https://community.checkpoint.com/t5/API-CLI-Discussion/Global-object-cleanup-script/m-p/47036#M3145 <P><A href="https://github.com/adi0s/CPCleanupGlobalObject" target="_blank" rel="noopener">https://github.com/adi0s/CPCleanupGlobalObject</A></P><P>&nbsp;</P><P>This tools provides a way how to determine, if some global object created in Check Point global policy is used across all domains or not.</P><P><STRONG><FONT size="4">How does it work?</FONT></STRONG></P><OL><LI>Get all network objects from global policy (hosts,networks,groups,address-range)</LI><LI>Get list of all domains on MDS</LI><LI>Search over each domain to check if particular object is used or not - using where-used api command</LI><LI>Write down results and generate API CLI commands for object deletion for each object type</LI></OL><P>By default is generating list of objects, which are not used in any domain or just used in one domain. Example: you have 12 domains on MDS and reported object is not used in any of 12 domains or it's just used on 1 domain from 12 (this kind of object should be only local object)</P><P>Requirements: Download and install the Check Point API Python SDK repository, follow the instructions in the SDK repository.<A href="https://github.com/CheckPointSW/cp_mgmt_api_python_sdk" target="_blank" rel="noopener">https://github.com/CheckPointSW/cp_mgmt_api_python_sdk</A></P><P>Written for python3, but if you put in first line also this: from<SPAN>&nbsp;</SPAN><STRONG>future</STRONG><SPAN>&nbsp;</SPAN>import print_function it should run on python2</P><P><STRONG>How to use?</STRONG></P><P>python global_object_cleanup.py -m management_ip -u username -p password -g "global domain name"</P> Fri, 15 Mar 2019 10:57:01 GMT Martin_Valenta 2019-03-15T10:57:01Z https://community.checkpoint.com/t5/API-CLI-Discussion/Global-object-cleanup-script/m-p/47036#M3145 <P><A href="https://github.com/adi0s/CPCleanupGlobalObject" target="_blank" rel="noopener">https://github.com/adi0s/CPCleanupGlobalObject</A></P><P>&nbsp;</P><P>This tools provides a way how to determine, if some global object created in Check Point global policy is used across all domains or not.</P><P><STRONG><FONT size="4">How does it work?</FONT></STRONG></P><OL><LI>Get all network objects from global policy (hosts,networks,groups,address-range)</LI><LI>Get list of all domains on MDS</LI><LI>Search over each domain to check if particular object is used or not - using where-used api command</LI><LI>Write down results and generate API CLI commands for object deletion for each object type</LI></OL><P>By default is generating list of objects, which are not used in any domain or just used in one domain. Example: you have 12 domains on MDS and reported object is not used in any of 12 domains or it's just used on 1 domain from 12 (this kind of object should be only local object)</P><P>Requirements: Download and install the Check Point API Python SDK repository, follow the instructions in the SDK repository.<A href="https://github.com/CheckPointSW/cp_mgmt_api_python_sdk" target="_blank" rel="noopener">https://github.com/CheckPointSW/cp_mgmt_api_python_sdk</A></P><P>Written for python3, but if you put in first line also this: from<SPAN>&nbsp;</SPAN><STRONG>future</STRONG><SPAN>&nbsp;</SPAN>import print_function it should run on python2</P><P><STRONG>How to use?</STRONG></P><P>python global_object_cleanup.py -m management_ip -u username -p password -g "global domain name"</P> Fri, 15 Mar 2019 10:57:01 GMT https://community.checkpoint.com/t5/API-CLI-Discussion/Global-object-cleanup-script/m-p/47036#M3145 Martin_Valenta 2019-03-15T10:57:01Z