Expand all | Collapse all

export policy rules

Jump to Best Answer
  • 1.  export policy rules

    Posted 06-01-2012 00:45

    Hi guys,

    I'm just wondering is there an "easy" way of exporting the policy rules from the junos config into an excel sheet?


    Many thanks,



  • 2.  RE: export policy rules

    Posted 06-01-2012 01:40

    Hi Paul,


    Pretty easily.  If you open up Putty or an SSH program and set logging to on, choose a log file location and log into your box.


    user@srx#edit security policies
    user@srx#show | display xml | no-more

     Open your log file up and cut from above <security> and below </security> and save it as an xml file, then just open with excel.

  • 3.  RE: export policy rules

    Posted 06-01-2012 01:59

    Hi MMcD,

    and thanks for your reply.


    Does what you suggest actually export the "policy rules" or the logs of these rules?


    I'm looking to do the former so we can have a consice list in excel format of all our firewall rules corporatre wide.





  • 4.  RE: export policy rules
    Best Answer

    Posted 06-01-2012 02:12
      |   view attached

    It exports the actual policies.  See the attached screenshot for an example

  • 5.  RE: export policy rules

    Posted 06-01-2012 04:32


    I tried that and it's working beautifully.


    Thanks so much,



  • 6.  RE: export policy rules

    Posted 10-25-2013 05:25
      |   view attached

    Hello MMcD,


    Great post and thank you for this solution. I am however having some difficulties in getting the right view in Excel. I followed your steps and the XML file is being imported in Excel. However when I look at policy rules with multiple source or destination adresses it generates a separate row for every address.


    For example: If I have 1 policy rule which allows http access from 4 different source addresses to 2 different destination adresses it shows me about 8 different rows in Excel. In the attachment you can find an example. I would like to see 1 single row per policy rule.


    Do you by any chance have a solution for that? To be complete, we are doing an export of a SRX240 unit.


    Best regards,




  • 7.  RE: export policy rules

    Posted 11-04-2014 06:53

    Having exact same problem as RAVU

  • 8.  RE: export policy rules

    Posted 08-30-2017 08:34

    I know this is a bit outdated, but either way..


    The easiest way to solve this is by opening up the XML sheet in Notepad++ and look in your policies for rules with multiple sources, destinations, and applications. When you find one, copy the closing bracket for one entry all the way to the end of the opening bracket for the next one (including spaces and all). Then, use the replace tool. Set it to look for what you just copied and replace it with \n (make sure Search Mode is set to Extended).


    Do this for all the other entries (Source, Destination, Application), save your XML, import into Excel.


    Example of entry to copy:



  • 9.  RE: export policy rules

    Posted 11-16-2017 09:10

    tdornin gave the right answer. Edit XML on Notepad++. Search for



    and replace with


     (or just a comma if preferred)

    Search mode: Regular expression.

  • 10.  RE: export policy rules

    Posted 05-09-2014 02:37

    Thanks MMcD,


    I am brand new to Junosland and this was exactly what I was looking for for exporting my SRX3600 Rulebase into Excel



    Thanks again,



  • 11.  RE: export policy rules

    Posted 10-03-2018 15:41

    yes, " # show security policies | display xml | no-more" works well for exporting all policies, however, I have global security policies in place which inherit down to separate zones. 


    I ended up using "show groups global_security security policies | display xml | no-more" to grab the global policies. It works the same way.


    But is there a way to get ALL policies, both global security policies and the ones specificed to each zone ?