SRX Services Gateway
Reply
Contributor
paulkil
Posts: 127
Registered: ‎11-05-2010
0
Accepted Solution

export policy rules

Hi guys,

I'm just wondering is there an "easy" way of exporting the policy rules from the junos config into an excel sheet?

 

Many thanks,

 

Paul

Distinguished Expert
MMcD
Posts: 637
Registered: ‎07-20-2010

Re: export policy rules

Hi Paul,

 

Pretty easily.  If you open up Putty or an SSH program and set logging to on, choose a log file location and log into your box.

 

user@srx#edit security policies
user@srx#show | display xml | no-more

 Open your log file up and cut from above <security> and below </security> and save it as an xml file, then just open with excel.

MMcD [JNCIP-SEC, JNCIS-ENT, CCNA, MCP]
____________________________________________________

[Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too]
Contributor
paulkil
Posts: 127
Registered: ‎11-05-2010
0

Re: export policy rules

Hi MMcD,

and thanks for your reply.

 

Does what you suggest actually export the "policy rules" or the logs of these rules?

 

I'm looking to do the former so we can have a consice list in excel format of all our firewall rules corporatre wide.

 

Regards,

 

Paul

Distinguished Expert
MMcD
Posts: 637
Registered: ‎07-20-2010

Re: export policy rules

It exports the actual policies.  See the attached screenshot for an example

MMcD [JNCIP-SEC, JNCIS-ENT, CCNA, MCP]
____________________________________________________

[Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too]
Contributor
paulkil
Posts: 127
Registered: ‎11-05-2010
0

Re: export policy rules

MMcD,

I tried that and it's working beautifully.

 

Thanks so much,

 

Paul

New User
RAVU
Posts: 1
Registered: ‎12-13-2010
0

Re: export policy rules

Hello MMcD,

 

Great post and thank you for this solution. I am however having some difficulties in getting the right view in Excel. I followed your steps and the XML file is being imported in Excel. However when I look at policy rules with multiple source or destination adresses it generates a separate row for every address.

 

For example: If I have 1 policy rule which allows http access from 4 different source addresses to 2 different destination adresses it shows me about 8 different rows in Excel. In the attachment you can find an example. I would like to see 1 single row per policy rule.

 

Do you by any chance have a solution for that? To be complete, we are doing an export of a SRX240 unit.

 

Best regards,

 

Aico

 

Visitor
David_Mitchell
Posts: 3
Registered: ‎04-09-2014
0

Re: export policy rules

Thanks MMcD,

 

I am brand new to Junosland and this was exactly what I was looking for for exporting my SRX3600 Rulebase into Excel

 

 

Thanks again,

 

Mitchell

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.