000268437823",
"links": {
"self": "https://10.12.100.34/api/fmc_config/v1/domain/e276abec-e0f2-11e3-8169-6d9ed49b625f/policy/accesspolicies/0050568C-D66C-0ed3-0000-171798708124/accessrules/0050568C-D66C-0ed3-0000-000268437823"
},
"logBegin": true,
"logEnd": true,
"logFiles": false,
"metadata": {
"accessPolicy": {
"id": "0050568C-D66C-0ed3-0000-171798708124",
"name": "api-test-policy",
"type": "AccessPolicy"
},
"category": "--Undefined--",
"domain": {
"id": "e276abec-e0f2-11e3-8169-6d9ed49b625f",
"name": "Global",
"type": "Domain"
},
"ruleIndex": 1,
"section": "Mandatory",
"timestamp": 1531777573973
},
"name": "test rule 1",
"sendEventsToFMC": true,
"sourceNetworks": {
"objects": [{
"id": "0050568C-D66C-0ed3-0000-171798712658",
"name": "some_source",
"type": "Host"
},
{
"id": "0050568C-D66C-0ed3-0000-171798696038",
"name": "192_Private",
"type": "Network"
}
]
},
"sourcePorts": {
"objects": [{
"id": "1834e5f0-38bb-11e2-86aa-62f0c593a59a",
"name": "Bittorrent",
"protocol": "TCP",
"type": "ProtocolPortObject"
}]
},
"sourceZones": {
"objects": [{
"id": "2cdc52d0-7ecf-11e8-8f7e-9ede74934a97",
"name": "inside",
"type": "SecurityZone"
}]
},
"syslogConfig": {
"id": "573468de-7f05-11e8-971f-b0981aec49c1",
"name": "api-syslog-server",
"type": "SyslogAlert"
},
"type": "AccessRule",
"variableSet": {
"id": "76fa83ea-c972-11e2-8be8-8e45bb1343c0",
"name": "Default-Set",
"type": "VariableSet"
},
"vlanTags": {}
}
Here's a screen cap of the rule for reference:
Adding application filter to the CSV output