How difficult would it be to modify the script to pull the object listing from the FMC? That would be useful for cleaning up duplicate objects.
That would be a great addition - we have a great need to be able to see and review all of our objects and groups.
The extension of the tool is available, it would be great if you can have TAC case opened for it so that we will be able to assist with the request there.
I downloaded this script, edited the required fields (device, username etc.). Tried to execute it but got the attached errors. New to using API's. I did a test API call via postman using the URL https://device_IP/api/fmc_platform/v1/auth/generatetoken and it worked. Any assistance is appreciated.
Is this an official tool yet? We would love to have the capability to export the group and object membership to a CSV as well if possible. I opened a TAC case with this request, but they don't seem to know about this tool.
The tool is not official yet, because as part of the product feature the policy export serves this purpose as SFO and so does backup/restore.
This utility is more API driven and hence we started out with the biggest use case of ACP as CSV. I completely understand the required for having the nested objects to be retrieved as part of this along with NAT.
Let me check once internally on the roadmap and only then I will be able to comment on the availability of the API version as a utility.
I am not so much concerned about whether the tool becomes officially supported or not, but rather whether it will ever be able to export the objects and groups? We appreciate all the time and effort you have put into this - it saves us so much time when we do our firewall reviews.