Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ekta_Siwani1
Contributor
Jump to solution

Can I create duplicate object(Network or Host) using R80.10 API

Hi,

My requirement is to create a two object with different name but same IP Address using R80.10 API.

When we create host or network object API will do error check for duplicate IP, It will not let us create two object with same IP but different name.

Can i tell API to skip this error check.

Or is there any other way to achieve same?

0 Kudos
1 Solution

Accepted Solutions
Eugene_Grybinny
Employee Alumnus
Employee Alumnus

You can instruct API to ignore warnings or errors (but not blocking errors) by providing ignore-warnings or ignore-errors correspondingly. 

Example

[Expert@host]# mgmt_cli -s id.txt add host name abc ip-address 1.1.1.1
[Expert@host]# mgmt_cli -s id.txt add host name abc2 ip-address 1.1.1.1
code: "err_validation_failed"
message: "Validation failed with 1 warning"
warnings:
- message: "Multiple objects have the same IP address 1.1.1.1"

[Expert@host]# mgmt_cli -s id.txt add host name abc2 ip-address 1.1.1.1 ignore-warnings true
[Expert@host]#

Documentation for add-host (find the fields under "More" section in Request Parameters)

Pay attention that in case of ignored errors - you wan't be able to publish!

View solution in original post

11 Replies
Eugene_Grybinny
Employee Alumnus
Employee Alumnus

You can instruct API to ignore warnings or errors (but not blocking errors) by providing ignore-warnings or ignore-errors correspondingly. 

Example

[Expert@host]# mgmt_cli -s id.txt add host name abc ip-address 1.1.1.1
[Expert@host]# mgmt_cli -s id.txt add host name abc2 ip-address 1.1.1.1
code: "err_validation_failed"
message: "Validation failed with 1 warning"
warnings:
- message: "Multiple objects have the same IP address 1.1.1.1"

[Expert@host]# mgmt_cli -s id.txt add host name abc2 ip-address 1.1.1.1 ignore-warnings true
[Expert@host]#

Documentation for add-host (find the fields under "More" section in Request Parameters)

Pay attention that in case of ignored errors - you wan't be able to publish!

Eric_Beasley
Employee
Employee

In the comment above from Eugene Grybinny he states that you won't be able to publish with ignored errors; however, this is only the case if the issue generates a validation warning, which should be documented in the failure for the publish operation.

For the generation of an object that duplicates elements of another objects, but is not a 100% clone, there should not be an issue.  I've done this when doing exports to CSV files and then importing those CSV files via -batch mode on mgmt_cli.

If you don't specify the ignore-warnings or ignore-errors CLI option, a -batch operation may complete, but will not execute the changes/additions of the problem items, which can cause follow-on issues doing multiple import operations in succession.

The utilization of the ignore-warnings and ignore-errors option is especially necessary when working with network and group objects, since Get Interfaces in R80 and later will import the static routes and generate a network object for the interface if there is no existing network object covering the target network, and will group them into a set with static route identified networks to add in the topology configuration.  If these Check Point generated groups and networks exist, then not using the ignore options will result in failure to create the item from the API, since those networks already exist in another object.

0 Kudos
SD_Networking
Contributor

Hello,

I am having strange issue "set-if-exists true" doesnt work with batch csv option.

here:

mgmt_cli add host set-if-exists true -b hosts2.csv
Username: admin
Password:
Line 2: code: "err_validation_failed"
message: "Validation failed with 1 warning and 1 error"
warnings:
- message: "Multiple objects have the same IP address 192.168.162.18"
errors:
- message: "More than one object named 'HGSDPN_VPN_HUDSON5' exists."


Executed command failed. Changes are discarded.

 mgmt_cli add host name "HGSDPN_VPN_HUDSON5" ip-address "192.168.162.18" set-if-exists true
Username: admin
Password:


---------------------------------------------
Time: [17:30:52] 7/12/2017
---------------------------------------------
"Publish operation" succeeded (100%)

Any way to fix it ???

0 Kudos
Robert_Decker
Advisor

add the "ignore-warnings true" option at the end.

0 Kudos
Eric_Beasley
Employee
Employee

Hi,

You can create multiple distinctly named objects with the same IP Address or IP Address range/network; however, you CAN NOT create duplicate objects with the same NAME, which you are trying to do.

Object names must be unique within a Domain (e.g. SMS, or single domain on in MDM), so you go the warning (will allow it to pass) on the IP Address; however, the error on the duplicate name terminates the operation.

BR

Eric

Eric Beasley

Security Engineer, North America Channel Sales

Cell: +1 708-224-7724 E-mail: ericb@checkpoint.com

0 Kudos
Robert_Decker
Advisor

Hi Eric,

He is not creating different objects with the same name, he is using a "set_if_exists" flag, which will update an existing object (with the same name AND TYPY).

Robert.

0 Kudos
SD_Networking
Contributor

Thanks for the response guys, actually it was my mistake i was putting set_if_exists in the command but in batch option it has be inside CSV file, it fixed my problem.

0 Kudos
Philipp_Schiff
Explorer

How did you do it exactly? What is the syntax in the csv?

Thanks,
Philipp

0 Kudos
Robert_Decker
Advisor

in CSV file the first line consists of field names. The following lines are the values.

You should add the "set_if_exists" field at the top line, and insert the values per each line in the appropriate location.

You can edit the file in MS Excel or Notepad++.

Robert.

0 Kudos
SD_Networking
Contributor

Now i got into new problem set_if_exists doesnt exist for creating groups Smiley Sad

0 Kudos
Robert_Decker
Advisor

No, it does not.

If you have only few duplicate names, I suggest to redirect the errors to a file, and then handle them manually (use option 2>&1).

Robert.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events