Unimus forum

Posted: **Fri May 10, 2024 12:01 pm**

Hi,

I'm running the Unimus back-ups on a fleet of Fortinet firewalls, which have a feature that periodically updates different internet services it monitors for. This is included in the configuration and Unimus picks it up as a change. I want to ignore the changes, for which I found out it is possible to use the ignored data filters. I have not been able to write adequate regex to filter for this dynamic block of the configuration though.

Here an example:

Code: Select all

config firewall internet-service-name
    edit "Google-Other"
        set internet-service-id 65536
    next
    edit "Google-Web"
        set internet-service-id 65537
    next
    edit "Google-ICMP"
        set internet-service-id 65538
    next
    edit "SERVERD-SERVERD.Hosting.Service"
        set internet-service-id 17498457
    next
end
config firewall internet-service-definition
end

I've included only four, but between those 4 blocks are hundreds more. They can be dynamic and get shorter or longer with time. As far as I know it's possible to target this with regex, but I was unable. Can someone help me on the right way? Many thanks.

Posted: **Mon May 13, 2024 1:10 pm**

networknix wrote: ↑
Fri May 10, 2024 12:01 pm
Hi,

I'm running the Unimus back-ups on a fleet of Fortinet firewalls, which have a feature that periodically updates different internet services it monitors for. This is included in the configuration and Unimus picks it up as a change. I want to ignore the changes, for which I found out it is possible to use the ignored data filters. I have not been able to write adequate regex to filter for this dynamic block of the configuration though.

If I understand your request right, you want to filter everything between "config firewall internet-service-name" and the next "end"? If so, the regex would look like this:

Code: Select all

(?ms)^config firewall internet-service-name(.+?)end

You can use this and an ignore or delete filter. If you want to filter differently just let me know, we can provide a different regex.

Posted: **Mon May 13, 2024 2:14 pm**

Tomas wrote: ↑
Mon May 13, 2024 1:10 pm

networknix wrote: ↑
Fri May 10, 2024 12:01 pm
Hi,

I'm running the Unimus back-ups on a fleet of Fortinet firewalls, which have a feature that periodically updates different internet services it monitors for. This is included in the configuration and Unimus picks it up as a change. I want to ignore the changes, for which I found out it is possible to use the ignored data filters. I have not been able to write adequate regex to filter for this dynamic block of the configuration though.
If I understand your request right, you want to filter everything between "config firewall internet-service-name" and the next "end"? If so, the regex would look like this:
Code: Select all
(?ms)^config firewall internet-service-name(.+?)end
You can use this and an ignore or delete filter. If you want to filter differently just let me know, we can provide a different regex.

Yes, this seems to be it according to the validator. My efforts were way too complicated, as I now see. I will be trying this out, thank you.

Posted: **Fri Jun 07, 2024 8:38 am**

Just as a confirmation: this did indeed work for our environment.

Unimus forum

[Solved] Help needed with Regex for Ignored Data Filters

[Solved] Help needed with Regex for Ignored Data Filters

Re: [Solved] Help needed with Regex for Ignored Data Filters

Re: [Solved] Help needed with Regex for Ignored Data Filters

Re: [Solved] Help needed with Regex for Ignored Data Filters