Introduction
This document describes the REST API provided for the Firepower 9300 Chassis. It includes both Platform and Firepower Chassis Services RESTful APIs, and describes both Configuration and Monitoring APIs. These APIs are solely for Platform services provided by Firepower eXtensible OS.
Prerequisites
The Firepower Chassis Manager REST API is enabled by default on the machine on port 443, which is configured as the default for both the REST API and CM. You may change the port for both. The chassis only supports HTTPS and does not support HTTP.
Be sure to satisfy the following requirements before using the Firepower Chassis Manager REST API:
- The Firepower Chassis must be bootstrapped prior to using the APIs. This can be done using the console to run the chassis setup wizard or by using POAP. Click here for additional details on Power-On-Auto-Provisioning.
-
As part of the pre-provisioning process, provide the following information:
- Chassis Management IP Address (v4 and/or V6)
- Chassis Management Network Mask or Prefix-length
- Chassis Default Gateway
- Management Certificate: by default the chassis will have an auto-generated self-signed certificate. Cisco recommends, but does not require, that a valid certificate be installed on the chassis.
- Cisco highly recommends that NTP and DNS services be configured on the chassis prior to deploying services.
NOTE: Auto install and EULA support features are not supported for release 1.1.2.
Supported Methods
The following methods are supported by the REST API:
- HTTP GET: Retrieves the object. The query is submitted in the URL and the output is contained in the response body.
- HTTP POST: Creates objects. The path is submitted in the URL and the output is contained in the response body.
- HTTP PUT: Updates objects completely. Implicit properties are ignored and explicit properties are set to default if not specified in the payload. Child objects are deleted if they are not specified in the request payload (except for automatically created objects).
- HTTP DELETE: Deletes the object specified in the URL.
- HTTP PATCH: Partially updates the object specified in the URL.
NOTE: HTTP PATCH supports partial updates. Only the included properties of the specified object will be updated. Other existing properties will retain their previous values.
HTTP Error Codes
When executing REST API methods, the following HTTP Error Codes may be returned:
- 200: Success with output. Method succeeded and equivalent JSON objects are returned.
- 204: Success with empty output. Method is successful but the content is empty.
- 400: Request failed. See the error message for more information.
- 403: Forbidden. Permission Denied. The current user is not allowed to perform the operation.
- 404: Object not found. The requested object was not found.
- 405: Method not supported. The requested method is not supported by the API.
- 406: Not Acceptable. Returned when the client requests anything but application/json.
- 415: Unsupported Content Type. Returned when the clients sends a content-type that is anything but application/json.
- 500: Internal Error. The API encountered an error in serving the request.
The model specified below does not contain monitoring data or MAC addresses.
URL Path Format
All API users must use HTTPS on the configured port. In general all API requests will have the following format:
https://<Firepower Chassis_chassis_fqdn>[:management_port]/api/PATH
Cisco highly recommends that
chassis_fqdn
be used instead of the IP Address
in order for the REST Client to be able to authenticate the device being managed. The
Firepower Chassis will authenticate the REST Client using the specified credentials. See
Client Authentication
for additional details.
The following URL paths may be used by API clients:
/api/<object-type>
: Get all objects of a given type.
/api/<object-type>/[id]
: Get the specified object, or create, update
or delete the specified object.
/api/<object-type>/[id1],[id2],[id3]
: Get or delete multiple objects.
/api/<object-type>/<id>/[subobj]/[subobj_id]
: Retrieve, update,
delete child object(s) of the specified object.
/api/class/<class-name>
: Get all instances of a given class regardless
of the hierarchy.
Accept Header
All REST API clients must send an HTTP Accept Header that is set to
application/json
.
Otherwise a
406 Not Acceptable
error will be returned.
Content Type
When uploading JSON objects (POST for creating objects or PUT for updating objects), the
Content-type
HTTP header must be set to
application/json
.
Otherwise, a
415 Unsupported Content Type
error will be returned by the
API.
When uploading Firepower Chassis infrastructure bundles or CSP binaries, the REST API
client must set the
Content-type
HTTP header to
multipart/binary
.
Client Authentication
The following authentication method will be supported:
Session Based Authentication
To authenticate, the client must execute a
POST /api/login
with the
following HTTP HEADERS:
USERNAME = <name of the user>
PASSWORD = <url_encoded_password>
Payload returned on success:
{
"token" : "token_string"
}
On success, the API will return an HTTP 200 code with this
payload:
You must extract the token and include it in HTTP headers when submitting all other API
method requests. The field name for the token must be
TOKEN
.
Payload returned on authentication failure:
{
"error-code": "551",
"error-description": "Authentication failed",
"error-nr": "unidentified-fail"
}
On authentication failure, the API will return an HTTP 400 code with this
payload:
Payload returned on authorization failure:
{
"error-code": "552",
"error-description": "Authorization required",
"error-nr": "service-unavailable"
}
On authorization failure, the API will return an HTTP 400 code with the following payload
when the token is invalid:
To log out, the client must submit a
POST /api/logout
request with this HTTP
HEADER:
"TOKEN"= "<authentication_token>"
On Success: HTTP 200 is returned when a session was found and that session was terminated.
Valid Session Not Found:
{
"error-code": "555",
"error-description": "Authorization required",
"error-nr": "service-unavailable"
}
On Error: HTTP 555 is returned when a valid session is not found for the specified token.
Body: <same error message as for Login>:
All API Requests except
/api/login
must have the following HTTP Header
content:
TOKEN
with the value being the actual token obtained in the login response.
If the token is not specified in the header, an Authentication Error code will be
returned by the REST API.
NOTE:
For this release,
TOKEN
is not
validated against the IP address of the client.
Object Model
The following is a diagram of the Service object model:
- Light blue objects are created by default. They can be updated by users but cannot be deleted.
- Dark blue objects are ones that users can create, modify, and delete.
- Gray objects are internal objects not exposed via the rest api
Clustered Application Provisioning Flow
This section describes the API to create a Clustered Adaptive Security Appliance (ASA) service on the SSP Chassis.
The following high level steps are required to provision an ASA clustered service:
- Create and update Port-Channels objects.
-
Configure
external-ports
and Port-Channel as data. Default value:/mgmt/ic
. -
Create the logical-device object:
-
Specify the
logical-device
name. - Specify the template to be used (ASA or NG-FW).
-
Create the Cluster-Configuration. Attributes:
service-type/mode/chassis-id/key
. -
Create the Clustered-Management-Config:
- Provide the Cluster Virtual IP Address (V4 and/or V6).
- Management IP Address Pool (for managing /monitoring individual cluster units).
-
Set the
logicalDevice ldMode
property toclustered
.
-
Specify the
- ( Optional ) Add DDOS link-decorators to desired links (all links are auto-created and all ports are linked to ASA).
-
(
Optional
) For each
Logical-Device-Unit <slot_id>
, add a DDOS MgmtBootstrap configuration. Create an IP or IPV6 bootstrap object, as well as Key and EncryptedKey bootstrap objects as needed.
Upload the Cisco Secure Package Application to the SSP Controller
Security Applications available on the SSP Platform are packaged as Cisco Secure Package (CSP) files. By default, SSP devices are shipped with the default version of the ASA.CSP application. This application can be deployed, or you can upload a newer version of the application. The following steps describe how Security Applications (CSP files) are uploaded to the SSP Controller.
NOTE: Multiple versions of the same Application can be uploaded to the SSP Controller.
Two methods are supported, and both require Admin privileges:
- Method 1: Instruct the SSP Controller to fetch a specified CSP file from the network.
- Method 2: POST the CSP file using a REST client.
Method 1: POST /api/sys/app-catalogue:
{
"applicationDownloader" : {
"dn" : "sys/app-catalogue",
"filename" : "CiscoSSP-TestAppOne-1.2.3.4-5678.csp",
"remotePath" : "/tmp",
"pwd" : "mysecret",
"user" : "myuser",
"server" : "171.71.71.71",
"protocol" : "scp"
}
}
Method 1
: Instruct the SSP Controller to fetch a specified CSP file from the
network.
POST the CSP file using a REST client:
POST /api/applicationDownloader
Method 2
: Upload the CSP file to the SSP Controller (in multipart binary) by
submitting a POST/PUT request:
Show all available Apps (CSP files installed on the SSP Controller):
GET /api/app
{
"smApp": [
{
"aggregator": "unknown",
"appId": "",
"appType": "unknown",
"author": "",
"buildDate": "",
"canDowngrade": "no",
"canUpgrade": "no",
"dataVNICNR": "0",
"deployType": "unknown",
"description": "",
"dn": "App/asa-9.1",
"fullInstall": "no",
"installTimeout": "0",
"isAggregateVnic": "no",
"isDefaultApp": "yes",
"isSecurityControl": "no",
"longName": "",
"mgmtVNICNR": "0",
"minDataDisk": "0",
"minOS": "",
"name": "asa",
"recommendedDataDisk": "0",
"requiredBinaryDisk": "0",
"uninstallTimeout": "0",
"upgradeTimeout": "0",
"urllink": "http://172.29.191.36:3010/api/App/asa-9.1",
"version": "9.1"
}
]
}
This example displays all available Apps (CSP files installed on the SSP
Controller):
NOTE:
The "name" and "version" are
unique identifiers for a given
application.
App objects and the corresponding CSP file can be deleted by sending a DELETE
request:
DELETE /api/App/{App-ID}
Only unreferenced App objects can be deleted. App objects can be referenced by App-Instance objects. In order to unreference an application, you must delete the referencing AppInstance objects, as shown below.
Pre-Deploying Applications to SSP Blades
This section describes how to pre-deploy security applications to the SSP Blades.
An App Object corresponds to Application binaries available on the SSP Controller.
App Instances correspond to Applications installed on the SSP Blades.
One blade can have one or more applications deployed to it, but can have only one instance of a given application. Slots can be configured even when the blades are not active on the slot. The expectation is that blades will be configured according to the corresponding Slot object when the blades are available.
Provisioning ASA and DDOS apps:
POST /api/slot/1/app-inst
{
"smAppInstance": [
{
"appName": "ASA",
"startupVersion" : "9.2"
},
{
"appName": "DDOS",
}
]
}
The following example provisions two applications (ASA and DDOS) to the blade inserted
into the Slot-1.
NOTE: Specific versions of a given application can be deployed. In the above example of an ASA application, version 9.2 is selected for deployment.
Applications can be provisioned with the default version. In general, the last uploaded
version of an application is considered the default version. You can also specify the
default version by setting the
isDefault
property of the selected version.
In the above example, a DDOS application was installed as its
default
version.
Creating Port-Channels
The SSP Chassis can be configured to aggregate several external ports into one logical port. Each Port-Channel can have 1 to 8 external member ports (External-Ports).
Use the following naming convention to create External-Ports:
Ethernet<slot_id>/<port_id>/<breakout_id>
OR
Ethernet<slot_id>/<port_id>
Port-Channel port with two external port members:
POST /api/ports/pc
{
"fabricEthLanPc": [
{
"adminState": "enabled",
"adminSpeed": "10gbps",
"name": "Port-Channel1",
"fabricEthLanPcEp": [
{
"adminState": "enabled",
"name": "Ethernet1/3"
},
{
"adminState": "enabled",
"name": "Ethernet1/4"
}
],
"mtu": "1518",
"portType": "data"
}
]
}
This example creates a data type Port-Channel port with two external port members: Ethernet1/3 and Ethernet1/4.
The
port-channel
is enabled by default (see the
adminState
property).
Speed is set to
10gbps
.
Tagging Ports
All ports (External or Port-Channel) have a
port-type
property set to one of
the following values:
-
data
: This is the default value for a port and represent adata-port
that will be connected either to a given application on a specified blade or to a cluster application. Note that ports cannot be shared between applications. -
mgmt
: The default value for the Ethernet1/1 port. Ports with amgmt
type can be shared across multiple blades or security applications. -
Firepower_eventing
: This port-type is reserved to be used exclusively with NG-FW applications. -
Cluster
: This can be set for only oneport-channel
port. This port will be used to interconnect clustered security applications. For intra-chassis deployments, thisport-channel
is not required to have external member ports. For inter-chassis deployment, it is required that the clusterport-channel
have at least one external port configured as a member. Note thatPort-Channel255
is auto-configured by the system at provisioning time, with typecluster
. This enables you to create clustered applications without having to configure acluster
port-channel. This is called the Cluster-Control-Link (CCL) .
When external ports with types of
management
or
firepower_eventing
are assigned to applications, VNICs are created and
Global MAC addresses are allocated for each application.
When cluster ports are assigned to applications, Private Pool MAC Addresses are allocated to each Application using these ports.
External interfaces are tagged as
data/mgmt
or
cluster
. In
addition, you can set other end-user configurable attributes.
Retrieve all External-Ports (EP) present in the system:
POST /api/ports/ep
{
"fabricEthLanEp": [
{
"name": "Ethernet1/1",
"mtu": "1518",
"portType": "data"
},
{
"name": "Ethernet1/2",
"mtu": "1518",
"portType": "data"
},
{
"name": "Ethernet1/5",
"mtu": "1518",
"portType": "mgmt"
},
{
"name": "Ethernet1/6",
"mtu": "1518",
"portType": "cluster"
}
]
}
This example retrieves all External-Ports (EP) present in the system. Multiple external
ports are configured in one transaction. The MTU value and
port-type
is set
for each of the specified external ports.
Creating Logical Devices
Create a clustered logical-device object and provision the applications:
POST /api/ld
{
"smLogicalDevice": [
{
"description": "",
"dn": "LogicalDevice/ld1",
"ldMode": "clustered",
"name": "ld1",
"smClusterBootstrap": [
{
"chassisId": "1",
"gatewayv4": "1.1.1.1",
"gatewayv6": "",
"key": "",
"lastUpdatedTimestamp": "1970-01-01T00:00:00.000",
"netmaskv4": "",
"poolEndv4": "0.0.0.0",
"poolEndv6": "::",
"poolStartv4": "0.0.0.0",
"poolStartv6": "::",
"prefixLength": "",
"rn": "ClusterBootstrap",
"serviceTypeName": "",
"virtualIPv4": "1.1.1.2",
"virtualIPv6": "::"
}
],
"smMgmtBootstrap": [
{
"appName": "asa",
"rn": "MgmtBootstrap-asa",
"smEncryptedKey": [
{
"key": "tunnel1",
"value": ""
}
],
"smIP": [
{
"gateway": "1.1.1.",
"ip": "1.2.2.2",
"mask": "2.2.2.2",
"mgmtSubType": "default",
"slotId": "1"
}
],
"smIPV6": [
{
"gateway": "a",
"ip": "2001::2002",
"mgmtSubType": "default",
"prefixLength": "120",
"slotId": "1"
}
],
"smKey": [
{
"key": "tunnel3",
"value": ""
},
{
"key": "tunnel2",
"value": "v2"
},
{
"key": "tunnel1",
"value": "v1"
}
]
}
],
"templateName": "ASA",
"urllink": "http://172.29.191.36:3010/api/LogicalDevice/ld1"
}
]
}
This example illustrates how to create a clustered logical-device object and provision the applications as defined in the template: ASA + DDOS or NG-FW (ASA + SNORT) + DDOS.
-
chassisId
: In a cluster each chassis must have a unique chassis-id. Valid values: 1 - 16. -
mode
:spanned_etherchannel
is the only supported value, and is the default value for this field. -
key
: The secret that is required to join the cluster – this value is optional. -
serviceTypeName
: The cluster name. All chassis must have the sameserviceTypeName
.
NOTE: Only two deployment templates are supported: ASA and NG-FW.
Enable DDOS for an External Port Link
For clustered
LogicalDevices
,
ExternalPortLink
s are
auto-created, meaning that all current
ExternalPort
s and
Port-Channel
s are mapped to the Clustered
LogicalDevice
. This
is a convenience function and functions like an accelerator.
Port-Channel
s
that are created after the Clustered
LogicalDevice
is created must be
linked to the Clustered Application by creating the specified
ExternalPortLink
.
NOTE: For intra-chassis deployments, both External-Ports and Port-Channels can be linked to the Clustered LogicalDevice. For an inter-chassis Clustered LogicalDevice, only Port-Channels can be mapped as data ports; management ports can be mapped as either ExternalPorts or Port-Channels.
Link-Decorators represent a category of security applications that can perform various actions on the network traffic between the ports and Security Applications. Link decorators must have input interfaces, output interfaces and management interfaces. Link-Decorators can be daisy-chained on the same link; in such cases the network traffic is routed from external ports to each link-decorator in the order specified in the configuration, and then routed from the last decorator to the Main Application (ASA or NG-FW).
Enable a DDOS Decorator:
POST /api/ld/LogicalDevice1/ext-portlink/Ethernet1_API_SLASH_1
{
"smLinkDecorator": [
{
"appName": "DDOS"
}
]
}
This example shows how DDOS decorators are enabled for a given link. The default version of the decorator will be used if link-decorator applications must be provisioned to the blade. If a version of the link-decorator is already provisioned, that instance will be used to process the link traffic.
Provision Management Bootstrap Information for a LinkDecorator
Provision Management Bootstrap Information for a LinkDecorator:
POST /ld/LogicalDevice1/mgmt-bootstrap/DDOS
{
"smMgmtBootstrap": [
{
"appName": "ddos",
"dn": "LogicalDevice/ld1/MgmtBootstrap/ddos",
"smEncryptedKey": [
{
"key": "pass",
"value": ""
}
],
"smIP": [
{
"gateway": "2.2.2.1",
"ip": "2.2.2.10",
"mask": "255.255.255.0",
"mgmtSubType": "default",
"slotId": "1"
}
],
"smIPV6": [
{
"gateway": "2001::2001",
"ip": "2001::CAFE",
"mgmtSubType": "default",
"prefixLength": "80",
"slotId": "1"
}
],
"smKey": [
{
"key": "tkey",
"value": "value1"
}
],
"urllink": "http://172.29.191.36:3010/api/LogicalDevice/ld1/MgmtBootstrap/ddos"
}
]
}
If a LinkDecorator is enabled, its management interface can be bootstrapped as shown in this example.
NOTE: Only one management interface is supported for each LinkDecorator.
Standalone Application Provisioning Flow
This section describes the configuration steps for provisioning a Standalone (non-clustered) Security Application. Configure the following high-level flows for Standalone Deployments:
-
Create a
port-channel
. -
Configure ports (
external
orport-channel
) asmgmt
ordata
ports. -
Create a
LogicalDevice
object:-
Specify the
logical-device
name. - Specify the template to be used (ASA or NG-FW).
-
Configure
ldMode
asstandalone
-
Specify the
-
Create
ExternalPortLinks
:-
Set
data-links
anddata-ports
to ASA. -
Set
mgmt-links
andmgmt-ports
to ASA. -
Optionally add a DDOS
link-decorator
to the desired links. - Optionally add code>mgmt-link to DDOS.
-
Set
-
Set the
slotId
to be used by this logical device. -
Create the ASA MgmtBootstrap configuration:
- Include IP, IPv6, Key or EncryptedKey as required by the application.
-
Optionally create a DDOS
mgmt-bootstrap
configuration.
Creating the
port-channel
and configuring ports is identical to the setup as
described in the Provisioning Clustered Application section. Also, you can create all
the above objects in one transaction, or group it as part of multiple transactions.
Creating a Standalone Logical Device
Create a Standalone Logical Device:
{
"smLogicalDevice": [
{
"description": "",
"dn": "LogicalDevice/ld1",
"ldMode": "standalone",
"name": "ld1",
"slotId": "1",
"smClusterBootstrap": [
{
"chassisId": "1",
"gatewayv4": "1.1.1.1",
"gatewayv6": "",
"key": "",
"netmaskv4": "",
"poolEndv4": "0.0.0.0",
"poolEndv6": "::",
"poolStartv4": "0.0.0.0",
"poolStartv6": "::",
"prefixLength": "",
"serviceTypeName": "",
"virtualIPv4": "1.1.1.2",
"virtualIPv6": "::"
}
],
"smExternalPortLink": [
{
"appName": "ASA",
"description": "",
"linkDecorator": "",
"linkName": "",
"portName": "Ethernet1/1",
},
{
"appName": "ASA",
"description": "",
"linkDecorator": "",
"linkName": "",
"portName": "Ethernet1/2"
}
],
"smMgmtBootstrap": [
{
"appName": "asa",
"rn": "MgmtBootstrap-asa",
"smEncryptedKey": [
{
"key": "tunnel1",
"lastUpdatedTimestamp": "1970-01-01T00:00:00.000",
"rn": "EncryptedKey-tunnel1",
"value": ""
}
],
"smIP": [
{
"gateway": "1.1.1.",
"ip": "1.2.2.2",
"lastUpdatedTimestamp": "1970-01-01T00:00:00.000",
"mask": "2.2.2.2",
"mgmtSubType": "default",
"rn": "IP-1-default",
"slotId": "1"
}
],
"smIPV6": [
{
"gateway": "a",
"ip": "2001::2002",
"lastUpdatedTimestamp": "1970-01-01T00:00:00.000",
"mgmtSubType": "default",
"prefixLength": "510",
"rn": "IPV6-1-default",
"slotId": "1"
}
],
"smKey": [
{
"key": "tunnel3",
"lastUpdatedTimestamp": "1970-01-01T00:00:00.000",
"rn": "Key-tunnel3",
"value": ""
},
{
"key": "tunnel2",
"lastUpdatedTimestamp": "1970-01-01T00:00:00.000",
"rn": "Key-tunnel2",
"value": "v2"
},
{
"key": "tunnel1",
"lastUpdatedTimestamp": "1970-01-01T00:00:00.000",
"rn": "Key-tunnel1",
"value": "v1"
}
]
}
],
"templateName": "ASA",
"urllink": "https://ssp-chassis-1:8800/api/LogicalDevice/ld1"
}
]
}
For standalone devices:
-
The
ldMode
flag must be set tostandalone
. -
You must create
ExternalPortLinks
explicitly. -
You must configure the ASA
MgmtBootstrap
object.
Application Upgrade or Downgrade
Security Applications deployed to blades can be upgraded or downgraded as supported by each application. This section describes the process of performing Security Application upgrades or downgrades.
In order to trigger a Security Application upgrade or downgrade action, modify the
AppInstance
object corresponding to the correct slot to point to the desired application version.
The
AppInstance
object can also be created programmatically for application
pre-deployment.
In order to upgrade a Security Application, modify its corresponding
AppInstance
object to point to the new Application Version. This is done by
changing the
startupVersion
application.
Change the ASA version:
PUT /api/slot/1/app-inst/ASA
{
"smAppInstance": [
{
"appName": "ASA",
"startupVersion": "9.1"
}
]
}
In this example, the ASA version running on Slot 1 is changed to version 9.1.
Returned object:
{
"smAppInstance": [
{
"dn" : "Slot/1/AppInstance/ASA",
"operationStatus" : "upgrading",
"runningVersion" : "9.0",
"appName": "ASA",
"startupVersion": "9.1"
}
]
}
On success, the following object is returned (only the relevant object properties are
shown here).
You can monitor the upgrade process using one of these methods:
-
Subscribe for events and wait until this object updates its
operationalStatus
toOK
orfailure
. -
Periodically pull this object and monitor the
operationalStatus
field.
In the case of failure to upgrade or downgrade the application, a fault will also be generated.
Handling Multiple App Versions
If the Supervisor has more than one version of the same App (same app mnemonic), the Service Manager selects the default App. Normally, the default application version is the last version added to the system.
You can specify the application version by setting it explicitly in the
startupVersion
property or by setting the desired application version as the default using the App
object's
isDefaultApp
property.
Firepower Chassis Service Configuration Objects
This section describes the Firepower Chassis Service Configuration objects.
External-Port
External ports correspond to physical ports on the chassis. These ports are uniquely
identified by specifying the
slotId
,
portId
, and, if
necessary, the
breakoutId
.
You can only modify the
mtu
and
portType
properties.
External ports are automatically created, and you canonly modify existing External-Port
objects. You cannot create or delete them. The only possible changes you can make to
existing objects are that you can modify the
mtu
and
portType
properties.
For the
portType
property, you may assign one of these values:
-
data
-
mgmt
-
icl
NOTE:
External Ports will have the slash character '/'
in the port name escaped with the string
API_SLASH
.
/api/classId/fabricEthLanEp ; get all chassis external-ports
/api/ports
/api/ports/ep ; get all external-ports physical
/api/ports/ep/Ethernet1_API_SLASH_2 ; get a specified external port
Supported HTTP methods
PUT, PATCH, GET
External-Port Object:
{
"fabricEthLanEp": [
{
"operStateReason": "",
"urllink": "https://server/api/ports/ep/Ethernet1_API_SLASH_2",
"operState": "up",
"ifType": "physical",
"flowCtrlPolicy": "default",
"locale": "external",
"peerSlotId": "0",
"peerAggrPortId": "0",
"usrLbl": "daniel1",
"switchId": "A",
"licGP": "0",
"peerDn": "",
"transport": "ether",
"epDn": "",
"portId": "1",
"vlanStatus": "ok",
"adminSpeed": "10gbps",
"ifRole": "network",
"chassisId": "N/A",
"adminState": "enabled",
"aggrPortId": "0",
"type": "lan",
"dn": " ports/ep/Ethernet1_API_SLASH_2",
"warnings": "",
"slotId": "1",
"overlappingVlans": "",
"operEthLinkProfileName": "fabric/lan/eth-link-prof-default",
"peerPortId": "0",
"name": "Ethernet1/1",
"licState": "unknown",
"udldOperState": "unknown",
"mtu": "1550",
"ethLinkProfileName": "default",
"portType": "data"
}
]
}
This example defines an external-port object.
Port-channel
You can create a port-channel. One port-channel can group 1-8 physical external-ports together.
/api?classId=fabricEthLanPc ; get all port-channels
/api/ports/pc ; get all port-channels
/api/ports/pc/1 ; get a specified port channel
You can create, modify, or delete port-channel objects, and may specify the following:
- Add or delete external-ports from the port channel
-
Change the port-channel type. Available types are:
data/mgmt/ccl
.
