This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Dayde
Participant
‎2022-04-14 06:40 PM
Jump to solution

How to find access rules via API without name

I am creating an automation that gathers all FW rules, network objects, host objects, service objects, and groups. I have found most of the information I need via the web API using show-objects, however I am at a loss on how to find the rules themselves. Via the API I am getting a list of all domains & servers/firewalls from the show-mdss endpoint, logging into the returned domains, gathering access-layers, and gathering all objects. However, I am at a loss on how to pull down the access-sections or access-rules without knowing what name they are using. I have found many examples of how to show the access rules using the name, I am not finding anything for how to get a list of names of all of the access rules. Any help is much appreciated!

Thanks

0 Kudos
1 Solution

Accepted Solutions
Art_Zalenekas
Employee
Employee
‎2022-04-15 01:39 PM
Jump to solution

show access rulebase will do it. In the API docs, just search for rulebase. Good luck!

https://sc1.checkpoint.com/documents/latest/APIs/#cli/show-access-rulebase~v1.8%20

View solution in original post

0 Kudos
4 Replies
Art_Zalenekas
Employee
Employee
‎2022-04-15 01:39 PM
Jump to solution

show access rulebase will do it. In the API docs, just search for rulebase. Good luck!

https://sc1.checkpoint.com/documents/latest/APIs/#cli/show-access-rulebase~v1.8%20

0 Kudos
Dayde
Participant
‎2022-04-15 02:00 PM
In response to Art_Zalenekas
Jump to solution

Thanks for the reply.

In the API docs it looks like a name or uid is required. I am looking for the endpoint that will give me a list of the rulebase names. While I have a lot of experience with older checkpoints and other modern FW's, I am not super familiar with how the current checkpoints function, so I may just be missing something obvious.

0 Kudos
PhoneBoy
Admin
Admin
‎2022-04-16 05:50 PM
In response to Dayde
Jump to solution

show access-layers is probably what you want.
See: https://sc1.checkpoint.com/documents/latest/APIs/#cli/show-access-layers~v1.8%20

It might also be policy packages (I.e. show packages), keeping in mind a policy package is made up of multiple layers.
See: https://sc1.checkpoint.com/documents/latest/APIs/#cli/show-packages~v1.8%20

0 Kudos
Dayde
Participant
‎2022-04-16 11:55 PM
In response to PhoneBoy
Jump to solution

Thanks @Art_Zalenekas & @PhoneBoy . show access-layers & show access-rulebase is what I needed. What really threw me off was that the names and uids returned under the access-layers key is what I need to use in the postdata for show access-rulebase or show access-sections. It would be nice if the API docs mentioned this under all 3 of those endpoints 🙂 Thanks again for the help

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events