On This Page
Mapping Rule Owners using CSV
Overview
RLM supports multiple methods to assign owners to assets and rules. To assign owners in bulk, use the CSV import feature.
Using CSV import, you can import and assign:
-
Assets to owners, responsible for certifying individual objects within a rule.
-
Rules to owners, responsible for a rule in its entirety. Rule Owners are viewed and managed in the Manual Assignments page.
You can import Asset Owners, Rule Owners, or both in the same file.
For more information about mapping Rule Owners to rules, see Mapping Assets to Rule Owners.
CSV Field Definitions
The CSV file must include the following column headers.
|
CSV Field |
Description |
|---|---|
|
owner |
Required. The SecureChange username or group name. The value must be identical to an existing user or group. Otherwise, RLM rejects the file. |
|
asset_name |
Applicable to RLM only. The custom metadata field used to display mappings in the mapping table on the Owners page. Example: |
|
asset_values |
The value to map to the asset_name, and can be any of the following:
IPv6 is not supported. To include multiple assets in the same field, enclose the values in double quotation marks, and separate them with commas. |
|
match_on |
Defines if the asset_values belongs to the SecureChange user or group when it appears as the source of a firewall rule, the destination, or both. Can be one of the following:
|
|
objects |
An object name registered in SecureTrack, which can be assigned to an owner.
|
|
services |
A protocol or port number. |
|
service_object_names |
The name of the protocol and port number in either of these formats:
RLM populates the relevant service information based on the object name during the next automated sync with SecureTrack. |
| application |
Applicable to RLM only. A custom metadata field used to add notes to the mapping table on the Owners page. |
| description |
Applicable to RLM only. A custom metadata field used to add notes to the mapping table on the Owners page. |
|
aurora_rule_uids |
The Rule UID in SecureTrack, as displayed in Rule Viewer. The Rule UID is a global identifier for rules across the Tufin Orchestration Suite. You can export rule UIDs using Rule Viewer or the STRE Rule Analytics Report. |
File Import Requirements
Before importing the CSV, verify the following:
-
The file includes all column headers. If at least one column header is missing, RLM rejects the file.
The order of the column does not matter. -
Only the owner field must contain a value. The other fields can remain empty.
Import Notifications
After every CSV import, check the RLM Notifications Pane for alerts.
Example files
Here are examples of an Excel file populated with the column headers and teh CSV file that correponds to it.
Example Excel
Example CSV output
Excel template for download
Click here to download a sample Excel file template.
Import Owners Using a CSV
Newly imported data overrides data that was previously imported.
Prerequisites
-
Create users in SecureChange for all Rule Owners in RLM.
-
Each user must have User name and Email attributes.
- The field, Owner, in the RLM mapping template must be an identical match to the field User name.
For SecureChange login credentials, contact your TOS Administrator.
-
-
Use either Google Chrome or Mozilla Firefox internet browser for RLM.
-
Configure all relevant users and workflows in SecureChange.
-
Provide SMTP server information if notifications need to be sent.
-
Ensure a list of owners and their associated assets, if available.
Steps
-
Select Settings > Owners.
The Owners page appears in the lower section of the page:
-
From the Actions (
) list, select Import Owners. -
Select the TXT or Excel file with the owner-asset information.
Depending on the volume of data, the upload may take some time.
-
Run a scan to update the rules based on the new uploaded data (see Run a Manual Scan).
