Adding a new firewall to existing log collector group via API

Reply
L2 Linker

Adding a new firewall to existing log collector group via API

Does any one know if there is an XML API call to add a new firewall to an existing Log Collector group, without needing to specify all the existing members of the LC group?

 

For instance...here is the XML debug when adding a new firewall to an existing group.  Unfortunately, I need to include all of the other firewalls as well.  

 

<request cmd="op"  target="panorama">
<operations xml="yes">
<set>
<log-collector-group-preference-list>
<log-collector-group>GROUP</log-collector-group>
<collector-preference-list>
<entry>
<devices>
<entry name="existing1"/>
...
<entry name="existingN"/>

<entry name="newFW"/>
</devices>
<collectors>
<entry name="1"/>
<entry name="2"/>
</collectors>
</entry>
</collector-preference-list>
</log-collector-group-preference-list>
</set>

L4 Transporter

Re: Adding a new firewall to existing log collector group via API

Hey Jason,

 

Good on you for pulling the debug. Usually good info.

 

For configuration calls, we use the type=config calls. For setting configuration, we'd use action=set. The call to actually pull the config for log collector group is below.

 

/api/?type=config&action=get&xpath=/config/devices/entry[@name='localhost.localdomain']/log-collector-group

At this point I don't have a lab set up that I could directly test this against to actually get the syntax we need to set, but if you have some time I was able to get your contact info from our internal support site and would be happy to reach out if you have an opportunity to test a few calls with me on a call. If not and just the call above is sufficient and you'd like to figure out the rest on your own, that's fine as well. Let me know, it should be a pretty quick thing assuming you have management access to the Panorama.

L2 Linker

Re: Adding a new firewall to existing log collector group via API

Reach out, very curious if we can make this work!

 

This is what i am testing with..

api call.JPG

L4 Transporter

Re: Adding a new firewall to existing log collector group via API

Hey Jason, if you want to just reply here with the xpath and element that we were able to determine was working for the call in case anyone else comes along and is looking for the answer.

L2 Linker

Re: Adding a new firewall to existing log collector group via API

Thank you so much for your help!  Here is the API call used to update an existing LC group with a new firewall.

 

https://{{panorama}}/api/?type=config&action=set
&xpath=/config/devices/entry[@name='localhost.localdomain']/log-collector-group/entry[@name='{{LC-group-NAME}}']/logfwd-setting/devices&key={{panorama-key}}&element=<entry name="{{newfw}}"><collectors>
<entry name="{{existingLC}}"/>
</collectors></entry>
 
 
I used Postman where {{ }} are variables for my environment.
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!