Supported HTTP methods
POST, PUT, PATCH, GET, DELETE
Port-Channel Object:
{
"fabricEthLanPc": [
{
"urllink": "https://server/api/ports/pc/1",
"operState": "indeterminate",
"ifType": "aggregation",
"flowCtrlPolicy": "default",
"locale": "external",
"bandwidth": "0",
"switchId": "A",
"peerDn": "",
"transport": "ether",
"epDn": "",
"operSpeed": "10gbps",
"descr": "",
"vlanStatus": "ok",
"ifRole": "network",
"adminState": "enabled",
"type": "lan",
"dn": "ports/pc/1",
"warnings": "",
"overlappingVlans": "",
"portId": "1",
"adminSpeed": "10gbps",
"name": "Port-Channel",
"fabricEthLanPcEp": [
{
"operStateReason": "",
"operState": "up",
"ifType": "physical",
"faultInst": [
{
"changeSet": "",
"prevSeverity": "major",
"code": "F0727",
"highestSeverity": "major",
"descr": "lan Member 2/2 of Port-Channel 1 on fabric interconnect A is down, membership: down",
"created": "2014-07-07T20:22:51.605",
"ack": "no",
"cause": "membership-down",
"tags": "network,server",
"lc": "",
"rule": "fabric-eth-lan-pc-ep-down",
"lastTransition": "2014-07-07T20:22:51.605",
"origSeverity": "major",
"id": "36835",
"rn": "fault-F0727",
"type": "network",
"occur": "1",
"severity": "major"
}
],
"ifRole": "network",
"locale": "external",
"peerSlotId": "0",
"peerAggrPortId": "0",
"switchId": "A",
"licGP": "0",
"peerDn": "",
"transport": "ether",
"epDn": "",
"portId": "2",
"udldOperState": "unknown",
"adminState": "enabled",
"chassisId": "N/A",
"aggrPortId": "0",
"rn": "ep-slot-2-port-2",
"type": "lan",
"warnings": "",
"slotId": "2",
"membership": "down",
"operEthLinkProfileName": "fabric/lan/eth-link-prof-default",
"peerPortId": "0",
"licState": "not-applicable",
"name": "",
"ethLinkProfileName": "default"
},
{
"operStateReason": "",
"operState": "up",
"ifType": "physical",
"faultInst": [
{
"changeSet": "",
"prevSeverity": "major",
"code": "F0727",
"highestSeverity": "major",
"descr": "lan Member 2/1 of Port-Channel 1 on fabric interconnect A is down, membership: down",
"created": "2014-07-07T20:22:51.603",
"ack": "no",
"cause": "membership-down",
"tags": "network,server",
"lc": "",
"rule": "fabric-eth-lan-pc-ep-down",
"lastTransition": "2014-07-07T20:22:51.603",
"origSeverity": "major",
"id": "36833",
"rn": "fault-F0727",
"type": "network",
"occur": "1",
"severity": "major"
}
],
"ifRole": "network",
"locale": "external",
"peerSlotId": "0",
"peerAggrPortId": "0",
"switchId": "A",
"licGP": "0",
"peerDn": "",
"transport": "ether",
"epDn": "",
"portId": "1",
"udldOperState": "unknown",
"adminState": "enabled",
"chassisId": "N/A",
"aggrPortId": "0",
"rn": "ep-slot-2-port-1",
"type": "lan",
"warnings": "",
"slotId": "2",
"membership": "down",
"operEthLinkProfileName": "fabric/lan/eth-link-prof-default",
"peerPortId": "0",
"licState": "not-applicable",
"name": "",
"ethLinkProfileName": "default"
}
],
"stateQual": "",
"mtu": "1518",
"portType": "data"
}
]
}
This example defines a port-channel object.
Slot Object
This object represents one slot in the chassis, and stores the user intention for the slot. If blades are swapped, blades in this slot are re-provisioned, after user acknowledgement, based on the Slot's assigned configuration.
NOTE:
Blade Monitoring attributes are stored in the
Monitor
child object (specifying CPU load and memory usage). Blade disk
usage is stored under the
DiskFileSystem
child objects.
/api?classId=smSlot ; get all slots
/api/slot ; get all slots
/api/slot/1 ; get one slot
This object cannot be created or deleted by the end user. The reinitializing of the blade can be triggered by modifying the value of adminState to "reinitialize". Slot objects will also be used for blade monitoring properties (CPU/disk/RAM usage) See the Service Monitoring Objects for more information.
Slot objects are also used for blade monitoring properties (CPU/disk/RAM usage). See Service Monitoring Objects for more information.
Supported HTTP methods
PUT, PATCH, GET
Slot Object:
{
"smSlot": [
{
"dn": "slot/1",
"urllink": "https://server/api/slot/1",
"slotId": "1",
"serviceProfileDn": ""
}
]
}
This example defines a Slot object.
App Object
The App Object represents a CSP Application available on the Supervisor. See the App-Instance object for an actual blade-installed Application.
/api?classId=smApp ; get all available applications
/api/app ; get all applications
/api/app/ASA-9.2.1 ; get a specific application
You can indirectly create this object by installing CSP files into the Supervisor. You cannot directly create an App Object. An App object can be deleted if it is unreferenced.
Supported HTTP methods
PUT, PATCH, GET, DELETE
App Object:
{
"smApp": [
{
"dn": "App/ASA-9.2.1",
"urllink": "https://server/api/app/ASA-9.2.1",
"deployType": "native",
"buildDate": "10/10/2014",
"isSecurityControl": "yes",
"description": "Adaptive Security Application",
"author": "Cisco Systems, Inc",
"cspFilePath": "",
"name": "ASA",
"mnemonic": "asa",
"canDowngrade": "yes",
"canUpgrade": "yes",
"version": "9.2.1",
"uninstallTimeout": "600",
"appId": "",
"upgradeTimeout": "0",
"isAggregateVnic": "yes",
"fullInstall": "yes",
"installTimeout": "0",
"minOS": "1.0",
"isDefaultApp": "yes"
}
]
}
This example defines an App object.
App-Instance Object
The App-Instance Object represents one particular Security Application provisioned on a given blade. The parent of this object is the Slot object.
/api?classId=smAppInstance ; get all App Instances
/api/slot/1/app-inst ; get all App-Instances on a given slot
/api/slot/1/app-inst/ASA ; get specified App-Instance
You can create an App-Instance object in order to pre-deploy applications to the
specified blade. When not assigned to a LogicalDevice, such applications are in a
disabled state. You can enable or disable App-Instances assigned to LogicalDevices by
setting the
adminState
property.
You can modify App-Instances
startupVersion
property to perform a Security
Application upgrade or downgrade on the corresponding blade.
You can also delete App-Instances that are not referenced by the Logical-Device-Unit. In that case, applications will be uninstalled from the respective blades.
Supported HTTP methods
POST, PUT, PATCH, GET, DELETE
App-Instance Object:
{
"smAppInstance": [
{
"dn": "slot/1/app-inst/ASA",
"urllink": "https://server/api/slot/1/app-inst/ASA",
"lastJobState": "unknown",
"adminState": "enabled",
"operationalState": "running",
"resourceDn": "",
"runningVersion": "",
"appName": "ASA",
"slotID": "0",
"lastJobType": "unknown",
"appDn": "",
"startupVersion": "9.1",
"clusterConfigDn": "",
"lastJobProgress": "0",
"appInstId": "0"
}
]
}
This example defines an App-Instance object.
LogicalDevice Object
The LogicalDevice Object represents an object in the Unified Manager where policies are applied. Logical Devices consist of one Main Application (ASA or NG-FW) and Link-Decorator applications. A LogicalDevice is a representation of a Security Service-Path.
NOTE: A Logical Device object is a container for included objects for ExternalPortLinks, ClusterConfiguration, Cluster Management Configuration, Application Management Bootstrap, Logical-Device-Unit, and so on.
/api?classId=smLogicalDevice ; get all logical devices
/api/ld ; get all logical devices
/api/ld/LogicalDevice1 ; get a specific logical device
You can create, modify or delete Logical-Device Units.
You can create or modify a ClusterBootstrap object for logical devices that have the cluster mode enabled:
/api/ld/<ld-name>/cluster-bootstrap ; get only cluster bootstrap
You can create or modify Cluster Management object for logical-devices that have the cluster flag enabled:
/api/ld/<ld-name>/cluster-bootstrap/<name> ; get only cluster
management info
You can create Links for logical-devices that are not clustered. When logical-devices are clustered, logical-links are automatically created for all external ports and port-channels:
/api/ld/LogicalDevice1/ext-portlink ; get all links for a logical device
/api/ld/LogicalDevice1/ext-portlink/<name> ; get one link for a given
logical device
You can create, modify, or delete the management bootstrap configuration for a standalone device:
/api/ld/<name>/mgmt-bootstrap/ASA ; get ASA standalone logical device
Supported HTTP methods
POST, PUT, PATCH, GET, DELETE
LogicalDevice Object:
{
"smLogicalDevice": [
{
"description": "",
"dn": "ld/ld1",
"ldMode": "clustered",
"name": "ld1",
"operationalState": "incomplete-configuration",
"slotId": "1,2,3",
"smClusterBootstrap": [
{
"chassisId": "1",
"gatewayv4": "1.1.1.1",
"gatewayv6": "",
"key": "",
"netmaskv4": "",
"poolEndv4": "0.0.0.0",
"poolEndv6": "::",
"poolStartv4": "0.0.0.0",
"poolStartv6": "::",
"prefixLength": "",
"serviceTypeName": "",
"virtualIPv4": "1.1.1.2",
"virtualIPv6": "::"
}
],
"smExternalPortLink": [
{
"appName": "ASA",
"description": "",
"linkDecorator": "",
"linkName": "",
"portName": "Ethernet1/1"
},
{
"appName": "ASA",
"description": "",
"linkDecorator": "",
"linkName": "",
"portName": "Ethernet1/2"
}
],
"smMgmtBootstrap": [
{
"appName": "ddos",
"smEncryptedKey": [
{
"key": "pass",
"value": ""
}
],
"smIP": [
{
"gateway": "2.2.2.1",
"ip": "2.2.2.10",
"mask": "255.255.255.0",
"mgmtSubType": "default",
"slotId": "1"
}
],
"smIPV6": [
{
"gateway": "2001::2001",
"ip": "2001::CAFE",
"mgmtSubType": "default",
"prefixLength": "80",
"slotId": "1"
}
],
"smKey": [
{
"key": "tkey",
"value": "value1"
}
]
},
{
"appName": "asa",
"smEncryptedKey": [
{
"key": "tunnel1",
"value": ""
}
],
"smIP": [
{
"gateway": "1.1.1.",
"ip": "1.2.2.2",
"mask": "2.2.2.2",
"mgmtSubType": "default",
"slotId": "1"
}
],
"smIPV6": [
{
"gateway": "a",
"ip": "2001::2002",
"mgmtSubType": "default",
"prefixLength": "510",
"slotId": "1"
}
],
"smKey": [
{
"key": "tunnel3",
"value": ""
},
{
"key": "tunnel2",
"value": "v2"
},
{
"key": "tunnel1",
"value": "v1"
}
]
}
],
"templateName": "ASA",
"urllink": "http://172.29.191.36:3010/api/LogicalDevice/ld1"
}
]
}
This example defines a LogicalDevice object.
Service Monitoring Objects
Some of the Service objects have an
operationalStatus
property that
describes the status of the object. For example, the
AppInstance
status is
described in its
operationalState
property. This occurs similarly with
LogicalDevices.
You can either:
- Subscribe for events and react when the monitored object changes status (the recommended monitoring API method)
- Poll these objects periodically to monitor the status changes
Service Monitoring Example:
{
"smMonitor": [
{
"bladeUptime": "00:20:10:15",
"cpuTotalLoadAvg15min": "0.100000",
"cpuTotalLoadAvg1min": "0.200000",
"cpuTotalLoadAvg5min": "0.100000",
"diskFileSystemCount": "2",
"dn": "Slot/2/Monitor",
"memFreeKb": "0",
"memTotalKb": "0",
"memUsedKb": "0",
"osVersion": "null",
"updateTimestamp": "1970-01-01T00:00:00.000",
"urllink": "http://171.71.230.251/api/Slot/2/Monitor"
}
]
}
For blade monitoring, each Slot object has a Monitor child attribute with the following monitoring properties for the corresponding blade:
- Storage_disk_identifier_n
- disk_space_n (averaged last 1, 5 and 15 minutes)
- disk_used_n (averaged last 1, 5 and 15 minutes)
- disk_available_n (averaged last 1, 5 and 15 minutes)
- memory_total
- memory_used (averaged last 1, 5 and 15 minutes)
- memory_free (averaged last 1, 5 and 15 minutes)
- Total_cores
- cpuLoadAvg_n (averaged last 1, 5 and 10 minutes)
- cpuTotalAvg(averaged last 1, 5 and 10 minutes)
The monitor object has a list of DiskFileSystem objects that describe, for each partition, the total space, including both used and available disk space. Use this URL to access a DiskFileSystem object:
/api/slot/{1,2,3}/monitor/disk-file/1
The following monitoring data is provided by the application monitoring APIs for each App-Instance:
Logical-Device:
-
operationalState (possible values: unknown/enabled/disabled)
Logical-Device-Unit
-
operationalStatus
in the corresponding AppInstance (enabled/disabled). -
clusteredStatus
property of the AppInstance.
External-Port or Port-Channel
-
adminState
enable/disable -
operState
up/down
Firepower Chassis Platform Configuration Objects
This section describes the Firepower Chassis Platform Configuration objects, and lists those properties that can be configured by end users or via the REST API.
Physical Port Configuration Object
A Physical Port Configuration Object represents the physical ports available on the
chassis. Ports are identified by the
<slot_id>
and
<port_id>
properties.
Set the
<slot_id>
to
1
for on-board ports, or set it to
2
or
3
for the EPM ports.
Properties that can only be Set by the REST API
classid=fabricEthLanEp
Regular Port Object
Regular port on slot 1 port 1:
adminSpeed 10gbps
adminState enabled
aggrPortId 0
flowCtrlPolicy default
fltAggr 0
locale external
mtu 1518
portType management (data, mgmt, firepower-eventing)
name Ethernet1/1
operState up
operStateReason
portId 1
slotId 1
switchId A
transport ether
type lan
udldOperState admin-disabled
usrLbl
vlanStatus ok
warnings
Regular ports are ports used as a whole.
Endpoint
/api/ports/ep/Ethernet1_API_SLASH_API_3
Supported HTTP methods
PUT, PATCH, GET
Properties You Can Set with the REST API
(classid=fabricEthLanEp)
Properties that can be Set by the End User
adminSpeed
adminState
flowCtrlPolicy
mtu
portType management (data, mgmt, firepower-eventing)
name
Breakout Configuration
Breakout port on slot 2 port 1:
breakoutType 10g-4x
portId 1 (1-4)
slotId 2 (2-3)
The Firepower Chassis supports breaking a 40Gbit or 100Gbit port into 4 and 10 Gbit breakout ports, respectively. A special breakout cable is required in such cases. Restart the chassis when you switch from a regular port to breakout ports, and vice versa.
Endpoint
/api/ports/ep/Ethernet2_API_SLASH_1/breakout
Supported HTTP methods
POST, PUT, GET, DELETE
Properties You Can Set with the REST API
epDn
UCS_DN: fabric/Cabling/A/breakout-slot-2-port-1 (classid =
fabricBreakout)
Properties that can be Set by the End User
breakoutType
Breakout Port Object
Breakout port on slot 2, subgroup 1, port 1:
adminSpeed 10gbps
adminState enabled
aggrPortId 1
chassisId
epDn sys/switch-A/slot-2/switch-ether/aggr-port-1/port-1
flowCtrlPolicy default
locale external
mtu 1518
portType management (data, mgmt, firepower-eventing)
name Ethernet2/1/1
operState up
operStateReason
portId 1
slotId 2
switchId A
transport ether
type lan
usrLbl
vlanStatus ok
portType data
The Firepower Chassis supports breaking a 40Gbit or 100Gbit port into 4 and 10 Gbit breakout ports, respectively. A special breakout cable is required in such cases. Restart the chassis when you switch from a regular port to breakout ports, and vice versa.
Endpoint
/api/ports/ep/ethernet2_API_SLASH_1_API_SLASH_3
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
epDn
UCS_DN:fabric/lan/A/slot-2-aggr-port-1/phys-slot-2-port-3
(classid=fabricEthLanEp)
Properties that can be Set by the End User
adminSpeed
adminState
flowCtrlPolicy
mtu
portType management (data, mgmt, firepower-eventing)
name
Port-Channel Configuration
Port-Channel Configuration Example:
adminSpeed 10gbps
adminState enabled
bandwidth 0
descr
epDn
flowCtrlPolicy default
ifType aggregation
mtu 1518
ssaPortType management (data, cluster, mgmt, firepower-eventing)
name PortChannel2
operSpeed indeterminate
operState failed
portId 2
stateQual No operational members
switchId A
transport ether
type lan
vlanStatus ok
This retrieves or updates the Port-Channel configuration.
Endpoint
/api/ports/pc/2
Supported HTTP methods
PUT, PATCH, GET
Properties You Can Set with the REST API
portId
UCS_DN: fabric/lan/A/pc-2 (classid=fabricEthLanPc)
Properties that can be Set by the End User
adminSpeed
adminState
flowCtrlPolicy
mtu
ssaPortType (data, cluster, mgmt, firepower-eventing)
name
Regular Member Port
Port Channel 2 with Regular Member Port on slot 1, port 3:
adminState enabled
chassisId N/A
membership down
name ethernet1/3
operState up
operStateReason
portId 3
slotId 2
switchId A
transport ether
type lan
A Regular Member Port object represents a Port-Channel member port. Only physical ports can be member ports.
Endpoint
/api/ports/pc/2/ep/Ethernet1_API_SLASH_3
Supported HTTP methods
POST, PATCH, PUT, GET, DELETE
Properties You Can Set with the REST API
portId
slotId
UCS_DN: fabric/lan/A/pc-2/ep-slot-1-port-3
(classid=fabricEthLanPcEp)
Properties that can be Set by the End User
adminState
name
Breakout Member Port
Port Channel 3 with Breakout Member Port on slot 2, subgroup 1, port 3:
adminState enabled
chassisId N/A
membership down
name Ethernet2/1/3
operState up
operStateReason
portId 3
slotId 2
switchId A
transport ether
type lan
A Breakout Member Port object represents a Port-Channel breakout member port.
Endpoint
/api/ports/pc/3/ep/Ethernet2_API_SLASH_1_API_SLASH_3
Supported HTTP methods
POST, PATCH, GET, DELETE
Properties You Can Set with the REST API
portId
slotId
UCS_DN: fabric/lan/A/pc-3/slot-2-aggr-port-1/ep-slot-2-port-3
(classid=fabricEthLanPcEp)
Properties that can be Set by the End User
adminState
name
Download Infrastructure Bundle
Download Infrastructure Bundle Example:
adminState restart (idle)
fileName ucs-k9-bundle-infra.2.2.1dS16.A.bin
imageSize 503035
protocol scp (tftp, ftp, sftp)
pwd
remotePath /build2/michluo/elcaptain/fcsdS16
server 172.23.58.175
transferState downloaded
user michluo
This object instructs the Supervisor to download a new Firepower Chassis Infrastructure Bundle, which includes the operation system for the Supervisor and the operating system for the blades.
NOTE: Uploading the firmware bundle and applying the bundle are two separate operations.
Endpoint
/api/sys/firmware/dnld/<filename>
Supported HTTP methods
POST, PUT, PATCH, GET
NOTE: The GET method queries the download status.
Upload the firmware bundle:
/api/sys/firmware/dnld/Firepower Chassis-k9-bundle-platform.99.1.2.238.gbin
{
"firmwareDownloader": [
{
"adminState": "restart",
"fileName": "Firepower Chassis-k9-bundle-platform.99.1.2.238.gbin",
"protocol": "scp",
"dn": "sys/fw-catalogue/dnld-Firepower Chassis-k9-bundle-platform.99.1.2.238.gbin",
"pwd": "",
"user": "skanekal",
"remotePath": "/tmp",
"server": "172.29.191.38"
}
]
}
Uploading the firmware bundle and applying the bundle are two distinct operations.
Alternatively, you can upload the Firepower Chassis Platform bundle to Supervisor (in multipart binary) by submitting a POST request:
POST
/api/platformDownloader/<Bundlename>
Properties You Can Set with the REST API
UCS_DN: sys/fw-catalogue/dnld-
Properties that can be Set by the End User
adminState
protocol
pwd
remotePath
server
user
Query/Delete Infrastructure Bundle
Query/Delete Infrastructure Bundle Example:
adminState deleted
completeness partial
descr
imagePresence A
intId 46062
invTag bundle-bakerstreet-platform
model
name Firepower Chassis-k9-bundle-platform.99.0.0.146.gbin
policyLevel 0
policyOwner local
transferState init
type platform-bundle
vendor
version 99.0(0.146)
This object queries or deletes the Firepower Chassis Infrastructure Bundle.
Endpoint
/api/sys/firmware/distrib/<name>
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
UCS_ DN: sys/fw-catalogue/distrib-<name>
(classid=firmwareDistributable)
Properties that can be Set by the End User
adminState
Auto Install Infrastructure Bundle (Supervisor software)
Validate Installation:
{
"configValidateBundle": [
{
"dn": "sys/firmware/validate-platform-fw/99.2(1.199g)",
"outCurrentBundleVersion": "99.1(3.655g)",
"outCurrentInfraRunningMo": [
{
" firmwareRunning": [
{
"type": "system",
"version": "99.1(3.664g)"
},
{
"type": "switch-software",
"version": "5.0(3)N2(99.13.664g)"
},
{
"type": "switch-kernel",
"version": "5.0(3)N2(99.13.664g)"
}
]
}
],
"outCurrentServerRunningMo": [
{
"firmwareInstallable": [
{
"type": "adaptor",
"version": "4.0(1.43)"
},
{
"type": "blade-controller",
"version": "2.2(3c)"
},
{
"type": "blade-bios",
"version": "FXOSSM1.1.0.1.17.083120151924"
},
{
"type": "blade-ssp-os-controller",
"version": "100.15(0.42)"
},
{
"type": "storage-controller",
"version": "24.5.0-0021|6.19.05.0|NA"
},
{
"type": "board-controller",
"version": "6.0"
}
]
}
],
"outReturnCodeBitmap": "0",
"outUpgradeInfraInstallMo": [
{
"firmwareInstallable": [
{
"type": "system",
"version": "99.2(1.83g)"
},
{
"type": "switch-software",
"version": "5.0(3)N2(99.21.83g)"
},
{
"type": "switch-kernel",
"version": "5.0(3)N2(99.21.83g)"
}
]
}
],
"outUpgradeRunningAppMo": [
{
"sdAppInstance": [
{
"appName": "asa",
"runningVersion": "9.4.1.63",
"slotId": "2"
},
{
"appName": "asa",
"runningVersion": "9.4.1.63",
"slotId": "2"
}
]
}
],
"outUpgradeServerInstallMo": [
{
"firmwareInstallable": [
{
"type": "adaptor",
"version": "4.0(1.35)"
},
{
"type": "blade-controller",
"version": "2.2(3c)"
},
{
"type": "blade-bios",
"version": "FXOSSM1.1.0.1.16.060120151854"
},
{
"type": "blade-ssp-os-controller",
"version": "100.15(1.66)"
},
{
"type": "storage-controller",
"version": "24.5.0-0021|6.19.05.0|NA"
},
{
"type": "board-controller",
"version": "6.0"
}
]
}
],
"urllink": "https://172.29.191.45:9043/api/sys/firmware/validate-platform-fw/99.2(1.199g)"
}
]
}
Step 1: Validate the installation:
Endpoint
/api/sys/firmware/validate-platform-fw/<bundle-version>
Supported HTTP methods
GET
Properties You Can Set with the REST API
UCS_DN: sys/firmware/validate-platform-fw
(classId=ValidateBundle)
Schedule Installation:
concurCap unlimited
date 2014-07-12T00:27:36.682
jobCount 0
name platform-fw
procBreak none
procCap unlimited
timeCap non
Step 2: Schedule the installation:
Endpoint
/api/sys/firmware/sched-platform-fw
Supported HTTP methods
PUT, PATCH, GET
Properties You Can Set with the REST API
UCS_DN: sys/sched-infra-fw/abs-platform-fw
(classId=trigAbsWindow)
Properties that can be Set by the End User
date
Set the Version:
descr Infrastructure Pack
forceDeploy no
platformBundleName Firepower Chassis-k9-bundle-platform.99.0.0.146.gbin
platformBundleVersion 99.0(0.146)
intId 27839
name default
policyLevel 0
policyOwner local
stageSize 0
updateTrigger immediate
Step 3: Set the Version:
Endpoint
/api/sys/firmware/install-platform-fw
Supported HTTP methods
PUT, PATCH, GET
Properties You Can Set with the REST API
UCS_DN: org-root/fw-platform-pack-default (classId=firmwarePlatformPack)
Properties that can be Set by the End User
platformBundleVersion
To Cancel the Scheduled Install:
dn=sys/fw-system/fw-platform
adminState discard
To Cancel the Scheduled Install:
Endpoint
/api/sys/firmware/cancel-platform-fw
Supported HTTP methods
PUT, PATCH, GET
Properties You Can Set with the REST API
UCS_DN=sys/fw-system/fw-platform (classId = firmwarePlatform)
Properties that can be Set by the End User
adminState
Supervisor System Management
Manage the Firepower Chassis Management IPv4 Address:
adminInbandIfState disable
fltAggr 8589934592
id A
inbandIfGw 0.0.0.0
inbandIfIp 0.0.0.0
inbandIfMask 0.0.0.0
inbandIfVnet 0
inventoryStatus
model UCS-FI-6248UP
oobIfGw 172.23.33.1
oobIfIp 172.23.33.115
oobIfMask 255.255.255.0
operability operable
revision 0
serial SSI174807LG
thermal ok
totalMemory 16165
vendor Cisco Systems, Inc.
This object manages Firepower Chassis Management IP Address.
Endpoint
/api/sys/mgmt-ipv4
Supported HTTP methods
PUT, PATCH, GET
Properties You Can Set with the REST API
UCS_DN: sys/switch-A (classId=networkElement)
Properties that can be Set by the End User
oobIfGw
oobIfIp
oobIfMask
Manage the Firepower Chassis Management IPv6 Address:
addr 2001:10::156
defGw 2001:10::1
prefix 64
Endpoint
/api/sys/mgmt-ipv6 (classid=mgmt:Ipv6IfAddr)
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
UCS_DN:sys/switch-A/ifconfig-ipv6/if-ipv6
(classid=mgmtIpv6IfAddr)
Properties that can be Set by the End User
addr
defGw
prefix
Date Time Service
clapton - new property ntpAuthState
Configure the Time Service on the Firepower Chassis:
adminState enabled
dn sys/service/datetime-svc
configState success
descr
intId 27637
name
operPort 0
operTimezone
policyLevel 0
policyOwner local
port 0
proto none
timezone
ntpAuthState
This object configures the Time Service on the Firepower Chassis. The
adminState
property determines whether the service is enabled or disabled.
Endpoint
/api/sys/service/datetime-svc
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
UCS_DN: sys/svc-ext/datetime-svc (classId=commDateTime)
Properties that can be Set by the End User
adminState
timezone
Set Manual System Clock
Set the System Clock:
<commSetClock cookie="1424171424/5abf4b95-7c73-4073-9aa3-1b71d48845ea" inDate="2015-02-16T18:21:01.997"/>
This object sets the system clock on the Firepower Chassis.
Endpoint
/api/sys/service/system-clock
Supported HTTP methods
GET, PUT, PATCH
Properties You Can Set with the REST API
UCS_Method: commSetClock
Properties that can be Set by the End User
currentTime
NTP Service
clapton - new properties sha1KeyId, sha1KeyString
Configure the External NTP source for the Firepower Chassis:
adminState disabled
descr
sha1KeyId
sha1KeyString
dn sys/service/datetime-svc/ntp/my_ntp_server
hostname 10.2.32.1
name stand
This object configures the external NTP source for the Firepower Chassis. More than one
NTP server is allowed. External NTP Servers can be enabled or disabled by setting
adminState
field to
enabled
or
disabled
.
Endpoint
/api/sys/service/datetime-svc/ntp
/api/sys/service/datetime-svc/ntp/<hostname>
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/svc-ext/datetime-svc/ntp-10.2.32.1 (classId=commNtpProvider)
Properties that can be Set by the End User
NONE
Telnet Service
Disable the Telnet Service on the Firepower Chassis:
adminState disabled
descr Telnet Server
dn sys/service/telnet-svc
intId 27652
name telnet
operPort 23
policyLevel 0
policyOwner local
port 23
proto tcp
This object enables, disables or configures the Telnet service on the Firepower Chassis.
The
adminState
property determines whether the service is enabled or
disabled.
