Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Hi all,
I started writing a bash script to use TEAPI with a simple commandline syntax.
The attached bash script has the following pre-requisites (which can be installed on GAiA also):
Prerequisites to install
1) JQ
curl -o /tmp/jq -k -L https://github.com/stedolan/jq/releases/download/jq-1.4/jq-linux-x86
mv /tmp/jq /usr/bin
chmod +x /usr/bin/jq
Changes according to your environment
Within the beginning of the script:
1) Set TESERVER variable
e.g. TESERVER=127.0.0.1:18194 if you run the script directly on a TE appliance
2) Set TEIMAGES variable
change the variable content to your available images
Usage of the script
# ./TEAPIcli.sh <filename> <action>
Where <action> can be:
1) query
queries the API for a result of <filename>´s hash and returns verdict if found
2) upload
upload the file <filename>
3) report
queries the API for available reports of <filename>´s hash. If reports are available they will be downloaded to separate files calles <filename sha1>_<reportid>.report.
The files contain the XML data of the TE forensic report.
Have fun ! Any comments and additions are highly appreciated.
Regards Thomas
PS-Disclaimer:This script has no official Check Point TAC support 
.
