Best method to check for existing address object via CLI

Forum|Forum|8 years ago
October 26, 2017
1 reply
13468 views

Hello im trying to find a way to filter through our large address objects through the CLI. if an address is found also check if its part of an address group if not create the address object and add to the group.

The reason is our GUI is terribly slow, either way ive found a okay method to check for the ip existence but not sure if there are others ways.

diag sys checkused firewall.address.name "xxx.xxx.xxx.xxx"

5.2

derpAuthor

New Member

Ive also used the following

show firewall address | grep x.x.x.x

which does a good job and i think and the portion i used above is use in determining if the same address object is used anywhere. id assume doing a show firewall group "string" | grep "x.x.x.x" would yield similar results.

emnoc

New Member

diag sys check is good I also like the following;

show | grep -f <insert name or address>

The grep -f will show you in all vdom and all lines that have whatever your matching on. I think it's more effective than diag sys chekused in some cases.

Ken

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded