End-of-Life (EoL)

Get Candidate Configuration

Get the candidate configuration from a firewall by specifying the portion of the configuration to get. Use the following request, including the
xpath
parameter to specify the portion of the configuration to get.
curl -X GET "https://<firewall>/api/?type=config&action=get&xpath=<path-to-config-node>"
Configuration Node
API Request
Firewall candidate configuration
curl -X GET "https://<firewall>/api/?type=config&action=get&xpath=/config/devices/entry/vsys/entry[@name='vsys1']&key=<api_key>"
Firewall candidate configuration through Panorama
curl -X GET "https://<panorama>/api/?type=config&action=get&xpath=/config/devices/entry/vsys/entry[@name='vsys1']&target=<serial>&key=<panorama_api_key>"
Firewall candidate configuration through Panorama without specifying a firewall
curl -X GET "https://<panorama>/api/?type=config&action=get&xpath=/config/devices/entry/*[name()!='vsys']|/config/devices/entry/vsys/entry[@name='vsys1']&key=<panorama_api_key>"
Address objects in a virtual system (vsys).
curl -X GET "https://<firewall>//api/?key=<apikey>&type=config&action=get&xpath=/config/devices/entry/vsys/entry[@name='vsys1']/address"
The response looks similar to the following:
<response status="success" code="19"> <result total-count="1" count="1"> <address admin="name" dirtyId="8" time="2015/10/20 15:32:36"><entry name="testobject"><ip-netmask>192.0.2.2</ip-netmask></entry><entry name="test1"><ip-netmask>192.0.2.12</ip-netmask></entry> ...</address> </result> </response>
Pre-rules pushed from Panorama.
curl -X GET "https://<firewall>//api/?key=<apikey>&type=config&action=get&xpath=/config/panorama/vsys/entry[@name='vsys']/pre-rulebase/security"
Full list of all applications.
curl -X GET "https://<firewall>/api/?key=<apikey>&type=config&action=get&xpath=/config/predefined/application"
Details on the specific application.
curl -X GET "https://<firewall>/api/?key=<apikey>&type=config&action=get&xpath=/config/predefined/application/entry[@name='hotmail']"

Recommended For You