Fortigate API - Remove address from group address

pablo_embasa · ‎04-25-2022

Hi,

I´m tring to integrate my Fortigates with an script.

My script can add any already created address in an specific group, but I can´t find a way to remove only one address, all I can use is add just an address or change all adresses all at once.

Any help would be appraciented.

pminarik · ‎04-26-2022

Hi pablo_embasa,

There's a neat little trick to this. You can directly target array-like keys in an object with POST requests to append to them, or directly do a DELETE request on one of the items in the array. Example below:

1, Get current members of an address group named "test_group":

GET /api/v2/cmdb/firewall/addrgrp/test_group

=> addr_1, addr_2, addr_3 (to keep this short, I am showing just the members after the command is run, not the actual JSON output)

2, Append a new address object to it:

POST /api/v2/cmdb/firewall/addrgrp/test_group/member

payload: {"name": "addr_4"}

=> addr_1, addr_2, addr_3, addr_4

3, Remove a single address object from it, but leave the rest:
DELETE /api/v2/cmdb/firewall/addrgrp/test_group/member/addr_2

=> addr_1, addr_3, addr_4

[ corrections always welcome ]

View solution in original post

Debbie_FTNT · ‎04-25-2022

Hey Pablo,

if I remember correctly, you can update the address group (including the member fields) with an HTTP PUT request.

I believe an HTTP put with '"member":[<array of all addresses except the one you want to remove>]' should do it.
You could do a GET request to have the addressgroup object, copy&paste the data, remove the address you want, and then send back with PUT request.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++

pablo_embasa · ‎04-25-2022

I know that I can do this, but the software that I´m using doesn´t permit any kind of algorithm, it only supports an API call, so it needs to be on only one request.

pminarik · ‎04-26-2022

Hi pablo_embasa,

There's a neat little trick to this. You can directly target array-like keys in an object with POST requests to append to them, or directly do a DELETE request on one of the items in the array. Example below:

1, Get current members of an address group named "test_group":

GET /api/v2/cmdb/firewall/addrgrp/test_group

=> addr_1, addr_2, addr_3 (to keep this short, I am showing just the members after the command is run, not the actual JSON output)

2, Append a new address object to it:

POST /api/v2/cmdb/firewall/addrgrp/test_group/member

payload: {"name": "addr_4"}

=> addr_1, addr_2, addr_3, addr_4

3, Remove a single address object from it, but leave the rest:
DELETE /api/v2/cmdb/firewall/addrgrp/test_group/member/addr_2

=> addr_1, addr_3, addr_4

[ corrections always welcome ]

itlec · ‎06-05-2024

Was wondering if one can create New Web Content Filter using a FortiOS REST API POST call.

pminarik · ‎06-06-2024

Yes, I've just tested this and you can do a POST request to:

/api/v2/cmdb/webfilter/content/<id>/entries

With the new entry's payload:

{"name": "new block item",

"action": "block",

"status": "enable"}

The result will be an addition to the existing list of entries.

The only difficulty is identifying the right content-filter table ID. If your code doesn't know in advance, you'll need to do a GET request for the relevant webfilter profile first to identify the content-filter's ID. (the same situation applies to static URL filter lists)

[ corrections always welcome ]

pablo_embasa · ‎04-28-2022

Thanks, it works perfectly

Fortigate API - Remove address from group address

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website