The service object is using the same port number as another object, but one or more other properties may differ. So, they are not duplicate objects. 

Hi Maik

I've tested the import with my existing csv appended as suggested, and a test one matching the contents above but it fails.

Line 2: code: "generic_err_invalid_parameter"

message: "Parameter [ignore-warnings] value is not valid.

I've tried with the following statements 

mgmt_cli -m <mgmt ip> -u <username> add service-udp -b services_udp.csv ignore-warnings true

mgmt_cli -m <mgmt ip> -u <username> add service-udp -b services_udp.csv 

Regards,

Simon

That's weird, I tested my described solution yesterday before posting my answer. The test has been done via the latest R80.40 SmartConsole demo environment.

Could you post a snipped of your csv file like headers and a few lines (maybe change the port or name if you want)?

What would be the correct csv header value for a nested JSON object?

For example, if I wanted to export the value of the radius server name for a user object, then import it.

e.g.

"radius-server": {

"name": <name>

I think Radius server objects are not supported via the management api. However, wasn't your initial question related to udp services?

In general you specify all the required parameters in the csv header, that otherwise would be mentioned as a mgmt_cli argument.

So for example, to come back to your initial issue with the udp service import...

The mgmt api documentation lists several possible parameters and which value is expected for each => https://sc1.checkpoint.com/documents/R80/APIs/#gui-cli/add-service-udp%20

All of these may be mentioned in the header, the ones declared with "Required" are obviously required, meaning that your command will fail if you do not mention them.

As I am writing this... could you try to do the same import as already tested yesterday, but this time write the "ignore-warnings" header in parenthese?

So the first line of your csv file should look something like that...

name,port,"ignore-warnings"

service1,123,true

service2,1234,true

The reason why I ask this is that I sucessfully executed my command under windows, could be the case that you try to run ths directly on the mgmt server and therefore linux. This could result in the issue and may require the parentheses.

Yes my initial question was about services-udp but could also apply to other imports. 

The other questions was unrelated so I will post it in a separate post if it cant be answered here. But just to note, it's not a radius server object, it's a user object with a radius-server property. And the radius-server property has sub-properties i.e. name. This data can be accessed via the management api so the question is, can it be exported and imported to and from a csv using --batch. If so, I need to know what the csv header naming format is where the export is a nested object e.g. radius-server.name, encryption.enable-ike. I was simply using the radius-server property as an example. 

Getting back to the original issue, let me check the import with added parenthesis and get back to you. 

Ah okay, now I understand the question. In this case, when you want to create a user, you would use the following csv header:

"name","authentication-method","radius-server","encryption.enable-ike"

demouser,radius,myradiusobject,true

In this case the "radius-server" value in the header is directly related to the authentication method value. So for example, you can not use this field if the authentication method is not equal to radius. The second point, in rehards to nested information you are correct, such a case can be mentioned by combining values with a dot (like "encryption.enable-ike"). But there is no general rule, as the different API calls differ in the expected values. I would advice you to strictly follow the documentation (https://sc1.checkpoint.com/documents/latest/APIs/#cli/add-user~v1.7%20). Also, just to be sure, verify that you use the correct documentation regarding your api version. (You can check your [supported] api version/s by using the command "mgmt_cli show api-versions".)

Also... if you want to create multiple users and not all of them use the radius authentication method I think you need to split the import to different csv files.

The reason for that is that the api may not be able to render information like this...

"name","authentication-method","radius-server","tacacs-server","encryption.enable-ike"

radiususer,radius,myradiusobject,NULL,true

tacacsuser,tacacs,NULL,mytacacsobject,true

I hope this explanation makes sense to follow... maybe there even is a way to do something like shown above, but in the past I created multiple files in such a case, one per auth method.

When adding a user, I receive the following

"code" : "generic_err_invalid_parameter"

message: "Parameter [enable-ike] value is not valid (full path: encryption.enable-ike"

If I add parenthesis to the head encryption.enable-ike i.e. "encryption.enable-ike" the following is returned

"code" : "generic_err_invalid_parameter"

message: "Unrecognized parameter [\"encryption]"

I've stripped down the csv to only include users that use radius authentication and adjusted the headers accordingly. 

Have the header be encryption.”enable-ike” instead of “encryption.enable-ike”. 
Guessing the hyphenated parameter is causing issues (specifically when translated to JSON).

100% correct, maybe I should test stuff before posting a solution when I haven't done this in over a year 🤔

Hey

When I enclose these objects in parenthesis, i.e. encryption.”enable-ike”, encryption.”enable-public-key",  the following is returned. 

"code" : "generic_err_invalid_parameter_name",
"message" : "Unrecognized parameter [\"enable-ike\"] (full path: encryption.\"enable-ike\")"
}
Line 1010: {
"code" : "generic_err_invalid_parameter_name",
"message" : "Unrecognized parameter [\"enable-ike\"] (full path: encryption.\"enable-ike\")"
}

{ "response" : []}

Regards,

Simon