Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Nelson_Thoms
Participant
Jump to solution

Report for unused objects on R77.30 SMS

Hello,

I am in the process of auditing the objects on an R77.30 mgmt. server and while I've found dbedit to be the best way to export the full object list, I am unable to determine if objects are used or not.  I realise in Dashboard we can filter on unused objects however since we have hundreds of results, and I cannot just delete stuff without proper change process, I am not able to use the GUI for the required task (unless I just took a bunch of printscreens or manually retyped every object so I have it in a more usable form).

Is there a way to export the list of unused objects? either from Dashboard or perhaps using a command line tool?

Thank you for the assistance.

Nelson Thoms

0 Kudos
1 Solution

Accepted Solutions
XBensemhoun
Employee
Employee

A quick answer would be to use

whereused <table_name> <object_name>

instruction on to look for any of your exported list of object but... that could take a long time.

You could script something in the Web Visualization Tool xml or html export file too.

I assume we will wait together for better answers

Did you already used hit-count in order to look at rules which are no more used since 't' time (... and if a rule is no more used... you'll be able to delete it and maybe to have new 'unused' objects).

If you're interested, I've published a comment in which I'm starting to explain how to do.

Information Security enthusiast, CISSP, CCSP

View solution in original post

4 Replies
XBensemhoun
Employee
Employee

A quick answer would be to use

whereused <table_name> <object_name>

instruction on to look for any of your exported list of object but... that could take a long time.

You could script something in the Web Visualization Tool xml or html export file too.

I assume we will wait together for better answers

Did you already used hit-count in order to look at rules which are no more used since 't' time (... and if a rule is no more used... you'll be able to delete it and maybe to have new 'unused' objects).

If you're interested, I've published a comment in which I'm starting to explain how to do.

Information Security enthusiast, CISSP, CCSP
Nelson_Thoms
Participant

Thanks Xavier, very helpful information there, and I have had a look at your link on unused rules which is certainly an area we will be addressing in our audit. 

In terms of the Web Visualisation Tool - This looks exactly like what I need, not sure how I did not come across this in my searching and even a contact with checkpoint support!  Thank you for providing this info

For now I will give the whereused command a go in dbedit, and I should be able to verify my results with the query done in Dashboard.

Cheers Xavier, really appreciate your feedback

Nelson_Thoms
Participant

The Web Visualisation Tool definitely helped me here - with a full export to XML of all objects and the firewall/NAT policies I am able to achieve the requirements! Thank you for this solution

Tomer_Sole
Mentor
Mentor

This is also available with the Compliance Blade.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events