Endpoint
/api/sys/service/telnet-svc
Supported HTTP methods
PUT, PATCH, GET
Properties You Can Set with the REST API
dn
proto
UCS_DN: sys/svc-ext/telnet-svc (classId=commTelnet)
Properties that can be Set by the End User
adminState
port
SSH Service
Enable the SSH Service on the Firepower Chassis:
adminState enabled
descr Secure Shell Server
dn sys/service/ssh-svc
intId 27644
name ssh
operPort 22
policyLevel 0
policyOwner local
port 22
proto tcp
This object enables, disables or configures the
ssh
service on the
Firepower Chassis. The
adminState
property determines whether the service
is enabled or disabled.
Endpoint
/api/sys/service/ssh-svc
Supported HTTP methods
POST, GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/svc-ext/ssh-svc (classId=commSsh)
Properties that can be Set by the End User
adminState
port
SNMP Service
This object enables the SNMP Service on the Firepower Chassis. It configures the SNMP
community name and additional SNMP attributes. The
adminState
property
determines whether the service is enabled or disabled.
Enabling the SNMP Service on the Firepower Chassis
Enable the SNMP Service on the Firepower Chassis:
adminState enabled
community
configState ok
descr SNMP Service
dn sys/service/snmp-svc
isSetSnmpSecure no
name snmp
operPort 161
policyLevel 0
policyOwner local
port 161
proto all
sysContact jack
sysLocation
The expected behavior for the SNMP service is as follows :
-
isSetSnmpSecure
:yes
andcommunity
:test123
- The community string is set totest123
. -
isSetSnmpSecure
:yes
and community is not set or emptycommunity
: "" - The community string is the old value itself. -
isSetSnmpSecure
:no
andcommunity
:test123
- The community string is set totest123
andisSetSnmpSecure
will be set toyes
. Although, UCS acceptsisSetSnmpSecure
:no
, since we set the community string, this will be YES for further GET operations. -
isSetSnmpSecure
:no
andcommunity
: "" is set to empty - The community string is deleted. -
isSetSnmpSecure
can be used to determine if the community string is set. IfisSetSnmpSecure
isyes
, the community string is set. Otherwise the community string is not set.
Endpoint
/api/sys/service/snmp-svc
Supported HTTP methods
PUT, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/svc-ext/snmp-svc (classId=commSnmp)
Properties that can be Set by the End User
adminState
community
port
sysContact
sysLocation
Configuring the SNMP community name and additional SNMP attributes
Configure the SNMP community name and additional SNMP attributes:
community test
hostname 2.2.2.1
notificationType traps (traps, informs)
port 1010
v3Privilege noauth (auth, noauth, priv)
version v3 (v1, v2c, v3)
Endpoint
/api/sys/service/snmp-svc/snmp-trap/<host-ip>
Supported HTTP methods
PUT, PATCH, GET, DELETE
Properties You Can Set with the REST API
UCS_DN: sys/svc-ext/snmp-svc/snmp-trap
Properties that can be Set by the End User
community
hostname
v
port
v3Privilege
version
Configuring the SNMP User
Configure the SNMP User:
auth md5 (md5,sha)
configState ok
configStatusMessage
dn sys/service/snmp-svc/snmp-user/sagar
name sagar
privPwdSet no
privpwd
pwd
pwdSet no
useAes no
Endpoint
/api/sys/service/snmp-svc/snmp-user/<user>
Supported HTTP methods
PUT, PATCH, GET, DELETE
Properties You Can Set with the REST API
UCS_DN: sys/svc-ext/snmp-svc/snmpv3-user-<user>
(classId=commSnmpUser)
Properties that can be Set by the End User
auth
name
privPwdSet
privpwd
pwd
pwdSet
useAes
DNS Service
Configure the DNS Server:
adminState enabled
descr
dn /api/sys/service/dns-svc/dns/10.2.3.2
hostname
name 10.2.3.2
This object configures External DNS Servers for name resolution. The
adminState
property determines whether the service is enabled or disabled.
Endpoint
/api/sys/service/dns-svc/dns/<ip>
Supported HTTP methods
POST, PUT, PATCH, GET, DELETE
Properties You Can Set with the REST API
dn
UCS_DN: sys/svc-ext/dns-svc/dns-10.2.3.2
(classId=commDnsProvider
Properties that can be Set by the End User
adminState
name
HTTPS Service
Key Ring
Create PKI Private Keys on the Firepower Chassis:
adminState started
cert
certStatus emptyCert
configState ok
configStatusMessage
descr
dn sys/pki/key-ring/kr220
intId 235099
key
modulus mod1024
name kr220
policyLevel 0
policyOwner local
regen no
tp test1
This object creates PKI private keys on the Firepower Chassis.
Endpoint
/api/sys/pki/key-ring/<name>
Supported HTTP methods
POST, PUT, PATCH, GET, DELETE
Properties You Can Set with the REST API
UCS_DN: sys/pki-ext/keyring-kr220 (classId=pkiKeyRing)
Properties that can be Set by the End User
modulus
name
regen
tp
Certificate Request
Create Certificate Requests:
country
dn sys/pki/key-ring/kr220/certreq
dns
email
ip 172.23.33.115
ipA 0.0.0.0
ipB 0.0.0.0
ipv6 ::
ipv6A ::
ipv6B ::
locality
orgName
orgUnitName
pwd
req
state
subjName hello
This object creates certificate requests.
Endpoint
/api/sys/pki/key-ring/<name>/certreq
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/pki-ext/keyring-kr220/certreq (classId=pkiCertReq)
Properties that can be Set by the End User
dns
email
ip
ipv6
locality
orgName
orgUnitName
pwd
state
subjName
Trusted Point
Create a Trusted Point:
certChain " ... "
dn sys/pki/tp/tp-test1
fp
name test1
numCerts 2
This object creates a trusted point.
Endpoint
/api/sys/pki/tp/<name>
Supported HTTP methods
POST, PUT, PATCH, GET, DELETE
Properties You Can Set with the REST API
dn
UCS_DN: sys/pki-ext/tp-test1 (classId=pkiTP)
Properties that can be Set by the End User
certChain
name
HTTPS Configuration
clapton - new property authType
Configure HTTPS:
adminState enabled
cipherSuite ALL:!ADH:!EXPORT40:!EXPORT56:!LOW:RC4+RSA:+HIGH:+MEDIUM:+EXP:+eNULL
cipherSuiteMode medium-strength
descr Secure HTTP Service
dn sys/service/https-svc
intId 27640
keyRing default
name https
operPort 443
port 443
proto tcp
authType cred-auth (cred-auth, cert-auth)
This object configures HTTPS on the Firepower Chassis.
NOTE: The API client may be affected if the service is disabled or if the port is changed.
Endpoint
/api/sys/service/https-svc
Supported HTTP methods
PUT, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/svc-ext/https-svc (classId=commHttps)
Properties that can be Set by the End User
adminState
cipherSuite
cipherSuiteMode
keyRing
port
Syslog Service
Enable the Syslog Service:
adminState enabled
descr Syslog Service
dn sys/service/syslog-svc
intId 53492
name syslog
operPort 514
port 514
proto tcp
severity critical
This object enables, disables, or configures the Syslog service.
Endpoint
/api/sys/service/syslog-svc
Supported HTTP methods
GET, PATCH, PUT
Properties You Can Set with the REST API
dn
UCS_DN: sys/svc-ext/syslog (classId=commSyslog)
Properties that can be Set by the End User
adminState
port
severity
Syslog Monitor
Configure the Syslog Monitor:
adminState disabled
descr
dn sys/service/syslog-svc/monitor
severity critical
This object configures the Syslog Monitor.
Endpoint
/api/sys/service/syslog-svc/monitor
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/svc-ext/syslog/monitor (classId=commSyslogMonitor)
Properties that can be Set by the End User
adminState
severity
Syslog Console
Configure the Syslog Console output:
adminState disabled
descr
dn sys/service/syslog-svc/console
severity critical
This object configures the Syslog Console output.
Endpoint
/api/sys/service/syslog-svc/console
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/svc-ext/syslog/console (classId=commSyslogConsole)
Properties that can be Set by the End User
adminState
severity
Syslog File Log
Configure the Local Syslog File:
adminState enabled
descr
dn sys/service/syslog-svc/file
name messages
severity critical
size 4194304
This object configures the local Syslog file.
Endpoint
/api/sys/service/syslog-svc/file
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/svc-ext/syslog/file (classId=commSyslogFile)
Properties that can be Set by the End User
adminState
severity
size
Syslog Server Configuration
Configure the Syslog Remote Server:
adminState enabled
dn sys/service/syslog-svc/client-primary
forwardingFacility local7
hostname log-host
name primary
severity critical
This object configures the remote Syslog server.
Endpoint
/api/sys/service/syslog-svc/client-primary
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/svc-ext/syslog/client-primary (classId=commSyslogClient)
UCS_DN: sys/svc-ext/syslog/client-secondary
UCS_DN: sys/svc-ext/syslog/client-tertiary
Properties that can be Set by the End User
adminState
hostname
severity
Core File Management
Core File Information
Retrieve the SAM/Fabric Interconnect Core Dump:
adminState init
descr SAM/Fabric Interconnect Core Dump
name 1331580040_0x101_qd_log.6503.tar.gzaa
operState available
size 16777216
switchId A
ts 2012-03-12T19:20:40.000
uri corefile/1331580040_0x101_qd_log.6503.tar.gzaa
This object retrieves the core file information.
Endpoints
/api/sys/corefiles
retrieves all core files
/api/sys/corefiles/<name> retrieves a particular core file
Supported HTTP methods
GET
Properties You Can Set with the REST API
UCS_DN: sys/corefiles/file-<name> (classId=sysdebugCore)
Properties that can be Set by the End User
NONE
Clear Core File
Export the Core File:
{
"sysfileMutation": [
{
"dn": "sys/corefiles/clear"
}
]
}
This object clears the core file information.
Endpoints
/api/sys/corefile/clear
clears all the core files
Supported HTTP methods
POST
Properties You Can Set with the REST API
UCS_DN: sys/corefiles/mutation (classId=sysfileMutation)
Properties that can be Set by the End User
NONE
Core File Exporter
Export the Core File:
adminState enabled
exportFailureReason
exportStatus success
hostname 192.168.1.10
intId 30170
name
path /root/coreFiles/
port 69
postAction none
proto tftp
This object exports the core file information.
Endpoint
/api/sys/sysdebug/core-export
Supported HTTP methods
POST, PATCH
Properties You Can Set with the REST API
UCS_DN: sys/sysdebug/file-export
(classId=sysdebugAutoCoreFileExportTarget)
Properties that can be Set by the End User
adminState
hostname
path
port
Supervisor Authentication/Authorize/Accounting (AAA)
Remote User Auth Policy
Define a Policy for a Remote User:
conLogin local
defLogin local
defRolePolicy assign-default-role (no-login)
descr
This object defines a policy for a remote user.
Endpoint
/api/sys/remote-default
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
UCS_DN:sys/auth-realm (classId = aaaAuthRealm)
Properties that can be Set by the End User
defRolePolicy
Auth Defaults
clapton new properties: sessionTimeout, abSoluteSessionTimeout, conSessionTimeout, conAbsoluteSessionTimeout
Set Auth Defaults:
descr
operRealm local
sessionTimeout
abSoluteSessionTimeout
conSessionTimeout
conAbsoluteSessionTimeout
realm local (ldap, local, none, radius, tacacs)
This object defines auth defaults.
Endpoint
/api/sys/auth-default
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
UCS_DN: sys/auth-realm/default-auth (classid=aaaDefaultAuth)
Properties that can be Set by the End User
realm
Auth Domain
clapton new properties: sessionTimeout, abSoluteSessionTimeout, conSessionTimeout, conAbsoluteSessionTimeout
Set Auth Domain:
descr
name
sessionTimeout
abSoluteSessionTimeout
conSessionTimeout
conAbsoluteSessionTimeout
operRealm tacacs
realm tacacs (ldap, local, none, radius, tacacs)
This object sets the auth domain.
Endpoint
/api/sys/auth-domain/<name>
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
UCS_DN: sys/auth-realm/domain-<name> (classid=aaaDomain)
UCS_DN: sys/auth-realm/domain-<name>/domain-auth
(classid=aaaDomainAuth)
Properties that can be Set by the End User
realm
LDAP
Configure LDAP:
{
"aaaLdapEp": [
{
"dn": "sys/ldap",
"name": "",
"descr": "",
"retries": "1",
"attribute": "",
"basedn": "",
"filter": "cn=$userid",
"timeout": "30"
}
]
}
This object configures LDAP.
Endpoint
/api/sys/ldap/
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/ldap-ext (classId=aaaLdapEp)
Properties that can be Set by the End User
descr
retries
timeout
LDAP Provider
Configure the LDAP Provider Server:
{
"aaaLdapProvider": [
{
"urllink": "https://10.89.147.211/api/sys/ldap/provider/server",
"dn": "sys/ldap/provider/server",
"vendor": "OpenLdap",
"name": "server",
"descr": "",
"retries": "1",
"attribute": "",
"basedn": "",
"rootdn": "",
"order": "1",
"filter": "",
"keySet": "no",
"timeout": "30",
"key": "",
"port": "389",
"enableSSL": "no"
}
]
}
This object configures the LDAP Provider server.
Endpoints
/api/sys/ldap/provider/
to list the LDAP Provider Server
/api/sys/ldap/provider/<name>
to configure the LDAP Provider Server
Supported HTTP methods
PUT, POST, PATCH, GET, DELETE
Properties You Can Set with the REST API
dn
UCS_DN: sys/ldap-ext/provider-ldp10.23.2.1 (classId=aaaLdapProvider)
Properties that can be Set by the End User
vendor
descr
retries
attribute
basedn
rootdn
order
filter
timeout
key
port
enableSSL
Radius
Configure the Global Radius Attributes:
{
"aaaRadiusEp": [
{
"urllink": "https://10.89.147.211/api/sys/radius",
"dn": "sys/radius",
"name": "",
"descr": "",
"retries": "1",
"timeout": "5"
}
]
}
This object configures the Global Radius Attributes.
Endpoint
/api/sys/radius
Supported HTTP methods
POST, GET, PATCH
Properties You Can Set with the REST API
dn
UCS_DN: sys/radius-ext (classId=aaaRadiusEp)
Properties that can be Set by the End User
descr
retries
timeout
Radius Provider
Configure the Radius Provider:
{
"aaaRadiusProvider": [
{
"urllink": "https://10.89.147.211/api/sys/radius/provider/s2",
"dn": "sys/radius/provider/s2",
"name": "s2",
"descr": "",
"retries": "1",
"authPort": "1812",
"order": "2",
"key": "",
"keySet": "no",
"timeout": "5",
"service": "authorization"
}
]
}
This object configures the Radius Provider.
Endpoints
/api/sys/radius/provider
to show the Radius Provider
/api/sys/radius/provider/<name>
to configure the Radius Provider
Supported HTTP methods
PUT, POST, PATCH, GET, DELETE
Properties You Can Set with the REST API
dn
UCS_DN: sys/radius-ext/provider-rad-10.45.2.1
(classId=aaaRadiusProvider)
Properties that can be Set by the End User
descr
retries
authPort
order
key
timeout
TACACS+
Configure the Global TACACS Attributes:
{
"aaaTacacsPlusEp": [
{
"urllink": "https://10.89.147.211/api/sys/tacacs",
"dn": "sys/tacacs",
"name": "",
"descr": "",
"retries": "1",
"timeout": "5"
}
]
}
This object configures the global TACACS attributes.
Endpoint
/api/sys/tacacs/
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/tacacs-ext (classId=aaaTacacsPlusEp)
Properties that can be Set by the End User
descr
retries
timeout
TACACS Provider
Configure the TACACS Provider:
{
"aaaTacacsPlusProvider": [
{
"urllink": "https://10.89.147.211/api/sys/tacacs/provider/tac1",
"dn": "sys/tacacs/provider/tac1",
"name": "tac1",
"descr": "",
"retries": "1",
"order": "1",
"key": "",
"keySet": "no",
"timeout": "5",
"port": "49"
}
]
}
This object configures the TACACS Provider.
Endpoints
/api/sys/tacacs/provider/
to list all the TACACS+ Providers
/api/sys/tacacs/provider/<name>
to configure the TACACS+ Provider
Supported HTTP methods
POST, PATCH, GET, DELETE
Properties You Can Set with the REST API
dn
UCS_DN: sys/tacacs-ext/provider-tac1 (classId=aaaTacacsPlusProvider)
Properties that can be Set by the End User
descr
retries
order
key
timeout
port
RBAC
Configure a User Account:
{
"aaaUserEp": [
{
"urllink": "https://10.89.147.211/api/sys/user",
"dn": "sys/user",
"name": "",
"descr": "",
"pwdStrengthCheck": "no"
}
]
}
This object configures user accounts.
Endpoint
/api/sys/user/
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/user-ext (classId=aaaUserEp)
Properties that can be Set by the End User
pwdStrengthCheck
User-Role
Configure a User Role:
{
"aaaRole": [
{
"urllink": "https://10.89.147.211/api/sys/user/role/admin",
"dn": "sys/user/role/admin",
"name": "admin",
"descr": "",
"configState": "ok",
"configStatusMessage": "",
"priv": "admin"
}
]
}
This object configures user roles. The supported roles are admin and read-only .
Endpoints
/api/sys/user/role/
to list the user role
/api/sys/user/role/<name> (name=admin.read-only)
to configure the
user role
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
Properties that can be Set by the End User
priv
Local User Account
Configure a Local User Account:
{
"aaaUser": [
{
"urllink": "https://10.89.147.211/api/sys/user/mon",
"dn": "sys/user/user-admin",
"clearPwdHistory": "no",
"firstName": "",
"descr": "",
"expiration": "never",
"lastName": "",
"configState": "ok",
"expires": "no",
"configStatusMessage": "",
"email": "",
"phone": "",
"pwd": "",
"pwdLifeTime": "no-password-expire",
"accountStatus": "active",
"encPwd": "",
"priv": "read-only",
"pwdSet": "no",
"name": "danp"
"aaaSshAuth":[
{
"dn": "sys/user/user-admin/sshauth",
"data":""
"strType" :"none" | "key"
}
]
}
]
}
This object configures local user accounts.
Endpoints
/api/sys/user/local/
to list all users
/api/sys/user/local/<name>
to configure a user account
/api/sys/user/local/<name>/role
to show all roles for the user
/api/sys/user/local/<name>/role/<name>
to configure the user
role
/api/sys/user/local/<name>/sshkey
to configure the user SSH key
Supported HTTP methods
PUT, POST, PATCH, GET, DELETE
Properties You Can Set with the REST API
dn
UCS_DN: sys/user-ext/user-admin (classId=aaaUser)
UCS_DN: sys/user-ext/user-admin/role-name (classId=aaaUserRole)
UCS_DN: sys/user-ext/user-
Properties that can be Set by the End User
firstName
descr
expiration
lastName
email
phone
pwd
accountStatus
pwdSet
name
Password Profile
Configure a Password Policy for Local Users:
changeCount 2
changeDuringInterval enable
changeInterval 48
descr
dn sys/user/pwd-profile
expirationWarnTime 15
historyCount 5
intId 33225
name
noChangeInterval 24
policyLevel 0
policyOwner local
This object configures a passowrd policy for local users.
Endpoint
/api/sys/user/pwd-profile/
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN:sys/user-ext/pwd-profile (classId=aaaPwdProfile)
Properties that can be Set by the End User
changeCount
changeDuringInterval
changeInterval
expirationWarnTime
Remote User Information
Show All Remote Users:
{
"name" : "admin"
"aaaSession" : [
{
dn sys/user-ext/remoteuser-admin/term-web_26439_A
host 171.71.232.238
id web_26439_A
intDel no
loginTime 2015-03-12T01:28:04.000
pid 8787
refreshPeriod 600
sessionTimeout 7200
switchId A
term web_26439
ui web
user admin
}
]
"aaaUserRole" : [
{ configState ok
configStatusMessage
descr
dn sys/user-ext/remoteuser-admin/role-read-only
name read-only
}
]
"aaaUserRole" : [
{
configState ok
configStatusMessage
descr
dn sys/user-ext/remoteuser-admin/role-admin
name admin
}
]
}
This object configures a passowrd policy for local users.
Endpoints
/api/sys/user/remote
to show all remote users
/api/sys/user/remote/<name>
to retrieve the specified remote user
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN:sys/usr-ext/remoteuser-<name>
(classId=aaaRemoteUser)
Properties that can be Set by the End User
NONE
Change Self Password
Change Self Password:
{
"UserName" : "test",
"OldPassword": "ucs123",
"NewPassword": "cisco123",
"ConfirmNewPassword": "cisco123"
}
XML Usage:
<aaaChangeSelfPassword cookie="1427725677/0f62d9bd-1dd3-4dc5-9bcf-8354e566bb77" inUserName="test" inOldPassword="hand" inNewPassword="foot" inConfirmNewPassword="foot"/>
This object retrieves the user's change password detail.
Supported Characters for Passwords
Supported Characters for Passwords:
\ a-z A-Z 0-9 ' " [ ] ! # % & ( ) * + , - . / : ; @ _ { | } ~ ` < > ^
The following are supported password characters:
Endpoint
/api/sys/user/change-self-password
Supported HTTP methods
PUT, PATCH
Properties You Can Set with the REST API
dn
UCS_DN:/api/sys/user/change-self-password
(classId=aaaChangeSelfPassword)
Properties that can be Set by the End User
UserName
OldPassword
NewPassword
ConfirmNewPassword
Get User Information
XML Usage:
<restaggrGetUserInfo cookie="1428200010/680ce27d-35b7-4a6a-883f-7574ebe485bc" inUserName="remoteuser"/>
<restaggrGetUserInfo cookie="1428429306/c2da1d2e-5df2-4c57-83b7-8b467f647800" response="yes">
<outUserConfig>
<aaaUser accountStatus="active" childAction="deleteNonPresent" clearPwdHistory="no" configState="ok"
configStatusMessage="" descr="" dn="sys/user-ext/user-admin" email="" encPwd="" encPwdSet="no"
expiration="never" expires="no" firstName="" lastName="" name="admin" phone=""
priv="admin,read-only" pwd="" pwdLifeTime="no-password-expire" pwdSet="yes">
<aaaSession childAction="deleteNonPresent" host="10.24.10.212" id="pts_0_1_6869" intDel="no"
loginTime="2015-04-07T15:19:54.000" pid="6869" refreshPeriod="0" rn="term-pts_0_1_6869"
sessionTimeout="1800" switchId="A" term="pts/0" ui="shell" user="admin"/>
<aaaUserRole childAction="deleteNonPresent" configState="ok" configStatusMessage="" descr=""
name="read-only" rn="role-read-only"/>
<aaaUserRole childAction="deleteNonPresent" configState="ok" configStatusMessage="" descr=""
name="admin" rn="role-admin"/>
<aaaUserData childAction="deleteNonPresent" descr="" intId="30466" name="" policyLevel="0"
policyOwner="local" pwdChangeCount="0" pwdChangeIntervalBegin="1970-01-01T00:00:00.000"
pwdChangedDate="1970-01-01T00:00:00.000" pwdHistory="" rn="user-data"/>
<aaaSshAuth childAction="deleteNonPresent" data="" oldStrType="none" rn="sshauth" strType="none"/>
</aaaUser>
</outUserConfig>
</restaggrGetUserInfo>
This object retrieves the user's information.
Endpoint
/api/sys/user/expand/<user-name>
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN:/api/sys/user/expand/<user-name>
(classId=restaggrGetUserInfo)
Properties that can be Set by the End User
NONE
Login Banner
Login Banner:
dn sys/user/pre-login-banner
message This is Cisco SSP
descr Login banner
name banner
This object configures the login banner.
Endpoint
/api/sys/user/pre-login-banner
Supported HTTP methods
POST, PATCH, PUT, GET, DELETE
Properties You Can Set with the REST API
dn
UCS_DN:sys/user-ext/pre-login-banner (classid=
aaaPreLoginBanner)
Properties that can be Set by the End User
message
Export and Import Configuration
Export
Export the Configuration to a Remote Host:
adminState enabled (enabled,disabled)
descr
dn /api/sys/config-export/task
hostname drs
intId 218950
job immediate
maxFiles 0
name
ownerPolicy
policyLevel 0
policyOwner local
postAction remove
preservePooledValues no
proto scp (SCP/SFTP/FTP/TFTP)
pwd
remoteFile /build2
user skanekal
{
"mgmtBackup": [
{
"descr": "",
"proto": "scp",
"hostname": "file1.cisco.com",
"adminState": "enabled",
"dn": "sys/export-config/task/file1.cisco.com",
"remoteFile": "/tmp/backup",
"user": "danp",
"name": "",
"pwd": ""
}
]
}
This object exports the configuration to the specified host.
Endpoints
/api/sys/export-config/task
to display the configuration
/api/sys/export-config/task/<hostname>
to export the configuration to
the specified hostname
Supported HTTP methods
POST, PATCH, PUT, GET, DELETE
Properties You Can Set with the REST API
dn
UCS_DN: sys/backup-<hostname> (classId=mgmtBackup)
Properties that can be Set by the End User
adminState
hostname
proto
pwd
remoteFile
user
Import
Import the Configuration from the Specified Host (file1.cisco.com):
{
"mgmtImporter": [
{
"descr": "",
"proto": "scp",
"hostname": "file1.cisco.com",
"adminState": "enabled",
"dn": "sys/import-config/task/file1.cisco.com",
"remoteFile": "/tmp/tftp",
"pwd": "",
"user": "david"
}
]
}
This object imports the configuration from the specified host.
Endpoints
/api/sys/import-config/task/
to display the configuration
/api/sys/import-config/task/<hostname>
to import the configuration
from the specified hostname
Supported HTTP methods
POST, PATCH, PUT, GET, DELETE
Properties You Can Set with the REST API
dn
UCS_DN: sys/import-config-<hostname>
(classId=mgmtImporter)
Properties that can be Set by the End User
proto
hostname
adminState
remoteFile
pwd
user
action
Export Status
Export Status:
adminState trigger / triggered/ untriggered
autoDelete yes/no
backupDate 2015-09-28T21:26:08.783 (or never)
backupIssue none/outdated
ignoreCap yes/no
initId any uint_32
Name default
operScheduler sys/sched-exp-bkup-outdate (it is a ucs dn)
operState waiting–for-user/ applied/ none/ expired/pending/active
policyLevel 0
policyOwner local
Scheduler exp–bkup-outdate
This object exports the status.
Endpoints
/api/sys/export-config/status
to display the configuration
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/export-config/status (classId=
mgmtBackupPolicyConfig)
Import Status
Import Status:
importDate 2015-09-28T21:26:08.783 (or never)
This object imports the status.
Endpoints
/api/sys/import-config/status
to display the configuration
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/import-config/status (classId= mgmtImportConfigInfo)
Schedule Export
Schedule Export:
descr Configuration Export Policy
host 172.29.191.78
port 0
proto scp (ftp/scp/sftp/tftp/https)
remoteFile /data/adrhe/tmp/1.bak
schedule 1day ( “1week�, “2week� )
user adrhe
pwd secret
adminState enable/disable
initId any uint_32
lastBackup timestamp
maxFiles 0
Name default
policyLevel 0
policyOwner local
This object schedules the export.
