Technical Tip: Gathering Policy Package Status for a Specific Device or VDOM on FortiManager via API

LennartElbers · ‎02-20-2025

Description This article describes how to retrieve the policy package status for a specific device or VDOM on FortiManager using the JSON RPC API.

Scope FortiManager.

Solution

To gather the policy package status for a specific device or VDOM, execute the following JSON RPC request:

{
  "id": 1,
  "method": "get",
  "params": [
    {
      "url": "/pm/config/adom/[ADOM-NAME]/_package/status/[DEVICE-NAME]/[VDOM-NAME]"
    }
  ],
  "session": "[SESSION-KEY]",
  "verbose": 1
}

Replace the placeholders as follows:

ADOM-NAME: Name of the ADOM.
DEVICE-NAME: Name of the device in FortiManager.
VDOM-NAME: Name of the VDOM on the FortiGate.
SESSION-KEY: valid session key.

Expected Response:

{
  "id": 1,
  "result": [
    {
      "data": {
        "dev": "[DEVICE-NAME]",
        "pkg": "root/[POLICY-PACKAGE]",
        "status": "[INSTALLATION-STATUS]",
        "vdom": "[VDOM-NAME]"
      },
      "status": {
        "code": 0,
        "message": "OK"
      },
      "url": "/pm/config/adom/[ADOM-NAME]/_package/status/[DEVICE-NAME]/[VDOM-NAME]"
    }
  ]
}

This policy package status can be used to monitor the configuration status of a device or VDOM. It can also be integrated into automation workflows, such as Tufin, to streamline security policy management.

Troubleshooting:

The following commands can be used on the FortiManager CLI to debug the API Calls:

diagnose debug service httpd 255

diagnose debug service main 255

Technical Tip: Gathering Policy Package Status for a Specific Device or VDOM on FortiManager via API

You are leaving our website