Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Andrey_Gromov
Explorer

Rule export

Jump to solution

Hello. Is there a way to export rulebase easily anywhere on management server so that other people could read it?

For r80 right now I'm using command line (F9) from SmartConsole. For example:

show access-rulebase name "Lan-policy Security" details-level "standard" use-object-dictionary true filter "(dec1-17)" --format text

It's nice. But it would be very nice if there were options to:

1. change uid automatically (for example for network objects)

2. print out only necessary fields like source, destination, service, time, comments

Is it possible without knowing programming languages?

0 Kudos
1 Solution

Accepted Solutions
Tomer_Sole
Employee Alumnus
Employee Alumnus
7 Replies
Tomer_Sole
Employee Alumnus
Employee Alumnus
Andrey_Gromov
Explorer

Thank you. I have tried this script. Nevertheless I can't filter out anything using SmartConsole syntax, so even if I copy the output to Excel, I can't use entities like ip/mask.

0 Kudos
Tomer_Sole
Employee Alumnus
Employee Alumnus

which one of the tools are you referring to?

0 Kudos
Andrey_Gromov
Explorer

I used this script:

$MDS_FWDIR/scripts/web_api_show_package.sh -k <PACKAGE NAME> -d <DOMAIN NAME>

0 Kudos
Robert_Decker
Employee Alumnus
Employee Alumnus

You can output the results into a JSON file format and then use a popular and easy JQ to filter any data.

There are plenty of JQ examples in this community. For example - 

https://community.checkpoint.com/message/1151 

Robert.

0 Kudos
Andrey_Gromov
Explorer

Thanks for your response. But....popular? maybe. Easy? unlikely. I spent 3 hours reading documentation.

Filter .rulebase[].rulebase[0:][].comments got me necessary information partly. But I also needed the source, the destination and the service for those rules. That's crazy.

0 Kudos
Robert_Decker
Employee Alumnus
Employee Alumnus

I'm sorry to hear this.

You need some scripting abilities to parse API commands output.

Did you finally manage to get all info you needed?

Here is an additional link that may be useful for you:

https://community.checkpoint.com/thread/6229-how-to-parse-json-output-from-r80-management-api-with-j...

0 Kudos