Endpoints
/api/sys/export-config/schedule
to display the configuration
Supported HTTP methods
GET, PUT, PATCH
Properties You Can Set with the REST API
dn
UCS_DN: sys/export-config/schedule (classId=
mgmtCfgExportPolicy)
Properties that can be Set by the End User
descr
host
port
proto
remoteFile
schedule
user
pwd
adminState
Export Reminder
Export Reminder:
adminState disable (disable,enable)
frequency 20 ( acceptable value: 1 – 365 )
initId any uint_32
Name default
policyLevel 0
policyOwner local
This object sets the export reminder.
Endpoints
/api/sys/export-config/remind
to display the configuration
Supported HTTP methods
GET, PUT, PATCH
Properties You Can Set with the REST API
dn
UCS_DN: sys/export-config/remind (classId=
mgmtBackupExportExtPolicy)
Properties that can be Set by the End User
adminState
frequency
Call Home Configuration
/api/sys/call-home/:
adminState off
alertThrottlingAdminState on
configState ok
descr
dn sys/call-home
intId 10004
name
policyLevel 0
policyOwner local
/api/sys/call-home/source:
addr 341 Baker St.
contact jack
contract 900
customer 123
dn sys/call-home/source
email jwu@cisco.com
from jsu@cisco.com
phone +1-011-408-555-1212
replyTo frum@cisco.com
site 819
urgency debug
/api/sys/call-home/smtp:
dn sys/call-home/smtp
host 11.2.3.1
port 233
/api/sys/call-home/profile/<name>:
Dn sys/call-home/profile-<name>
alertGroups system
level critical
maxSize (max size of email message 1-5000000)
format xml
/api/sys/call-home/profile/<name>/<email>:
DN: sys/call-home/profile-<name>/email-<email>
email
Complete example:
{
"callhomeEp": [
{
"urllink": "https://10.89.147.211/api/sys/call-home",
"dn": "sys/call-home",
"name": "",
"descr": "",
"callhomeSource": [
{
"customer": "",
"from": "",
"addr": "",
"replyTo": "",
"site": "",
"contract": "",
"phone": "",
"contact": "",
"rn": "source",
"email": "",
"urgency": "debug"
}
],
"callhomeTestAlert": [
{
"group": "unknown",
"description": "",
"level": "unknown",
"sendNow": "no",
"messageType": "unknown",
"messageSubtype": "unknown",
"rn": "testalert"
}
],
"configState": "ok",
"adminState": "off",
"callhomeSmtp": [
{
"host": "",
"rn": "smtp",
"port": "25"
}
],
"intId": "none",
"alertThrottlingAdminState": "on"
}
]
}
This object configures telemetry.
Endpoints
/api/sys/call-home
/api/sys/call-home/source
/api/sys/call-home/smtp
/api/sys/call-home/profile/<name>
/api/sys/call-home/profile/<name>/dest/<email>
Supported HTTP methods
POST, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: call-home (classId=callHomeEp)
UCS_DN: sys/call-home/source (classId=callhomeSource)
UCS_DN: sys/call-home/smtp (classId=callhomeSmtp)
UCS_DN: sys/call-home/profile-<name> (classId=callhomeProfile)
UCS_DN: sys/call-home/profile-<name>/email-<email>
(classId=callhomeDest)
Properties that can be Set by the End User
adminState
alertThrottlingAdminState
addr
contact
contract
customer
email
from
phone
replyTo
site
urgency
host
port
alertGroups
level
maxSize
format
Smart License
License Status
Get the License Status:
Smart Licensing is ENABLED
Registration:
Status: UNREGISTERED - REGISTRATION FAILED
Initial Registration: FAILED on Jan 2 00:52:27 2014 UTC
License Authorization:
Status: No Licenses in Use
This object retrieves the license status.
Endpoints
/api/sys/license/status
Supported HTTP methods
GET
Properties You Can Set with the REST API
NONE
Properties that can be Set by the End User
NONE
License Summary
Get the License Summary:
Smart Licensing is ENABLED
Registration:
Status: UNREGISTERED - REGISTRATION FAILED
License Authorization:
Status: No Licenses in Use
This object retrieves the license summary.
Endpoints
/api/sys/license/summary
Supported HTTP methods
GET
Properties You Can Set with the REST API
NONE
Properties that can be Set by the End User
NONE
License Tech Support
Get License Tech Support Information:
Smart Licensing Tech Support info
Smart Licensing Status
======================
Smart Licensing is ENABLED
Registration:
Status: REGISTERING - REGISTRATION IN PROGRESS
Initial Registration: FAILED on Jan 13 22:24:15 2015 UTC
Next Registration Attempt: Jan 13 22:43:00 2015 UTC
License Authorization:
Status: No Licenses in Use
Evaluation Period:
Evaluation Mode: Not In Use
Evaluation Period Remaining: 90 days, 0 hours, 0 minutes, 0 seconds
License Usage
=============
No Licenses in use
Product Information
===================
UDI: PID:Firepower Chassis_test,SN:FOC746325XM
Agent Version
=============
Smart Agent for Licensing: 1.2.0_dev/14
Upcoming Scheduled Jobs
=======================
Current time: Jan 13 22:24:15 2015 UTC
Daily: Jan 14 21:15:27 2015 UTC (22 hours, 51 minutes, 12 seconds remaining)
Init Flag Check: Not Available
Register Period Expiration Check: Jan 13 22:42:59 2015 UTC (18 minutes, 44 seconds remaining)
License Certificates
====================
Production Cert: False
Not registered. No certificates installed
HA Info
==========
RP Role: Active
Chassis Role: Active
Behavior Role: Active
RMF: False
CF: False
CF State: Invalid
Other Info
==========
Software ID: regid.com.cisco,ASR9000
Agent State: unidentified
TS enable: True
Transport: Callhome
Locale: en_US.UTF-8
Debug flags: 0x0
Privacy Send Hostname: True
Privacy Send IP: True
Build type:: Production
sizeof(char) : 1
sizeof(int) : 4
sizeof(long) : 4
sizeof(char *): 4
sizeof(time_t): 4
sizeof(size_t): 4
Endian: Little
WaitForHaRole: False
standbyIsHot: False
chkPtType: 0
delayCommInit: False
roleByEvent: False
maxTraceLength: 0
traceAlwaysOn: False
debugFlags: 0
This object retrieves license tech support information.
Endpoints
/api/sys/license/techsupport
Supported HTTP methods
GET
Properties You Can Set with the REST API
NONE
Properties that can be Set by the End User
NONE
License Unique Device Identifier
Get the Chassis Serial Number:
UDI: PID:PADDINGTON BRIDGE,SN:JAD1835017M
This object retrieves the chassis serial number.
Endpoints
/api/sys/license/udi
Supported HTTP methods
GET
Properties You Can Set with the REST API
NONE
Properties that can be Set by the End User
NONE
License Usage
Get the License Usage Authorization:
License Authorization:
Status: No Licenses in Use
This object retrieves the license authorization.
Endpoints
/api/sys/license/usage
Supported HTTP methods
GET
Properties You Can Set with the REST API
NONE
Properties that can be Set by the End User
NONE
License Configuration
Call Home Configuration
Get the License Call Home Configuration:
DN sys/callhome/Dest/SLDest
name SLDest
protocol https
email https://tools.cisco.com/its/service/oddce/services/DDCEService
This object retrieves the license call home configuration.
Endpoints
/api/sys/callhome/dest/SLDest
Supported HTTP methods
PUT, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/call-home/profile-SLProfile/dest-SLDest
(classid=callhomeDest)
Properties that can be Set by the End User
protocol
email
HTTP Proxy Support Configuration
Get the HTTP Proxy Support Configuration:
DN sys/call-home/httpproxy
proxyServerEnable on (on,off)
proxyServerUrl https://tools.cisco.com/its/service/oddce/services/DDCEService
proxyServerPort 80
This object retrieves the HTTP proxy support configuration.
Endpoints
/api/sys/callhome/httpproxy
Supported HTTP methods
PUT, PATCH, GET
Properties You Can Set with the REST API
dn
UCS_DN: call-home/httpproxy (classid=callhomeHttpProxy)
Properties that can be Set by the End User
proxyServerEnable
proxyServerUrl
proxyServerPort
Smart License Configuration
Register the Smart License Configuration
Register the Smart License Configuration:
DN sys/license/license-config/register
operation register (register, unregister)
tokenid xxxxxxx
This object registers the smart license configuration.
Endpoints
/api/sys/license/license-config/register
Supported HTTP methods
POST
Properties You Can Set with the REST API
dn
UCS_DN: UCS_DN: sys/license/license-config-register
(classid=licenseSmartConfig)
Properties that can be Set by the End User
operation
tokenid
Unregister the Smart License Configuration
Unregister the Smart License Configuration:
DN sys/license/license-config/unregister
operation unregister
This object unregisters the smart license configuration.
Endpoints
/api/sys/license/license-config/unregister
Supported HTTP methods
POST
Properties You Can Set with the REST API
dn
UCS_DN: UCS_DN: sys/license/license-config-unregister
(classid=licenseSmartConfig)
Properties that can be Set by the End User
operation
Permanent License Reservation (PLR)
License Reservation Code
License Reservation Code:
If this CLI is executed after 8.1.4
Reservation request code:
{{PID:CSR1000V, SN:9JAG1XHQHGO}{reg.cisco.com,myidtag}{903292}}
If this CLI is executed after 8.1.6
Reservation return code: {{UDI:PID:CiscoPIDDefault,SN:1234465}{PIID:98347509231740}{signature:0sdnmsdca90234jkdwo309jasdj}
This object gets the license reservation code.
Endpoints
/api/sys/license/reservation-code
to display the configuration
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN:
not applicable
(file=/bootflash/license/sla_resvcode)
Enable PLR
Enable PLR:
{
"dn" : "sys/license/license-config/enableresv",
"operation" : "enableResv"
}
This object enables the PLR.
Endpoints
/api/sys/license/license-config/enableresv
to display the configuration
Supported HTTP methods
POST
Properties You Can Set with the REST API
dn
UCS_DN:sys/license/license-config-enableresv
(classId=licenseSmartConfig)
Disable PLR
Disable PLR:
{
"dn" : "sys/license/license-config/disableresv",
"operation" : "disableResv"
}
This object disables the PLR.
Endpoints
/api/sys/license/license-config/disableresv
to display the configuration
Supported HTTP methods
POST
Properties You Can Set with the REST API
dn
UCS_DN:sys/license/license-config-disableresv
(classId=licenseSmartConfig)
License Reservation Request
License Reservation Request:
{
"dn" : "sys/license/license-config/request",
"operation" : "request",
mode : "universal"
}
This object requests a license reservation.
Endpoints
/api/sys/license/license-config/request
to display the configuration
Supported HTTP methods
POST
Properties You Can Set with the REST API
dn
UCS_DN:sys/license/license-config-request
(classId=licenseSmartConfig)
License Reservation Install
License Reservation Install:
{
"dn" : "sys/license/license-config/install",
"operation" : "install",
"code" : <license reservation code>
}
This object installs a license reservation.
Endpoints
/api/sys/license/license-config/install
to display the configuration
Supported HTTP methods
POST
Properties You Can Set with the REST API
dn
UCS_DN:sys/license/license-config-install
(classId=licenseSmartConfig)
License Reservation Return
License Reservation Return:
{
"dn" : "sys/license/license-config/return",
"operation" : "return"
}
This object returns a license reservation.
Endpoints
/api/sys/license/license-config/return
to display the configuration
Supported HTTP methods
POST
Properties You Can Set with the REST API
dn
UCS_DN:sys/license/license-config-return
(classId=licenseSmartConfig)
License Reservation Cancel
License Reservation Cancel:
{
"dn" : "sys/license/license-config/cancel",
"operation" : "cancel"
}
This object returns a license reservation.
Endpoints
/api/sys/license/license-config/cancel
to display the configuration
Supported HTTP methods
POST
Properties You Can Set with the REST API
dn
UCS_DN:sys/license/license-config-cancel
(classId=licenseSmartConfig)
Blade Management
Blade Reset / Cycle / Power Control
Blade Reset / Cycle / Power Control:
state (see list below)
State Enum Value:
down -- Power Down
up -- Power Up
cycle-immediate -- Power Cycle Immediately
cycle-wait -- Power Cycle Wait
hard-reset-immediate -- Hard Reset Immediately
hard-reset-wait -- Hard Reset Wait
This object resets the specified blade.
Endpoints
/api/sys/server/<id>
Supported HTTP methods
GET, PUT, POST
Properties You Can Set with the REST API
UCS_DN: org-root/ls-Firepower Chassis-sprof-<id>/power
(classId=lsPower)
Properties that can be Set by the End User
state
Blade Power Status
Blade Power Status:
"operPower": "off"
This object gets the blade power status.
Endpoints
/api/sys/chassis/blade/<id>
Supported HTTP methods
GET
Properties You Can Set with the REST API
UCS_DN: : sys/chassis-1/blade-<id>/power (classId=computeBlade)
Properties that can be Set by the End User
NONE
Blade Decommission
Blade Decommission:
"lc": "decommission"
This object decommissions the blade.
Endpoints
/api/sys/chassis/blade/<id>
Supported HTTP methods
GET, PUT, PATCH
Properties You Can Set with the REST API
UCS_DN: sys/chassis-1/blade-<id> (classId=computeBlade)
Properties that can be Set by the End User
lc
Slot Status / Acknowledge
Slot Status / Acknowledge:
"adminState": "reacknowledge"
"presence": "equipped" (empty, mismatch, . . .)
"discovery": "complete"
"operState": "up"
(other properties omitted)
This object gets and sets the slot status and acknowledge state.
Endpoints
/api/sys/slot/<id>
Supported HTTP methods
GET, PUT, PATCH
Properties You Can Set with the REST API
UCS_DN: fabric/server/chassis-1/slot-<id>
(classId=fabricComputeSlotEp)
Properties that can be Set by the End User
adminState
Firepower Chassis Platform Monitoring Objects
Firepower Chassis/Blade/Adaptor Inventory & Status
Chassis
Get Chassis Information:
{
"equipmentChassis": [
{
"urllink": "https://127.0.0.1/api/sys/chassis",
"operState": "power-problem",
"operQualifier": "chassis-power,psu-power",
"vid": "05",
"fsmTry": "0",
"configState": "ok",
"thermal": "ok",
"lcTs": "1970-01-01T00:00:00.000",
"operability": "operable",
"serial": "FOX1725G9YX",
"managingInst": "A",
"id": "1",
"ackProgressIndicator": "ack-not-in-progress",
"versionHolder": "no",
"fsmRmtInvErrCode": "none",
"connStatus": "A",
"presence": "unknown",
"connPath": "A",
"adminState": "acknowledged",
"fsmRmtInvErrDescr": "",
"revision": "0",
"dn": "sys/chassis",
"model": "N20-C6508",
"fsmPrev": "PowerCapSuccess",
"vendor": "Cisco Systems Inc",
"fsmStatus": "nop",
"power": "redundancy-failed",
"mfgTime": "2013-07-11T00:00:00.000",
"fsmStageDescr": "",
"operQualifierReason": "N/A",
"fsmDescr": "",
"fsmStamp": "2014-07-12T00:51:10.849",
"fsmProgr": "100",
"partNumber": "68-4777-02",
"licState": "license-ok",
"thermalStateQualifier": "",
"fabricEpDn": "fabric/server/chassis-1",
"usrLbl": "",
"licGP": "0",
"seepromOperState": "operable",
"fsmRmtInvRslt": ""
}
]
}
This object retrieves specific chassis information.
Endpoint
/api/sys/chassis
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/chassis-1 (classId= equipmentChassis)
Supervisor
Get Supervisor Information:
{
"equipmentSwitchIOCard": [
{
"urllink": "https://127.0.0.1/api/sys/chassis/slot/1",
"operState": "operable",
"operQualifier": "",
"vid": "V03",
"fsmTry": "0",
"fsmRmtInvErrCode": "none",
"configState": "ok",
"thermal": "ok",
"switchId": "A",
"lcTs": "1970-01-01T00:00:00.000",
"operability": "operable",
"peerDn": "",
"serial": "FCH17327KL8",
"peerCommStatus": "disconnected",
"id": "1",
"perf": "not-supported",
"feReadyTs": "never",
"presence": "equipped",
"chassisId": "1",
"fsmRmtInvErrDescr": "",
"discovery": "online",
"dn": "sys/chassis/slot/1",
"fsmPrev": "FeConnSuccess",
"vendor": "Cisco Systems Inc",
"fsmStatus": "nop",
"power": "not-supported",
"mfgTime": "2013-08-18T00:00:00.000",
"fsmStageDescr": "",
"feOfflineTs": "never",
"operQualifierReason": "N/A",
"fsmDescr": "",
"fsmStamp": "2014-07-15T17:03:14.071",
"fsmProgr": "100",
"upgradeStatus": "",
"model": "UCS-IOM-2204XP",
"fsmFlags": "",
"adminPowerState": "policy",
"usrLbl": "",
"baseAddr": "127.5.1.0",
"lcName": "",
"processorThermalState": "unknown",
"partNumber": "73-14488-03",
"revision": "0",
"fsmRmtInvRslt": "",
"side": "left",
"voltage": "not-supported"
}
]
}
This object retrieves Supervisor information.
Endpoint
/api/sys/chassis/slot/1
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/chassis-1/sw-slot-1 (classId= equipmentSwitchIOCard)
Chassis / Supervisor Aggregated Inventory
Get Supervisor Aggregated Inventory:
<restaggrGetChassisInventory cookie="1428201474/3731410f-a5db-4b6d-827c-2df371813f95" inChassisId="1"/>
<restaggrGetChassisInventory cookie="1428428170/bc3242b0-d767-45b0-9137-8a42e920a6ca" response="yes">
<outChassisConfig>
<equipmentChassis adminState="acknowledged" configState="ok" connPath="A" connStatus="A"
dn="sys/chassis-1" fltAggr="1717987311619" id="1" managingInst="A" model="FPR-C9300"
operQualifier="psu-power" operQualifierReason="N/A" operState="power-problem"
operability="operable" power="ok" presence="unknown" revision="0" seepromOperState="operable"
serial="JMX19000013" thermal="unknown" thermalStateQualifier="" usrLbl="�
vendor="Cisco Systems Inc">
<equipmentSwitchIOCard adminPowerState="policy" chassisId="1" configState="ok" discovery="online"
fltAggr="1" id="1" model="FPR9K-SUP" operQualifier="" operQualifierReason="N/A"
operState="operable" operability="operable" perf="not-supported" power="not-supported"
presence="equipped" revision="0" rn="sw-slot-1" serial="JSJ18280004" side="left" switchId="A"
thermal="unknown" upgradeStatus="" usrLbl="" vendor="Cisco Systems, Inc."
voltage="not-supported"/>
</equipmentChassis>
</outChassisConfig>
<outChassisCapProviderConfig>
<equipmentChassisCapProvider dn="capabilities/manufacturer-Cisco Systems Inc-model-FPR-C9300-
revision-0" model="FPR-C9300" revision="0" vendor="Cisco Systems Inc">
<equipmentManufacturingDef caption="Cisco Firepower Chassis 9300 Blade Server Chassis" descr=""
description="Cisco Blade Server Chassis, 3U with Three Blade Server Slots" fruMajorType="1"
fruMinorType="1" name="Cisco Firepower Chassis 9300" oemName="" oemPartNumber=""
partNumber="FPR-C9300" pid="FPR-C9300" rn="manufacturing" sku="FPR-C9300" vid="V01"/>
</equipmentChassisCapProvider>
</outChassisCapProviderConfig>
<outCardCapProviderConfig>
<equipmentSwitchIOCardCapProvider dn="capabilities/manufacturer-Cisco Systems, Inc.-model-
FPR9K-SUP-revision-0" model="FPR9K-SUP" revision="0" vendor="Cisco Systems, Inc.">
<equipmentManufacturingDef caption="Cisco FPR9K-SUP 8 Port Fabric Interconnect" descr=""
description="Cisco FPR9K-SUP 8 Port IOM Fabric Interconnect" fruMajorType="" fruMinorType=""
name="Cisco FPR9K-SUP" oemName="" oemPartNumber="" partNumber="FPR9K-SUP"
pid="FPR9K-SUP" rn="manufacturing" sku="FPR9K-SUP" vid="V01"/>
</equipmentSwitchIOCardCapProvider>
</outCardCapProviderConfig>
</restaggrGetChassisInventory>
This object retrieves Supervisor information.
Endpoint
/api/sys/chassis/get-inventory
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN: /api/sys/chassis/get-inventory (classId=
restaggrGetChassisInventory)
Supervisor Stats
Get Supervisor Statistics:
{
"equipmentIOCardStats": [
{
"urllink": "https://127.0.0.1/api/sys/chassis/slot/1/stats",
"ambientTempMax": "35.000000",
"dimmTempMax": "not-applicable",
"procTempAvg": "not-applicable",
"intervals": "58982460",
"ambientTemp": "35.000000",
"procTemp": "not-applicable",
"tempAvg": "46.000000",
"thresholded": "",
"dimmTemp": "not-applicable",
"suspect": "no",
"dimmTempAvg": "not-applicable",
"dn": "sys/chassis/slot/1/stats",
"update": "65541",
"ambientTempAvg": "35.000000",
"tempMin": "46.000000",
"procTempMax": "not-applicable",
"tempMax": "46.000000",
"temp": "46.000000",
"ambientTempMin": "35.000000",
"dimmTempMin": "not-applicable",
"procTempMin": "not-applicable",
"timeCollected": "2014-07-15T18:52:14.659"
}
]
}
This object retrieves Supervisor statistics.
Endpoint
sys/chassis-1/sw-slot-1/stats
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/chassis-1/sw-slot-1/stats (classId=
equipmentIOCardStats)
Blade
Get Blade Information:
{
"computeBlade": [
{
"urllink": "https://127.0.0.1/api/sys/chassis/blade/1",
"model": "UCSB-B200-M3",
"operState": "inoperable",
"policyLevel": "0",
"localId": "",
"vid": "V03",
"fsmTry": "16",
"policyOwner": "local",
"adminPower": "policy",
"checkPoint": "deep-checkpoint",
"usrLbl": "",
"lcTs": "1970-01-01T00:00:00.000",
"operability": "operable",
"intId": "35844",
"numOfThreads": "24",
"numOfAdaptors": "2",
"availability": "unavailable",
"operPower": "off",
"operQualifier": "adaptor-inoperable",
"lc": "undiscovered",
"descr": "",
"managingInst": "A",
"connStatus": "A",
"presence": "equipped",
"chassisId": "1",
"originalUuid": "a206faca-575e-46d2-8bf0-d0127e4d211c",
"connPath": "A",
"numOfCoresEnabled": "12",
"adminState": "in-service",
"fsmRmtInvErrDescr": "",
"numOfEthHostIfs": "0",
"assignedToDn": "",
"discovery": "illegal-fru",
"dn": "sys/chassis/blade/1",
"memorySpeed": "1333",
"fsmPrev": "DiscoverBmcInventory",
"vendor": "Cisco Systems Inc",
"fsmStatus": "DiscoverBmcInventory",
"fsmRmtInvErrCode": "none",
"mfgTime": "2012-12-17T00:00:00.000",
"totalMemory": "98304",
"fsmStageDescr": "getting inventory of server 1/1 via CIMC(FSM-STAGE:sam:dme:ComputeBladeDiscover:BmcInventory)",
"slotId": "1",
"numOfCpus": "2",
"fsmDescr": "blade discovery 1/1(FSM:sam:dme:ComputeBladeDiscover)",
"fsmStamp": "2014-07-15T18:55:23.080",
"fsmProgr": "3",
"serverId": "1/1",
"serial": "FCH1650JQ8Q",
"fsmFlags": "",
"association": "none",
"availableMemory": "98304",
"name": "",
"lowVoltageMemory": "regular-voltage",
"uuid": "a206faca-575e-46d2-8bf0-d0127e4d211c",
"numOfFcHostIfs": "0",
"numOfCores": "12",
"partNumber": "73-13217-08",
"revision": "0",
"fsmRmtInvRslt": ""
}
]
}
This object retrieves specific blade information.
Endpoint
/api/sys/chassis/blade/1
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/chassis-1/blade-1 (classId= computeBlade)
Blade Motherboard
Get Blade Motherboard Information:
{
"computeBoard": [
{
"dn": "sys/chassis/blade/1/board",
"urllink": "https://127.0.0.1/api/sys/chassis/blade/1/board",
"operState": "not-supported",
"vendor": "Cisco Systems Inc",
"perf": "ok",
"power": "ok",
"presence": "not-supported",
"operPower": "off",
"operQualifierReason": "N/A",
"thermal": "ok",
"voltage": "ok",
"cmosVoltage": "ok",
"id": "0",
"serial": "FCH1650JQ8Q",
"revision": "0",
"model": "UCSB-B200-M3",
"powerUsage": "ok",
"operability": "not-supported"
}
]
}
This object retrieves blade motherboard information.
Endpoint
/api/sys/chassis/blade/1/board
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/chassis-1/blade-1/board (classId= computeBoard)
Blade Processor Information
Get Blade Processor Information:
arch Xeon
cores 12
coresEnabled 12
id 1
locationDn
model Intel(R) Xeon(R) CPU E5-2658 v3 @ 2.20GHz
operQualifierReason N/A
operState operable
operability operable
perf unknown
power not-supported
presence equipped
revision 0
serial
socketDesignation CPU1
speed 2.200000
stepping 2
thermal ok
threads 24
vendor Intel(R) Corporation
visibility yes
voltage not-supported
This object retrieves blade processor information.
Endpoint
/api/sys/chassis/blade/1/board/cpu/
/api/sys/chassis/blade/1/board/cpu/<id>
Supported HTTP methods
GET
Properties You Can Set with the REST API
UCS_DN: sys/chassis-1/blade-2/board/cpu-1 (classid=processorUnit)
Blade Memory Information
Get Blade Memory Information:
cpuId 2
currCapacity 131072
errorCorrection undiscovered
id 1
locationDn
maxCapacity 1572864
maxDevices 24
model
operQualifierReason N/A
operState not-supported
operability not-supported
perf unknown
populated 8
power not-supported
presence equipped
revision 0
serial
thermal not-supported
vendor
voltage not-supported
This object retrieves blade memory information.
Endpoint
/api/sys/chassis/blade/1/board/mem-all
/api/sys/chassis/blade/1/board/memory/<id>
Supported HTTP methods
GET
Properties You Can Set with the REST API
UCS-DN: sys/chassis-1/blade-2/board/memarray-1
(classId=memoryArray)
Blade Power Stats
Get Motherboard Power Statistics:
{
"computeMbPowerStats": [
{
"consumedPower": "0.000000",
"dn": "sys/chassis/blade/1/board/power-stats",
"inputVoltage": "0.000000",
"consumedPowerAvg": "0.000000",
"inputCurrentMax": "0.000000",
"thresholded": "",
"inputCurrent": "0.000000",
"update": "393217",
"inputVoltageMin": "0.000000",
"intervals": "58982460",
"suspect": "no",
"consumedPowerMax": "0.000000",
"inputCurrentMin": "0.000000",
"inputVoltageMax": "0.000000",
"timeCollected": "2014-07-15T18:58:53.061",
"urllink": "https://127.0.0.1/api?dn=sys/chassis-1/blade-1/board/power-stats",
"consumedPowerMin": "0.000000",
"inputCurrentAvg": "0.000000",
"inputVoltageAvg": "0.000000"
}
]
}
This object retrieves blade motherboard power statistics.
