This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Russell_Fulton
Explorer
‎2019-03-26 06:43 PM

API call show-access-rulebase dies after 4 iterations getting 50 rules at a time

I am using https://github.com/CheckPointSW/ExportImportPolicyPackage script to export a ruleset.

when I run it I get:

 

Checking existence of package [Border_Policy]

Exporting Access Control layers

Exporting Access Layer [Border_Policy Security]

Getting layer information for layer [Border_Policy Security]
Getting information from show-access-rulebase
Retrieved 50 out of 688 rules (7%)
Retrieved 100 out of 688 rules (14%)
Retrieved 150 out of 688 rules (21%)
Retrieved 200 out of 688 rules (29%)

Traceback (most recent call last):
  File "import_export_package.py", line 44, in <module>
    export_package(client, args)
  File "/Users/rful011/src/ExportImportPolicyPackage/exporting/export_package.py", line 39, in export_package
    = export_access_rulebase(show_package.data["name"], access_layer["name"], access_layer["uid"], client, timestamp, tar_file)
  File "/Users/rful011/src/ExportImportPolicyPackage/exporting/export_access_rulebase.py", line 16, in export_access_rulebase
    get_query_rulebase_data(client, "access-rulebase", {"name": layer, "uid": layer_uid, "package": package})
  File "/Users/rful011/src/ExportImportPolicyPackage/exporting/export_objects.py", line 64, in get_query_rulebase_data
    for rulebase_reply in rulebase_replies:
  File "/Users/rful011/src/ExportImportPolicyPackage/cpapi/mgmt_api.py", line 414, in gen_api_query
    raise APIException(api_res.error_message, api_res.data)
cpapi.api_exceptions.APIException: APIResponse received a response which is not a valid JSON.

Following this the API is unresponsive and needs to be restarted on the server.  All API calls get 503 errors.

This feels like some sort of resource exhaustion on the server end.

Any suggestions on how to diagnose what is wrong?  Or ways to work around the issue?   I have considered getting the script to process fixed ranges of rules for each run.

 

 

 

 

0 Kudos
4 Replies
Joshua_Hatter
Employee
Employee
‎2019-03-27 04:56 AM

Give this a go then re-run the tool.

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos
Russell_Fulton
Explorer
‎2019-03-31 01:42 PM
In response to Joshua_Hatter

I don't have permission to view solution to that post but it looks like the right problem.  I actually solved it by reducing the number of objects retrieved from 50 to 20.  Odd that it dies after 4 successful calls.

0 Kudos
Ronilson
Explorer
‎2021-09-06 12:37 PM
In response to Russell_Fulton

How you change the number of objects retrieved from 50 to 20? I'm with the same problem on R81

0 Kudos
PhoneBoy
Admin
Admin
‎2021-09-06 02:02 PM
In response to Ronilson

That would be changing the relevant API call so that includes a limit 20 as one of the options.

However, it’s probably worth a TAC case if only to get to the bottom of the underlying issue with the API.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events