This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Ed_Eades
Contributor
‎2017-09-07 02:06 PM

Bulk Add Network Objects

I am looking for advice on how to bulk add network objects.  I need to add around 550 networks and we are on GAIA R80.10.  I have read some about dbedit, Using a dbedit script to create new network objects and network object groups, but I am not sure if that would still be the best method.  I will also mention I have never used dbedit.  When adding these network objects I would also like to add a description on each network object.  The dbedit link does not include the syntax for the description. 

I came across a thread on cpug that If R80, there are more robust CLI for these things.  You can find documentation and several examples at https://community.checkpoint.com.

Thanks in advance!

17 Replies
PhoneBoy
Admin
Admin
‎2017-09-07 03:48 PM

For this task, you can use dbedit, but you don't need to.

R80+ has a new API/CLI that is a bit easier to use than dbedit.

See the documentation for using mgmt_cli add host here: Check Point - Management API reference: add host 

There are several examples in the https://community.checkpoint.com/community/developers?sr=search&searchId=b0714703-c1b9-449b-afb4-084...‌ space.

One specific example that might be useful here: CLI API Example for exporting, importing, and deleting different objects using CSV files (v 00.25.01...

Ed_Eades
Contributor
‎2017-09-08 08:02 AM

Very helpful, thank you.  Can you tell me what the Parameter Name would be for the "Comment" Field?  I would like put a comment on all the networks I am adding.

Thanks again!

PhoneBoy
Admin
Admin
‎2017-09-08 10:16 AM
In response to Ed_Eades

The parameter is comments.

It's listed in the documentation, but hidden behind text that can be expanded with a "More" link.

Ed_Eades
Contributor
‎2018-04-06 08:49 AM
In response to PhoneBoy

I have tried testing using the API/CLI with a .csv file but receive an error message.  I uploaded file test.csv to the var/log directory and ran the command,  mgmt_cli add network --batch var/log/test.csv

The .csv file looks like this

name,subnet,subnet-mask,comments
NET_10.10.16.0,10.10.16.0,255.255.255.0,Test Network

The error message received is:

Line 2: code: "generic_err_invalid_parameter_name"
message: "Unrecognized parameter [name]"

I am not sure what may be causing this to fail.

Thanks.

Robert_Decker
Advisor
‎2018-04-08 01:57 AM
In response to Ed_Eades

Hi Ed,

The command and the content of the csv file look correct.

From which directory are you running the mgmt_cli tool?

Robert.

Ed_Eades
Contributor
‎2018-04-27 01:52 PM
In response to Robert_Decker

I had underscores in the name field of the CSV file.  Eventhough GAIA accepts names with underscores, CSV files typically do not handle underscores well.  After removing the underscore I was able to import using the mgmt._cli add network --batch command.  The import is a huge time saver. 

Thanks for all the input. 

Tom_Cripps
Advisor
‎2019-08-16 06:39 AM
In response to Robert_Decker

Hi Robert,

I'm running into a similar issue, my names don't have underscores like Ed's. I'm running this application from within the home/admin directory with the csv also within that directory as well.

Any tips?

0 Kudos
Tim_Koopman
Contributor
‎2017-09-10 07:35 PM

Hi,

I have created a PowerShell module that uses the Web API calls. One of the examples I have using it is doing an import from Excel file of network objects. Very easy to import as many objects as you like.

R80 PowerShell Module   | GitHub: Import from Excel Example 

Regards

Tim

Ankur_Datta
Collaborator
‎2019-01-07 10:20 PM

I am trying to add objects into CMA. but when i run api command i get below error:

Line 11: code: "generic_err_invalid_parameter"
message: "Parameter [nat-settings] value is not valid"

I ran following command:

mgmt_cli add host  --batch networkobjects.csv

and excel sheet has following fields:

and nat settings has 

kindly advise.

0 Kudos
PhoneBoy
Admin
Admin
‎2019-01-07 10:49 PM
In response to Ankur_Datta

If you want to set individual NAT settings in a CSV, you must specify each setting correctly as a name value pair.

Since nat-settings has subsettings, this means you will need multiple parameters.

For example, you would need nat-settings.hide-behind with value "ip-address" and nat-settings.ipv4-address with value "yourip".

0 Kudos
Ankur_Datta
Collaborator
‎2019-01-07 11:28 PM
In response to PhoneBoy

Thanks Dameon. got it. I thought export csv file from smart console will work but i was wrong.

I have one more question. If i want to move network objects from one CMA to another CMA in same MDS through api. What is the procedure? I tested this but unfortunately objects didn't appeared in new CMA.

I was in CMA env and executed the api command from there through CLI.

0 Kudos
PhoneBoy
Admin
Admin
‎2019-01-08 07:55 AM
In response to Ankur_Datta

At a high level, you would be making successive calls to the relevant APIs to read the objects against one CMA, then write them to the other CMA.

There are several working examples of this on CheckMates.

0 Kudos
Ankur_Datta
Collaborator
‎2019-01-08 09:01 AM
In response to PhoneBoy

Hi Dameon,

I can't find any post. 

kindly can you please share the link if you are aware off.

Thanks

0 Kudos
PhoneBoy
Admin
Admin
‎2019-01-08 09:08 AM
In response to Ankur_Datta

You're corresponding with our R&D on one such tool Smiley Happy

Here's another that does export/import via CSV files: CLI API Example for exporting, importing, and deleting different objects using CSV files (v 00.29.02...

I also provided a sample with raw API calls recently here (calling via curl on the CLI): https://community.checkpoint.com/thread/5999-cli-help?commentID=36360#comment-36360 

0 Kudos
Aathi
Contributor
‎2019-11-27 04:50 AM
In response to PhoneBoy

Hi Team,

 

Can you guide how to import the range of ip address which is in csv file in checkpoint managment server.

119.227.224.0-119.227.255.255

 

Regards

Aathi

0 Kudos
Jason_Grubbs
Participant
‎2020-11-12 07:47 AM
In response to PhoneBoy

@PhoneBoy I know this is an old post, but I found it when searching for information about bulk importing.  So far, the info has been excellent!  

I have one question about adding networks to an existing group using a csv.

I see from the API reference https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/add-network~v1.1%20 that I can add a network to a group, but what is the syntax I use in the CSV?  Same for Tags...

For Example:

namesubnetsubnet-maskcommentstags
Zoom-101.36.167.0/24101.36.167.0255.255.255.0Zoom-101.36.167.0/24Zoom

 

Or do I need to add more info to the tags field:

namesubnetsubnet-maskcommentstags
Zoom-101.36.167.0/24101.36.167.0255.255.255.0Zoom-101.36.167.0/24name "Zoom"
0 Kudos
PhoneBoy
Admin
Admin
‎2020-11-12 09:16 AM
In response to Jason_Grubbs

In the CSV header line, use groups.1 or tags.1 as appropriate.
To add to additional groups as part of the same CSV, increment the number (e.g. groups.2, tags.2).
You can see an example here: https://community.checkpoint.com/t5/API-CLI-Discussion-and-Samples/One-liner-Convert-CSV-for-Managem... 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top