Boosting Performance & Stability
with Harmony Endpoint E88.70!
Four Ways to SASE
April 23, 5PM CET | 11AM ET
It's Here!
CPX 2025 Content
Zero Trust: Remote Access and Posture
Help us with the Short-Term Roadmap
The Future of Browser Security:
AI, Data Leaks & How to Stay Protected!
CheckMates Go:
Recently on CheckMates
Hi,
I've created a bash script to bulk rename objects listed in a CSV file. You need to run it on a MDS with the Management API enabled.
Features
CSV file
Create a seperate CSV file for each object type you want to rename. This means you cannot mix object types like TCP and UDP services into one CSV file. When running the script you have to specify which object type the CSV file contains.
Each CSV file has to start with a special line:
name,new-name
From that point you can add new lines with current name<comma>new name
Example CSV file with host objects:
name,new-name
Gooogle-DNS1,Google-DNS1
Googgle-DNS2,Google-DNS2
Script example
./rename_objects.sh johndoe DMS-CP-1 CHG4726 hosts rename_hosts.csv nopublish
This allows user johndoe to login to the domain DMS-CP-1. It will use changenumber CHG4726 for session name and description. Furthermore you tell that it will find host objects in the CSV file rename_hosts.csv. Last but not least the nopublish action will force a logout of the API session after succesfully renaming the objects. This will allow you to takeover the session in SmartConsole for manual verification and a manual publish if you're satisfied with the results.
Usage
Usage:
./rename_objects.sh [ARGUMENTS]...
Rename objects listed in a CSV file using the Management API of a Check Point
Multi-Domain Management Server running on R80.x
Mandatory arguments to supply when running the script.
username Put your username that has Write access to the DMS here.
domainname Put the name of the DMS here.
changenumber Put in your changenumber. It will be used for session info.
objecttype Can be either tcp|udp|hosts|networks|servicegroups|networkgroups.
filename The CSV file that lists the current and new names of the
objects.
sessionaction Can be either nopublish|publish.
Example:
./rename_objects.sh johndoe DMS-CP-1 CHG4726 hosts rename_hosts.csv nopublish
If there are errors or warnings when renaming objects the complete session will
be discarded. A log will be shown so you can fix it before trying again.
The CSV file should always start with this line:
name,new-name
From this point you can add new lines with the current name and the new name of
the objects:
Gooogle-DNS1,Google-DNS1
Googgle-DNS2,Google-DNS2
etc...
When you choose not to publish you can takeover the session in SmartConsole.
In SmartConsole you can then verify the changes and publish it manually.
You can download rename_objects.sh on your MDS using the following CLI one-liner:
curl_cli -o rename_objects.sh tools.checkpoint.engineer/rename_objects.sh && chmod +x rename_objects.sh
or in a browser:
https://tools.checkpoint.engineer/rename_objects.sh
GitHub repository: https://github.com/Rick-Hoppe/rename-objects
Changelog
0.1 Initial version
0.2 Added dos2unix to remove Windows formatting
Hi,
I've created a bash script to bulk rename objects listed in a CSV file. You need to run it on a MDS with the Management API enabled.
Features
_khard
Hi @_khard ,
This script was specifically written for a Multi-Domain environment, but you can easily modify it to work on a single management server.
It probably will work if you modify line 273 to:
mgmt_cli login user "$1" > id.txt
Note: You still need to enter a (fake) domainname but it will not be used to login. To remove this it would require a lot more custom modifications.
Hi @_khard ,
This script was specifically written for a Multi-Domain environment, but you can easily modify it to work on a single management server.
It probably will work if you modify line 273 to:
mgmt_cli login user "$1" > id.txt
Note: You still need to enter a (fake) domainname but it will not be used to login. To remove this it would require a lot more custom modifications.
JozkoMrkvicka
Nice work !
I have some more features how to further develop this script.
1. Iterate over all Domains on MDS and check if the object to be renamed is existing on all Domains, not only on specified as an argument. You can specify only one Domain, but if you dont, the script will rename it on all Domains.
2. Integrate Global Domain, if present.
3. Rename the network objects searched by the IP addresses (not via name).
4. Automatic detection of SMS or MDS.
Nice work !
I have some more features how to further develop this script.
1. Iterate over all Domains on MDS and check if the object to be renamed is existing on all Domains, not only on specified as an argument. You can specify only one Domain, but if you dont, the script will rename it on all Domains.
2. Integrate Global Domain, if present.
3. Rename the network objects searched by the IP addresses (not via name).
4. Automatic detection of SMS or MDS.
;
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY