Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Firepower Management Center REST API Submit Snort Rules

Greetings Cisco Community,

I am looking to automate the process of adding intrusion rules to a Firepower device (FMC version 6.2.0). I was hoping to be able to use the REST API for this purpose, but looking through the documentation, it's unclear to me whether this action is supported.

Is adding Snort rules via the REST API supported? I apologize if I've overlooked something obvious.

Thanks in advance,

J

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

J,

J,

Today it is not possible to modify or Tune IPS policy with the REST API. To add and adjust Snort rules in Firepower Management Center you must use the UI. 

All you can do with the API and identify and IPS policy and apply it to to rules.

Regards,

Neil

5 REPLIES
Cisco Employee

J,

J,

Today it is not possible to modify or Tune IPS policy with the REST API. To add and adjust Snort rules in Firepower Management Center you must use the UI. 

All you can do with the API and identify and IPS policy and apply it to to rules.

Regards,

Neil

New Member

Neil,

Neil,

Thank you very much for your quick reply and the clarification!

-J

New Member

Hi Neil,

Hi Neil,

Following on from your response, would it possible to export the SNORT rules using the API?

Cisco Employee

nwilu0001,

nwilu0001,

It is not possible to export the SNORT signature contents for a specific IPS rule with the API. It is only possible to identify and apply the Rule as a whole (By name and system generated GUID) with the API. For visibility into the rule you would again have to use the UI.

Regards,

Neil

New Member

Thank you for replying so

Thank you for replying so quickly Neil.

124
Views
0
Helpful
5
Replies