Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Participant

Is there a way to get a file using the API?

I am trying to write an ansible script that will audit the configuration settings of the firewall and output to a text file.  I can do all of that, but I don't know how to use the API to retrieve that output file.  I've seen the command put-file, but is there any equivalent to get-file?

Labels (1)
12 Replies
Highlighted
Employee++
Employee++

Hi Jordan,

There is no API for get-file operation, but maybe you can use the run-script command to run a script on the management that returns the content of a file as its result.

BTW, I cannot sign in to GitHub from home and reply to you, but from your recent error I realize that you are not using the latest cpAnsible sources. Please check again.

Robert.

0 Kudos
Highlighted
Participant

Hi Robert.  You're right about GitHub.  I didn't realize that you had made a fix.  Thanks for that.  As for the run-script API, however, it is not possible to receive anything in response except for some json that indicates the command went through successfully.  You can never actually see the output of anything.  This is probably something that needs to be corrected by the API folks.

0 Kudos
Highlighted
Employee++
Employee++

Jordan,

I'm the API folk 🙂

The response of the command should contain the full details of the command result.

You can run the mgmt_cli run-script command on your management and verify how the results should be.

Maybe you have to configure the ansible to correctly get the full results (verbose option...).

Robert.

0 Kudos
Highlighted
Participant

The response from run-script includes only one output as discussed in the documentation here: Check Point - Management API reference.  An example of the output is here: {"tasks": [{"target": "ztestintfw1","task-id": "7edefe91-b4b3-4c8a-bbe8-a7286ca86133"}]}.  Note that there is no output listed, just a target and a task-id.  Neither or which is particularly helpful.

0 Kudos
Highlighted
Employee++
Employee++

Ok.

This looks like a problem here - the run-script command returns a tasks container and not a single task-id.

I'll check tomorrow at work and get back to you.

Robert.

0 Kudos
Highlighted
Participant

Any word on how to resolve this?

0 Kudos
Highlighted
Employee++
Employee++

This will take some time.

I need to change the code in our Python SDK to fix the issue.

Robert.

Highlighted
Employee++
Employee++

Jordan,

Please read this post, and watch the video, may be very helpful for you - 

https://community.checkpoint.com/thread/5478-leveraging-the-r8010-api-to-automate-and-streamline-sec...

The post also contains lots of scripts and ansible playbooks in a zip file.

Robert.

0 Kudos
Highlighted
Participant

I have probably watched that video ten times by now.  Thank you for the suggestion, though! Smiley Happy

0 Kudos
Highlighted
Employee++
Employee++

Jordan,

Remove the "domain: System Data" parameter from the login command, this is the reason that the object ztestintfw1 cannot be found.

Robert.

0 Kudos
Highlighted
Participant

You are the man, Robert!  Thank you so much.  Quick question, though: When is System Data needed and when is it not?

0 Kudos
Highlighted
Employee++
Employee++

the "system data" domain is needed for very specific objects, such as administrators.

most of the time you do not need to specify this dimain.

Robert.

0 Kudos