Hey all, I am looking for an easy way to query the cpview data in order to create some graphs (cpu, memory and other stats during last 30 days). Has anyone done this? Any insight would be great. Thanks
Hi, After messing with the run-script API call for automating several things on R80, I noticed that it does not filter/mask user credentials and other sensitive data sent to it. Everything gets stored in the Recent Tasks log (bottom left corner). Here's an example from provisioning a VS using vsx_provisioning_tool: Had to switch to… Show more
I am using the REST API to create access-rules. As part of the process, I'd like to validate that the rule name that the customer is submitting doesn't already exist in the rulebase/layer. I was thinking I'd use 'show-access-rulebase' to export all the rules in the layer and then look for rule name matches. The code I have to do this works. … Show more
Hi, can someone help me build a cronjob for the MDS_backup without the logs? I do not know the script to build this cronjob. I would appreciate if someone could help me with the script, to schedule the job every Friday morning 8:15 AM. Appliance: SMART-1 50 Appliance Thanks in advance.
Just to rule out basics: make sure you run exactly the same hotfix level in VM as production and I assume you have copied mds_restore script along with gtar and gzip to the same directory as backup file? Error when restoring the MDS from backup Oh, don't forget that you will need 4x as much space compare to backup itself in the partition where…
Is there a Check Point tool to easily convert hexadecimal values to IP addresses on the CLI? I use the following lines in scripts: hexaddr=$(echo 12cd34ef) ipaddr=$(printf "%d." $(echo $hexaddr | sed 's/../0x& /g' | tr ' ' '\n' | tac) | sed 's/\.$/\n/') echo $ipaddr Is there an easier way? Regards Heiko
Hi Guys, I'm trying to link the public IP address as shown in vpn tu to the object name, I know the objects are assigned an internal IP of 0.0.0.x, is this number consistent? My main goal here is to analyse the VPN's public IP address and check when it changes as they are configured as DAIP on the 1430's, unfortunately the vpn sub commands… Show more
Hi Marco, I built up a setup in my lab until I can get access to their manager, but it gives the exact information that I needed. [Expert@vpn-test-mgmt:0]# rs_db_tool -operation list ---------------------------------------- Daip modules database - entries list ---------------------------------------- Entry # | Object name | IP | TTL…
Hi all, I am starting to play with Ansible playbooks, but either I don't understand the Checkpoint published Ansible documentation, or the way it works is a bit strange. As far as I have read in the documentation and in the examples, the playbooks are ran on the local Ansible server (localhost), but still there is a section to define the… Show more
Hi Community, this week I recognized that I never have checked if there is a benefit in using SmartConsole's Scripts repository. After reading Article of the Week - Check Point Packet Injector I decided to implement my first script which could be helpful on daily basis. It is calling the Packet Injector via SmartConsole and shows the… Show more
My Experience: Generally I like the possibility to run scripts from the GUI. But to be honest, I am not 100% happy with the implementation. The way adding jobs to the "recent tasks list" makes it a bit uncomfortable to find the results. I would like to see the results directly after executing the job. Additionally there is some kind of time…
Hi all, I am really interested to do scripting on our Checkpoint platform, I don’t have knowledge on any programming language except C and C++, In my case what language should i learn and in what language we will be doing scripting in Checkpoint.
i'm using R80.10 api for rundeck based automation on the firewall manager. I need to Create Ldap based usergroup via the api, on the documentation there is only a way to create objects(Host,Segment,Service) and there is no information how to create Ldap group. I tried using DB inspection tool, but the the Ldap groups I've created manually won't… Show more
Load more items
I'm trying to use the Management API to create multiple network objects and then populate them into a group. I have syntax working, however, when executing SmartConsole crashes and only imports ~150 networks. There are 3000+ networks to be created. Is there a limitation of number of entries that can be imported via SmartConsole CLI? I'm… Show more
Hi Raj...What CSV format did you use to add to the group as I cannot find a way to "create" network objects and "add" them to the group in a single CSV Currently I am doing 2-step process of creating networks first by using 'add network' command and then 'set group' to add them to an existing group using another CSV with appropriate headers …