cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted

Is there a way to get a file using the API?

I am trying to write an ansible script that will audit the configuration settings of the firewall and output to a text file.  I can do all of that, but I don't know how to use the API to retrieve that output file.  I've seen the command put-file, but is there any equivalent to get-file?

Labels (1)
12 Replies
Employee++
Employee++

Re: Is there a way to get a file using the API?

Hi Jordan,

There is no API for get-file operation, but maybe you can use the run-script command to run a script on the management that returns the content of a file as its result.

BTW, I cannot sign in to GitHub from home and reply to you, but from your recent error I realize that you are not using the latest cpAnsible sources. Please check again.

Robert.

0 Kudos

Re: Is there a way to get a file using the API?

Hi Robert.  You're right about GitHub.  I didn't realize that you had made a fix.  Thanks for that.  As for the run-script API, however, it is not possible to receive anything in response except for some json that indicates the command went through successfully.  You can never actually see the output of anything.  This is probably something that needs to be corrected by the API folks.

0 Kudos
Employee++
Employee++

Re: Is there a way to get a file using the API?

Jordan,

I'm the API folk 🙂

The response of the command should contain the full details of the command result.

You can run the mgmt_cli run-script command on your management and verify how the results should be.

Maybe you have to configure the ansible to correctly get the full results (verbose option...).

Robert.

0 Kudos

Re: Is there a way to get a file using the API?

The response from run-script includes only one output as discussed in the documentation here: Check Point - Management API reference.  An example of the output is here: {"tasks": [{"target": "ztestintfw1","task-id": "7edefe91-b4b3-4c8a-bbe8-a7286ca86133"}]}.  Note that there is no output listed, just a target and a task-id.  Neither or which is particularly helpful.

0 Kudos
Employee++
Employee++

Re: Is there a way to get a file using the API?

Ok.

This looks like a problem here - the run-script command returns a tasks container and not a single task-id.

I'll check tomorrow at work and get back to you.

Robert.

0 Kudos

Re: Is there a way to get a file using the API?

Any word on how to resolve this?

0 Kudos
Employee++
Employee++

Re: Is there a way to get a file using the API?

This will take some time.

I need to change the code in our Python SDK to fix the issue.

Robert.

Employee++
Employee++

Re: Is there a way to get a file using the API?

Jordan,

Please read this post, and watch the video, may be very helpful for you - 

https://community.checkpoint.com/thread/5478-leveraging-the-r8010-api-to-automate-and-streamline-sec...

The post also contains lots of scripts and ansible playbooks in a zip file.

Robert.

0 Kudos

Re: Is there a way to get a file using the API?

I have probably watched that video ten times by now.  Thank you for the suggestion, though! Smiley Happy

0 Kudos
Employee++
Employee++

Re: Is there a way to get a file using the API?

Jordan,

Remove the "domain: System Data" parameter from the login command, this is the reason that the object ztestintfw1 cannot be found.

Robert.

0 Kudos

Re: Is there a way to get a file using the API?

You are the man, Robert!  Thank you so much.  Quick question, though: When is System Data needed and when is it not?

0 Kudos
Employee++
Employee++

Re: Is there a way to get a file using the API?

the "system data" domain is needed for very specific objects, such as administrators.

most of the time you do not need to specify this dimain.

Robert.

0 Kudos