02-28-2023 02:08 AM - edited 02-28-2023 02:10 AM
Hi, I have just tried to use the Expedition "API Output Manager" for the first time and find some rather strange behaviour.
I have used ML to create around 33 new security rules, when I went to the "API Output Manager" to generate api commands for each rule (SubAtomic) I selected all the api calls for the security rules and pushed to the firewall, after commiting this and coming back a day later, I notice some traffic is hitting my catchall rule (at the bottom) for which I know I created rules for. Further investiagtion I realised that there were only around 22 rules created by the "API Output Manager" so the last 11 rules never had API commands generated for them, I tried regenerating the API calls again in expedition but still only 22 rules create. I moved the bottom 11 rules to the top of the rulebase in expedition and generated the API commands again in "API Output Manager" and although only 22 rules were created again the previously excluded rules (now at the top) were present.
This feels like a limit on the subatomic API output, obviously there were a lot of other API calls generated I didn't use but is anyone aware of a limit on this output, also when using atomic all the rules are listed correctly so it seems to me there isn't an issue with the rules themselves.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
