Having some problems here:

Hello
My SmartConsol crash evry time when I clic on policy action buton
If i remove this extenssion is workin ?

Thanks

Hello @Francis_Noel 

It seems that in newer SmartConsoles there is a fundamental issue with Smart Console Extensions. Please follow the post below, where this error is being addressed:

SmartConsole Extension Issue in R81.20/R82

Hello, @HeikoAnkenbrand 

Does this work in MDS environments?

I have several CMAs in my MDS [approx. 8].

Is this tool useful?

Does the process for using it differ greatly from that of an SMS?

Thank you.

I tested it in the MDS lab bro and worked fine.

Bro.

Where do you apply this extension?

In the MDS box itself?

Or is it done by CMA?

Can you share an image of your lab or a short video, please?

Thanks 🙂

Sorry bro, had to delete it to create Palo Alto lab, but it was on CMA.

🥹🥲

This tool shows you the 0 Hits rules, but for how long?

The last 3 months, 6 months, etc.?

Or does it show you the general “regardless” of how long the rule has not been used?

Hey bud,

Depends on below setting.

Do you know if the tool ‘installs policies’ once you run the commands in SMS/MDS(CMA)?

Or is the installation of policies done manually after applying the commands in the CLI?

Hey bro,

Does NOT auto delete any rules, as Heiko wrote:

****************

Since deleting unused rules always annoyed me, I created a SmarteConsole plugin.
It does the following:

- Shows all rules in SmartConsole that have not been used (hit counter = 0).
- Lets you select any of the unused rules you want to delete.
- Generates the CLI commands for the Management Server to delete those rules.
   You only need to copy and paste the output into an SSH session on the SMS.
   

I deliberately did not automate the deletion directly in SmartConsole, to avoid accidental rule removal if the tool is misused.

***********************

Asked colleague today to check in her lab and indeed it is installed on the cma level.

@Matlu ...BUT, if you really need a screenshot, let me create my own mds lab again Monday morning and I will send it to you. 

Yes, please, I'm waiting for your update. 😀

I have a question about using the tool in MDS environments, because although it is true that it works through CMA, when you run the command through SSH, the first thing you have to do is log into MDS, then “jump” to CMA, but here's the question: will the command be “smart” and know where the policy you want to disable is located?

I ask this because within each CMA, we have many “Policy Packages,” so if you run the command given by the tool, will this tool know where to execute the “disable” task?

I hope my question is clear.

Thank you for your comments.

Im doing it now bro, just watching some CFL grey cup game, its Canadian version of Super bowl, though I got no clue about the rules LOL. 

Anyway, will updtate you soon.

K, here is my test:

-installed R82 mds lab

-put on latest jumbo 44 and rebooteed

-created test cma

-installed Heiko's extension on both global and test cma and created 2 basic policies

-ran extension on both packages, worked fine, no issues

see image below

 If you need me to test anything else tomorrow, let me know.

Buena noche : - )

Great 😀

It would be good to “see” how the tool behaves when you have, for example, three “Policy Packages” in your CMA.

Will the command that the tool gives you to “execute” in the MDS SSH be able to ‘recognize’ which policy package contains a rule that you are “declaring” with the command?

Is my question clear?

Thanks for your help ☺️

It would bro, yes, because when you run it, it generated commands you can use in expert mode with mgmt_cli to get rid of the rule or simply delete it via smart console. Either way, works on both global and cma level. I can take video tomorrow and send it, so you can see : - )

That would be very helpful 🙂

Let's see how it behaves in a large environment with many “Policy Packages” and how it “looks” once the command is applied in SSH, to note its great benefit of use 🙂

It will be very basic, as I dont have any gateways connected to it, since I just built it, but you will get an idea.

@Matlu 

Ok...I know this is super UNCONVENTIONAL way, but it does work...so here is what I did to test it.

-created bogus policy with bunch of inline layer rules and then cloned same policy package

-DELETED all the rules in cloned polixy, EXCEPT clean up rule

-copied all inline layer rules from original package to cloned one and pasted ABOVE clean up rule

-saved and extension showed all the right rules with 0 hits

HTH

Can you share a screenshot of your lab?
Or maybe a video to give us an idea? 😁🤣

Man, now I may start charging you money, you are asking for too many videos/screenshots haha. Jk, though we do take Peru sol too, no issue 😉

Here you go

Great.
Thanks, Broo.
I'll try it out and compare it. 😄

No problem...100% it does work, I tested it on P-1 and also regular mgmt. Sorry I keep calling it Provider-1, thats the name I always remember lol

Im gonna do some more tests in the lab tomorrow with inline layers.

Nice idea. On our R82 using some layers it does not seem to work.

Layer in Rule No. 1 contains round about 200 rules and when expanding the layer i can see several "no hit rules".
Any idea where the issue is?

Hey guys,

Hey Vin, suppose it does not work for layered rules, correct @HeikoAnkenbrand ? I also tried it in the lab, but got the same problem.

@Matlu , please see the short video I recorded from the test cma created.