This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
jfmoral
Participant
Participant
‎2024-11-13 10:41 AM
Jump to solution

Moving hosts between groups

Hi.

Do you know if there is any way to quickly move 1600 hosts from Group A to Group B?

Regards.

Management   Quantum Force (Security Gateways)  

0 Kudos
1 Solution

Accepted Solutions
Bob_Zimmerman
Authority
Authority
‎2024-11-13 11:42 AM
In response to jfmoral
Jump to solution

So you want all members of group B to be added to group A, and you want all places where group B is used to use group A instead?

Dump group B with '/show-object'. The output will have all members of the group.

Get the first ~100 members and call '/set-group' for group A with members.add[] in the body and the selected members. Adding a member which is already in the group does nothing, so this will add all the members of B which aren't already in A to A.

Repeat for the next ~100 members until you're done.

In SmartConsole, run a Where Used on group B, hit the Replace button in the window, pick group A, and select the places where you want to replace it. If there's anywhere which can't be automatically replaced, you'll have to handle it manually.

View solution in original post

15 Replies
the_rock
Legend
Legend
‎2024-11-13 10:54 AM
Jump to solution

Let me do quick test in the lab for this with few hosts and see what happens.

Andy

0 Kudos
the_rock
Legend
Legend
‎2024-11-13 11:03 AM
Jump to solution

Ok, forgive me if this shall sound really stupid or silly, but one easy way would be to right click existing group, clone it, which will create exact same group with name _clone on top of it, then you can delete "old" group.

If that poses an issue, Im sure it can be done via API, so let me know and I can try it in the lab.

Andy

0 Kudos
jfmoral
Participant
Participant
‎2024-11-13 11:14 AM
In response to the_rock
Jump to solution

Hi, 

Maybe I explained it in the wrong form. Group A and Group B have many Objects and I want to merge them into a single group. But I don't want to select one by one.

I'm going to look at the API.

Thanks.

0 Kudos
the_rock
Legend
Legend
‎2024-11-13 11:16 AM
In response to jfmoral
Jump to solution

Kk, now I got it, no worries. Let me do some testing and see how far I get. Will update you.

Andy

0 Kudos
the_rock
Legend
Legend
‎2024-11-13 11:27 AM
In response to jfmoral
Jump to solution

I recall cp_merge back in the day, but that tool was deprecated while back. I will still keep trying to make this work in the lab. In the meantime, lets see if anyone else may know.

0 Kudos
jfmoral
Participant
Participant
‎2024-11-13 11:38 AM
In response to the_rock
Jump to solution

Thank you. I am conducting tests as well.

0 Kudos
the_rock
Legend
Legend
‎2024-11-14 03:36 AM
In response to Amir_Senn
Jump to solution

Looks promising, may test this in the lab later. Does it work say if you want to move lets say only 20 out of 100 hosts to another group?

Andy

0 Kudos
Amir_Senn
Employee
Employee
‎2024-11-14 04:57 AM
In response to the_rock
Jump to solution

I would grep uid results from group into a file and if you want to want to limit number of items per publish you can do it by running a loop that runs on X objects until EOF.

mgmt_cli show group name "test" | grep "\- uid:" > uid_list.txt

Kind regards, Amir Senn
0 Kudos
the_rock
Legend
Legend
‎2024-11-14 06:51 AM
In response to Amir_Senn
Jump to solution

Man, I wish this was possible via smart console, would have been easier, but guess not?

Andy

0 Kudos
Amir_Senn
Employee
Employee
‎2024-11-14 08:04 AM
In response to the_rock
Jump to solution

You can clone or add group into another group, it would also help.

It just doesn't give you this as a list that you can use for other purposes.

Kind regards, Amir Senn
the_rock
Legend
Legend
‎2024-11-14 08:07 AM
In response to Amir_Senn
Jump to solution

I know you can clone the group, but dont believe you can add one into another, but will test again.

Andy

0 Kudos
the_rock
Legend
Legend
‎2024-11-14 08:16 AM
In response to Amir_Senn
Jump to solution

Apologies, I was wrong, my bad. Just created brand new group and it let me add 2 new groups into it. I think I was not filtering for the right objects.

Thanks @Amir_Senn 

Andy

Bob_Zimmerman
Authority
Authority
‎2024-11-13 11:42 AM
In response to jfmoral
Jump to solution

So you want all members of group B to be added to group A, and you want all places where group B is used to use group A instead?

Dump group B with '/show-object'. The output will have all members of the group.

Get the first ~100 members and call '/set-group' for group A with members.add[] in the body and the selected members. Adding a member which is already in the group does nothing, so this will add all the members of B which aren't already in A to A.

Repeat for the next ~100 members until you're done.

In SmartConsole, run a Where Used on group B, hit the Replace button in the window, pick group A, and select the places where you want to replace it. If there's anywhere which can't be automatically replaced, you'll have to handle it manually.

the_rock
Legend
Legend
‎2024-11-13 12:04 PM
In response to Bob_Zimmerman
Jump to solution

Sounds reasonable, will try this as well.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top