cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Sven_Glock
Silver

SmartConsole Scripts Repository use cases and experience

Hi Community,

this week I recognized that I never have checked if there is a benefit in using SmartConsole's Scripts repository.

After reading https://community.checkpoint.com/community/secure-knowledge/blog/2018/10/01/article-of-the-week-chec... I decided to implement my first script which could be helpful on daily basis. It is calling the Packet Injector via SmartConsole and shows the result directly in the GUI without opening a dedicated ssh session.

Now I am interested to see which usecases you found for using the Scripts Repository in SmartConsole.

Please share your experience, your usecases or your code.

Thanks for sharing.

Cheers

Sven

Labels (1)
8 Replies
Sven_Glock
Silver

Re: SmartConsole Scripts Repository usecases and experience

My Experience:

Generally I like the possibility to run scripts from the GUI.

But to be honest, I am not 100% happy with the implementation.

The way adding jobs to the "recent tasks list" makes it a bit uncomfortable to find the results.

I would like to see the results directly after executing the job.

Additionally there is some kind of time lag between the finish time of the job and the time when you can see the result.

I often click in the result and it is not showing what I expect to see. A few seconds later, the result shows my expected output.

More over I don't like  the need to close the repository window before you are able to open the "recent tasks list" and check the results or selecting a different gateway to run the selected script on.

Why not implementing the repository window like the object explorer where you can click things in the background - like the "recent tasks list" - while the window remains opened.

Let me share my first two scripts:

PINJ Installer - A script to install Packet Injector to a R80 gateway

#!/bin/bash
curl_cli -o /home/admin/pinj.tgz ftp://someressources/pinj_v1.4.6_R80.10.tgz
tar -zxvf /home/admin/pinj.tgz
rpm -ihv CPPinj-R80-00.i386.rpm
echo "export PATH=$PATH:/opt/CPPinj-R80/" >> /home/admin/.bashrc
rm /home/admin/pinj.tgz CPPinj-R80-00.i386.rpm‍‍‍‍‍‍‍‍‍‍‍

PINJ Executor NON-VSX - A script to execure packet injector on a non-vsx gateway

##################################
#Arguments: <SRC-IP> <DST-IP> <dport> <tcp|udp>
##################################
#!/bin/bash
interface=$(ip route get $1 | head -1 | rev | cut -d " " -f 5 | rev)
sp=$(( RANDOM % (65535 - 1025 + 1 ) + 1025 ))
echo "Command: /opt/CPPinj-R80/pinj --sport $sp --dport $3 --protocol $4 -I $interface $1 $2"
/opt/CPPinj-R80/pinj --sport $sp --dport $3 --protocol $4 -I $interface $1 $2 2>/dev/null‍‍‍‍‍‍‍‍

Since I start trying more complex scripts like a "Deployment agent offline updater" I experience some problems with timeouts or something like this.

But I have to dig deeper before getting more concrete.

Employee
Employee

Re: SmartConsole Scripts Repository usecases and experience

Hi Sven,

Thank you for your feedback, I'm taking your note into my attention.

As for the timeout, currently this is set to 2 minutes. I will continue to watch this thread in order to improve this feature.

0 Kudos

Re: SmartConsole Scripts Repository usecases and experience

Agree with Sven. Great idea with a bit fuzzy implementation. I hope CheckPoint elaborates on this and improves it in the future. I would start with more detailed execution logs, integrated job scheduler, mail reports, revisions... 

0 Kudos
Sven_Glock
Silver

Re: SmartConsole Scripts Repository use cases and experience

Today I tried to add the healthcheck script from sk121447 to the script repository.

Running this script on cli gives a nice quick overview about the health of the system.

Unbenannt.png

Executing this script from the repository the output is like this:

Unbenannt2.png

Readable, but not nice.

 

So as an improvement: It would be nice if you could support colors and other font attributes.

VENKAT_S_P
Copper

Re: SmartConsole Scripts Repository use cases and experience

I am exactly trying the same thing with the healthcheck script, nice to know that the format is not similar to the one we like to see and this saved some time by seeing your output.

0 Kudos

Re: SmartConsole Scripts Repository use cases and experience

How is healthcheck working for you? There is a max script size limit of 8kb. (in r80.10)

Healthcheck is +300kb

 

/Henrik

0 Kudos
Highlighted
Sven_Glock
Silver

Re: SmartConsole Scripts Repository use cases and experience

Pretty simple. You have to copy the script locally on the relevant machine (gateway, management, etc.)

The script in the repository is just executing the script locally on the relevant machine.

0 Kudos

Re: SmartConsole Scripts Repository use cases and experience

ofcourse! - Thanks

0 Kudos