Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Comments in access policy rules

I've just begun using the REST API for FMC Version: 6.2.0 to provision access policy rules into a Firepower. This has been a bit of a guessing game, because the API Explorer doesn't seem to cover rules, much less proper JSON for creating them.  So far, I've had good luck creating all aspects of the rules, with one small hitch. I can't seem to figure out how to add comments. Could someone paste the appropriate JSON? Certain other aspects of the rule, for instance the id, are auto-generated by the system and must be left out of the POST. Thinking this might be the case with comments; I've tried leaving out the timestamp, user, etc from inside the comment history, but this doesn't seem to help.

Best regards and thanks in advance for any assistance.

10 REPLIES
New Member

Is there anything that I

Is there anything that I could do to clarify the problem I'm having?

New Member

Hello,

Hello,

Using JSON has been a challenge for me as well. I do not have an answer for you as I am trying to figure out how to  create and load objects and rules using this method.

Is there any code that you could share? I have to recreate about 500 rules that the SF ASA conversion utility did not convert.

Thanks very much

New Member

How's your java? I might have

How's your java? I might have some code that I could share, but it wouldn't be helpful unless you were pretty fluent.

New Member

Exactly the same for me.

Exactly the same for me. Unable to add a comment on an accessrule via REST\API

I've seen the "commentHistoryList" but it doesn't seem to add the comment...

Anyone have an idea how to do this ?

Thanks.

Silver

I had to reverse engineer the

I had to reverse engineer the java code used for the rest api to find this out... been struggling a few months back with the same issue.

From what I have found you need to have a dictionary named 'newComments', I have not found any way to update 'commentHistoryList' and had to delete the commentHistoryList and add 'newComments' if I wanted to add/update a rule that had comments.

Hope that helps. :)

New Member

Could you post a JSON example

Could you post a JSON example?

Cisco Employee

I have attached an example to

I have attached an example to this with the last section of the access rule showing the newComment field.

In the 6.2.1 release of Firepower Management Center the "example" button for POST operations in the access rule section of API Explorer now contains this same example.

Regards,

Neil

Silver

*hint* *hint* feature request

*hint* *hint* feature request...

remove newComments and make commentHistoryList editable. :)

New Member

Re: I have attached an example to

I'm attempting to add a comment by modifying an existing rule using a PUT.  JSON is as follows:

 

{  "newComments": [
    "comment1",
    "comment2"
] }

 

which returns the following:

 

"Request UUID and data does not match."

 

Does anyone know what is needed here if doing a PUT?  I've tried adding in other portions such as name and type, but it isn't taking.

New Member

Re: I have attached an example to

Figured it out - the content requires the ID to be passed in. Seems redundant to me as it's also used as part of the path in the call as well.
88
Views
5
Helpful
10
Replies