This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Rabindra_Khadka
Contributor
‎2020-02-25 10:48 PM
Jump to solution

How to list and export the objects member from the network group in checkpoint management server

Hello everyone,

 

We need to list all the objects members along with the name and IP-Address from the particular network group to the CSV format. The checkpoint management server is in R80.20 version. Is there any way from commandline or others to exports the object members along with the name and ip address from the particular network group in csv format.

Please help if there is any solution.

@phoneboy 

 

 

 

Thanks 

0 Kudos
43 Replies
Kevin_Stanton
Contributor
‎2022-04-25 11:54 AM
In response to PhoneBoy
Jump to solution

found this one courtesy of Bob_Zimmerman and PhoneBoy

https://community.checkpoint.com/t5/API-CLI-Discussion/Get-all-network-objects-from-a-specific-group...

[Expert@DallasSA]# mgmt_cli -r true show-group name 'RFC 1918 Addresses' --format json | jq '.members[] | [.name, ."ipv4-address", .subnet4, ."mask-length4" ] | @csv' -r
"RFC 10/8",,"10.0.0.0",8
"RFC 192.168/16",,"192.168.0.0",16
"RFC 172.16/12",,"172.16.0.0",12


 

0 Kudos
Agent_Smith
Contributor
‎2022-10-12 07:49 AM
In response to Kevin_Stanton
Jump to solution

This doesn't work with smart1 because we don't have CLI access

How can we export objects from a group to CSV? @PhoneBoy 

0 Kudos
cdooer
Participant
‎2024-04-17 06:47 AM
In response to PhoneBoy
Jump to solution

Sorry to revive an old thread, but do you have any idea why I would get this error when attempting to use the above command?

[Expert@fwmgr1:0]# mgmt_cli -r true show-group name ”servers” --format json | jq '.members[] | [.name, ."ipv4-address",.subnet4,."mask-length4"] |@csv' -r
jq: error: Cannot iterate over null

Running R81.10, latest JHF.

0 Kudos
Eric_Beasley
Employee
Employee
‎2024-04-17 07:11 AM
In response to cdooer
Jump to solution

The default details level of show-group does not include the information you want show, you can test this by just running the command without piping to JQ, which will reveal the issue.

Add "details-level full" after the name <group_name> and you should get the desired results.

 

 

mgmt_cli -r true -f json show-group name "_your_groupname_here_" details-level full | jq '.members[] | [.name, ."ipv4-address",.subnet4,."mask-length4"] |@csv' -r

 

 

0 Kudos
cdooer
Participant
‎2024-04-17 07:30 AM
In response to Eric_Beasley
Jump to solution

Thx Eric, that command works. Funny thing is when I manually type it in, it gives me the info I need. When I copy and paste the exact line from notepad, it gives me the Cannot iterate over null error...LOL. Wonder if Notepad is putting a character in somewhere that I can't see. 

0 Kudos
frass
Explorer
‎2024-06-16 09:31 AM
In response to PhoneBoy
Jump to solution

Hi Phoneboy,

How about export all rules not specified. Because we have a lot rules using network group and service group object and we want export that all rules.

 

0 Kudos
PhoneBoy
Admin
Admin
‎2024-06-17 08:56 AM
In response to frass
Jump to solution

Your question is unclear.
Please create a new thread with your precise requirements and your version/JHF information.

0 Kudos
Mlinko
Contributor
‎2024-06-16 10:44 PM
In response to PhoneBoy
Jump to solution

Dear PhoneBoy,

I wanted to test your command on our MGMT Server running r81.20 Take 65 but I get the following error:

"jq: error: Cannot iterate over null"

Do you have any Idea what I'm doing wrong?

Thank you!

KR
Rok

0 Kudos
PhoneBoy
Admin
Admin
‎2024-06-17 09:01 AM
In response to Mlinko
Jump to solution

It means the previous command in the pipe string didn't return results the given jq command current parse.
Specifically, it's this part: mgmt_cli -r true show-group name "groupname" --format json
The jq expression will have to be modified according to what data this command returns.

0 Kudos
Mlinko
Contributor
‎2024-06-18 10:27 PM
In response to PhoneBoy
Jump to solution

Hi,

thanks for the info! It was actualy the -d "Domainname" that was missing in the command, as we are running an MDS Mgmt.

Thank you again for the help!

KR
Rok

0 Kudos
IOB
Explorer
‎2023-11-12 11:26 PM
Jump to solution

after running the cmd ( mgmt_cli -r true show-group name "groupname" --format json | jq '.members[] | [.name, ."ipv4-address"] |@csv' -r )where can we find the file ???

 

 

0 Kudos
_Val_
Admin
Admin
‎2023-11-13 04:19 AM
In response to IOB
Jump to solution

Try the local folder you are rinning the command from, and also user's home folder

 

0 Kudos
Eric_Beasley
Employee
Employee
‎2023-11-13 07:43 AM
In response to IOB
Jump to solution

The command jq DOES NOT create a CSV file it creates the output in a CSV compliant format, so you need to first create the file with the necessary column headers, then pipe APPEND the output from the mgmt_cli command to that file with the header, which is how you get an actual file.

You should have had a dump of the values to your shell screen, if run without piping the output.

CORRECTED:  Added "details-level full" to ensure all values are available for parsing with JQ

 

 

echo "name","ipv4-address" > groupmembers.csv
mgmt_cli -r true -f json show-group name "_your_groupname_here_" details-level full | jq '.members[] | [.name, ."ipv4-address"] |@csv' -r >> groupmembers.csv

 

 

 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events