I need to disable a group of roughly 200 rules in the panorama without driving myself crazy in the process. These rules have the application icmp and are unused.
What is the efficient way to disable them?
Thank you!
top of page
All things Palo Alto Networks
Forum: Forum
bottom of page
Thanks!
When you paste the set commands into CLI it will automatically normalize excess whitespace for anything that's not between quotes
You could look into the migration tool, maybe it has some cleanup options that could come in handy The policy optimizer and the "highlight unused rules" are handy but not well suited in your case unfortunately
Thanks!
We've decided to go through the CLI with set device-group <Device-Group-Name> pre-rulebase security rules <Rule-Name> disabled yes.
I think it will be easier to feed the lines into the CLI 10-20 at a time.
When filtering by icmp, there were a dozen or so sprinkled throughout that should not be disabled.
It may be time to learn some true Palo Alto automation.
They all have application icmp? The most efficient way I see is to set 'icmp' as a filter in the filter bar, and then select the first rule, scroll down and while holding shift select the last rule. (This will select all the filtered rules) Then quickly review any rules that need to be unselected (using ctrl+click) and then click disable to disable all of them