- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
03-06-2019 09:30 AM
I am running Expedition 1.0.106 and have a question about merging rules. Once the analysis is done I am presented with cases that I look at individually. From there I can merge by highlighting the rules or by clicking on the 'merge by selection or all results'. Either one of those ways works to merge a case. The question I have is the part that says '...or all results'. I have over 4000 cases and would like to choose to merge all results but it does not work. When I have no cases selected and click the button it says it has merged 2 rules (not sure what is up with that) but it does not merge all results. As an alternative, I check the box next to 'Duplicates' which should select all cases but it says you can only select 10 cases at a time.
Thanks for any help.
03-08-2019 04:10 AM
Please check with the most current version of Expedition, 1.1.9, to see if this aspect has been fixed in iterations between your version and the most recent one.
If not, let's try to check it again with some examples?
03-08-2019 09:10 AM
I upgraded the tool to 1.1.19 but it did not help. Just to make sure here are the steps I am following.
1. From Policies choose 'Filters'
2. Choose Merge, Analyze, Policies, Security Policies
3. In the section titled 'Show rules by identical,' I choose action, from, to, source, destination
4. I then click the blue 'analyze and filter' button
5. After the analysis is done I would click the green button that says 'Merge by selection or all results' (since I have not selected any cases to merge I was hoping it would merge 'all results'). It does not merge all results and even though no cases are chosen it still says it has combined a couple of security rules.
6. If instead choose 10 separate cases to merge it will still only merge the last case that was chosen.
Hopefully, this helps explain what I am trying to do and what is not working.
Thanks.
03-10-2019 01:49 AM
to clarify the behavior of the "Merge by selection or all results', the result of clicking this button will not merge the rules in all cases listed. Instead the behavior is intended to be used as an option to choose to merge all of the matched results on a case by case basis.
The alternative to using the 'Merge by selection of all results' is to first click on the case, which will display the results - matched security policies that can be merged, is to manually choose the security policies to merge then click on the 'Merge by selection of all results' button.
So the workflow is you must first select the case then choose to merge all of select only those policies that should be merged.
From a safe practice recommendation, the matches of which security policies to be merged should be reviewed prior to choosing to merge them.
03-11-2019 07:32 AM
I understand what you are saying about ‘safe practice’ and do intend to review all of the cases but still don’t understand the behavior of the button. The button says to “Merge by selection OR all results”. That implies to me that without selecting any cases it will merger all cases(all results). That would be very helpful as it is easier to click through the cases to verify they are correct and then to either select all of them or none and clicking the button then should merge them all. On the other hand, I would be ok if I could just select a bunch of cases at once and merge them. The tool lets you choose multiple cases (or click the box next to ‘Duplicates’ to select all…although it does come back to say that you can only select 10 cases at a time) but it does not work. If I choose 2 or 3 cases as an example and click the merge button it comes back to show that only the last case chosen was merged. I have tried that a bunch of times and it still does nothing more than merge the last case chosen.
Thanks
03-11-2019 02:43 PM - edited 03-11-2019 02:44 PM
I will verify the option to select up to 10 cases.
But wording wise, the wording can be improved upon for clearer intent, but the intent is to force the user to choose the cases from the listing and display the results (of the rules that can be merged upon review) for review prior to merging.
03-11-2019 03:09 PM
If i can add my 2 cents to what @aporue proposed.
If possible, it would be very helpful if we can select a large number of cases to be merged individually. This would help the repetition of doing each case individually. Especially when there are hundreds of cases.
There is the excel export of the cases which can be used to verify before doing a large number of merges. eg. i can verify that cases 1-10 and 12-15 are cases i want to merge individually.
My experiences on 1.1.8 and 1.1.9 is the same, when more than one case is selected, it only merge the last case.
03-11-2019 03:13 PM
i'll look into the option to select 10, if that is not working then I will file a bug.
03-14-2019 07:50 AM
Any update on this issue? I have a project that has 4000 cases to merge so even doing 10 at a time will take forever so the option to be able to merge all cases at once would be very helpful. Like the other poster stated we can download the spreadsheet of cases and review offline to determine that they are correct. Plus, I have not seen a case yet that was not correct as all I am filtering on is source/destination.
Thanks.
03-18-2019 06:50 AM
Any updates on this issue?
thanks.
03-21-2019 01:08 AM
We still have to check this case and correct it if not behaving as it should.
04-02-2019 12:35 PM
Any updates on when/if this issue will be resolved?
Thanks,
Keith
04-09-2019 06:55 AM
As it has been 3 weeks since your last response I just wanted to check again to see if/when this issue will be fixed?
04-09-2019 06:58 AM
Rule merge will come tomorrow.
However, it will still be limited to 10 merges at a time.
Additionally, it will check that you do not merge rules with "any" and values in Users, Applications and Services
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!