Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Scott_NORRIS
Explorer

Get UID of "Policy Targets" object via API?

Hi,

I am trying to get a script that will export all firewall installed on a specific security gateway/cluster.  However, I cannot seem to get the "Policy Targets" object's UID from the API.

If I use the show-object command with the UID I am getting from a policy I know is installed on all Policy targets, it returns the object fine.

However, if I try to find the object via the show-objects command and 

{"in" : [ "name""Policy Targets" ]}
 
It only returns a list of objects containing Policy in their name, but no "Policy Targets".  Is it possible that the show-objects command does not return obects of type: Global?
 
Regards
0 Kudos
4 Replies
Bob_Zimmerman
Authority
Authority

To clarify, you have the firewall's name/UUID, and you want the policy packages which are allowed to install on that firewall?

0 Kudos
Scott_NORRIS
Explorer

Hi Bob,

Actually, I am looking for which rules will be installed on a given firewall/cluster.  I can easily find the UID of the gateway programatically, but I cannot seem to find the UID for the "Policy Targets", which when used as an installation target also means the rule will be installed on the firewall, even if it is not explicitely in the list.

Worst case, I'll get the "install-on" value from the final rule in the rulebase (Drop all) and use that instead.  I was just wondering if there was an easier way.

Thanks!

0 Kudos
Bob_Zimmerman
Authority
Authority

The confusion is there are multiple things which could be called "Policy Targets". The policy package has a field called Installation Targets, and rules have a field called Install On with a possible value of Policy Targets. A given firewall could be in the Installation Targets of multiple policy packages, and within those policy packages (and packages with the Installation Targets field set to "all") it may be used in rules' Install On field.

So you're trying to evaluate the Install On field of each rule in the policy to find out which ones will go to a given firewall?

0 Kudos
Scott_NORRIS
Explorer

Hi Bob,

That's it.  But it's alright, I'll just grab the last rule of a given policy package, which is always installed on all gateways and use the UID from the Install On field for that purpose.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events