Endpoint
/api/sys/chassis/blade/1/board/power-stats
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/chassis-1/blade-1/board/power-stats
(classId=computeMbPowerStats)
NIC Adaptor
Get Specific NIC Adaptor Information:
{
"adaptorUnit": [
{
"urllink": "https://127.0.0.1/api/sys/chassis/blade/1/adaptor/1",
"operState": "operable",
"presence": "equipped",
"thermal": "unknown",
"operability": "operable",
"serial": "FCH165271GA",
"managingInst": "A",
"id": "1",
"perf": "not-supported",
"bladeId": "1",
"connPath": "A",
"chassisId": "1",
"integrated": "no",
"revision": "0",
"dn": "sys/chassis/blade/1/adaptor/1",
"vendor": "Cisco Systems Inc",
"power": "off",
"mfgTime": "2012-12-28T00:00:00.000",
"baseMac": "00:06:F6:9C:A0:BC",
"pciAddr": "",
"operQualifierReason": "N/A",
"partNumber": "73-14641-02",
"adminPowerState": "none",
"reachability": "",
"pciSlot": "N/A",
"model": "UCSB-MLOM-40G-01",
"connStatus": "A",
"voltage": "not-supported"
}
]
}
This object retrieves specific NIC adaptor information.
Endpoint
/api/sys/chassis/blade/1/adaptor
/api/sys/chassis/blade/1/adaptor/1
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN: sys/chassis-1/blade-1/adaptor-1 (classId= adaptorUnit)
Blade Storage Inventory
This object retrieves SAS, SATA, FLASH, and SD storage controller inventory.
Endpoint
/api/sys/chassis/blade/1/board/storage
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCSDN: sys/chassis-1/blade-1/board/storage-
Power Supply Unit
This object retrieves power supply unit information.
Endpoint
/api/sys/chassis/psu
/api/sys/chassis/psu/1
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN=sys/chassis-1/psu-1 (classId= equipmentPsu)
Fan Unit
This object retrieves fan unit information.
Endpoint
/api/sys/chassis/fan-module
/api/sys/chassis/fan-module/tray/1/id/3/fan/2
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN=sys/chassis-1/fan-module-1-3/fan-2 (classId=
equipmentFan)
clapton -- new section Chassis Environment
Chassis Environment
This object retrieves chassis environment information.
Endpoint
/api/sys/chassis/chassis-env
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN=sys/chassis-1/ch-env
Get Specific Chassis Environment Information:
{
" equipmentChassisEnv ": [
{
"urllink": "https://10.89.147.211/api/sys/chassis/ch-env",
"dn": "sys/chassis-1/ch-env",
"cpuTemp": "48.00",
"inletTemp": "34.00",
" lastUpdatetime": " 2016-11-23T01:29:53.585",
" totalPower": "638.00",
"equipmentPusEnv": [
{
"id": "1",
"operStatus": "ok",
"psuInput": "ok",
"psuOutput": "ok",
"psuType": "AC",
},
]
"equipmentFanEnv": [
{
"id": "1",
"FanSpeed": "3021",
"FanStatus": "ok",
" FanPerf": "operable",
},
]
"equipmentBladeEnv": [
{
"id": "1",
"CpuTemp": "61.00",
"powerConsumption": "216.00",
},
]
]
}
}
Firepower Chassis Switch Inventory & Status
Switch
Get Switch Information:
adminInbandIfState disable
dn sys/switch
inbandIfGw 0.0.0.0
inbandIfIp 0.0.0.0
inbandIfMask 0.0.0.0
inbandIfVnet 0
inventoryStatus
model ASA-MIO-9K
oobIfGw 10.193.211.254
oobIfIp 10.193.211.134
oobIfMask 255.255.255.0
operability operable
revision 0
serial FCH18097WXC
thermal ok
totalMemory 8058
vendor Cisco Systems, Inc.
This object retrieves specific switch information.
Endpoint
/api/sys/mgmt-ipv4
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN=sys/switch-A (classId=networkElement)
Switch Slot
Get Switch Slot Information:
descr Firepower Chassis MIO 8x10G SFP+, 2xEPM slots
dn sys/switch/slot/1
id 1
model ASA-MIO-9K
numPorts 8
operState operable
operability operable
perf unknown
power online
presence equipped
revision 0
serial
state online
thermal unknown
ts 2012-01-09T20:54:04.184
vendor Cisco Systems, Inc.
voltage unknown
This object retrieves specific switch slot information.
Endpoint
/api/sys/switch/slot/1
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN = sys/switch-A/slot-1 (classId= equipmentSwitchCard)
Physical Port Inventory, Transceiver and Stats
Get Physical Port Inventory, Transceiver and Statistics:
adminState disabled
adminTransport ether
aggrPortId 0
chassisId N/A
dn sys/switch/slot/1/switch-ether/Ethernet1/1
encap unknown
epDn
ifRole unknown
ifType physical
isPortChannelMember no
lc available
licGP 0
licState unknown
locale
mac 00:01:64:49:00:08
mode access
model
name
operSpeed indeterminate
operState sfp-not-present
peerAggrPortId 0
peerDn
peerPortId 0
peerSlotId 0
portId 1
revision 0
serial
slotId 1
stateQual Unknown
switchId A
transport ether
ts 2012-01-09T20:59:04.184
type
unifiedPort no
usrLbl
vendor
xcvrType unknown
Get Transceiver Information:
dn sys/switch/ports/slot/1/port/1/transceiver
id 1
model 1-2053783-1
revision 0
serial TED1517A5VF
ts 2014-08-22T17:49:24.539
type h10gcu1m
vendor CISCO-TYCO
This object retrieves physical port inventory, transceiver information, and the following statistics:
- pause statistics
- loss statistics
- error statistics
- transmission (TX) statistics
- rate, signal and noise (RX) statistics
Endpoints
/api/sys/switch/ports/ethernet1_API_SLASH_1
Breakout Port:
/api/sys/switch/ports/ethernet2%2F1%2F3
Port Channel:
/api/ports/pc/<id>
Transceiver:
/api/sys/switch/ports/slot/1/port/1/transceiver
Pause Statistics:
/api/sys/switch/slot/1/port/1/etherPauseStats
,
/api/ports/pc/<id>/etherPauseStats
Loss Statistics:
/api/sys/switch/slot/1/port/1/etherLossStats, /api/ports/pc/<id>/etherLossStats
Error Statistics:
/api/sys/switch/slot/1/port/1/etherErrStats, /api/ports/pc/<id>/etherErrStats
TX Statistics:
/api/sys/switch/slot/1/port/1/etherTxStats, /api/ports/pc/<id>/etherTxStats
RX Statistics:
/api/sys/switch/slot/1/port/1/etherRxStats, /api/ports/pc/<id>/etherRxStats
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN = sys/switch-A/slot-1/switch-ether/port-1 (classId= etherPIo)
UCS_DN: fabric/lan/A/pc-<id>
UCS_DN: sys/switch-A/slot-1/switch-ether/port-1/transceiver
(classId=equipmentXcvr)
UCS_DN: sys/switch-A/slot-1/switch-ether/port-1/pause-stats, fabric/lan/A/pc-
UCS_DN: sys/switch-A/slot-1/switch-ether/port-1/loss-stats, fabric/lan/A/pc-<id>/loss-stats
(classId= etherLossStats)
UCS_DN: sys/switch-A/slot-1/switch-ether/port-1/err-stats, fabric/lan/A/pc-<id>/err-stats
(classId=etherErrStats)
UCS_DN: sys/switch-A/slot-1/switch-ether/port-1/tx-stats, fabric/lan/A/pc-<id>/tx-stats
(classId=etherTxStats)
UCS_DN: sys/switch-A/slot-1/switch-ether/port-1/rx-stats, fabric/lan/A/pc-<id>/rx-stats
(classId=etherRxStats)
Local Storage
Get Local Storage Information:
name bootflash
operState clean
size 106490
used 5
This object retrieves local storage information.
Endpoints
/api/sys/switch/storage
/api/sys/switch/storage/<name>
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
DN=sys/switch-A/stor-part-<name> (name="bootflash","opt","workspace","spare")
(classid = storageItem)
Firmware Information
Available Images
This object retrieves information about the available images.
Endpoint
/api/sys/firmware/image
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN= sys/fw-catalogue/image-ucs-mgmtext.3.0.0.154.gbin (classId=
firmwareImage)
Available Firmware Bundle
This object retrieves information about the available firmware bundle.
Endpoint
/api/sys/firmware/distrib
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN=sys/fw-catalogue/distrib-mini-ucs-k9-bundle-infra.3.0.0.163.A.gbin
(classid= firmwareDistributable)
Running Version
Get Running Version:
{
deployment system
dn sys/switch-A/mgmt/fw-system
invTag paddington-system
packageVersion 3.0(0.390)
type switch-software
version 5.0(3)N2(3.00.390)
}
This object retrieves information about the running version.
Endpoint
Switch Management Version:
/api/sys/firmware/version/mgmt
Switch Kickstart Running Version:
/api/sys/firmware/version/kernel
Switch System Running Version:
/api/sys/firmware/version/system
Switch Chassis Manager Version:
/api/sys/firmware/version/chassis-manager
Firepower Chassis OS Version:
/api/sys/chassis/blade-1/os-ctrl/fw-system
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
Switch Management Version:
UCS_DN=sys/mgmt/fw-system (classId=firmwareRunning
)
Switch Kickstart Running Version:
UCS_DN=sys/switch-A/mgmt/fw-kernel
(classId=firmwareRunning )
Switch System Running Version:
UCS_DN=sys/switch-A/mgmt/fw-system
(classId=firmwareRunning )
Switch Chassis Manager Version:
UCS_DN=capabilities/ep/mgmt-ext/fw-system
(classId=firmwareRunning )
Firepower Chassis OS Version:
UCS_DN=sys/chassis-1/blade-1/os-ctrl/fw-system
(classId=firmwareRunning )
Fault
This object retrieves faults for the system or chassis.
Endpoints
All faults in the system:
/api/sys/fault-all
All faults in the chassis:
/api/sys/chassis/fault
To get a particular fault:
/api/sys/chassis/blade/2/adaptor/2/host-eth-2/fault/F0207
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
Chassis Only:
UCS_DN: sys/chassis-1 & classid=faultInst
Particular Fault:
UCS_DN:
sys/chassis-1/blade-2/adaptor-2/host-eth-2/fault-F0207
Acknowledge Fault
Acknowledge Fault:
ack yes
cause link-down
changeSet
code F0207
created 2012-02-13T04:53:40.153
descr Adapter host interface 1/1/1/13 link state: down
interface 1/1/1/13 link state: down
highestSeverity major
id 63806
lastTransition 2012-02-13T20:29:16.400
lc
occur 4
origSeverity major
prevSeverity cleared
rule adaptor-host-if-link-down
severity major
tags network,server
type network
This object acknowledges a specific fault for the system or chassis.
Endpoints
/api/sys/chassis/blade/2/adaptor/2/host-eth-2/fault/F0207
Supported HTTP methods
PUT, PATCH
Properties You Can Set with the REST API
UCS_DN: sys/chassis-1/blade-2/adaptor-2/host-eth-2/fault-F0207
Properties that can be Set by the End User
ack
Event
Get the Event Log:
maxSize 10000
purgeWindow 100
size 9917
This object retrieves the event log or all event records.
Endpoints
Event log:
/api/sys/event-log
All event records:
/api/sys/event-log/all
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
Event log:
UCS_DN: event-log (classId = eventLog)
All event records:
UCS_DN: N/A (classId = eventRecord)
Fail-to-Wire
Fail-to-Wire:
{
aggrPortId 0
epDn
mode disabled (standby, bypass)
name
operMode disabled (standby, bypass)
peerAggrPortId 0
peerDn
peerPortId 6
peerPortName Ethernet3/6
peerSlotId 3
portId 5
portName Ethernet3/5
slotId 3
switchId A
wdtStart 10
wdtState disabled (enabled)
}
This object retrieves information about the fail-to-wire status.
Endpoints
/api/sys/fail-to-wire
/api/sys/fail-to-wire/ethernet1_API_SLASH_API_3-ethernet1_API_SLASH_API_4
/api/sys/fail-to-wire/ethernet2_API_SLASH_1_API_SLASH_3-ethernet2_API_SLASH_1_API_SLASH_4
Supported HTTP methods
GET
Properties You Can Set with the REST API
dn
UCS_DN=sys/switch-A/fail-to-wire/ftw-port-<slot>-<aggrId>-<port1Id>-port-<slot>-<aggrId>-<port2Id>
(classId=etherFtwPortPair )
Event Subscription
New Object Created Notification:
{
"configMoChangeEvent":
[
{
"cookie": "",
"inEid": "196392",
"inConfig":
[
{
"smAppInstance":
[
{
"urllink": "http://171.71.230.251/api/Slot/1/AppInstance/ddos3",
"dn": "Slot/1/AppInstance/ddos3",
"runningVersion": "",
"appName": "ddos3",
"adminState": "enabled",
"status": "created",
"startupVersion": "",
"operationalState": "not-installed",
"appInstId": ""
}
]
}
]
}
]
}
Firepower Chassis API provides a mechanism to register and get notified when objects are
modified. Modifications mean new objects are created or existing objects are updated or
objects are being deleted.
To subscribe to an event notification, send a POST request to
/api/events
with a valid token. Events will be sent back to clients in the following format:
<message_length><new line>
<json_event_string><new line>
When objects are created, a notification is sent to registered clients. The content of
the new object has all properties. The
status
field is set to
created
.
Object Modified Event:
{
"configMoChangeEvent":
[
{
"cookie": "",
"inEid": "196408",
"inConfig":
[
{
"smApp":
[
{
"urllink": "http://171.71.230.251/api/App/ddos2-1.0",
"dn": "App/ddos2-1.0",
"status": "modified",
"installTimeout": "130"
}
]
}
]
}
]
}
When objects are modified, the event contains the object with its modified properties
only. The
status
field is set to
modified
.
Object Deleted Event:
{
"configMoChangeEvent":
[
{
"cookie": "",
"inEid": "196435",
"inConfig":
{
"smAppInstance":
[
{
"urllink": "http://171.71.230.251/api/Slot/1/AppInstance/ddos3",
"dn": "Slot/1/AppInstance/ddos3",
"status": "deleted"
}
]
}
}
]
}
When objects are deleted, the event contains the object with the DN and its
status
field set to
deleted
.
Bulk API
The Firepower Chassis API allows you to perform multiple requests at the same time, executing them in a single transaction. Either all requests succeed or all requests fail. If at least one object fails the operation, all the operations in the same request fail.
Note that only bulk operations of the same type can be performed:
- Multiple GETs
- Multiple object creation or modification.
- Multiple object deletion.
DN Consideration
When single objects are posted, if the
DN
field is not specified, the URL
will be included as the
DN
field.
If the
DN
field is specified, the URL path will be ignored. In such cases
Cisco recommends that the URL be
/api
.
Bulk GET Operation
Multiple objects can be retrieved at the same time specifying the
DN
attribute in the URL multiple times. Cisco recommends that the URL length not to exceed
2000 characters.
GET /api?dn=Slot/1&dn=App/ddos-1.0&dn=Slot/1/AppInstance/ddos
NOTE: Only leaf objects can be used in a bulk GET operation. Non-leaf objects cannot be used in a bulk GET operation.
Examples of non-leaf objects are:
- Slot
- App
- Slot/<slot_nr>/AppInstance
- LogicalDevice
- LogicalDevice/<ld_name>/ExternalPortLink
Use one query for each of these objects.
As an alternative, you can submit bulk requests for multiple
classId
s:
GET /api?classId=smSlot&classId=smApp&classId=smExternalPortLink
Bulk POST Operation
Single Request to Create one App Object and one AppInstance Object
POST: /api
{
"smApp": [
{
"appId": "ddos",
"appType": "application",
"author": "Company A",
"buildDate": "Dec 20, 2014",
"canDowngrade": "yes",
"canUpgrade": "yes",
"deployType": "vm",
"description": "This is a DDOS app",
"dn": "App/ddos-1.0",
"fullInstall": "yes",
"installTimeout": "120",
"isAggregateVnic": "no",
"isSecurityControl": "yes",
"longName": "DDOS Company A",
"minDiskData": "120",
"minOS": "1.0",
"name": "ddos",
"uninstallTimeout": "120",
"upgradeTimeout": "60",
"version": "1.0"
}
],
"smAppInstance": [
{
"adminState": "enabled",
"appName": "ddos",
"dn": "Slot/1/AppInstance/ddos",
"startupVersion": ""
}
]
}
Multiple objects can be created or modified at the same time. Specify
/api
for the URL in such cases.
The
DN
field specifies the location of each object in the MIT (Management
Information Tree).
NOTE:
When performing bulk POST operations, all JSON
objects must specify the
DN
field.
In this example, a single POST request is used to create one App object and one AppInstance object.
Bulk DELETE Operation
Multiple objects can be deleted simultaneously by specifying the list of
DN
objects to be deleted. The syntax is identical to that used in
Bulk GET Operations
.
DELETE /api?dn=Slot/1/AppInstance/ddos&dn=App/ddos-1.0
REST API Objects
For a list of HTTP methods supported by the REST API, see Supported Methods
AAA
LDAP Configuration Object
Retrieve All LDAP Providers:
{
"aaaLdapProvider": [
{
"urllink": "https://10.89.147.211/api/sys/ldap/provider/danp-lnx",
"dn": "sys/ldap/provider/danp-lnx",
"vendor": "OpenLdap",
"name": "danp-lnx",
"descr": "",
"retries": "1",
"attribute": "",
"basedn": "",
"rootdn": "",
"order": "1",
"filter": "",
"keySet": "no",
"timeout": "30",
"key": "",
"port": "389",
"enableSSL": "no"
},
{
"urllink": "https://10.89.147.211/api/sys/ldap/provider/danp1",
"dn": "sys/ldap/provider/danp1",
"vendor": "MS-AD",
"name": "danp1",
"descr": "",
"retries": "1",
"attribute": "test3",
"basedn": "bla bla",
"rootdn": "binddn",
"order": "2",
"filter": "",
"keySet": "yes",
"timeout": "10",
"key": "",
"port": "100",
"enableSSL": "yes"
}
]
}
Retrieve One LDAP Provider:
{
"aaaLdapProvider": [
{
"urllink": "https://10.89.147.211/api/sys/ldap/provider/danp-lnx",
"dn": "sys/ldap/provider/danp-lnx",
"vendor": "OpenLdap",
"name": "danp-lnx",
"descr": "",
"retries": "1",
"attribute": "",
"basedn": "",
"rootdn": "",
"order": "1",
"filter": "",
"keySet": "no",
"timeout": "30",
"key": "",
"port": "389",
"enableSSL": "no"
}
]
}
Create an LDAP Provider:
{
"aaaLdapProvider": [
{
"dn": "sys/ldap/provider/danp-lnx2",
"vendor": "OpenLdap",
"name": "danp-lnx2",
"descr": "ldap-provider 1",
"retries": "1",
"attribute": "",
"basedn": "",
"rootdn": "",
"order": "4",
"filter": "",
"timeout": "30",
"key": "secret",
"port": "389",
"enableSSL": "no"
}
]
}
The LDAP Configuration Object can be used to:
- Create an LDAP Provider
- Retrieve an LDAP Provider
- Retrieve all LDAP Providers
- Delete an LDAP Provider
Endpoints
Retrieve the LDAP Configuration
https://10.89.147.211/api/sys/ldap
Retrieve All LDAP Providers
https://10.89.147.211/api/sys/ldap/provider
Retrieve One LDAP Provider
https://10.89.147.211/api/sys/ldap/provider/danp-lnx
Delete an LDAP Provider
DELETE /api/ldap/provider/danp-lnx2
Radius Configuration Object
Retrieve Radius Configuration:
{
"aaaRadiusEp": [
{
"urllink": "https://10.89.147.211/api/sys/radius",
"dn": "sys/radius",
"name": "",
"descr": "",
"retries": "1",
"timeout": "5"
}
]
}
Retrieve One Radius Provider:
{
"aaaRadiusProvider": [
{
"urllink": "https://10.89.147.211/api/sys/radius/provider/s2",
"dn": "sys/radius/provider/s2",
"name": "s2",
"descr": "",
"retries": "1",
"authPort": "1812",
"order": "2",
"key": "",
"keySet": "no",
"timeout": "5",
"service": "authorization"
}
]
}
Create a Radius Provider:
{
"aaaRadiusProvider": [
{
"dn": "sys/radius/provider/rad1",
"name": "rad1",
"descr": "radius provider",
"retries": "4",
"authPort": "1812",
"order": "4",
"key": "rad-key",
"timeout": "5"
}
]
}
The Radius Configuration Object can be used to:
- Create a Radius Provider
- Retrieve a Radius Configuration
- Retrieve all Radius Providers
- Delete a Radius Provider
Endpoints
Retrieve the Radius Configuration
https://10.89.147.211/api/sys/radius
Retrieve All LDAP Providers
https://10.89.147.211/api/sys/radius/provider
Retrieve One Radius Provider
https://10.89.147.211/api/sys/radius/provider/s2
Delete a Radius Provider
DELETE /api/radius/provider/rad1
TACACS Configuration Object
Retrieve TACACS Configuration:
{
"aaaTacacsPlusEp": [
{
"urllink": "https://10.89.147.211/api/sys/tacacs",
"dn": "sys/tacacs",
"name": "",
"descr": "",
"retries": "1",
"timeout": "5"
}
]
}
Retrieve One TACACS Provider:
{
"aaaTacacsPlusProvider": [
{
"urllink": "https://10.89.147.211/api/sys/tacacs/provider/tac1",
"dn": "sys/tacacs/provider/tac1",
"name": "tac1",
"descr": "",
"retries": "1",
"order": "1",
"key": "",
"keySet": "no",
"timeout": "5",
"port": "49"
}
]
}
Retrieve All TACACS Providers:
{
"aaaTacacsPlusProvider": [
{
"urllink": "https://10.89.147.211/api/sys/tacacs/provider/tac1",
"dn": "sys/tacacs/provider/tac1",
"name": "tac1",
"descr": "",
"retries": "1",
"order": "1",
"key": "",
"keySet": "no",
"timeout": "5",
"port": "49"
}
]
}
Create a TACACS Provider:
{
"aaaTacacsPlusProvider": [
{
"dn": "sys/tacacs/provider/tac-server",
"name": "tac-server",
"descr": "Tacacs SErver",
"retries": "2",
"order": "4",
"key": "secret",
"timeout": "4",
"port": "49"
}
]
}
The TACACS Configuration Object can be used to:
- Create a TACACS Provider
- Retrieve the TACACS Configuration
- Retrieve all TACACS Providers
- Delete a TACACS Provider
Endpoints
Retrieve the TACACS Configuration
https://10.89.147.211/api/sys/tacacs
Retrieve All TACACS Providers
https://10.89.147.211/api/sys/tacacs/provider
Retrieve One TACACS Provider
https://10.89.147.211/api/sys/tacacs/provider/tac1
Delete a TACACS Provider
DELETE /api/tacacs/provider/tac-server
User Roles Configuration Object
Get One User Role:
{
"aaaRole": [
{
"urllink": "https://10.89.147.211/api/sys/user/role/admin",
"dn": "sys/user/role/admin",
"name": "admin",
"descr": "",
"configState": "ok",
"configStatusMessage": "",
"priv": "admin"
}
]
}
The User Roles Configuration Object can be used to:
- Retrieve one User Role
- Retrieve all User Roles
Endpoints
Retrieve One User Role
https://10.89.147.211/api/sys/user/role/admin
Retrieve All User Roles
https://10.89.147.211/cgi-bin/api/sys/user/role
Local Users
Get One Local User Configuration:
{
"aaaUserEp": [
{
"urllink": "https://10.89.147.211/api/sys/user",
"dn": "sys/user",
"name": "",
"descr": "",
"pwdStrengthCheck": "no"
}
]
}
Get All Local User Configurations:
{
"aaaUser": [
{
"urllink": "https://10.89.147.211/api/sys/user/local",
"dn": "sys/user/local",
"clearPwdHistory": "no",
"firstName": "",
"descr": "",
"expiration": "never",
"lastName": "",
"configState": "ok",
"expires": "no",
"configStatusMessage": "",
"email": "",
"phone": "",
"pwd": "",
"pwdLifeTime": "no-password-expire",
"accountStatus": "active",
"priv": "admin,read-only",
"pwdSet": "yes",
"name": "admin"
},
{
"urllink": "https://10.89.147.211/api/sys/user/user-danp2",
"dn": "sys/user/user-danp2",
"clearPwdHistory": "no",
"firstName": "",
"descr": "",
"expiration": "never",
"lastName": "",
"configState": "ok",
"expires": "no",
"configStatusMessage": "",
"email": "",
"phone": "",
"pwd": "",
"pwdLifeTime": "no-password-expire",
"accountStatus": "active",
"priv": "read-only",
"pwdSet": "no",
"name": "danp2"
},
{
"urllink": "https://10.89.147.211/api/sys/user/user-danp",
"dn": "sys/user/user-danp",
"clearPwdHistory": "no",
"firstName": "",
"descr": "",
"expiration": "never",
"lastName": "",
"configState": "ok",
"expires": "no",
"configStatusMessage": "",
"email": "",
"phone": "",
"pwd": "",
"pwdLifeTime": "no-password-expire",
"accountStatus": "active",
"priv": "read-only",
"pwdSet": "no",
"name": "danp"
}
]
}
Create a Local User:
{
"aaaUser": [
{
"dn": "sys/user/local/Firepower Chassis",
"clearPwdHistory": "no",
"firstName": "FirstName",
"descr": "This is a test user",
"expiration": "never",
"lastName": "LastName",
"expires": "no",
"email": "Firepower Chassis@cisco.com",
"phone": "4085555555",
"pwd": "secret",
"pwdLifeTime": "no-password-expire",
"accountStatus": "active",
"name": "Firepower Chassis"
}
]
}
The Local Users Object can be used to:
- Retrieve one Local User Configuration
- Retrieve all Local User Configurations
- Create a Local User
Endpoints
Retrieve One Local User Configuration
https://10.89.147.211/api/sys/user
Retrieve All Local User Configurations
https://10.89.147.211/api/sys/user/local
Configuration Management
Export/Backup Configuration Object
Create an Export Configuration:
POST https://10.89.147.211/api/sys/backup/file1.cisco.com
{
"mgmtBackup": [
{
"descr": "",
"proto": "scp",
"hostname": "file1.cisco.com",
"adminState": "enabled",
"type": "config-all",
"dn": "sys/backup/file1.cisco.com",
"remoteFile": "/tmp/backup",
"job": "immediate",
"user": "danp",
"name": "",
"pwd": "",
"preservePooledValues": "no"
}
]
}
The Export/Backup Configuration Object can be used to:
- Create an Export Configuration
- Retrieve one Export Configuration
- Retrieve all Export Configurations
- Delete an Export Configuration
Endpoints
Create an Export Configuration
POST https://10.89.147.211/api/sys/backup/file1.cisco.com
Retrieve One Export Configuration
GET https://10.89.147.211/api/sys/backup/danp-lnx.cisco.com
Retrieve All Export Configurations
GET https://10.89.147.211/api/sys/backup
Delete the LDAP Configuration
DELETE https://10.89.147.211/api/sys/backup/file1.cisco.com
Import Configuration Object
Create an Import Configuration:
{
"mgmtImporter": [
{
"descr": "",
"proto": "scp",
"hostname": "file1.cisco.com",
"adminState": "enabled",
"dn": "sys/import-config/file1.cisco.com",
"remoteFile": "/tmp/tftp",
"pwd": "",
"user": "",
"action": "merge"
}
]
}
Delete an Import Configuration:
{
"callhomeEp": [
{
"dn": "sys/call-home",
"name": "",
"descr": "",
"adminState": "off",
"alertThrottlingAdminState": "on"
}
]
}
The Import Configuration Object can be used to:
- Create an Import Configuration
- Retrieve one Import Configuration
- Retrieve all Import Configurations
- Delete an Import Configuration
Endpoints
Create an Export Configuration
POST https://10.89.147.211/api/sys/import-config/file1.cisco.com
Retrieve One Export Configuration
GET https://10.89.147.211/api/sys/import-config/danp-lnx.cisco.com
Retrieve All Export Configurations
GET https://10.89.147.211/api/sys/import-config
Delete the LDAP Configuration
DELETE https://10.89.147.211/api/sys/import-config/file1.cisco.com
Call Home Configuration Object
Retrieve the Call Home Configuration:
{
"callhomeEp": [
{
"urllink": "https://10.89.147.211/api/sys/call-home",
"dn": "sys/call-home",
"name": "",
"descr": "",
"callhomeProfile": [
{
"name": "CiscoTAC-1",
"descr": "Built-in XML Cisco-TAC profile",
"format": "xml",
"alertGroups": "ciscoTac",
"level": "normal",
"maxSize": "5000000",
"rn": "profile-CiscoTAC-1"
},
{
"name": "short_txt",
"descr": "Built-in text profile",
"format": "shortTxt",
"alertGroups": "all,ciscoTac,diagnostic,environmental,inventory,license,lifeCycle,linecard,supervisor,syslogPort,system,test",
"level": "warning",
"maxSize": "5000000",
"rn": "profile-short_txt"
},
{
"name": "full_txt",
"descr": "Built-in full text profile",
"format": "fullTxt",
"alertGroups": "all,ciscoTac,diagnostic,environmental,inventory,license,lifeCycle,linecard,supervisor,syslogPort,system,test",
"level": "warning",
"maxSize": "5000000",
"rn": "profile-full_txt"
}
],
"callhomeSource": [
{
"customer": "",
"from": "",
"addr": "",
"replyTo": "",
"site": "",
"contract": "",
"phone": "",
"contact": "",
"rn": "source",
"email": "",
"urgency": "debug"
}
],
"callhomeTestAlert": [
{
"group": "unknown",
"description": "",
"level": "unknown",
"sendNow": "no",
"messageType": "unknown",
"messageSubtype": "unknown",
"rn": "testalert"
}
],
"configState": "ok",
"callhomePeriodicSystemInventory": [
{
"minimumSendNowIntervalSeconds": "5",
"nextDeadline": "never",
"maximumRetryCount": "1",
"timeOfDayMinute": "0",
"retryDelayMinutes": "10",
"pollIntervalSeconds": "300",
"sendNow": "no",
"lastDeadline": "1970-01-01T00:00:00.000",
"adminState": "off",
"timeOfLastAttempt": "1970-01-01T00:00:00.000",
"retryCount": "0",
"timeOfDayHour": "0",
"timeOfLastSuccess": "never",
"rn": "periodicsysteminventory",
"intervalDays": "7"
}
],
"adminState": "off",
"callhomeSmtp": [
{
"host": "",
"rn": "smtp",
"port": "25"
}
],
"intId": "none",
"alertThrottlingAdminState": "on",
"callhomeEpFsm": [
{
"descr": "",
"instanceId": "286",
"currentFsm": "configCallhome",
"rmtRslt": "",
"rmtErrCode": "none",
"completionTime": "2014-09-04T20:44:58.388",
"callhomeEpFsmStage": [
{
"retry": "2",
"name": "configCallhomeSetLocal",
"descr": "call-home configuration on primary(FSM-STAGE:sam:dme:CallhomeEpConfigCallhome:SetLocal)",
"stageStatus": "success",
"lastUpdateTime": "2014-09-04T20:44:58.387",
"rn": "stage-configCallhomeSetLocal",
"order": "1"
},
{
"retry": "0",
"name": "configCallhomeSetPeer",
"descr": "call-home configuration on secondary(FSM-STAGE:sam:dme:CallhomeEpConfigCallhome:SetPeer)",
"stageStatus": "skip",
"lastUpdateTime": "2014-09-04T20:44:58.388",
"rn": "stage-configCallhomeSetPeer",
"order": "2"
}
],
"progress": "100",
"rmtErrDescr": "",
"rn": "fsm"
}
]
}
]
}
The Call Home Configuration Object can be used to:
- Create/Update the Call Home Configuration
- Retrieve the Call Home Configuration source
- Retrieve the Call Home Configuration profile
- Test a Call Home Configuration alert
Endpoints
Create/Update the Call Home Configuration
POST https://10.89.147.211/api/sys/call-home
Retrieve the Call Home Configuration source
GET https://10.89.147.211/api/sys/call-home/source
Retrieve the Call Home Configuration profile
GET https://10.89.147.211/api/sys/call-home/profile
Test a Call Home Configuration alert
https://10.89.147.211/api/sys/call-home/testalert
Time Configuration Object
Retrieve the System Clock:
GET https://172.29.191.45:9003/api/sys/service/system-clock
{
"currentTime": "2015-02-26T09:38:55.969"
}
The Call Home Configuration Object can be used to:
- Retrieve the System Clock
Endpoints
Retrieve the System Clock
GET https://172.29.191.45:9003/api/sys/service/system-clock
Smart License Object
Retrieve the HTTP Configuration:
GET https://172.29.191.45:9003/api/sys/callhome/httpproxy
{
"callhomeHttpProxy": [
{
"dn": "sys/call-home/httpproxy",
"proxyServerEnable": "on",
"proxyServerPort": "8080",
"proxyServerUrl": "",
"urllink": "https://172.29.191.45:9003/api/sys/callhome/httpproxy"
}
]
}
Retrieve the Call Home Configuration:
GET https://172.29.191.45:9003/api/sys/callhome/dest/SLDest
{
"callhomeDest": [
{
"dn": "sys/call-home/profile/SLProfile/dest/SLDest",
"address": "https://tset.com/its/service/oddce/services/DDCEService",
"name": "SLDest",
"protocol": "https",
"urllink": "https://172.29.191.45:9003/api/sys/call-home/profile/SLProfile/dest/SLDest"
}
]
}
Register the License Configuration:
POST https://172.29.191.45:9013/api/sys/license/license-config/register
{
"licenseSmartConfig": [
{
"debug": "all",
"dn": "sys/callhome/license-config/register",
"operation": "register",
"tokenid": "1423853783/33bd2771-79ec-4ef4-b0c8-3e39efadb6f5",
"urllink": "https://172.29.191.45:9003/api/sys/callhome/license-config/register"
}
]
}
Unregister the License Configuration:
POST https://172.29.191.45:9003/api/sys/license/license-config/unregister
{
"licenseSmartConfig": [
{
"debug": "all",
"dn": "sys/callhome/license-config/unregister",
"operation": "unregister",
"tokenid": "",
"urllink": "https://172.29.191.45:9003/api/sys/callhome/license-config/unregister"
}
]
}
Retrieve the Registration Status:
GET https://172.29.191.45:9043/api/sys/license/register/status
{
"Status": "UNREGISTERED"
}
The Smart License Configuration Object can be used to:
- Retrieve the HTTP Configuration
- Retrieve the Call Home Configuration
- Register the License Configuration
- Unregister the License Configuration
- Retrieve the Registration Status
Endpoints
Retrieve the HTTP Configuration
GET https://172.29.191.45:9003/api/sys/callhome/httpproxy
Retrieve the Call Home Configuration
GET https://172.29.191.45:9003/api/sys/callhome/dest/SLDest
Register the License Configuration
POST https://172.29.191.45:9013/api/sys/license/license-config/register
Unregister the License Configuration
POST https://172.29.191.45:9003/api/sys/license/license-config/unregister
Retrieve the Registration Status
GET https://172.29.191.45:9043/api/sys/license/register/status
Service Objects JSON Schema
This section describes the schema for the Service Configuration Objects.
Model Types
The data types described on the right are used in the Service Objects. Each has the following fields:
-
default
: The default type value. -
values
: The enumerated list of supported values. -
name
: The type name.
{ "default": "not-installed", "values": [ "not-installed", "offline", "starting", "online", "not-responding" ], "name": "sd:AppInstState" }, { "default": "disabled", "values": [ "enabled", "disabled" ], "name": "sd:AppInstAdminState" }, { "default": "unknown", "values": [ "unknown", "install", "uninstall", "upgrade", "start", "stop" ], "name": "sd:JobType" }, { "default": "unknown", "values": [ "unknown", "queued", "failed", "succeeded" ], "name": "sd:JobState" }, { "default": "unknown", "values": [ "unknown", "ok", "incomplete-configuration" ], "name": "sd:LdOperState" }, { "default": "unknown", "values": [ "unknown", "active", "suspended" ], "name": "sd:LduOperState" }, { "default": "unknown", "values": [ "unknown", "joined", "left" ], "name": "sd:ClusterStatus" }, { "default": "unknown", "values": [ "unknown", "up", "down" ], "name": "sd:LinkOperState" }, { "default": "", "values": [ "bundled", "unbundled" ], "name": "sd:BundleType" }, { "default": "", "values": [ "success", "failure", "partial" ], "name": "sd:BundleStatus" }, { "default": "unknown", "values": [ "unknown", "native", "lxc", "vm" ], "name": "sm:DeployType" }, { "default": "unknown", "values": [ "unknown", "application", "os-patch" ], "name": "sm:CspType" }, { "default": "ASA", "values": [ "ASA" ], "name": "sm:TemplateName" }, { "default": "spanned-etherchannel", "values": [ "spanned-etherchannel" ], "name": "sm:ClusterMode" }, { "default": "info", "values": [ "debug", "info", "warning", "error", "critical" ], "name": "sm:LogLevel" }, { "default": "standalone", "values": [ "clustered", "standalone" ], "name": "sm:LogicalDeviceMode" }, { "default": "default", "values": [ "default", "firepower" ], "name": "sm:MgmtSubType" }, { "default": "enable", "values": [ "disable", "enable" ], "name": "sm:HeartbeatState" }, { "default": "unknown", "values": [ "unknown", "none", "partial", "full" ], "name": "sm:AppAggregatorType" }, { "default": "not-available", "values": [ "not-available", "offline", "starting", "online", "not-responding", "restarting", "formatting", "fault" ], "name": "sm:SlotOperState" }, { "default": "not-applicable", "values": [ "not-applicable", "incluster", "notincluster" ], "name": "sm:AppClusterOperState" }
LDTemplate
Description
The LDTemplate represents supported deployment templates, including ASA.
Endpoints
/api?classId=smLDTemplate
retrieves all the ld-templates
/api/ld-template/{template-name}-{version}
Select the template required
from the available templates.
Supported HTTP Methods
GET
Retrieve the LDTemplate:
GET /api/ld-template
{
"children": [
"TemplateApp"
],
"type": "ld-template",
"title": "ld-template Object Schema",
"properties": {
"version": {
"access": "read-only",
"type": "str",
"description": "The version of the Logical Device Template"
},
"name": {
"access": "read-only",
"type": "sm:TemplateName",
"description": "The name of the Logical Device Template"
},
"description": {
"access": "read-only",
"type": "str",
"description": "Description of the Logical Device Template"
}
}
}
LDTemplateApp
Description
The LDTemplateApp represents an application contained in a template, such as ASA and DDOS.
Endpoint
/api?classId=smTemplateApp
to retrieve all applications.
/api/ld-template/{template-name}-{version}/template-app/{app-name}
to retrieve the specified application.
Supported HTTP Methods
GET
Retrieve the LDTemplateApp:
GET /api/template-app
{
"type": "template-app",
"title": "template-app Object Schema",
"properties": {
"isLinkDecorator": {
"access": "read-only",
"type": "bool",
"description": "True if this Application can decorate ExternalPort Links"
},
"appName": {
"access": "read-only",
"type": "str",
"description": "Short Name of the Application"
}
}
}
PortRequirement
Description
The PortRequirement retrieves the port information.
Endpoint
/api?classId=smPortRequirement
/api/app/{app-name}/port-requirement/{port-type}
Supported HTTP Methods
GET
Retrieve the PortRequirement:
{
"type": "PortRequirement",
"title": "PortRequirement Object Schema",
"children": [
"PortSubType"
],
"properties": {
"portType": {
"access": "read-only",
"type": "fabric:SSAPortType"
},
"maxPorts": {
"access": "read-only",
"type": "int32"
},
"minPorts": {
"access": "read-only",
"type": "int32"
}
}
}
NetMgmtBootstrapValue
Description
The NetMgmtBootstrapValue retrieves the net management bootstrap value.
Endpoint
/api?classId=smNetMgmtBootstrapValue
/api/app/{app-name}/bootstrap-key/{key}
: For the exact keys to be used, you
can fetch them by making a GET request on the corresponding app object.
Supported HTTP Methods
GET
Retrieve the NetMgmtBootstrapValue:
{
"type": "NetMgmtBootstrapValue",
"title": "NetMgmtBootstrapValue Object Schema",
"children": [
"NetMgmtBootstrapKeyEnumValue"
],
"properties": {
"isEncrypted": {
"access": "read-only",
"type": "bool",
"description": "True if the key data is encrypted"
},
"descryption": {
"access": "read-only",
"type": "str",
"description": "That describes what the key is"
},
"key": {
"access": "read-only",
"type": "naming:Name",
"description": "Key that describes the associated value"
}
}
}
App
Description
The App represents an application object schema.
Endpoint
/api/app/{app-name}
Supported HTTP Methods
GET, PUT, PATCH, DELETE
App Object Schema:
{
"type": "App",
"title": "App Object Schema",
"children": [
"PortRequirement",
"NetMgmtBootstrapValue",
"AppAttributeValue"
],
"properties": {
"minCpuCores": {
"access": "read-only",
"type": "int64",
"description": "Minimum required cpu cores"
},
"upgradeTimeout": {
"access": "read-only",
"type": "int64",
"description": "Maximum allowed application upgrade duration"
},
"buildDate": {
"access": "read-only",
"type": "str",
"description": "Date when the Application CSP was generated"
},
"appType": {
"access": "read-only",
"type": "sm:CspType",
"description": ""
},
"minDataDisk": {
"access": "read-only",
"type": "int64",
"description": "Minimum required disk space for data storage"
},
"mgmtVNICNR": {
"access": "read-only",
"type": "int32",
"description": ""
},
"incompatibleApps": {
"access": "read-only",
"type": "str",
"description": "Apps that cannot co-exist with this App"
},
"requiredBinaryDisk": {
"access": "read-only",
"type": "int32",
"description": ""
},
"dataVNICNR": {
"access": "read-only",
"type": "int32",
"description": ""
},
"longName": {
"access": "read-only",
"type": "str",
"description": "Application Name UTF-8 Encoded"
},
"appAgentSupported": {
"access": "read-only",
"type": "bool",
"description": "True if application agent is available"
},
"recommendedDataDisk": {
"access": "read-only",
"type": "int32",
"description": ""
},
"isSecurityControl": {
"access": "read-only",
"type": "bool",
"description": "True if application is integrated with SSA"
},
"deployType": {
"access": "read-only",
"type": "sm:DeployType",
"description": "Application Deployment Type (native,vm)"
},
"author": {
"access": "read-only",
"type": "str",
"description": "Publisher"
},
"isDefaultApp": {
"access": "read-write",
"type": "bool",
"description": "Default version to be installed when version is not specified"
},
"aggregator": {
"access": "read-only",
"type": "sm:AppAggregatorType",
"description": ""
},
"adminState": {
"access": "read-write",
"type": "AppAdminState",
"description": ""
},
"version": {
"access": "read-only",
"type": "naming:Name",
"description": "Application Version"
},
"installTimeout": {
"access": "read-only",
"type": "int64",
"description": "Maximum allowed application installation duration"
},
"minRam": {
"access": "read-only",
"type": "int64",
"description": "Minimum required memory"
},
"fullInstall": {
"access": "read-only",
"type": "bool",
"description": "True if application can be installed from scratch"
},
"netMgmtBootstrapType": {
"access": "read-only",
"type": "sm:NetMgmtBootstrapType",
"description": ""
},
"description": {
"access": "read-only",
"type": "str",
"description": "Application Description"
},
"canDowngrade": {
"access": "read-only",
"type": "bool",
"description": "True if application allows to be downgraded"
},
"appId": {
"access": "read-only",
"type": "str",
"description": ""
},
"isAggregateVnic": {
"access": "read-only",
"type": "bool",
"description": "True if application can user one interface for multiple ports"
},
"isDecorator": {
"access": "read-only",
"type": "bool",
"description": ""
},
"name": {
"access": "read-only",
"type": "naming:Name",
"description": "Short Name of the application. Eg: ASA, NG-FW, etc."
},
"canUpgrade": {
"access": "read-only",
"type": "bool",
"description": "True if application can upgrade previous versions"
},
"uninstallTimeout": {
"access": "read-only",
"type": "int64",
"description": "Maximum allowed application uninstallation duration"
},
"recommendedCpuCores": {
"access": "read-only",
"type": "int32",
"description": ""
},
"recommendedRam": {
"access": "read-only",
"type": "int32",
"description": ""
},
"minOS": {
"access": "read-only",
"type": "str",
"description": "Minimum required SSA Firmware"
}
}
}
AppAttribute
Description
The AppAttribute object represents generic application discovery attributes.
Endpoint
/api/slot/{slot-id}/app-inst/{app-name}-{app-version}/app-attribute/{key}
Supported HTTP Methods
GET
AppAttribute Object Schema:
{
"type": "AppAttribute",
"properties": {
"key": {
"access": "read-only",
"type": "str"
},
"value": {
"access": "read-only",
"type": "str"
},
"peerDn": {
"access": "read-only",
"type": "object"
}
},
"title": "AppAttribute Object Schema"
}
AppAttributeValue
Description
The AppAttributeValue retrieves the name and description of the attribute value.
Endpoint
/api?classId=smAppAttributeValue
/api/app/{app-name}/attribute-key/{key}
Supported HTTP Method
GET
Retrieve the AppAttributeValue:
{
"type": "AppAttributeValue",
"title": "AppAttributeValue Object Schema",
"properties": {
"description": {
"access": "read-only",
"type": "str",
"description": "Its description"
},
"key": {
"access": "read-only",
"type": "naming:Name",
"description": "Name of the attribute value"
}
}
}
Slot
Description
The Slot object represents an slot in the Firepower Chassis.
Endpoint
/api/slot/{slot-id}
Supported HTTP Methods
GET, PUT, PATCH
Slot Object Schema:
{
"type": "Slot",
"title": "Slot Object Schema",
"children": [
"AppInstance",
"Heartbeat",
"HeartbeatConfig",
"Monitor"
],
"properties": {
"adminState": {
"access": "read-write",
"type": "SlotAdminState",
"description": ""
},
"diskState": {
"access": "read-only",
"type": "DiskState",
"description": ""
},
"serviceProfileDn": {
"access": "read-only",
"type": "object",
"description": ""
},
"logLevel": {
"access": "read-write",
"type": "sm:LogLevel",
"description": "log level for the blade on this slot"
},
"slotToken": {
"access": "read-only",
"type": "str",
"description": ""
},
"slotId": {
"access": "read-only",
"type": "int32",
"description": "Id of the slot: 1,2 or 3"
},
"clearLogData": {
"access": "read-write",
"type": "sm:ActionStages",
"description": "Clears platform log data"
}
}
}
Monitor
Description
The Monitor object contains operational data for the blade on that slot.
Endpoint
/api/slot/{slot-id}/monitor
Supported HTTP Methods
GET
Monitor Object Schema:
{
"type": "Monitor",
"title": "Monitor Object Schema",
"children": [
"DiskFileSystem"
],
"properties": {
"cpuTotalLoadAvg5min": {
"access": "read-only",
"type": "scalar:Float",
"description": "All CPUs Load Average for the last 5 minute"
},
"cpuTotalLoadAvg1min": {
"access": "read-only",
"type": "scalar:Float",
"description": "All CPUs Load Average for the last one minute"
},
"memTotalKb": {
"access": "read-only",
"type": "int32",
"description": "Total memory present on the blade in this slot (in KB)"
},
"cpuTotalLoadAvg15min": {
"access": "read-only",
"type": "scalar:Float",
"description": "All CPUs Load Average for the last 15 minute"
},
"diskFileSystemCount": {
"access": "read-only",
"type": "int32",
"description": "Number of file systems available on the blade"
},
"memUsedKb": {
"access": "read-only",
"type": "int32",
"description": "Used memory on the blade in this slot (in KB)"
},
"memFreeKb": {
"access": "read-only",
"type": "int32",
"description": "Free memory on the blade in this slot (in KB)"
},
"bladeUptime": {
"access": "read-only",
"type": "str",
"description": "Blade Uptime"
},
"updateTimestamp": {
"access": "read-only",
"type": "scalar:Date",
"description": "Last time this object was updated"
},
"osVersion": {
"access": "read-only",
"type": "str",
"description": "SSA-OS version running on this slot"
},
"memAppTotalKb": {
"access": "read-only",
"type": "int32",
"description": "Total memory for applications present on the blade in this slot (in KB)"
}
}
}
DiskFileSystem
Description
The DiskFileSystem object contains operational data for a file system or partition on the corresponding Slot.
Endpoint
/api/slot/{slot-id}/monitor/disk-file/{disk-nr}
Supported HTTP Methods
GET
DiskFileSystem Object Schema:
{
"type": "DiskFileSystem",
"title": "DiskFileSystem Object Schema",
"properties": {
"diskName": {
"access": "read-only",
"type": "naming:Name",
"description": "Disk Name of the file system"
},
"totalKb": {
"access": "read-only",
"type": "int32",
"description": "Total space of this partition in kilobytes"
},
"fileSystem": {
"access": "read-only",
"type": "str",
"description": "Description of the file system"
},
"mountPoint": {
"access": "read-only",
"type": "str",
"description": "Blade mount point for this partition"
},
"freeKb": {
"access": "read-only",
"type": "int32",
"description": "The Free Space of this partition in kilobytes"
},
"usedKb": {
"access": "read-only",
"type": "int32",
"description": "The used space on this partition in kilobytes"
}
}
}
Heartbeat
Description
The Heartbeat object contains operational data for the blade on the corresponding Slot.
Endpoint
/api/slot/{slot-id}/heartbeat
Supported HTTP Methods
GET
Heartbeat Object Schema:
{
"type": "Heartbeat",
"title": "Heartbeat Object Schema",
"properties": {
"lastHeartbeatTime": {
"access": "read-only",
"type": "int64",
"description": "Absolute Time when last monitoring Heartbeat was received"
},
"interval": {
"access": "read-only",
"type": "int32",
"description": "The Next Time HeartBeat is expected"
},
"maxMissedCount": {
"access": "read-only",
"type": "int32",
"description": ""
},
"lastReceived": {
"access": "read-only",
"type": "scalar:Date",
"description": ""
}
}
}
HeartbeatConfig
Description
The HeartbeatConfig object is optionally used for configuring a user-defined heartbeat.
Endpoint
/api/slot/{slot-id}/heartbeatConfig
Supported HTTP Methods
GET, POST, PUT, PATCH, DELETE
HeartbeatConfig Object Schema:
{
"type": "Heartbeat",
"title": "Heartbeat Object Schema",
"properties": {
"lastHeartbeatTime": {
"access": "read-only",
"type": "int64",
"description": "Absolute Time when last monitoring Heartbeat was received"
},
"interval": {
"access": "read-only",
"type": "int32",
"description": "The Next Time HeartBeat is expected"
},
"maxMissedCount": {
"access": "read-only",
"type": "int32",
"description": ""
},
"lastReceived": {
"access": "read-only",
"type": "scalar:Date",
"description": ""
}
}
}
AppInstance
Description
The AppInstance object represents an application instance running on the specified Slot.
Endpoint
/api/slot/{slot-id}/app-inst/{app-name}-{app-version}
Supported HTTP Methods
GET, POST, PUT, PATCH, DELETE
AppInstance Object Schema:
{
"type": "AppInstance",
"title": "AppInstance Object Schema",
"children": [
"Heartbeat",
"HeartbeatConfig",
"Resource",
"AppAttribute",
"Resource"
],
"properties": {
"clusterOperationalState": {
"access": "read-only",
"type": "sm:AppClusterOperState",
"description": "Cluster state of the running application"
},
"currentJobState": {
"access": "read-only",
"type": "sd:JobState",
"description": ""
},
"runningVersion": {
"access": "read-only",
"type": "str",
"description": "The current running version of this Application"
},
"appName": {
"access": "read-write",
"type": "naming:Name",
"description": ""
},
"errorMsg": {
"access": "read-only",
"type": "str",
"description": "Error message for operation failures"
},
"currentJobType": {
"access": "read-only",
"type": "sd:JobType",
"description": ""
},
"currentJobProgress": {
"access": "read-only",
"type": "int32",
"description": ""
},
"adminState": {
"access": "read-write",
"type": "sd:AppInstAdminState",
"description": "Application administrative state"
},
"executeCmd": {
"access": "read-write",
"type": "sm:AppCommand",
"description": "User triggered commands on application instance"
},
"startupVersion": {
"access": "read-write",
"type": "str",
"description": "Specify the configured application version"
},
"clearLogData": {
"access": "read-write",
"type": "sm:ActionStages",
"description": "Clears application log data"
},
"appInstId": {
"access": "read-only",
"type": "str",
"description": ""
}
}
}
Resource
Description
The Resource object represents blade resources allocated to this application.
Endpoint
/api/slot/{slot-id}/app-inst/{app-name}-{app-version}/resource
Supported HTTP Methods
GET
Resource Object Schema:
{
"type": "Resource",
"properties": {
"allocatedCoreNR": {
"access": "read-only",
"type": "int32"
},
"allocatedDataDisk": {
"access": "read-only",
"type": "int32"
},
"allocatedBinaryDisk": {
"access": "read-only",
"type": "int32"
},
"allocatedRAM": {
"access": "read-only",
"type": "int32"
}
},
"title": "Resource Object Schema"
}
LogicalDevice
Description
The LogicalDevice object represents a service chain. Policies are applied to this object in the Unified Manager.
Endpoint
/api/ld/{name}
Supported HTTP Methods
GET, POST, PUT, PATCH, DELETE
LogicalDevice Object Schema:
{
"type": "LogicalDevice",
"title": "LogicalDevice Object Schema",
"children": [
"MgmtBootstrap",
"ClusterBootstrap",
"MgmtBootstrap"
],
"properties": {
"name": {
"access": "read-write",
"type": "naming:Name",
"description": "Name of the logical-device"
},
"templateName": {
"access": "read-write",
"type": "str",
"description": "Template Name to use"
},
"errorMsg": {
"access": "read-only",
"type": "str",
"description": "Error description if logical device configuration is incomplete"
},
"ldMode": {
"access": "read-write",
"type": "sm:LogicalDeviceMode",
"description": "Deployment mode: standalone or clustered"
},
"slotId": {
"access": "read-write",
"type": "str",
"description": "Specify the slot(s) to be used for the logical device"
},
"switchConfigStatus": {
"access": "read-only",
"type": "nh:ConfMode",
"description": "Switch configuration status for LogicalDevice"
},
"description": {
"access": "read-write",
"type": "str",
"description": ""
}
}
}
ClusterBootstrap
Description
The ClusterBootstrap object represents ASA Clustering attributes.
