AnsweredAssumed Answered

How to list all uids with specific comment in rulebase

Question asked by Tomas Votruba on Dec 19, 2016
Latest reply on Dec 19, 2016 by Tomas Votruba

Hello,

 

can I ask for help somebody more skilled with json output of mgmt_cli?

 

I have quite complex access layer policybase with many section titles.

 

As far as I discovered, every section is separate rulebase, wich again consists from rulebases (every rulebase is access rule).

See here:

 

  • "uid" : 10e134f5-7c7c-4f20-9fe2-d9af55d443ae,
  • "name" : Company_PROD_1_1 Security,
  • "rulebase" : -[
    • +{ ... },
    • +{ ... },
    • -{
      • "uid" : 0ab76f20-16e4-4a50-a9f9-cc3486161405,
      • "name" : Management Net access,
      • "type" : access-section,
      • "from" : 8,
      • "to" : 20,
      • "rulebase" : -[
        • -{},
          • "uid" : 1dfe28d1-4b84-4443-939c-266289398b44,
          • "name" : CPBRNO_TO_CPMGMT,
          • "type" : access-rule,
          • "domain" : +{ ... },
          • "rule-number" : 8,
          • "source" : +[ ... ],
          • "source-negate" : false,
          • "destination" : +[ ... ],
          • "destination-negate" : false,
          • "service" : +[ ... ],
          • "service-negate" : false,
          • "vpn" : +[ ... ],
          • "action" : 6c488338-8eec-4103-ad21-cd461ac2c472,
          • "action-settings" : +{ ... },
          • "data" : +[ ... ],
          • "data-negate" : false,
          • "data-direction" : any,
          • "track" : 598ead32-aa42-4615-90ed-f51a5928d41d,
          • "track-alert" : none,
          • "time" : +[ ... ],
          • "custom-fields" : +{ ... },
          • "meta-info" : +{ ... },
          • "comments" : rule, central management access for checkpoint gw. tvobruba 29.9.2016, limited
          • "enabled" : true,
          • "install-on" : +[ ... ]
        • +{ ... },
        • +{ ... },
        • +{ ... },
        • +{ ... },
        • +{ ... },
        • +{ ... },
        • +{ ... },
        • +{ ... },
        • +{ ... },
        • +{ ... },
        • +{ ... },
        • +{ ... }
        ]
      },

Is there easy way how to find and list every access rule uid in whole layer which contains comment with text 'limited' inside?

How can I do it with jq syntax? Is jq capable go through layer recursively? And if yes, how?

 

Thank you very much

 

Regards Tomas Vobruba

Outcomes