That means there's an error in the jq statement.
You've got .rulebase in there twice.
Also it looks like the select doesn't do what you want.
Most of the results return a UID, which I assume you want in some sort of human readable format.
Also, setting the limit to 2000 will not return all results, you will need to make multiple calls using the offset parameter to get the next 50 results (or so).
Not exactly right, but this is a lot closer:
mgmt_cli -s sid.txt show access-rulebase name "LayerName" details-level full --format json | jq -r '.rulebase | select (.enabled == false)| .uid' | while read X; do
mgmt_cli -s sid.txt --format json show access-rule uid $X layer "LayerName" |
jq -r '[.uid, .name, .source.name, .destination.name, .service.name, .action.name]|@csv'
At a high level, this is:
- Getting the UID of the rules that are disabled (note you will need to use limit/offset in this command and call it multiple times to get all the rules.
- For each rule UID, get human readable source/destination/service/action and output in something that looks like a CSV file (though each source/destination/service will create a column).
There may be some way to clean up the jq further here so you get a cleaner CSV file.