cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Ed_Eades
Nickel

Bulk Add Network Objects

I am looking for advice on how to bulk add network objects.  I need to add around 550 networks and we are on GAIA R80.10.  I have read some about dbedit, Using a dbedit script to create new network objects and network object groups, but I am not sure if that would still be the best method.  I will also mention I have never used dbedit.  When adding these network objects I would also like to add a description on each network object.  The dbedit link does not include the syntax for the description. 

I came across a thread on cpug that If R80, there are more robust CLI for these things.  You can find documentation and several examples at https://community.checkpoint.com.

Thanks in advance!

14 Replies
Admin
Admin

Re: Bulk Add Network Objects

For this task, you can use dbedit, but you don't need to.

R80+ has a new API/CLI that is a bit easier to use than dbedit.

See the documentation for using mgmt_cli add host here: Check Point - Management API reference: add host 

There are several examples in the https://community.checkpoint.com/community/developers?sr=search&searchId=b0714703-c1b9-449b-afb4-084...‌ space.

One specific example that might be useful here: CLI API Example for exporting, importing, and deleting different objects using CSV files (v 00.25.01...

Highlighted
Ed_Eades
Nickel

Re: Bulk Add Network Objects

Very helpful, thank you.  Can you tell me what the Parameter Name would be for the "Comment" Field?  I would like put a comment on all the networks I am adding.

Thanks again!

Admin
Admin

Re: Bulk Add Network Objects

The parameter is comments.

It's listed in the documentation, but hidden behind text that can be expanded with a "More" link.

Ed_Eades
Nickel

Re: Bulk Add Network Objects

I have tried testing using the API/CLI with a .csv file but receive an error message.  I uploaded file test.csv to the var/log directory and ran the command,  mgmt_cli add network --batch var/log/test.csv

The .csv file looks like this

name,subnet,subnet-mask,comments
NET_10.10.16.0,10.10.16.0,255.255.255.0,Test Network

The error message received is:

Line 2: code: "generic_err_invalid_parameter_name"
message: "Unrecognized parameter [name]"

I am not sure what may be causing this to fail.

Thanks.

Employee++
Employee++

Re: Bulk Add Network Objects

Hi Ed,

The command and the content of the csv file look correct.

From which directory are you running the mgmt_cli tool?

Robert.

Ed_Eades
Nickel

Re: Bulk Add Network Objects

I had underscores in the name field of the CSV file.  Eventhough GAIA accepts names with underscores, CSV files typically do not handle underscores well.  After removing the underscore I was able to import using the mgmt._cli add network --batch command.  The import is a huge time saver. 

Thanks for all the input. 

Tom_Cripps
Silver

Re: Bulk Add Network Objects

Hi Robert,

I'm running into a similar issue, my names don't have underscores like Ed's. I'm running this application from within the home/admin directory with the csv also within that directory as well.

Any tips?

0 Kudos
Tim_Koopman
Nickel

Re: Bulk Add Network Objects

Hi,

I have created a PowerShell module that uses the Web API calls. One of the examples I have using it is doing an import from Excel file of network objects. Very easy to import as many objects as you like.

R80 PowerShell Module   | GitHub: Import from Excel Example 

Regards

Tim

Ankur_Datta
Nickel

Re: Bulk Add Network Objects

I am trying to add objects into CMA. but when i run api command i get below error:

Line 11: code: "generic_err_invalid_parameter"
message: "Parameter [nat-settings] value is not valid"

I ran following command:

mgmt_cli add host  --batch networkobjects.csv

and excel sheet has following fields:

and nat settings has 

kindly advise.

0 Kudos
Admin
Admin

Re: Bulk Add Network Objects

If you want to set individual NAT settings in a CSV, you must specify each setting correctly as a name value pair.

Since nat-settings has subsettings, this means you will need multiple parameters.

For example, you would need nat-settings.hide-behind with value "ip-address" and nat-settings.ipv4-address with value "yourip".

0 Kudos
Ankur_Datta
Nickel

Re: Bulk Add Network Objects

Thanks Dameon. got it. I thought export csv file from smart console will work but i was wrong.

I have one more question. If i want to move network objects from one CMA to another CMA in same MDS through api. What is the procedure? I tested this but unfortunately objects didn't appeared in new CMA.

I was in CMA env and executed the api command from there through CLI.

0 Kudos
Admin
Admin

Re: Bulk Add Network Objects

At a high level, you would be making successive calls to the relevant APIs to read the objects against one CMA, then write them to the other CMA.

There are several working examples of this on CheckMates.

0 Kudos
Ankur_Datta
Nickel

Re: Bulk Add Network Objects

Hi Dameon,

I can't find any post. 

kindly can you please share the link if you are aware off.

Thanks

0 Kudos
Admin
Admin

Re: Bulk Add Network Objects

You're corresponding with our R&D on one such tool Smiley Happy

Here's another that does export/import via CSV files: CLI API Example for exporting, importing, and deleting different objects using CSV files (v 00.29.02...

I also provided a sample with raw API calls recently here (calling via curl on the CLI): https://community.checkpoint.com/thread/5999-cli-help?commentID=36360#comment-36360 

0 Kudos