topic Re: create an CLI script to enable/disable the vulnerability feature in Automation/API Discussions

create an CLI script to enable/disable the vulnerability feature

Chau — Mon, 11 Jan 2016 20:11:07 GMT

How to create an script to enable/ disable the vulnerability feature on all the objects.

Thank you

Re: create an CLI script to enable/disable the vulnerability feature

dward — Wed, 27 Jan 2016 21:19:31 GMT

Are you asking if this can be done, how this can be done, or if someone will do it for you?

Re: create an CLI script to enable/disable the vulnerability feature

Chau — Tue, 08 Mar 2016 18:37:42 GMT

I just need to know how can be done , and if some one has it , and please send it to me (Nguyen_Chau@allergan.com).

Thank you

Re: create an CLI script to enable/disable the vulnerability feature

Lucky — Tue, 08 Mar 2016 20:56:38 GMT

Hi Chau,

you need to script out following commands in language of your choice:

1. login into device,

2. issue commands:

set cli config-output-format set
configure
delete rulebase security rules YOUR_RULE_NAME profile-setting profiles vulnerability
commit
exit
exit

You need to wait for output of the commit to verify you deleted that part of the rule properly and of course you need to replace "YOUR_RULE_NAME" with exact title of your own rule, but other than that you don't need much more.

In order to set the profile back, you need a command

set rulebase security rules YOUR_RULE_NAME profile-setting profiles vulnerability YOUR_VULNERABILITY_PROFILE_NAME

and all other mentioned above (set cli config-output, configure, set..., commit, exit, exit). Succesfull commit should always return a string "Configuration committed successfully" among other stuff.

Best regards,

Luciano