Hot!What should be the FortiAnalayzer API WSDL URL?

Author
LIDONG
New Member
  • Total Posts : 6
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/11/23 01:02:00
  • Status: offline
2018/11/26 18:54:38 (permalink)
0

What should be the FortiAnalayzer API WSDL URL?

Hi,
 
I meet an issue when connect with FortiAnalayzer API (using Python). For example:
- client = zeep.Client(wsdl=wsdl,transport=Transport(session=session))     Or
- response = requests.post(wsdl,data=body,headers=headers,proxies=proxy)
 
1. I have downloaded the legacy WSDL file by following the "FortiAnalyzer - XML API Reference v5.6.0". At the end of WSDL file, it shows that the URL is http://localhost:8080/FortiAnalyzerWSxml, which is different from other normal public API WSDL url.
 
<wsdl:service name="FortiAnalyzerWSxml">
<wsdl:port name="FortiAnalyzerWSxml" binding="tns:FortiAnalyzerWSxml">
<soap:address location="http://localhost:8080/FortiAnalyzerWSxml"/>
</wsdl:port>
</wsdl:service>
 
2. In my case, the FortiAnalyzer is accessed via an internal IP address (e.g., assume 10.11.12.13). I also tried to set WSDL URL as http://10.11.12.13:8080/FortiAnalyzerWSxml. But still does not work
 
How should I set the WSDL URL?
 
Thanks.
#1
hzhao_FTNT
Expert Member
  • Total Posts : 344
  • Scores: 58
  • Reward points: 0
  • Joined: 2014/09/12 10:03:54
  • Status: offline
Re: What should be the FortiAnalayzer API WSDL URL? 2018/11/27 10:31:25 (permalink)
5 (1)
Hi there,
 
The URL is correct, but please make sure:
1. you have enable "Web Service" on interface.
2. use latest version of soap UI
 
Regards,
hz
#2
LIDONG
New Member
  • Total Posts : 6
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/11/23 01:02:00
  • Status: offline
Re: What should be the FortiAnalayzer API WSDL URL? 2018/11/27 17:12:20 (permalink)
0
Hi Zhao,
 
http://10.11.12.13:8080/FortiAnalyzerWSxml cannot be opened via browser. Is this suppose to be?
I tried soap UI, such as getFazConfig() function. it returns me get config successfully. So it means it work, right?
#3
hzhao_FTNT
Expert Member
  • Total Posts : 344
  • Scores: 58
  • Reward points: 0
  • Joined: 2014/09/12 10:03:54
  • Status: offline
Re: What should be the FortiAnalayzer API WSDL URL? 2018/11/27 17:45:09 (permalink)
5 (1)
Yes, web service works with soap UI, not browser.
#4
LIDONG
New Member
  • Total Posts : 6
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/11/23 01:02:00
  • Status: offline
Re: What should be the FortiAnalayzer API WSDL URL? 2018/11/27 19:39:46 (permalink)
0
The soapUI works.
But when I tried to use "zeep" to connect the API (Python 3), it returns me requests.exceptions.HTTPError: 404 Client Error: Not Found for url: https://11.12.13.14:8080/FortiAnalyzerWSxml
 
What could be the possible reason?
#5
hzhao_FTNT
Expert Member
  • Total Posts : 344
  • Scores: 58
  • Reward points: 0
  • Joined: 2014/09/12 10:03:54
  • Status: offline
Re: What should be the FortiAnalayzer API WSDL URL? 2018/11/28 09:31:16 (permalink)
0
I never test zeep client. If needed, you can run debug on FAZ:
dia de app fortimanagerws 8
dia de en
 
regards,
hz
 
#6
LIDONG
New Member
  • Total Posts : 6
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/11/23 01:02:00
  • Status: offline
Re: What should be the FortiAnalayzer API WSDL URL? 2018/11/29 17:57:53 (permalink)
0
thanks. Now, I can call legacy FortiAnalyzer API well.
In the "FortiAnalyzer 5.6.0 XML API Reference", it only gives sample request/response of legacy API. Do you also have a user manual for the "new API" (I have downloaded WSDL of new API from admin UI). It looks like new API include much more functions.
#7
hzhao_FTNT
Expert Member
  • Total Posts : 344
  • Scores: 58
  • Reward points: 0
  • Joined: 2014/09/12 10:03:54
  • Status: offline
Re: What should be the FortiAnalayzer API WSDL URL? 2018/11/30 09:44:30 (permalink)
0
Currently we have 20 XML APIs on FAZ, and no plan to develop new XML APIs for now. Instead, we have many new JSON APIs, I would suggest you check JSON documents if need more functions.
#8
LIDONG
New Member
  • Total Posts : 6
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/11/23 01:02:00
  • Status: offline
Re: What should be the FortiAnalayzer API WSDL URL? 2018/12/02 16:58:53 (permalink)
0
that's good. i cannot find the link of fortianalyzer JSON API. pls advise.
#9
hzhao_FTNT
Expert Member
  • Total Posts : 344
  • Scores: 58
  • Reward points: 0
  • Joined: 2014/09/12 10:03:54
  • Status: offline
Re: What should be the FortiAnalayzer API WSDL URL? 2018/12/05 09:54:41 (permalink)
0
The JSON API reference is available in FNDN. Please visit https://fndn.fortinet.net for more info.
#10
LIDONG
New Member
  • Total Posts : 6
  • Scores: 0
  • Reward points: 0
  • Joined: 2018/11/23 01:02:00
  • Status: offline
Re: What should be the FortiAnalayzer API WSDL URL? 2018/12/06 18:41:34 (permalink)
0
Thanks. So far, we have a white list of firewall rules + one bottom rule to deny all traffic outside the white list. If we want to retrieve data to to investigate / analyze what kind of traffic are denied. Which API/API(s) you think would be helpful for us?
#11
Jump to:
© 2018 APG vNext Commercial Version 5.5