Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX/J] Exporting a policy configuration from a device to an XML-compliant spreadsheet

0

0

Article ID: KB28419 KB Last Updated: 28 Jan 2015Version: 2.0
Summary:

This article describes a procedure for exporting a configuration from a device to an  XML readable format.

Note: Although importing into Microsoft Excel can be done, the Junos OS XML was designed for NSM and Space, not Excel. There is no guarantee that all fields will be interpreted by the Excel import the way one might expect or desire, due to how the configuration structure works. Most notably are the permit and deny sections, as there is no value within those stanzas to appear within the Excel interpretation.

Symptoms:

How can I export a policy configuration from an SRX device to an XML-compliant spreadsheet?

Cause:

Solution:

Here is the policy configuration on an SRX device:

set security policies from-zone trust to-zone untrust policy permit-t2u match source-address LAN_Zone
set security policies from-zone trust to-zone untrust policy permit-t2u match destination-address any
set security policies from-zone trust to-zone untrust policy permit-t2u match application any
set security policies from-zone trust to-zone untrust policy permit-t2u then permit
set security policies from-zone trust to-zone untrust policy deny-t2u match source-address any
set security policies from-zone trust to-zone untrust policy deny-t2u match destination-address any
set security policies from-zone trust to-zone untrust policy deny-t2u match application any
set security policies from-zone trust to-zone untrust policy deny-t2u then deny
  1. Copy the output of following command on a notepad:

  2. # show security policies | display xml | no-more
  3. From the output of above command, select everything inside <security> </security> tags (including these tags as well). Save the extracted output as an XML file and open it in an XML-compliant spreadsheet program.

Here is the snapshot from a spreadsheet program, after performing Steps 1 and 2 for the above configuration sample:





Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search