Although there are a variety of ways to accomplish this task, I thought I would put together a quick script to satisfy this particular requirement.
Let's say you are trying to migrate from a firewall that isn't supported via the Migration Tool, and you have 1000's of address objects. What would be a simple way to get this data imported into a Palo Alto Networks firewall from a .csv file?
Step 1:
Install Python and Jinja2 (easy_install jinja2 or pip install jinja2) on a machine (I did this on a VM running Ubuntu). Create a directory somewhere on the machine for the files you will be creating.
Step 2:
Rename your existing .csv file to "device_data.csv". Here is an example.
Step 3:
Create a jinja2 file called "conf_template.j2" with the configuration parameters and variables that reference each column in the .csv file. Here is an example.
Step 4:
Create a python script called "make_config.py" so that upon execution it will use the information from your jinja and csv files to create a configuration file. Here is an example.
Step 5:
Place all three files (.csv, .j2, and .py) in the directory you previously created.
Step 6:
Open the terminal and navigate to the directory where the files are stored (in Ubuntu, cd ~/Desktop/scripts/address-objects/)
Step 7:
Run the script (in Ubuntu, sudo python make_config.py). This will produce a file in the same directory called, "address_objects.conf". Here is an example.
Step 8:
Open the "address_objects.conf" file and copy and paste the contents into the cli of the firewall. Don't forget to commit the configuration.
In summary, this methodology can be applied in a variety of scenarios (here is one example), but the main goal is to save time and avoid doing things manually.
Hi
ReplyDeleteWhere are the files.