Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MPL_el
New Contributor

IP Address Lookup via API?

Can "IP Address Lookup" be accessed via API on a Fortigate Firewall? (Policy & Objects > Internet Service Database > Internet Services > IP Address Lookup)

 

I have a functional token and have been using a web browser to poke around, but don't know the appropriate url/parameters:

e.g. .../api/v2/cmdb/firewall/internet-service?&access_token=XXX...


Firewall 81F, v7.2.6

4 REPLIES 4
Anthony_E
Community Manager
Community Manager

Hello MPL_el,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
pminarik
Staff
Staff

Close! However, /cmdb/ is typically used for changing/reading configuration, whereas /monitor/ is the better path for querying various functions and services. But let's get down to business:

 

GET /api/v2/monitor/firewall/internet-service-match?ip=8.8.8.8&ipv4_mask=255.255.255.255

 

Will get you all matching services for 8.8.8.8/32.

For IPv4, use ip & mask. For IPv6, use is_ipv6=true, ip=<IPv6 address>, and ipv6_prefix.

(And don't forget to include the access_token of course. I left it out of the sample for simplicity)

 

And before someone asks, port/protocol filtering is not available for this query.

[ corrections always welcome ]
MPL_el

Thanks for the reply and the explanation of /cmdb/ vs /monitor/!  I tested and was able to get a response. 

 

Is there a way to get the location information?  This query appears to return the information within "Internet Service Details."  Is there something similar for the information within "IP Address Details?"  I tried various permutations of "/ip-address-details?" but was only met with errors.

 

fortigate_location.PNG

pminarik

Location is retrieved through a separate Geo-IP query:

POST /api/v2/monitor/geoip/geoip-query/select
request body:
{"ip_addresses":["8.8.8.8","1.1.1.1", "2.2.2.2"]}

 

(included multiple IPs to show how to send a list to be resolved.

 

[ corrections always welcome ]
Labels
Top Kudoed Authors