Endpoint
/api/ld/{ld-name}/cluster-bootstrap/{name}
Supported HTTP Methods
GET, POST, PUT, PATCH, DELETE
ClusterBootstrap Object Schema:
{
"type": "cluster-bootstrap",
"properties": {
"poolStartv6": {
"access": "read-write",
"type": "ipv6"
},
"netmaskv4": {
"access": "read-write",
"type": "str"
},
"poolStartv4": {
"access": "read-write",
"type": "ipv4"
},
"lastUpdatedTimestamp": {
"access": "read-only",
"type": "scalar:Date"
},
"peerDn": {
"access": "read-only",
"type": "object"
},
"serviceTypeName": {
"access": "read-write",
"type": "str"
},
"virtualIPv6": {
"access": "read-write",
"type": "ipv6"
},
"chassisId": {
"access": "read-write",
"type": "str"
},
"virtualIPv4": {
"access": "read-write",
"type": "ipv4"
},
"mode": {
"access": "read-write",
"type": "sm:ClusterMode"
},
"key": {
"access": "read-write",
"type": "str"
},
"gatewayv6": {
"access": "read-write",
"type": "str"
},
"poolEndv6": {
"access": "read-write",
"type": "ipv6"
},
"poolEndv4": {
"access": "read-write",
"type": "ipv4"
},
"prefixLength": {
"access": "read-write",
"type": "str"
},
"gatewayv4": {
"access": "read-write",
"type": "str"
}
},
"title": "ClusterBootstrap Object Schema"
}
MgmtBootstrap
Description
The MgmtBootstrap object represents the management bootstrap for non-cluster applications.
Endpoint
/api/ld/{ld-name}/mgmt-bootstrap/{name}
Supported HTTP Methods
GET, POST, PUT, PATCH, DELETE
MgmtBootstrap Object Schema:
{
"children": [
"IP",
"IPV6",
"Key",
"EncryptedKey"
],
"type": "MgmtBootstrap",
"properties": {
"peerDn": {
"access": "read-only",
"type": "object"
},
"appName": {
"access": "read-write",
"type": "str",
"description": "Name of the Application to be bootstrapped"
}
},
"title": "MgmtBootstrap Object Schema"
}
IP
Description
The IP object represents the management IPv4 address and related properties.
Endpoint
/api/ld/{ld-name}/mgmt-bootstrap/{name}/ip/{name}
Supported HTTP Methods
GET, POST, PUT, DELETE
IP Object Schema:
{
"children": [
"IP",
"IPV6",
"Key",
"EncryptedKey"
],
"type": "MgmtBootstrap",
"properties": {
"peerDn": {
"access": "read-only",
"type": "object"
},
"appName": {
"access": "read-write",
"type": "str",
"description": "Name of the Application to be bootstrapped"
}
},
"title": "MgmtBootstrap Object Schema"
}
IPV6
Description
The IPV6 object represents the management IPv6 address and related properties.
Endpoint
/api/ld/{ld-name}/mgmt-bootstrap/{name}/ipv6/{name}
Supported HTTP Methods
GET, POST, PUT, DELETE
IPV6 Object Schema:
{
"type": "IPV6",
"properties": {
"mgmtSubType": {
"access": "read-write",
"type": "sm:MgmtSubType"
},
"ip": {
"access": "read-write",
"type": "ipv6",
"description": "IPv6 Management Address"
},
"lastUpdatedTimestamp": {
"access": "read-only",
"type": "scalar:Date"
},
"slotId": {
"access": "read-write",
"type": "int32",
"description": "SlotID for the bootstrapped object"
},
"peerDn": {
"access": "read-only",
"type": "object"
},
"prefixLength": {
"access": "read-write",
"type": "str",
"description": "IPv6 Management prefix length"
},
"gateway": {
"access": "read-write",
"type": "str",
"description": "IPv6 default gateway"
}
},
"title": "IPV6 Object Schema"
}
Key
Description
The EncryptedKey object represents the generic app bootstrap and contains key/value/value-encrypted pairs.
Endpoint
/api/ld/{ld-name}/mgmt-bootstrap/key
Supported HTTP Methods
GET, POST, PUT, PATCH, DELETE
Key Object Schema:
{
"type": "Key",
"properties": {
"peerDn": {
"access": "read-only",
"type": "object"
},
"lastUpdatedTimestamp": {
"access": "read-only",
"type": "scalar:Date"
},
"value": {
"access": "read-write",
"type": "str"
},
"key": {
"access": "read-write",
"type": "str"
}
},
"title": "Key Object Schema"
}
EncryptedKey
Description
The EncryptedKey object represents the generic app bootstrap and contains key/value/value-encrypted pairs.
Endpoint
/api/ld/{ld-name}/mgmt-bootstrap/encrypted-key
Supported HTTP Methods
GET, POST, PUT, PATCH, DELETE
EncryptedKey Object Schema:
{
"type": "encrypted-key",
"properties": {
"peerDn": {
"access": "read-only",
"type": "object"
},
"lastUpdatedTimestamp": {
"access": "read-only",
"type": "scalar:Date"
},
"value": {
"access": "read-write",
"type": "string:Password"
},
"key": {
"access": "read-write",
"type": "str"
}
},
"title": "EncryptedKey Object Schema"
}
ExternalPortLink
Description
The ExternalPortLink object represents the external port to application link.
Endpoint
/api/ld/{ld-name}/ext-portlink/{external-port-name}
Supported HTTP Methods
GET, POST, PUT, DELETE
ExternalPortLink Object Schema:
{
"type": "ExternalPortLink",
"title": "ExternalPortLink Object Schema",
"children": [
"Mac",
"Mac"
],
"properties": {
"portDn": {
"access": "read-only",
"type": "object",
"description": ""
},
"description": {
"access": "read-write",
"type": "str",
"description": ""
},
"appName": {
"access": "read-write",
"type": "str",
"description": "Link Destination Application Name"
},
"portName": {
"access": "read-write",
"type": "str",
"description": "Name of the Source Chassis Port"
},
"linkDecorator": {
"access": "read-write",
"type": "str",
"description": "Comma separated list of LinkDecorators"
},
"name": {
"access": "read-write",
"type": "naming:Name",
"description": ""
}
}
}
Platform Objects JSON Schema
AAA JSON Schema
AAA JSON Schema:
"types": [
{
"default": "",
"values": [],
"name": "aaa:Key"
},
{
"default": "",
"values": [],
"name": "aaa:LdapKey"
},
{
"default": "",
"values": [],
"name": "aaa:ProviderName"
},
{
"default": "",
"values": [
"lowest-available"
],
"name": "aaa:Order"
},
{
"default": "local",
"values": [
"local",
"radius",
"tacacs",
"ldap",
"none"
],
"name": "aaa:Realm"
},
{
"default": "no-login",
"values": [
"no-login",
"assign-default-role"
],
"name": "aaa:NoRolePolicy"
},
{
"default": "5",
"values": [],
"name": "aaa:TimeSec"
},
{
"default": "",
"values": [],
"name": "aaa:TimeMin"
},
{
"default": "1",
"values": [],
"name": "aaa:Retries"
},
{
"default": "",
"values": [],
"name": "aaa:Port"
},
{
"default": "64",
"values": [],
"name": "aaa:Priority"
},
{
"default": "",
"values": [
"ipv4",
"ipv6",
"dns"
],
"name": "aaa:Addr"
},
{
"default": "1",
"values": [
"all",
"authorization",
"accounting"
],
"name": "aaa:RadiusService"
},
{
"default": "rsa",
"values": [
"rsa",
"dsa"
],
"name": "aaa:SshAlg"
},
{
"default": "",
"values": [],
"name": "aaa:LdapDn"
},
{
"default": "",
"values": [],
"name": "aaa:LdapFilter"
},
{
"default": "",
"values": [],
"name": "aaa:LdapAttribute"
},
{
"default": "",
"values": [],
"name": "aaa:ProviderGroupName"
},
{
"default": "",
"values": [
"enable",
"disable"
],
"name": "aaa:LdapGroupAuthorization"
},
{
"default": "",
"values": [
"recursive",
"non-recursive"
],
"name": "aaa:LdapGroupTraversal"
},
{
"default": "",
"values": [
"MS-AD",
"OpenLdap"
],
"name": "aaa:LdapVendor"
}
],
"package": "aaa"
The AAA JSON Schema is shown on the right.
AAA EP JSON Schema
AAA EP JSON Schema:
{
"type": "Ep",
"properties": {
"retries": {
"access": "read-write",
"type": "Retries"
},
"timeout": {
"access": "read-write",
"type": "TimeSec"
}
},
"title": "Ep Object Schema"
}
The AAA EP JSON Schema is shown on the right.
LDAP EP JSON Schema
LDAP EP JSON Schema:
{
"children": [
"ProviderGroup",
"LdapProvider",
"LdapGroupRule",
"LdapGroup"
],
"type": "LdapEp",
"properties": {
"filter": {
"access": "read-write",
"type": "LdapFilter"
},
"attribute": {
"access": "read-write",
"type": "LdapAttribute"
},
"basedn": {
"access": "read-write",
"type": "LdapDn"
},
"retries": {
"access": "read-write",
"type": "Retries",
"description": "TBD"
},
"timeout": {
"access": "read-write",
"type": "TimeSec",
"description": "TBD"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
}
},
"title": "LdapEp Object Schema"
}
The LDAP EP JSON Schema is shown on the right.
Radius EP JSON Schema
Radius EP JSON Schema:
{
"children": [
"RadiusProvider",
"ProviderGroup"
],
"type": "RadiusEp",
"properties": {
"retries": {
"access": "read-write",
"type": "Retries",
"description": "TBD"
},
"timeout": {
"access": "read-write",
"type": "TimeSec",
"description": "TBD"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
}
},
"title": "RadiusEp Object Schema"
}
The Radius EP JSON Schema is shown on the right.
Tacacs EP JSON Schema
Tacacs EP JSON Schema:
{
"children": [
"TacacsPlusProvider",
"ProviderGroup"
],
"type": "TacacsPlusEp",
"properties": {
"retries": {
"access": "read-write",
"type": "Retries",
"description": "TBD"
},
"timeout": {
"access": "read-write",
"type": "TimeSec",
"description": "TBD"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
},
"policyLevel": {
"access": "read-only",
"type": "int32",
"description": "TBD"
}
},
"title": "TacacsPlusEp Object Schema"
}
The Tacacs EP JSON Schema is shown on the right.
Provider JSON Schema
Provider JSON Schema:
{
"type": "Provider",
"properties": {
"retries": {
"access": "read-write",
"type": "Retries"
},
"key": {
"access": "read-write",
"type": "Key"
},
"keySet": {
"access": "read-only",
"type": "bool"
},
"timeout": {
"access": "read-write",
"type": "TimeSec"
},
"order": {
"access": "read-write",
"type": "Order"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
},
"policyLevel": {
"access": "read-only",
"type": "int32",
"description": "TBD"
}
},
"title": "Provider Object Schema"
}
The Provider JSON Schema is shown on the right.
LDAP Provider JSON Schema
LDAP Provider JSON Schema:
{
"children": [
"LdapGroupRule"
],
"type": "LdapProvider",
"properties": {
"filter": {
"access": "read-write",
"type": "LdapFilter"
},
"vendor": {
"access": "read-write",
"type": "LdapVendor"
},
"attribute": {
"access": "read-write",
"type": "LdapAttribute"
},
"basedn": {
"access": "read-write",
"type": "LdapDn"
},
"rootdn": {
"access": "read-write",
"type": "LdapDn"
},
"enableSSL": {
"access": "read-write",
"type": "bool"
},
"port": {
"access": "read-write",
"type": "Port"
},
"retries": {
"access": "read-write",
"type": "Retries",
"description": "TBD"
},
"key": {
"access": "read-write",
"type": "Key",
"description": "TBD"
},
"keySet": {
"access": "read-only",
"type": "bool",
"description": "TBD"
},
"timeout": {
"access": "read-write",
"type": "TimeSec",
"description": "TBD"
},
"order": {
"access": "read-write",
"type": "Order",
"description": "TBD"
}
},
"title": "LdapProvider Object Schema"
}
The LDAP Provider JSON Schema is shown on the right.
Radius Provider JSON Schema
Radius Provider JSON Schema:
{
"type": "RadiusProvider",
"properties": {
"authPort": {
"access": "read-write",
"type": "Port"
},
"service": {
"access": "read-only",
"type": "RadiusService"
}
"retries": {
"access": "read-write",
"type": "Retries",
"description": "TBD"
},
"key": {
"access": "read-write",
"type": "Key",
"description": "TBD"
},
"keySet": {
"access": "read-only",
"type": "bool",
"description": "TBD"
},
"timeout": {
"access": "read-write",
"type": "TimeSec",
"description": "TBD"
},
"order": {
"access": "read-write",
"type": "Order",
"description": "TBD"
}
},
"title": "RadiusProvider Object Schema"
}
The Radius Provider JSON Schema is shown on the right.
Tacacs Provider JSON Schema
Tacacs Provider JSON Schema:
{
"type": "TacacsPlusProvider",
"properties": {
"port": {
"access": "read-write",
"type": "Port"
},
"retries": {
"access": "read-write",
"type": "Retries",
"description": "TBD"
},
"key": {
"access": "read-write",
"type": "Key",
"description": "TBD"
},
"keySet": {
"access": "read-only",
"type": "bool",
"description": "TBD"
},
"timeout": {
"access": "read-write",
"type": "TimeSec",
"description": "TBD"
},
"order": {
"access": "read-write",
"type": "Order",
"description": "TBD"
}
},
"title": "TacacsPlusProvider Object Schema"
}
The Tacacs Provider JSON Schema is shown on the right.
UserEP JSON Schema
UserEP JSON Schema:
{
"children": [
"PreLoginBanner",
"ShellLogin",
"WebLogin",
"EpLogin",
"ExtMgmtCutThruTkn",
"RemoteUser",
"User",
"Role",
"Locale",
"PwdProfile"
],
"type": "UserEp",
"properties": {
"pwdStrengthCheck": {
"access": "read-write",
"type": "bool"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
}
},
"title": "UserEp Object Schema"
}
The UserEP JSON Schema is shown on the right.
User JSON Schema
User JSON Schema:
{
"children": [
"UserRole",
"SshAuth",
"UserLocale",
"Session",
"UserData"
],
"type": "User",
"properties": {
"pwdLifeTime": {
"access": "read-write",
"type": "aaa:PwdLifeTime"
},
"clearPwdHistory": {
"access": "read-write",
"type": "aaa:Clear"
},
"firstName": {
"access": "read-write",
"type": "naming:Name"
},
"lastName": {
"access": "read-write",
"type": "naming:Name"
},
"expires": {
"access": "read-write",
"type": "bool"
},
"accountStatus": {
"access": "read-write",
"type": "aaa:AccountStatus"
},
"phone": {
"access": "read-write",
"type": "address:Phone"
},
"expiration": {
"access": "read-write",
"type": "Date"
},
"email": {
"access": "read-write",
"type": "address:Email"
},
"priv": {
"access": "read-only",
"type": "aaa:Access"
}
},
"title": "User Object Schema"
}
The User JSON Schema is shown on the right.
Session JSON Schema
Session JSON Schema:
{
"type": "Session",
"properties": {
"term": {
"access": "read-only",
"type": "aaa:Term"
},
"intDel": {
"access": "read-only",
"type": "bool"
},
"refreshPeriod": {
"access": "read-only",
"type": "int32"
},
"pid": {
"access": "read-only",
"type": "int32"
},
"loginTime": {
"access": "read-only",
"type": "Date"
},
"host": {
"access": "read-only",
"type": "os:Hostname"
},
"switchId": {
"access": "read-only",
"type": "network:SwitchId"
},
"ui": {
"access": "read-only",
"type": "aaa:UserInterface"
},
"user": {
"access": "read-only",
"type": "naming:Name"
},
"sessionTimeout": {
"access": "read-only",
"type": "int32"
},
"id": {
"access": "read-only",
"type": "aaa:SessionId"
}
},
"title": "Session Object Schema"
}
The Session JSON Schema is shown on the right.
PwdProfile JSON Schema
PwdProfile JSON Schema:
{
"type": "PwdProfile",
"properties": {
"historyCount": {
"access": "read-write",
"type": "aaa:HistoryDepth"
},
"changeInterval": {
"access": "read-write",
"type": "aaa:PwdChangeInterval"
},
"noChangeInterval": {
"access": "read-write",
"type": "aaa:PwdChangeInterval"
},
"changeDuringInterval": {
"access": "read-write",
"type": "aaa:PwdPolicy"
},
"expirationWarnTime": {
"access": "read-write",
"type": "aaa:PwdExpWarnTime"
},
"changeCount": {
"access": "read-write",
"type": "aaa:PwdChangeCount"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
}
},
"title": "PwdProfile Object Schema"
}
The PwdProfile JSON Schema is shown on the right.
UserData JSON Schema
UserData JSON Schema:
{
"type": "UserData",
"properties": {
"pwdChangedDate": {
"access": "read-only",
"type": "scalar:Date"
},
"pwdChangeCount": {
"access": "read-only",
"type": "aaa:PwdChangeCount"
},
"pwdHistory": {
"access": "read-only",
"type": "aaa:PwdHistory"
},
"pwdChangeIntervalBegin": {
"access": "read-only",
"type": "scalar:Date"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
}
},
"title": "UserData Object Schema"
}
The UserData JSON Schema is shown on the right.
Configuration Backup and Import JSON Schema
Configuration Backup and Import JSON Schema:
"types": [
{
"default": "unknown",
"values": [
"unknown",
"blade",
"chassis",
"system",
"switch",
"adaptor",
"iocard",
"board-controller"
],
"name": "mgmt:Subject"
},
{
"default": "unspecified",
"values": [
"unspecified",
"in-band",
"out-of-band",
"internal",
"virtual"
],
"name": "mgmt:Access"
},
{
"default": "unspecified",
"values": [
"unspecified",
"valid",
"misconnected"
],
"name": "mgmt:StateQual"
},
{
"default": "nop",
"values": [
"nop",
"download-success",
"config-success"
],
"name": "mgmt:ImportStatus"
},
{
"default": "merge",
"values": [
"merge",
"replace"
],
"name": "mgmt:ImportAction"
},
{
"default": "enable",
"values": [
"enable",
"disable"
],
"name": "mgmt:AdminState"
},
{
"default": "unasserted",
"values": [
"unasserted",
"hw-change-detected",
"fw-change-detected",
"hw-incompatible",
"fw-incompatible",
"unsupported-hw-version ",
"unsupported-fw-version",
"hw-change-success",
"fw-change-success"
],
"name": "mgmt:UpgradeStatus"
},
{
"default": "config-all",
"values": [
"full-state",
"config-all",
"config-system",
"config-logical"
],
"name": "mgmt:BackupType"
},
{
"default": "immediate",
"values": [
"immediate"
],
"name": "mgmt:BackupJob"
},
{
"default": "immediate",
"values": [
"scheduled",
"immediate"
],
"name": "mgmt:BackupSchedule"
},
{
"default": "",
"values": [],
"name": "mgmt:RemoteFile"
},
{
"default": "unknown",
"values": [
"unknown",
"ok",
"openError",
"readError",
"writeError"
],
"name": "mgmt:deviceIoState"
},
{
"default": "",
"values": [],
"name": "mgmt:Passwd"
},
{
"default": "un-initialized",
"values": [
"un-initialized",
"acknowledged",
"unsupported-connectivity"
],
"name": "mgmt:ConnectionState"
},
{
"default": "unspecified",
"values": [
"unspecified",
"shared-lom",
"sideband"
],
"name": "mgmt:Source"
},
{
"default": "unknown",
"values": [
"unknown",
"uninitialized",
"initializing",
"initialized",
"unsupported "
],
"name": "mgmt:StorageSubsystemState"
},
{
"default": "unknown",
"values": [
"unknown",
"enabled",
"disabled",
"unsupported"
],
"name": "mgmt:DimmBlacklistingOperState"
}
],
"package": "mgmt"
}
The Configuration Backup and Import JSON Schema is shown on the right.
Configuration Backup JSON Schema
Configuration Backup JSON Schema:
{
"type": "Backup",
"properties": {
"maxFiles": {
"access": "read-only",
"type": "int32"
},
"remoteFile": {
"access": "read-write",
"type": "RemoteFile"
},
"preservePooledValues": {
"access": "read-write",
"type": "bool"
},
"job": {
"access": "create",
"type": "BackupJob"
},
"pwd": {
"access": "read-write",
"type": "mgmt:Passwd"
},
"user": {
"access": "read-write",
"type": "str"
},
"ownerPolicy": {
"access": "read-only",
"type": "object"
},
"type": {
"access": "read-write",
"type": "BackupType"
},
"postAction": {
"access": "read-write",
"type": "scalar:Enum8",
"description": "TBD"
},
"proto": {
"access": "read-write",
"type": "comm:FileTransferProtocol",
"description": "TBD"
},
"adminState": {
"access": "read-write",
"type": "AdminState",
"description": "TBD"
},
"hostname": {
"access": "read-write",
"type": "Hostname",
"description": "TBD"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
}
},
"title": "Backup Object Schema"
}
The Configuration Backup JSON Schema is shown on the right.
Configuration Import JSON Schema
Configuration Import JSON Schema:
{
"type": "Importer",
"properties": {
"action": {
"access": "read-write",
"type": "ImportAction"
},
"operStatus": {
"access": "read-only",
"type": "ImportStatus"
},
"pwd": {
"access": "read-write",
"type": "mgmt:Passwd"
},
"remoteFile": {
"access": "read-write",
"type": "RemoteFile"
},
"user": {
"access": "read-write",
"type": "str"
},
"postAction": {
"access": "read-write",
"type": "scalar:Enum8",
"description": "TBD"
},
"proto": {
"access": "read-write",
"type": "comm:FileTransferProtocol",
"description": "TBD"
},
"adminState": {
"access": "read-write",
"type": "AdminState",
"description": "TBD"
},
"hostname": {
"access": "read-write",
"type": "Hostname",
"description": "TBD"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
}
},
"title": "Importer Object Schema"
}
The Configuration Import JSON Schema is shown on the right.
Call Home JSON Schema
Call Home JSON Schema:
{
"types": [
{
"default": "unknown",
"values": [
"diagnostic",
"environmental",
"unknown"
],
"name": "callhome:AlertGroup"
},
{
"default": "unknown",
"values": [
"debug",
"normal",
"notify",
"warning",
"minor",
"major",
"critical",
"fatal",
"unknown"
],
"name": "callhome:AlertLevel"
},
{
"default": "",
"values": [
"diagnostic_debug",
"diagnostic_normal",
"diagnostic_notify",
"diagnostic_warning",
"diagnostic_minor",
"diagnostic_major",
"diagnostic_critical",
"diagnostic_fatal",
"environmental_debug",
"environmental_normal",
"environmental_notify",
"environmental_warning",
"environmental_minor",
"environmental_major",
"environmental_critical",
"environmental_fatal",
"lifecycle_minor",
"inventory_normal"
],
"name": "callhome:AlertType"
},
{
"default": "unknown",
"values": [
"inventory",
"syslog",
"test",
"diag",
"env",
"conf",
"unknown"
],
"name": "callhome:AlertMessageType"
},
{
"default": "unknown",
"values": [
"nosubtype",
"test",
"full",
"delta",
"minor",
"major",
"goldnormal",
"goldminor",
"goldmajor",
"unknown"
],
"name": "callhome:AlertMessageSubtype"
},
{
"default": "",
"values": [
"all",
"system",
"environmental",
"linecard",
"supervisor",
"inventory",
"test",
"ciscoTac",
"syslogPort",
"license",
"lifeCycle",
"diagnostic"
],
"name": "callhome:AlertGroups"
},
{
"default": "debug",
"values": [
"emergency",
"alert",
"critical",
"error",
"warning",
"notice",
"info",
"debug"
],
"name": "callhome:Urgency"
},
{
"default": "debug",
"values": [
"debug",
"normal",
"notification",
"warning",
"minor",
"major",
"critical",
"fatal",
"disaster"
],
"name": "callhome:Level"
},
{
"default": "off",
"values": [
"off",
"on"
],
"name": "callhome:AdminState"
},
{
"default": "enabled",
"values": [
"enabled",
"disabled"
],
"name": "callhome:PolicyAdminState"
},
{
"default": "on",
"values": [
"off",
"on"
],
"name": "callhome:AlertThrottlingAdminState"
},
{
"default": "xml",
"values": [
"xml",
"fullTxt",
"shortTxt"
],
"name": "callhome:Format"
},
{
"default": "",
"values": [],
"name": "callhome:CallhomeContactName"
},
{
"default": "",
"values": [],
"name": "callhome:CallhomeContactAddress"
},
{
"default": "",
"values": [],
"name": "callhome:CallhomeContractId"
},
{
"default": "",
"values": [],
"name": "callhome:CallhomeEmail"
},
{
"default": "",
"values": [],
"name": "callhome:CallhomePhone"
},
{
"default": "0",
"values": [],
"name": "callhome:PeriodicSystemInventoryTimeOfDayHour"
},
{
"default": "0",
"values": [],
"name": "callhome:PeriodicSystemInventoryTimeOfDayMinute"
},
{
"default": "30",
"values": [],
"name": "callhome:PeriodicSystemInventoryIntervalDays"
},
{
"default": "1",
"values": [],
"name": "callhome:PeriodicSystemInventoryMaximumRetryCount"
},
{
"default": "10",
"values": [],
"name": "callhome:PeriodicSystemInventoryRetryDelayMinutes"
},
{
"default": "300",
"values": [],
"name": "callhome:PeriodicSystemInventoryPollIntervalSeconds"
},
{
"default": "5",
"values": [],
"name": "callhome:PeriodicSystemInventoryMinimumSendNowIntervalSeconds"
},
{
"default": "ok",
"values": [
"ok",
"not-applied"
],
"name": "callhome:ConfigState"
}
],
"package": "callhome"
}
The Call Home JSON Schema is shown on the right.
Call Home EP JSON Schema
Call Home EP JSON Schema:
"objects": [
{
"type": "Item",
"properties": {},
"title": "Item Object Schema"
},
{
"children": [
"Source",
"Smtp",
"PeriodicSystemInventory",
"Profile",
"TestAlert",
"Policy"
],
"type": "Ep",
"properties": {
"adminState": {
"access": "read-write",
"type": "AdminState"
},
"configState": {
"access": "read-only",
"type": "ConfigState"
},
"alertThrottlingAdminState": {
"access": "read-write",
"type": "AlertThrottlingAdminState"
},
intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
}
},
"title": "Ep Object Schema"
}
]
The Call Home EP JSON Schema is shown on the right.
Call Home Source JSON Schema
Call Home Source JSON Schema:
{
"type": "Source",
"properties": {
"customer": {
"access": "read-write",
"type": "str"
},
"from": {
"access": "read-write",
"type": "CallhomeEmail"
},
"addr": {
"access": "read-write",
"type": "CallhomeContactAddress"
},
"replyTo": {
"access": "read-write",
"type": "CallhomeEmail"
},
"site": {
"access": "read-write",
"type": "str"
},
"contract": {
"access": "read-write",
"type": "CallhomeContractId"
},
"phone": {
"access": "read-write",
"type": "CallhomePhone"
},
"contact": {
"access": "read-write",
"type": "CallhomeContactName"
},
"email": {
"access": "read-write",
"type": "CallhomeEmail"
},
"urgency": {
"access": "read-write",
"type": "Urgency"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
}
},
"title": "Source Object Schema"
}
The Call Home Source JSON Schema is shown on the right.
