Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MPL_el
New Contributor

Created on ‎10-30-2023 02:45 PM

IP Address Lookup via API?

Can "IP Address Lookup" be accessed via API on a Fortigate Firewall? (Policy & Objects > Internet Service Database > Internet Services > IP Address Lookup)

 

I have a functional token and have been using a web browser to poke around, but don't know the appropriate url/parameters:

e.g. .../api/v2/cmdb/firewall/internet-service?&access_token=XXX...


Firewall 81F, v7.2.6

Labels:
1572
0 Kudos
4 REPLIES 4
Anthony_E
Community Manager
Community Manager

Created on ‎11-02-2023 01:07 AM

Hello MPL_el,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
1523
0 Kudos
pminarik
Staff
Staff

Created on ‎11-02-2023 03:27 AM Edited on ‎11-02-2023 03:28 AM

Close! However, /cmdb/ is typically used for changing/reading configuration, whereas /monitor/ is the better path for querying various functions and services. But let's get down to business:

 

GET /api/v2/monitor/firewall/internet-service-match?ip=8.8.8.8&ipv4_mask=255.255.255.255

 

Will get you all matching services for 8.8.8.8/32.

For IPv4, use ip & mask. For IPv6, use is_ipv6=true, ip=<IPv6 address>, and ipv6_prefix.

(And don't forget to include the access_token of course. I left it out of the sample for simplicity)

 

And before someone asks, port/protocol filtering is not available for this query.

[ corrections always welcome ]
1513
MPL_el
New Contributor
In response to pminarik

Created on ‎11-02-2023 08:36 AM

Thanks for the reply and the explanation of /cmdb/ vs /monitor/!  I tested and was able to get a response. 

 

Is there a way to get the location information?  This query appears to return the information within "Internet Service Details."  Is there something similar for the information within "IP Address Details?"  I tried various permutations of "/ip-address-details?" but was only met with errors.

 

fortigate_location.PNG

1499
0 Kudos
pminarik
Staff
Staff
In response to MPL_el

Created on ‎11-02-2023 08:50 AM

Location is retrieved through a separate Geo-IP query:

POST /api/v2/monitor/geoip/geoip-query/select
request body:
{"ip_addresses":["8.8.8.8","1.1.1.1", "2.2.2.2"]}

 

(included multiple IPs to show how to send a list to be resolved.

 

[ corrections always welcome ]
1494
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.