https://community.checkpoint.com/t5/API-CLI-Discussion/Checking-a-list-of-IP-s-for-Host-Objects-Add-or-Set-Group/m-p/40960#M2790 <HTML><HEAD></HEAD><BODY><P>This was born out of a one-off&nbsp;customer request that I thought would serve as a good example for how to use a query to provide if/then results.&nbsp;The customer&nbsp;really wanted to do this in bash and not have to work in python.</P><P></P><P>Use Case:</P><P>The customer wanted to be able to take a txt file with IPv4 Address in it and do a check on each IP to see if a host object already existed. If the object already existed they wanted to create a 'set' command to assign it to a group. If the IP did not exist under a host object they wanted to create the host object using a generic name and assign it to the same group.</P><P></P><P>You can find the full script here:&nbsp;<A class="link-titled" href="https://github.com/WadesWeaponShed/IP-List-Host-Check-Add-or-Set" title="https://github.com/WadesWeaponShed/IP-List-Host-Check-Add-or-Set">GitHub - WadesWeaponShed/IP-List-Host-Check-Add-or-Set</A>&nbsp;</P><P></P><P></P><P>The meat of the script is below; Using if statements we search the object database and if the search returns an object [1] then we issue the set command for it, if the search returns nothing [0] then we build the add command for the host.</P><P></P><P>printf "\nChecking For Existing Hosts\n"<BR />&nbsp; &nbsp;for line in $(cat ip.txt)<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;do<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if [[ $(mgmt_cli -r true -d $DOMAIN show objects type host filter "$line" ip-only true offset $I limit 500 --format json |jq '.total') = 1 ]]<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;then<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mgmt_cli -r true -d $DOMAIN show objects type host filter "$line" ip-only true offset $I limit 500 --format json | jq --raw-output '.objects[] | "mgmt_cli -s id.txt set host name " +.name + " groups auto-group"' &gt;&gt; host_set.txt<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;elif [[ $(mgmt_cli -r true -d $DOMAIN show objects type host filter "$line" ip-only true offset $I limit 500 --format json |jq '.total') = 0 ]]; then<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;printf "mgmt_cli -s id.txt add host name Host-$line ip-address $line groups auto-group\n" &gt;&gt; host_set.txt<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;fi<BR />&nbsp; done</P></BODY></HTML> Fri, 15 Feb 2019 16:07:31 GMT Adam_Forester 2019-02-15T16:07:31Z https://community.checkpoint.com/t5/API-CLI-Discussion/Checking-a-list-of-IP-s-for-Host-Objects-Add-or-Set-Group/m-p/40960#M2790 <HTML><HEAD></HEAD><BODY><P>This was born out of a one-off&nbsp;customer request that I thought would serve as a good example for how to use a query to provide if/then results.&nbsp;The customer&nbsp;really wanted to do this in bash and not have to work in python.</P><P></P><P>Use Case:</P><P>The customer wanted to be able to take a txt file with IPv4 Address in it and do a check on each IP to see if a host object already existed. If the object already existed they wanted to create a 'set' command to assign it to a group. If the IP did not exist under a host object they wanted to create the host object using a generic name and assign it to the same group.</P><P></P><P>You can find the full script here:&nbsp;<A class="link-titled" href="https://github.com/WadesWeaponShed/IP-List-Host-Check-Add-or-Set" title="https://github.com/WadesWeaponShed/IP-List-Host-Check-Add-or-Set">GitHub - WadesWeaponShed/IP-List-Host-Check-Add-or-Set</A>&nbsp;</P><P></P><P></P><P>The meat of the script is below; Using if statements we search the object database and if the search returns an object [1] then we issue the set command for it, if the search returns nothing [0] then we build the add command for the host.</P><P></P><P>printf "\nChecking For Existing Hosts\n"<BR />&nbsp; &nbsp;for line in $(cat ip.txt)<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;do<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;if [[ $(mgmt_cli -r true -d $DOMAIN show objects type host filter "$line" ip-only true offset $I limit 500 --format json |jq '.total') = 1 ]]<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;then<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;mgmt_cli -r true -d $DOMAIN show objects type host filter "$line" ip-only true offset $I limit 500 --format json | jq --raw-output '.objects[] | "mgmt_cli -s id.txt set host name " +.name + " groups auto-group"' &gt;&gt; host_set.txt<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;elif [[ $(mgmt_cli -r true -d $DOMAIN show objects type host filter "$line" ip-only true offset $I limit 500 --format json |jq '.total') = 0 ]]; then<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;printf "mgmt_cli -s id.txt add host name Host-$line ip-address $line groups auto-group\n" &gt;&gt; host_set.txt<BR />&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;fi<BR />&nbsp; done</P></BODY></HTML> Fri, 15 Feb 2019 16:07:31 GMT https://community.checkpoint.com/t5/API-CLI-Discussion/Checking-a-list-of-IP-s-for-Host-Objects-Add-or-Set-Group/m-p/40960#M2790 Adam_Forester 2019-02-15T16:07:31Z https://community.checkpoint.com/t5/API-CLI-Discussion/Checking-a-list-of-IP-s-for-Host-Objects-Add-or-Set-Group/m-p/61797#M3858 <P>I see the limit is set to 500 in script, does this mean it will only handle the first 500 hosts??</P> Tue, 03 Sep 2019 20:04:07 GMT https://community.checkpoint.com/t5/API-CLI-Discussion/Checking-a-list-of-IP-s-for-Host-Objects-Add-or-Set-Group/m-p/61797#M3858 Juan_Concepcion 2019-09-03T20:04:07Z