I am trying to match against a Palo Alto configuration looking for rules that are using a specific destination object.
Rules are under this structure:
config
devices
{string}
vsys
{string}
rulebase
security
rules
{rule_name: (string)*}
and an example of what I am trying to match is:
"Example Rule" e32ff2ab-a82f-43b6-953e-7e113v624779 {
destination non-client "External SRC EDL" "Another EDL-wehave"];
First line would be the rule name and the second is where I would really want to do the regex match. The items past “destination” can be a single entry or multiples within s]’s. If there are spaces in the names then the whole name is confined in “’s.
My goal is to find all rules which have “External SRC EDL” in the destination and I can’t quite figure out how to do it. Any help would be appreciated.