[Solved] Help needed with Regex for Ignored Data Filters

Unimus support forum
Post Reply
networknix
Posts: 9
Joined: Tue Mar 12, 2024 9:45 am

Fri May 10, 2024 12:01 pm

Hi,

I'm running the Unimus back-ups on a fleet of Fortinet firewalls, which have a feature that periodically updates different internet services it monitors for. This is included in the configuration and Unimus picks it up as a change. I want to ignore the changes, for which I found out it is possible to use the ignored data filters. I have not been able to write adequate regex to filter for this dynamic block of the configuration though.

Here an example:

Code: Select all

config firewall internet-service-name
    edit "Google-Other"
        set internet-service-id 65536
    next
    edit "Google-Web"
        set internet-service-id 65537
    next
    edit "Google-ICMP"
        set internet-service-id 65538
    next
    edit "SERVERD-SERVERD.Hosting.Service"
        set internet-service-id 17498457
    next
end
config firewall internet-service-definition
end
I've included only four, but between those 4 blocks are hundreds more. They can be dynamic and get shorter or longer with time. As far as I know it's possible to target this with regex, but I was unable. Can someone help me on the right way? Many thanks.
User avatar
Tomas
Posts: 1238
Joined: Sat Jun 25, 2016 12:33 pm

Mon May 13, 2024 1:10 pm

networknix wrote:
Fri May 10, 2024 12:01 pm
Hi,

I'm running the Unimus back-ups on a fleet of Fortinet firewalls, which have a feature that periodically updates different internet services it monitors for. This is included in the configuration and Unimus picks it up as a change. I want to ignore the changes, for which I found out it is possible to use the ignored data filters. I have not been able to write adequate regex to filter for this dynamic block of the configuration though.
If I understand your request right, you want to filter everything between "config firewall internet-service-name" and the next "end"? If so, the regex would look like this:

Code: Select all

(?ms)^config firewall internet-service-name(.+?)end
You can use this and an ignore or delete filter. If you want to filter differently just let me know, we can provide a different regex.
networknix
Posts: 9
Joined: Tue Mar 12, 2024 9:45 am

Mon May 13, 2024 2:14 pm

Tomas wrote:
Mon May 13, 2024 1:10 pm
networknix wrote:
Fri May 10, 2024 12:01 pm
Hi,

I'm running the Unimus back-ups on a fleet of Fortinet firewalls, which have a feature that periodically updates different internet services it monitors for. This is included in the configuration and Unimus picks it up as a change. I want to ignore the changes, for which I found out it is possible to use the ignored data filters. I have not been able to write adequate regex to filter for this dynamic block of the configuration though.
If I understand your request right, you want to filter everything between "config firewall internet-service-name" and the next "end"? If so, the regex would look like this:

Code: Select all

(?ms)^config firewall internet-service-name(.+?)end
You can use this and an ignore or delete filter. If you want to filter differently just let me know, we can provide a different regex.
Yes, this seems to be it according to the validator. My efforts were way too complicated, as I now see. I will be trying this out, thank you.
networknix
Posts: 9
Joined: Tue Mar 12, 2024 9:45 am

Fri Jun 07, 2024 8:38 am

Just as a confirmation: this did indeed work for our environment.
Post Reply