Technical Tip: How to edit policies in bulk using Script

Description

This article describes how to edit policies in Policy Package using a script, which does not edit it per policies from GUI.

Scope

FortiManager.

Solution

1. Print out the policy package where the policies are located using the command below:

FMG# execute fmpolicy print-adom-package <adom-id> 1 <policy-package id> 181 all

Example: execute fmpolicy print-adom-package 173 1 10842 181 all

In GUI:

Printed out using the suggested command and download it as a text file:

Note: Select the 'Bin/Garbage' icon to remove all unnecessary output before entering the command to get a clean output.

2. Edit the policies in the text file. 

    

   

    

    

3. Create a Script in Device Manager where to run the script on Policy Package or ADOM Database, and copy all the related policies configuration from the text file into it.

    

   

    

4. Run the script to the specific policy package where the policy is located.

    

   

    

    

5. Check and confirm on the policy package the changes take place from the GUI.

    

Related article:

Technical Tip: CLI Script behavior to run in FortiManager