Call Home SMTP JSON Schema
Call Home SMTP JSON Schema:
{
"type": "Smtp",
"properties": {
"host": {
"access": "read-write",
"type": "address:HostNameOrDottedQuadOrIPv6"
},
"port": {
"access": "read-write",
"type": "int32"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
}
},
"title": "Smtp Object Schema"
}
The Call Home SMTP JSON Schema is shown on the right.
Call Home Profile JSON Schema
Call Home Profile JSON Schema:
{
"children": [
"Dest"
],
"type": "Profile",
"properties": {
"alertGroups": {
"access": "read-write",
"type": "callhome:AlertGroups"
},
"maxSize": {
"access": "read-write",
"type": "int32"
},
"format": {
"access": "read-write",
"type": "Format"
},
"level": {
"access": "read-write",
"type": "callhome:Level"
},
"adminState": {
"access": "read-write",
"type": "AdminState"
},
"configState": {
"access": "read-only",
"type": "ConfigState"
},
"alertThrottlingAdminState": {
"access": "read-write",
"type": "AlertThrottlingAdminState"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
}
},
"title": "Profile Object Schema"
}
The Call Home Profile JSON Schema is shown on the right.
Call Home Policy JSON Schema
Call Home Policy JSON Schema:
{
"type": "Policy",
"properties": {
"adminState": {
"access": "read-write",
"type": "callhome:PolicyAdminState"
},
"cause": {
"access": "read-write",
"type": "condition:CallHomeCause"
},
"adminState": {
"access": "read-write",
"type": "AdminState"
},
"configState": {
"access": "read-only",
"type": "ConfigState"
},
"alertThrottlingAdminState": {
"access": "read-write",
"type": "AlertThrottlingAdminState"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
}
},
"title": "Policy Object Schema"
}
The Call Home Policy JSON Schema is shown on the right.
Call Home TestAlert JSON Schema
Call Home TestAlert JSON Schema:
{
"type": "TestAlert",
"properties": {
"group": {
"access": "read-write",
"type": "AlertGroup"
},
"description": {
"access": "read-write",
"type": "str"
},
"level": {
"access": "read-write",
"type": "AlertLevel"
},
"sendNow": {
"access": "read-write",
"type": "bool"
},
"messageType": {
"access": "read-write",
"type": "AlertMessageType"
},
"messageSubtype": {
"access": "read-write",
"type": "AlertMessageSubtype"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
},
"policyLevel": {
"access": "read-only",
"type": "int32",
"description": "TBD"
}
},
"title": "TestAlert Object Schema"
}
The Call Home TestAlert JSON Schema is shown on the right.
Download Infrastructure Bundle JSON Schema
Download Infrastructure Bundle JSON Schema:
{
"types": [
{
"default": "",
"values": [],
"name": "firmware:Version"
},
{
"default": "",
"values": [],
"name": "firmware:HardwareType"
},
{
"default": "",
"values": [],
"name": "firmware:ImageName"
},
{
"default": "",
"values": [],
"name": "firmware:ImageLocation"
},
{
"default": "",
"values": [],
"name": "firmware:ImageSize"
},
{
"default": "0",
"values": [],
"name": "firmware:Count"
},
{
"default": "0",
"values": [],
"name": "firmware:InstallInprogress"
},
{
"default": "unknown",
"values": [
"unknown",
"A",
"B"
],
"name": "firmware:ImagePresence"
},
{
"default": "none",
"values": [
"none",
"A",
"B"
],
"name": "firmware:ImageDeleted"
},
{
"default": "",
"values": [
"kernel",
"system",
"combined",
"boot-loader"
],
"name": "firmware:ComponentType"
},
{
"default": "",
"values": [
"maint-policy"
],
"name": "firmware:AckMode"
},
{
"default": "",
"values": [
"fex",
"diag",
"catalog",
"mgmt-ext",
"debug-plug-in",
"switch"
],
"name": "firmware:Type"
},
{
"default": "",
"values": [],
"name": "firmware:ItemType"
},
{
"default": "unknown",
"values": [
"unknown",
"system",
"switch",
"iocard",
"server",
"cimc",
"adaptor",
"storage-controller",
"board-controller",
"graphics-card",
"bios",
"service-profile"
],
"name": "firmware:EquipmentType"
},
{
"default": "noimpact",
"values": [
"activate",
"noimpact",
"reset",
"update"
],
"name": "firmware:ImpactType"
},
{
"default": "unspecified",
"values": [
"unspecified"
],
"name": "firmware:Deployment"
},
{
"default": "secondary",
"values": [
"preferred",
"secondary"
],
"name": "firmware:Preference"
},
{
"default": "active",
"values": [
"active",
"deleted"
],
"name": "firmware:AdminState"
},
{
"default": "UCS",
"values": [
"UCS",
"UCS-MINI"
],
"name": "firmware:PlatformType"
},
{
"default": "unknown",
"values": [
"unknown",
"image",
"full-bundle",
"infrastructure-bundle",
"b-series-bundle",
"c-series-bundle",
"catalog"
],
"name": "firmware:DistributableType"
},
{
"default": "partial",
"values": [
"complete",
"partial"
],
"name": "firmware:Completeness"
},
{
"default": "init",
"values": [
"init",
"downloading",
"downloaded",
"failed"
],
"name": "firmware:TransferState"
},
{
"default": "restart",
"values": [
"restart",
"idle"
],
"name": "firmware:DownloadActivity"
},
{
"default": "scp",
"values": [
"ftp",
"tftp",
"scp",
"sftp",
"local",
"usbA",
"usbB"
],
"name": "firmware:Transport"
},
{
"default": "",
"values": [
"bad-image"
],
"name": "firmware:ImageState"
},
{
"default": "none",
"values": [
"none",
"checksum-failure",
"filesystem-error",
"mgmt-connect-error",
"boot-conf-missing",
"crc-failure",
"unknown-error"
],
"name": "firmware:ImageError"
},
{
"default": "",
"values": [],
"name": "firmware:InventoryType"
},
{
"default": "",
"values": [],
"name": "firmware:PackagingId"
},
{
"default": "",
"values": [],
"name": "firmware:Name"
},
{
"default": "",
"values": [],
"name": "firmware:ServerName"
},
{
"default": "triggered",
"values": [
"trigger",
"triggered"
],
"name": "firmware:TriggerState"
},
{
"default": "unknown",
"values": [
"unknown",
"in-progress",
"failed",
"success",
"warnings",
"skipped"
],
"name": "firmware:UpgradeStatus"
},
{
"default": "unknown",
"values": [
"unknown",
"same-release",
"compatible",
"incompatible",
"multiple-releases"
],
"name": "firmware:FwState"
},
{
"default": "other",
"values": [
"other",
"data-load",
"catalog",
"config",
"server-reboot",
"faults"
],
"name": "firmware:UpgradeCategory"
},
{
"default": "0",
"values": [
"no-config-issue",
"bios-image-not-selected"
],
"name": "firmware:HostPackConfigQualifier"
},
{
"default": "no-firmware-mismatch",
"values": [
"no-firmware-mismatch",
"cimc-firmware-mismatch",
"pld-firmware-mismatch"
],
"name": "firmware:FirmwareState"
},
{
"default": "ready",
"values": [
"ready",
"scheduled",
"in-progress",
"failed",
"pending-user-ack",
"start-pending-ext-permission"
],
"name": "firmware:InstallState"
},
{
"default": "ok",
"values": [
"ok",
"not-applied",
"failed"
],
"name": "firmware:CatalogPackConfigState"
},
{
"default": "immediate ",
"values": [
"immediate"
],
"name": "firmware:DateTime"
},
{
"default": "never",
"values": [
"never"
],
"name": "firmware:DateTimeNever"
},
{
"default": "unknown",
"values": [
"unknown",
"fatal",
"error",
"warn",
"info"
],
"name": "firmware:UpgradeSeverity"
},
{
"default": "Auto Acknowledge",
"values": [
"Auto Acknowledge",
"User Acknowledge",
"No Actions"
],
"name": "firmware:AutoSyncState"
},
{
"default": "No Issues",
"values": [
"No Issues",
"Default Package Missing",
"Versions Empty in Default Package"
],
"name": "firmware:AutoSyncConfigIssue"
}
],
"package": "firmware" {
"type": "Downloader",
"properties": {
"protocol": {
"access": "read-write",
"type": "Transport",
"description": "TBD"
},
"imageSize": {
"access": "read-only",
"type": "ImageSize",
"description": "TBD"
},
"adminState": {
"access": "read-write",
"type": "DownloadActivity",
"description": "TBD"
},
"fileName": {
"access": "read-write",
"type": "Name",
"description": "TBD"
},
"transferState": {
"access": "read-only",
"type": "TransferState",
"description": "TBD"
},
"pwd": {
"access": "read-write",
"type": "string:Password",
"description": "TBD"
},
"remotePath": {
"access": "read-write",
"type": "ImageLocation",
"description": "TBD"
},
"server": {
"access": "read-write",
"type": "ServerName",
"description": "TBD"
},
"user": {
"access": "read-write",
"type": "str",
"description": "TBD"
}
},
"title": "Downloader Object Schema"
}
}
The Download Infrastructure Bundle JSON Schema is shown on the right.
Query/Delete Infrastructure Bundle JSON Schema
Query/Delete Infrastructure Bundle JSON Schema:
{
"children": [
"DistImage"
],
"type": "Distributable",
"properties": {
"completeness": {
"access": "read-only",
"type": "Completeness",
"description": "TBD"
},
"invTag": {
"access": "read-only",
"type": "InventoryType",
"description": "TBD"
},
"transferState": {
"access": "read-only",
"type": "TransferState",
"description": "TBD"
},
"adminState": {
"access": "read-write",
"type": "AdminState",
"description": "TBD"
},
"version": {
"access": "read-only",
"type": "firmware:Version",
"description": "TBD"
},
"imagePresence": {
"access": "read-only",
"type": "ImagePresence",
"description": "TBD"
},
"type": {
"access": "read-only",
"type": "DistributableType",
"description": "TBD"
},
"intId": {
"access": "read-only",
"type": "InternalId",
"description": "TBD"
}
},
"title": "Distributable Object Schema"
}
The Query/Delete Infrastructure Bundle JSON Schema is shown on the right.
Auto Install Infrastructure Bundle (Supervisor software) JSON Schema
Schedule Information JSON Schema
Schedule Information JSON Schema:
{
"type": "AbsWindow",
"properties": {},
"title": "AbsWindow Object Schema"
}
The Auto Install Infrastructure Bundle Schedule Information JSON Schema is shown on the right.
Set Version JSON Schema
Set Version JSON Schema:
{
"type": "InfraPack",
"properties": {
"infraBundleName": {
"access": "read-only",
"type": "str",
"description": "TBD"
},
"forceDeploy": {
"access": "read-write",
"type": "bool",
"description": "TBD"
},
"infraBundleVersion": {
"access": "read-write",
"type": "firmware:Version",
"description": "TBD"
}
},
"title": "InfraPack Object Schema"
}
The Auto Install Infrastructure Bundle Set Version JSON Schema is shown on the right.
Cancel Scheduled Install JSON Schema
Cancel Scheduled Install JSON Schema:
{
"type": "Infra",
"properties": {
"operVersion": {
"access": "read-only",
"type": "firmware:Version",
"description": "TBD"
}
},
"title": "Infra Object Schema"
}
The Auto Install Infrastructure Bundle Cancel Scheduled Install JSON Schema is shown on the right.
Port Channel Configuration JSON Schema
Port Channel Configuration JSON Schema:
{
"types": [
{
"default": "disabled",
"values": [
"enabled",
"disabled"
],
"name": "fabric:AdminState"
},
{
"default": "",
"values": [
"ok",
"missing-primary"
],
"name": "fabric:VlanStatus"
},
{
"default": "none",
"values": [
"none",
"fc-zoning-enabled",
"configuration-error"
],
"name": "fabric:Warnings"
},
{
"default": "15",
"values": [],
"name": "fabric:msgInterval"
},
{
"default": "none",
"values": [
"none",
"reset"
],
"name": "fabric:recoveryAction"
},
{
"default": "",
"values": [
"unknown",
"udld",
"cdp"
],
"name": "fabric:LinkProtocol"
},
{
"default": "",
"values": [
"normal",
"aggressive"
],
"name": "fabric:udldMode"
},
{
"default": "unknown",
"values": [
"unknown",
"unidirectional",
"bidirectional",
"tx-rx-loop",
"mismatch",
"echo-empty",
"admin-disabled"
],
"name": "fabric:UdldOperState"
},
{
"default": "disabled",
"values": [
"enabled",
"disabled"
],
"name": "fabric:SpannedCluster"
}
],
"package": "fabric"
}
The Port Channel Configuration JSON Schema is shown on the right.
Port Channel JSON Schema
Clapton update: added lacpMode, adminDuplex, autoNeg, speedCap
Port Channel JSON Schema:
{
"type": "EthLanPc",
"properties": {
"ssaPortType": {
"access": "read-write",
"type": "fabric:SSAPortType",
"description": "TBD"
},
"vlanStatus": {
"access": "read-write",
"type": "VlanStatus",
"description": "TBD"
},
"mtu": {
"access": "read-write",
"type": "int32",
"description": "TBD"
},
"bandwidth": {
"access": "read-only",
"type": "int32",
"description": "TBD"
},
"overlappingVlans": {
"access": "read-only",
"type": "port:StateQual",
"description": "TBD"
},
"lacpPolicyName": {
"access": "read-write",
"type": "naming:Name",
"description": "TBD"
},
"lacpMode" : {
"access": "read-write",
"type": "fabric:LacpMode",
"description": ""
},
"spannedCluster": {
"access": "read-write",
"type": "fabric:SpannedCluster",
"description": "TBD"
},
"operSpeed": {
"access": "read-write",
"type": "port:EthSpeed",
"description": "TBD"
},
"adminSpeed": {
"access": "read-write",
"type": "port:EthAdminSpeed",
"description": "TBD"
},
"adminDuplex": {
"access": "read-write",
"type": "port:Duplex"
},
"autoNeg": {
"access": "read-write",
"type": "Boolean"
},
"speedCap": {
"access": "read-only",
"type": "equipment:EthPortSpeedCap"
},
"flowCtrlPolicy": {
"access": "read-write",
"type": "naming:Name",
"description": "TBD"
},
"operState": {
"access": "read-only",
"type": "network:PortOperState",
"description": "TBD"
},
"stateQual": {
"access": "read-only",
"type": "port:StateQual",
"description": "TBD"
},
"warnings": {
"access": "read-only",
"type": "Warnings",
"description": "TBD"
},
"adminState": {
"access": "read-write",
"type": "fabric:AdminState",
"description": "TBD"
},
"descr": {
"access": "read-write",
"type": "naming:Descr",
"description": "TBD"
},
"switchId": {
"access": "read-only",
"type": "network:SwitchId",
"description": "TBD"
},
"portId": {
"access": "read-only",
"type": "equipment:PortId",
"description": "TBD"
},
"peerDn": {
"access": "read-only",
"type": "object",
"description": "TBD"
},
"ifType": {
"access": "read-only",
"type": "network:PortType",
"description": "TBD"
},
"ifRole": {
"access": "read-only",
"type": "PortRole",
"description": "TBD"
},
"epDn": {
"access": "read-only",
"type": "object",
"description": "TBD"
},
"locale": {
"access": "read-only",
"type": "network:Locale",
"description": "TBD"
},
"type": {
"access": "read-only",
"type": "network:ConnectionType",
"description": "TBD"
},
"transport": {
"access": "read-only",
"type": "network:Transport",
"description": "TBD"
}
},
"title": "EthLanPc Object Schema"
}
The Port Channel JSON Schema is shown on the right.
Regular Member Port JSON Schema
Regular Member Port JSON Schema:
{
"type": "EthLanPcEp",
"properties": {
"membership": {
"access": "read-only",
"type": "fabric:MembershipStatus",
"description": "TBD"
},
"ethLinkProfileName": {
"access": "read-write",
"type": "naming:Name",
"description": "TBD"
},
"udldOperState": {
"access": "read-only",
"type": "fabric:UdldOperState",
"description": "TBD"
},
"adminState": {
"access": "read-write",
"type": "AdminState",
"description": "TBD"
},
"warnings": {
"access": "read-only",
"type": "Warnings",
"description": "TBD"
},
"operStateReason": {
"access": "read-only",
"type": "port:StateQual",
"description": "TBD"
},
"operState": {
"access": "read-only",
"type": "fabric:OperState",
"description": "TBD"
},
"peerAggrPortId": {
"access": "read-only",
"type": "equipment:PortId",
"description": "TBD"
},
"aggrPortId": {
"access": "read-only",
"type": "equipment:PortId",
"description": "TBD"
},
"portId": {
"access": "read-only",
"type": "equipment:PortId",
"description": "TBD"
},
"slotId": {
"access": "read-only",
"type": "equipment:SlotId",
"description": "TBD"
},
"peerSlotId": {
"access": "read-only",
"type": "equipment:Id",
"description": "TBD"
},
"chassisId": {
"access": "read-only",
"type": "equipment:ChassisId",
"description": "TBD"
},
"switchId": {
"access": "read-only",
"type": "network:SwitchId",
"description": "TBD"
},
"peerPortId": {
"access": "read-only",
"type": "equipment:Id",
"description": "TBD"
},
"peerDn": {
"access": "read-only",
"type": "object",
"description": "TBD"
},
"ifType": {
"access": "read-only",
"type": "network:PortType",
"description": "TBD"
},
"ifRole": {
"access": "read-only",
"type": "PortRole",
"description": "TBD"
},
"epDn": {
"access": "read-only",
"type": "object",
"description": "TBD"
},
"locale": {
"access": "read-only",
"type": "network:Locale",
"description": "TBD"
},
"type": {
"access": "read-only",
"type": "network:ConnectionType",
"description": "TBD"
},
"transport": {
"access": "read-only",
"type": "network:Transport",
"description": "TBD"
}
},
"title": "EthLanPcEp Object Schema"
}
The Regular Member Port JSON Schema is shown on the right.
Breakout Member Port JSON Schema
Breakout Member Port JSON Schema:
{
"type": "EthLanPcEp",
"properties": {
"membership": {
"access": "read-only",
"type": "fabric:MembershipStatus",
"description": "TBD"
},
"ethLinkProfileName": {
"access": "read-write",
"type": "naming:Name",
"description": "TBD"
},
"udldOperState": {
"access": "read-only",
"type": "fabric:UdldOperState",
"description": "TBD"
},
"adminState": {
"access": "read-write",
"type": "AdminState",
"description": "TBD"
},
"warnings": {
"access": "read-only",
"type": "Warnings",
"description": "TBD"
},
"operStateReason": {
"access": "read-only",
"type": "port:StateQual",
"description": "TBD"
},
"operState": {
"access": "read-only",
"type": "fabric:OperState",
"description": "TBD"
},
"peerAggrPortId": {
"access": "read-only",
"type": "equipment:PortId",
"description": "TBD"
},
"aggrPortId": {
"access": "read-only",
"type": "equipment:PortId",
"description": "TBD"
},
"portId": {
"access": "read-only",
"type": "equipment:PortId",
"description": "TBD"
},
"slotId": {
"access": "read-only",
"type": "equipment:SlotId",
"description": "TBD"
},
"peerSlotId": {
"access": "read-only",
"type": "equipment:Id",
"description": "TBD"
},
"chassisId": {
"access": "read-only",
"type": "equipment:ChassisId",
"description": "TBD"
},
"switchId": {
"access": "read-only",
"type": "network:SwitchId",
"description": "TBD"
},
"peerPortId": {
"access": "read-only",
"type": "equipment:Id",
"description": "TBD"
},
"peerDn": {
"access": "read-only",
"type": "object",
"description": "TBD"
},
"ifType": {
"access": "read-only",
"type": "network:PortType",
"description": "TBD"
},
"ifRole": {
"access": "read-only",
"type": "PortRole",
"description": "TBD"
},
"epDn": {
"access": "read-only",
"type": "object",
"description": "TBD"
},
"locale": {
"access": "read-only",
"type": "network:Locale",
"description": "TBD"
},
"type": {
"access": "read-only",
"type": "network:ConnectionType",
"description": "TBD"
},
"transport": {
"access": "read-only",
"type": "network:Transport",
"description": "TBD"
}
},
"title": "EthLanPcEp Object Schema"
}
The Breakout Member Port JSON Schema is shown on the right.
Physical Port Configuration JSON Schema
Physical Port Configuration JSON Schema:
{
"types": [
{
"default": "normal",
"values": [
"normal",
"new",
"deleted"
],
"name": "sw:MonLifeCycle"
},
{
"default": "none",
"values": [
"none",
"in-progress",
"verifying",
"failed"
],
"name": "sw:ConfMode"
},
{
"default": "",
"values": [],
"name": "sw:GroupId"
},
{
"default": "enabled",
"values": [
"enabled",
"disabled"
],
"name": "sw:AdminState"
},
{
"default": "compressed",
"values": [
"compressed",
"uncompressed"
],
"name": "sw:VlanGroupType"
},
{
"default": "included",
"values": [
"included",
"excluded"
],
"name": "sw:VlanCompType"
},
{
"default": "unApplied",
"values": [
"applied",
"unApplied"
],
"name": "sw:VlanConfigStatusType"
},
{
"default": "nonexisting",
"values": [
"existing",
"nonexisting"
],
"name": "sw:PeerStatus"
},
{
"default": "none",
"values": [
"none",
"no-vlan-comp"
],
"name": "sw:ConfigStatus"
},
{
"default": "0",
"values": [],
"name": "sw:CimcId"
},
{
"default": "ok",
"values": [
"ok",
"incomplete"
],
"name": "sw:NFConfigStatus"
},
{
"default": "disabled",
"values": [
"enabled",
"disabled"
],
"name": "sw:SpannedCluster"
}
],
"package": "sw"
}
The Physical Port Configuration JSON Schema is shown on the right.
Regular Port JSON Schema
Regular Port JSON Schema:
{
"type": "EthLanEp",
"properties": {
"ssaPortType": {
"access": "read-write",
"type": "fabric:SSAPortType",
"description": "TBD"
},
"udldOperState": {
"access": "read-only",
"type": "fabric:UdldOperState",
"description": "TBD"
},
"vlanStatus": {
"access": "read-write",
"type": "VlanStatus",
"description": "TBD"
},
"flowCtrlPolicy": {
"access": "read-write",
"type": "naming:Name",
"description": "TBD"
},
"mtu": {
"access": "read-write",
"type": "int32",
"description": "TBD"
},
"usrLbl": {
"access": "read-write",
"type": "naming:UserLabel",
"description": "TBD"
},
"ethLinkProfileName": {
"access": "read-write",
"type": "naming:Name",
"description": "TBD"
},
"overlappingVlans": {
"access": "read-only",
"type": "port:StateQual",
"description": "TBD"
},
"adminSpeed": {
"access": "read-write",
"type": "port:EthSpeed",
"description": "TBD"
},
"adminState": {
"access": "read-write",
"type": "fabric:AdminState",
"description": "TBD"
},
"lc": {
"access": "read-only",
"type": "fsm:Lifecycle",
"description": "TBD"
},"peerAggrPortId": {
"access": "read-only",
"type": "equipment:PortId",
"description": "TBD"
},
"aggrPortId": {
"access": "read-only",
"type": "equipment:PortId",
"description": "TBD"
},
"portId": {
"access": "read-only",
"type": "equipment:PortId",
"description": "TBD"
},
"slotId": {
"access": "read-only",
"type": "equipment:SlotId",
"description": "TBD"
},
"peerSlotId": {
"access": "read-only",
"type": "equipment:Id",
"description": "TBD"
},
"chassisId": {
"access": "read-only",
"type": "equipment:ChassisId",
"description": "TBD"
},
"switchId": {
"access": "read-only",
"type": "network:SwitchId",
"description": "TBD"
},
"peerPortId": {
"access": "read-only",
"type": "equipment:Id",
"description": "TBD"
},
"peerDn": {
"access": "read-only",
"type": "object",
"description": "TBD"
},
"ifType": {
"access": "read-only",
"type": "network:PortType",
"description": "TBD"
},
"ifRole": {
"access": "read-only",
"type": "PortRole",
"description": "TBD"
},
"epDn": {
"access": "read-only",
"type": "object",
"description": "TBD"
},"locale": {
"access": "read-only",
"type": "network:Locale",
"description": "TBD"
},
"type": {
"access": "read-only",
"type": "network:ConnectionType",
"description": "TBD"
},
"transport": {
"access": "read-only",
"type": "network:Transport",
"description": "TBD"
}
},
"title": "EthLanEp Object Schema"
}
The Regular Port JSON Schema is shown on the right.
Breakout Port JSON Schema
Breakout Port JSON Schema:
{
"type": "EthLanEp",
"properties": {
"ssaPortType": {
"access": "read-write",
"type": "fabric:SSAPortType",
"description": "TBD"
},
"udldOperState": {
"access": "read-only",
"type": "fabric:UdldOperState",
"description": "TBD"
},
"vlanStatus": {
"access": "read-write",
"type": "VlanStatus",
"description": "TBD"
},
"flowCtrlPolicy": {
"access": "read-write",
"type": "naming:Name",
"description": "TBD"
},
"mtu": {
"access": "read-write",
"type": "int32",
"description": "TBD"
},
"usrLbl": {
"access": "read-write",
"type": "naming:UserLabel",
"description": "TBD"
},
"ethLinkProfileName": {
"access": "read-write",
"type": "naming:Name",
"description": "TBD"
},
"overlappingVlans": {
"access": "read-only",
"type": "port:StateQual",
"description": "TBD"
},
"adminSpeed": {
"access": "read-write",
"type": "port:EthSpeed",
"description": "TBD"
},
"adminState": {
"access": "read-write",
"type": "fabric:AdminState",
"description": "TBD"
},
"lc": {
"access": "read-only",
"type": "fsm:Lifecycle",
"description": "TBD"
},"peerAggrPortId": {
"access": "read-only",
"type": "equipment:PortId",
"description": "TBD"
},
"aggrPortId": {
"access": "read-only",
"type": "equipment:PortId",
"description": "TBD"
},
"portId": {
"access": "read-only",
"type": "equipment:PortId",
"description": "TBD"
},
"slotId": {
"access": "read-only",
"type": "equipment:SlotId",
"description": "TBD"
},
"peerSlotId": {
"access": "read-only",
"type": "equipment:Id",
"description": "TBD"
},
"chassisId": {
"access": "read-only",
"type": "equipment:ChassisId",
"description": "TBD"
},
"switchId": {
"access": "read-only",
"type": "network:SwitchId",
"description": "TBD"
},
"peerPortId": {
"access": "read-only",
"type": "equipment:Id",
"description": "TBD"
},
"peerDn": {
"access": "read-only",
"type": "object",
"description": "TBD"
},
"ifType": {
"access": "read-only",
"type": "network:PortType",
"description": "TBD"
},
"ifRole": {
"access": "read-only",
"type": "PortRole",
"description": "TBD"
},
"epDn": {
"access": "read-only",
"type": "object",
"description": "TBD"
},"locale": {
"access": "read-only",
"type": "network:Locale",
"description": "TBD"
},
"type": {
"access": "read-only",
"type": "network:ConnectionType",
"description": "TBD"
},
"transport": {
"access": "read-only",
"type": "network:Transport",
"description": "TBD"
}
},
"title": "EthLanEp Object Schema"
}