This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
sayala
Newcomer
6 hours ago

Cannot Resolve FQDN to hostname from the API

I am creating a process the takes hosts and automatically adds them to a group. 

When the hosts come in, I receive the FQDN, without the IP. 

When I want to look up the host by FQDN using the show-hosts endpoint, I can't get anything to resolve. I would really like to add all my FQDNs to the host. Right now, show-host only shows the IP, hostname(current hostname is the IP), and domain. 

I've read about using domain objects, but every time I try to show-domain, whether through UID or name, it tells me it doesn't exist. Its the SMC User domain and everything is under it. It definitely exists. When I show-domains, I receive an empty return. I also tried global-domain, but that was empty. The only thing that comes back the the show-dns-domains, which all say they are under the SMC User domain. 

Is there a way, or what would be the best way to correlate the FQDN and IP through the API? I know its done in the SmartConsole, I just don't understand why I wouldn't be able to do it in the API. 

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
4 hours ago

"hosts" in this case refer to host objects in SmartConsole.
These objects only have a single IPv4 and/or a single IPv6 address associated with it.
It is not possible to add FDQNs or multiple IPs to a host object.

add-domain is specific to a Multi-Domain environment and refers to the management (not FQDN) domains.
If you want to create an object for an FDQN in a rule, you need to create a domain object (add-dns-domain with is-sub-domain false): https://sc1.checkpoint.com/documents/latest/APIs/#cli/add-dns-domain~v1.9.1%20
When FDQN objects exist in the active policy, the gateway will periodically resolve these FDQN objects to IP addresses.

Whether you use host objects, FQDN objects, or a combination of the two, you can add them to a group object as desired.

Another approach, which doesn't necessarily involve the API, is to use a Network Feed object.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events