This article describes how to use FortiManager REST API Calls to extract FortiGate's Revision history, view its configuration, and revert to a specific revision if needed.
FortiManager-VM, FortiManager.
Prerequisites:
In the below example, the REST API Calls will be demonstrated in Postman:
POST: https://x.x.x.x/jsonrpc x.x.x.x : FMG IP
Request:
{
"id": 1,
"method": "exec",
"params": [
{
"data": [
{
"passwd": "",
"user": "admin"
}
],
"url": "sys/login/user"
}
],
"session": null,
}
Response:
{
"result": [
{
"status": {
"code": 0,
"message": "OK"
},
"url": "sys/login/user"
}
],
"session": "1RlvZuWZA31a+t7oBhWAeBpmtmtmv1yI+0btMGseNQEqY+/zdydc5CHDh3y2GgWZJyivguCOommQ4H1TfB1Kpw==",
"id": 1
}
Getting the Revision History of FortiGate:
Request:
{
"id": 1,
"jsonrpc": "1.0",
"method": "exec",
"params": [
{
"data": {
"device": "gargamel-fmg-esx22"
},
"url": "/deployment/get/device/revision"
}
],
"session": "1RlvZuWZA31a+t7oBhWAeBpmtmtmv1yI+0btMGseNQEqY+/zdydc5CHDh3y2GgWZJyivguCOommQ4H1TfB1Kpw==",
"verbose": 1
}
Response:
"result": [
{
"data": {
"base_ver": 2,
"revinfo": [
{
"comments": "Retrieve",
"error": "",
"extra_info": "",
"instime": "2023-12-06 15:19:32",
"instusr": "admin",
"modtime": "2023-12-06 15:19:32",
"modusr": "admin",
"revision": 2,
"status": 10,
"tag": ""
},
{
"comments": "",
"error": "",
"extra_info": "",
"instime": "2023-12-06 14:58:39",
"instusr": "admin",
"modtime": "2023-12-06 14:58:39",
"modusr": "admin",
"revision": 1,
"status": 10,
"tag": ""
}
]
},
"status": {
"code": 0,
"message": "OK"
},
"url": "/deployment/get/device/revision"
}
],
"id": 1
}
Reverting the Revision history of a FortiGate:
Request:
{
"id": 1,
"jsonrpc": "1.0",
"method": "exec",
"params": [
{
"data": {
"device": " gargamel-fmg-esx22",
"revision": 1
},
"url": "/deployment/revert"
}
],
"session": "1RlvZuWZA31a+t7oBhWAeBpmtmtmv1yI+0btMGseNQEqY+/zdydc5CHDh3y2GgWZJyivguCOommQ4H1TfB1Kpw==",
"verbose": 1
}
Response:
{
"result": [
{
"status": {
"code": 0,
"message": "OK"
},
"url": "/deployment/revert"
}
],
"id": 1
}
Getting the complete FortiGate configuration for a certain Revision:
Request:
{
"id": 1,
"jsonrpc": "1.0",
"method": "exec",
"params": [
{
"data": {
"device": "weepy-fmg-esx37",
"revision": 1
},
"url": "/deployment/checkout/revision"
}
],
"session": "1RlvZuWZA31a+t7oBhWAeBpmtmtmv1yI+0btMGseNQEqY+/zdydc5CHDh3y2GgWZJyivguCOommQ4H1TfB1Kpw==",
"verbose": 1
}
Response:
result": [
{
"data": {
"content": "#config-version=FGVM64-7.00-FW-build1255-........................\n",
"revision": 1
},
"status": {
"code": 0,
"message": "OK"
},
"url": "/deployment/checkout/revision"
}
],
"id": 1
}
Troubleshooting:
The following commands can be used in the FortiManager CLI to debug the REST API calls:
diagnose debug service httpd 255
diagnose debug service main 255
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.