I'm trying to get hardware interface metrics for FortiWiFi 60E using the REST API endpoints. Querying the following endpoints only returns the WAN, VLAN, DMZ, MODEM & WiFi interfaces, but none of the hardware interfaces are listed there.
https://ip:port/api/v2/monitor/system/interface/select?vdom=*&include_vlan=true
https://ip:port/api/v2/monitor/system/interface/
The admin profile used to fetch the above information has read-only permission on all the resources. What am I missing here ?
Any help would be much appreciated.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I don't know if that is possible but my query provides the same details that matches the " show sys interface" output for physical of if you trying to gather details that are similar to " diag hardware deviceinfo nic portX " that needs to be done via SNMP.
e.g
curl -k -H -- "Authorization:1kcnp4sksmrdjmkb1sm6d88NQbc9kb" https://1.1.1.111/api/v2/monitor/system/interface?access_token=1kcnp4sksmrdjmkb1sm6d88NQbc9kb
So if your goal is to get let's say to get specific for "port1" that is not possible with that call.
Did you open a ticket with TAC to have them confirm?
tip :
1: if you query the top level path you can find out what calls are available and the http_request_method GET or POST .
e.g /* see my examples and the path strrings */
curl -k -H -- "Authorization:1kcnp4sksmrdjmkb1sm6d88NQbc9kb" [link=https://209.174.200.2/api/v2/monitor/system?access_token=1kcnp4sksmrdjmkb1sm6d88NQbc9kb]https://1.1.1.111/api/v2/monitor/system?access_token=1kcnp4sksmrdjmkb1sm6d88NQbc9kb[/link]
or
curl -k -H -- "Authorization:1kcnp4sksmrdjmkb1sm6d88NQbc9kb" https://1.1.1.111/api/v2/monitor?access_token=1kcnp4sksmrdjmkb1sm6d88NQbc9kb
Ken Felix
PCNSE
NSE
StrongSwan
Thank you Ken.
For me "show sys interface" lists all the available interfaces including the hardware ones. Querying via "api/v2/monitor/system/interface" excludes these. That's the perplexing part.
I'm going to raise a ticket with TAC and get them to confirm this one way or the other. Will update here once I get a response.
Here's what I got from TAC.
"As per the TAC policies we can't support API related information as it is out of TAC scope. I would request you to submit your request via Fortinet Developer Network using the below link, as we have separate team who work on API related queries."
Please check out "/api/v2/monitor/system/available-interfaces", which also includes additional information for each interface.
Thanks that did work in fortios 6.4.4 and the query provided more details in the 1st query
socadmin@proteus:~$ curl -k -H -- "Gq0198pQHHyzbf3xgd3Q1nyQ96z9tf" '[link]https://x.x.x.x/[/link]{api/v2/monitor/system/available-interfaces?access_token=Gq0198pQHHyzbf3xgd3Q1nyQ96z9tf,api/v2/monitor/system/interface?access_token=Gq0198pQHHyzbf3xgd3Q1nyQ96z9tf}' > file
Is fortinet support ever going to post the API reference for general public access?
Ken Felix
PCNSE
NSE
StrongSwan
Hi Ken,
Currently, API documentation for multiple products is available to all users on FNDN. In addition to FNDN, we also monitor the forums here for API questions if you have any.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1710 | |
1093 | |
752 | |
446 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.