Use panxapi to delete member from address group

Reply
L2 Linker

Use panxapi to delete member from address group

Is there a way to use the panxapi module and delete or modify a member from an address group?  I have an address object I no longer use and want to remove all references.  I can use panxapi to delete the address object as long as I manually remove the objects from all groups to which it is a member.  I want to be able to write a program to remove all references, but can't get it to remove from the address groups.

Thanks,

Bart

L3 Networker

Re: Use panxapi to delete member from address group

to delete member addr1 from address-group group1 the xpath would

be something like:

/config/devices/entry/vsys/entry[@name='vsys1']/address-group/entry[@name='group1']/member[text()='addr1']

you can use 'or' to delete multiple members with one call:

/config/devices/entry/vsys/entry[@name='vsys1']/address-group/entry[@name='group1']/member[text()='addr2' or text()='addr3']

there is also a command line program, panaddr, that can be used

to manage address objects.

to do the above you could do (--verbose shows the xpath used):

$ panaddr --verbose --delete --address-group group1 --member addr1

xpath: /config/devices/entry/vsys/entry[@name='vsys1']/address-group/entry[@name='group1']/member[text()='addr1']

delete: success: command succeeded

L2 Linker

Re: Use panxapi to delete member from address group

I don't have a panaddr.  My PAN version is 20111226 (I think - not at my desk right now).  Is there a newer pan version?  If so, I don't see a download link.

L3 Networker

Re: Use panxapi to delete member from address group

this is PAN-perl-20120921 and has panaddr.  there is a newer PAN-perl version and I'll look into getting that posted.

L2 Linker

Re: Use panxapi to delete member from address group

Yes, it would be great to have those posted when they are available.  Not sure why they aren't posted within software updates page.  That would be my suggestion.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!