This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

PAN-OS 10.2 REST API Objects/Addresses missing data

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

PAN-OS 10.2 REST API Objects/Addresses missing data

SSargent_ICTWA
L2 Linker

‎09-01-2022 08:43 AM

I have two HA pairs, one PA-460 and one PA-3250. With "/restapi/v10.2/Objects/Addresses" I get two different sets of data from the two pairs, both of which are missing data compared to the UI and CSV downloads:

  • UI/CSV: Name, Location, Type, Address Tags. (Type is one of: IP Netmask, FQDN, IP Range, or IP Wildcard Mask)
  • PA-460: @name, @location, @vsys, ip-netmask, tag, description
  • PA-3250: @name, @location, @vsys, ip-netmask

Notably, neither API response includes the Type field. Entries in the API response that match entries in the UI of Type IP Netmask include the correct Address in the ip-netmask field. Entries of other Types do not have their addresses listed (the ip-netmask field is blank). I have no idea why the PA-3250 omits the tag and description fields. Unfortunately, these issues make this API incomplete and unusable for my purpose.

 

Does anyone else see this on their systems? Is this expected behavior?

0 Likes Likes
2 REPLIES 2

JimmyHolland
L5 Sessionator

‎09-12-2022 05:03 AM

Hi @SSargent_ICTWA, without access to the hardware it is hard to comment, but I would recommend raising a support ticket for this inconsistency between hardware models, as the APIs are part of the supported product set.


In the meantime the XML API definitely includes tag and description and I would be surprised if that was broken on the PA-3250, even if the REST API has some issues which need resolving on the PA-3250. On VM-Series in the lab here, both XML and REST return the tag and description.

Both XML and REST APIs tend to return what is in the configuration file, and the configuration file itself does not include a "type" for an object. The CSV and GUI have extra code which interprets the attributes of the address object to add the type in their output, something which would need to be replicated when using the APIs as a client.

 

Hope that helps!

Help the community: "Like" helpful comments, and click "Accept as Solution" if you found your answer 🙂
0 Likes Likes

SSargent_ICTWA
L2 Linker
In response to JimmyHolland

‎09-12-2022 07:31 AM

Hi @JimmyHolland,

 

Thanks for taking the time to reply. As you mentioned, the XML API works as expected on both models.

 

I probably won't raise a support ticket about the REST API... It took four months of frustrating support interactions for the broken DNSSEC on update.paloaltonetoworks.com to be resolved. I have little confidence that reporting this issue will be worth my time. I'll just keep using the XML API.

0 Likes Likes
  • 1547 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks