search

rnwolfe / fmc-tools

A collection of tools for common tasks needed on the Cisco Firepower Management Center using a fork of the fireREST library.
40 stars 13 forks source link

update all syslog enable for all rules #4

Closed srdrtu closed 5 years ago

srdrtu commented 5 years ago

Hello,

I want to enable all syslog logging for all rules but I get an error. I take below section as a reference. Should I use the name of syslog object from FMC or?

Logging settings

Leave variable empty (var = '') if you don't want to include the setting

syslog_to_server = 'api-syslog-server' log_to_fmc = 'true' log_at_begin = 'false' log_at_end = 'true'

Initialize a new api object

api = FireREST(hostname=device, username=username, password=password)

Get IDs for specified objects. API PK = UUID, so we have to find the matching api object for the name specified.

if ac_policy: acp_id = api.get_acp_id_by_name(ac_policy) else: acp_id = "Not defined"

if syslog_to_server: syslog_server_id = api.get_syslogalert_id_by_name(syslog_to_server)

image

rnwolfe commented 5 years ago

Are you using the FireREST directory included in this repository (in the fireREST directory), or the original I forked from?

The error says that get_syslogalert_id_by_name() doesn't exist in FireREST. This was a function I added in my fork.

Everything you need to run the script is in this repository's folder structure. You do not need the original fireREST code.

srdrtu commented 5 years ago

Thank you for your reply and share that rest api with us, it really helped to me. I changed some wrong codes when i solved my problem and want to share here too, so it can helps the others. 59. Line print("Domain: " + api.get_domain_id(domain)) There is no any function get_domain_id() in fireRest file. I changed it as get_domain_id_by_name() or it can deleted because not used except for print to screen. 39.Line changed the get_syslogalert_id_by_name() as get_syslog_alert_id_by_name for the same reason.

and finally added some codes for setting the enableSyslog attribute; Defined a variable on head of the class (fmc_all_rules_update) enable_syslog = 'true' then added in the 2. for loop following; if enable_syslog and ('enableSyslog' not in acp_rule or 'enableSyslog' != enable_syslog): payload['enableSyslog'] = enable_syslog

rnwolfe commented 5 years ago

Thanks for the update @srdrtu and I hope your comment can help others, as well.

As a side note, I'm not sure why multiple people have reported issues with wrong function names, etc. in the fireREST library.

As you can see, the two functions you references are named appropriately in this repository. This repository is a fork of the original fireREST repository with changes I've made that work with this script. I can do a simple git clone right now and run it and it works fine. I'm not sure where these issues are coming from.

get_domain_id() https://github.com/rnwolfe/fmc-tools/blob/e0ff19cd21e458bb4dbaec98b470d62653947d8e/fireREST/__init__.py#L360

get_syslogalert_id_by_name() https://github.com/rnwolfe/fmc-tools/blob/e0ff19cd21e458bb4dbaec98b470d62653947d8e/fireREST/__init__.py#L343

Regardless, thanks for your update. Closing as this is resolved. Please comment if you have additional questions.