PAN-OS 10.2 REST API Objects/Addresses missing data

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

PAN-OS 10.2 REST API Objects/Addresses missing data

L2 Linker

I have two HA pairs, one PA-460 and one PA-3250. With "/restapi/v10.2/Objects/Addresses" I get two different sets of data from the two pairs, both of which are missing data compared to the UI and CSV downloads:

  • UI/CSV: Name, Location, Type, Address Tags. (Type is one of: IP Netmask, FQDN, IP Range, or IP Wildcard Mask)
  • PA-460: @name, @location, @vsys, ip-netmask, tag, description
  • PA-3250: @name, @location, @vsys, ip-netmask

Notably, neither API response includes the Type field. Entries in the API response that match entries in the UI of Type IP Netmask include the correct Address in the ip-netmask field. Entries of other Types do not have their addresses listed (the ip-netmask field is blank). I have no idea why the PA-3250 omits the tag and description fields. Unfortunately, these issues make this API incomplete and unusable for my purpose.


Does anyone else see this on their systems? Is this expected behavior?


L5 Sessionator

Hi @SSargent_ICTWA, without access to the hardware it is hard to comment, but I would recommend raising a support ticket for this inconsistency between hardware models, as the APIs are part of the supported product set.

In the meantime the XML API definitely includes tag and description and I would be surprised if that was broken on the PA-3250, even if the REST API has some issues which need resolving on the PA-3250. On VM-Series in the lab here, both XML and REST return the tag and description.

Both XML and REST APIs tend to return what is in the configuration file, and the configuration file itself does not include a "type" for an object. The CSV and GUI have extra code which interprets the attributes of the address object to add the type in their output, something which would need to be replicated when using the APIs as a client.


Hope that helps!

Help the community: "Like" helpful comments, and click "Accept as Solution" if you found your answer 🙂

Hi @JimmyHolland,


Thanks for taking the time to reply. As you mentioned, the XML API works as expected on both models.


I probably won't raise a support ticket about the REST API... It took four months of frustrating support interactions for the broken DNSSEC on to be resolved. I have little confidence that reporting this issue will be worth my time. I'll just keep using the XML API.

  • 2 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!