Get the candidate configuration from a firewall by specifying the portion of the configuration to get. Use the following request, including the xpath parameter to specify the portion of the configuration to get.
https://firewall/api/?type=config&action=get&xpath=path-to-config-node
Configuration Node API Request
Address objects in a VSYS. https://firewall//api/?type=config&action=get&xpath=/config/devices/entry/vsys/entry[@name='vsys1']/address The response looks similar to the following: <response status="success" code="19"> <result total-count="1" count="1"> <address admin="name" dirtyId="8" time="2015/10/20 15:32:36"> <entry name="testobject"> <ip-netmask>2.2.2.2</ip-netmask> </entry> <entry name="test1"> <ip-netmask>1.1.1.1</ip-netmask> </entry> ... </address> </result> </response>
Pre-rules pushed from Panorama. https://firewall//api/?type=config&action=get&xpath=/config/panorama/vsys/entry[@name='vsys']/pre-rulebase/security
Detailed information on Applications and Threats from the firewall. https://firewall/api/?type=config&action=get&xpath=/config/predefined/threats/vulnerability/entry[@name='30003']
Full list of all applications. https://firewall/api/?type=config&action=get&xpath=/config/predefined/application
Details on the specific application. https://firewall/api/?type=config&action=get&xpath=/config/predefined/application/entry[@name='hotmail']

Related Documentation