Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 

Delete Unused Objects v2.0

Adam_Forester
Ambassador
Ambassador

One of the first ever pieces I wrote for CheckMates is a script that would delete unused objects. I was very specific to Host/Network/Group back then. Recently I had a reason to update the tool and now have a new version that will digest objects based off of TYPE so you get delete files you can use in batch commands by object type. I have found no limit to object database size since this loops.

 

I will say something like this is going to be done quickly and easily with AI co-pilot

...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free

Disclaimer: Check Point does not provide maintenance services or technical or customer support for third party content provided on this Site, including in CheckMates Toolbox. See also our Third Party Software Disclaimer.




0 Kudos
10 Replies

Adam_Forester
Ambassador
Ambassador

I should probably note that the Python version is till a work in progress... I'm not a python expert so that one still needs work. The Shell version works excellently. 

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

the_rock
Legend
Legend

Where can I get the shell version? Would like to try it in the lab.

Best,

Andy

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

the_rock
Legend
Legend

Nm, disregard, I see its in that link, let me try and will report if it works

Thanks  @Adam_Forester 

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

the_rock
Legend
Legend

Not sure if this looks right, but all I get is below. I also tried on another lab mgmt server, same thing

Andy

 

[Expert@cpazuremgmt:0]# ./delete-unused-objects.sh

What is the IP address or Name of the Domain or SMS you want to check?
20.220.86.199
There are 1 objects
[Expert@cpazuremgmt:0]# ls
delete-unused-objects.sh
[Expert@cpazuremgmt:0]#

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Adam_Forester
Ambassador
Ambassador

Ya know... It helps if I publish the correct version. 😂 

I just updated it and retested in my lab. 

You can then take the files and run them as batch;

Example: mgmt_cli -r true delete host --batch host_127.0.0.1_unused_objects.log

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

the_rock
Legend
Legend

Thats better mate lol

Andy

[Expert@CP-management:0]# ./delete-unused-objects.sh

What is the IP address or Name of the Domain or SMS you want to check?
172.16.10.252
There are 4 objects
[Expert@CP-management:0]# ls
address-range_172.16.10.252_unused_objects.log
delete-unused-objects.sh
group_172.16.10.252_unused_objects.log
host_172.16.10.252_unused_objects.log

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

_Val_
Admin
Admin

Great one, Adam! Moved to ToolBox where it belongs. Can you please add a picture to the post? 

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Tomer_Noy
Employee
Employee

Thank you for sharing the script and it's always nice to see people leveraging our APIs  😀

I wanted to ask though, why you don't perform this action through the SmartConsole UI? (or perhaps the option is not visible enough...).

If you open the Object Explorer (via the top menu or by clicking the three-dots in the right side Objects pane), there is a combobox at the top left that says "All" by default. If you open it, you can select "Unused Objects" instead and it will filter the

...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

Adam_Forester
Ambassador
Ambassador

Hey Tomer! Great question... I wrote the original version back in 2016, this was more of I need to update based on time passed and efficiency of my own code practices. 

As for the batch delete command it would require me to one line this and my original idea was for the code to be in a format that was reviewable and the executed with the --batch command based on object type. 

I appreciate the input! I may add a second part that would output them into a single code line as an optiona

...;
TO ACCESS CHECKMATES TOOLBOX it's simple and free


0 Kudos

DanCannon
Participant

easy answer to this.... limited to 500 objects in the gui.... the API will allow you to iterate over them in turn,  for example on a single CMA I have over 3300 unused objects.  this is in a MDS with 20 domains... using the gui is far to slow compared to leveraging the api.

;
TO ACCESS CHECKMATES TOOLBOX it's simple and free