Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Stan_Mazur
Participant

Inventory gateway script

Jump to solution

New to scripting , how do I run gateway-inventory script on MDS?

1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

You have to work with mgmt_cli exactly the same way as if you were coding against the API.
This means:

  1. Logging in to create a session
  2. Performing whatever changes you wish to make
  3. If you want to commit the changes you made, issue a "publish" action.
  4. When you're done, log out of the session.

If you're on the management server itself, you can use -r true to bypass doing all of the above, but the above happens "under the covers."
When running from a Windows machine, you're obviously not on the management server, so you have to do the entire flow.

For your specific example, this means something like:

C:\Program Files (x86)\CheckPoint\SmartConsole\R80.30\PROGRAM> mgmt_cli -m 3.80.173.165 -u aa -p aaaa login > \temp\sid.txt

This logs in with the username aa, password aaaa, and writes the session information to \temp\sid.txt so it can be used later.
Then you can issue the command to show gateways-and-servers:

C:\Program Files (x86)\CheckPoint\SmartConsole\R80.30\PROGRAM> mgmt_cli -m 3.80.173.65 -s \temp\sid.txt show gateways-and-servers

- uid: "453ea708-cb36-4ca1-8c51-831e86c7a5d3"
  name: "BranchOffice"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "7f994e69-f997-47bd-9f80-621cf622941e"
  name: "Corporate-GW"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "a9f2d9bd-35e4-4571-bebb-4aeec04730df"
  name: "EuropeBranchGw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "b69b4a9c-1386-4bb1-8057-926551cfcdad"
  name: "HQgw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "e1fdc743-e9c8-df44-95bd-b842bcbac362"
  name: "mgmt"
  type: "CpmiHostCkp"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "71ec8bfb-5924-4672-a207-0682e46285ad"
  name: "Remote-1-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "95201290-08b3-405f-a4ae-0785f76e8e4b"
  name: "Remote-2-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "2c68301f-e1f9-4ce4-af46-8f4ded4a9fd2"
  name: "Remote-3-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "167c76ab-12d2-4e34-834a-00ea056289d3"
  name: "Remote-4-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "004b689b-797a-4212-b21c-8df4c8b992e3"
  name: "Remote-5-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "f6bb4929-a831-406a-93da-af6f95525437"
  name: "RemoteBranchGw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "37b07654-bc93-469a-9991-27a3b757e9aa"
  name: "ThreatEmulationDevice"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
from: 1
to: 12
total: 12

Since you're not making any changes here, no publish is required.
Logout to release the session:

C:\Program Files (x86)\CheckPoint\SmartConsole\R80.30\PROGRAM> mgmt_cli -m 3.80.173.65 -s \temp\sid.txt logout

View solution in original post

0 Kudos
7 Replies
Tomer_Sole
Employee Alumnus
Employee Alumnus

show-gateways-and-servers API command should help.

Check Point - Management API reference 

jekyllsdrk
Participant

How do I run this from the SmartConsole server?

0 Kudos
PhoneBoy
Admin
Admin
Using the mgmt_cli binary included in the same directory as the SmartConsole binary.
It works the same way as it does on the Check Point management server.
0 Kudos
jekyllsdrk
Participant

I am presented with a Username prompt when I attempt to run the following command on the management server.

 

[Expert@cpman:0]# mgmt_cli show gateways-and-servers
Username:

 

Why am I receiving this prompt, and what credentials should I use?

0 Kudos
jekyllsdrk
Participant

I tried entering the admin credentials but received the following error.

 

[Expert@cpman:0]# mgmt_cli show gateways-and-servers
Username: admin
Password:
message: "Command execution failed. Response body is empty"
code: "generic_error"

0 Kudos
PhoneBoy
Admin
Admin

You have to work with mgmt_cli exactly the same way as if you were coding against the API.
This means:

  1. Logging in to create a session
  2. Performing whatever changes you wish to make
  3. If you want to commit the changes you made, issue a "publish" action.
  4. When you're done, log out of the session.

If you're on the management server itself, you can use -r true to bypass doing all of the above, but the above happens "under the covers."
When running from a Windows machine, you're obviously not on the management server, so you have to do the entire flow.

For your specific example, this means something like:

C:\Program Files (x86)\CheckPoint\SmartConsole\R80.30\PROGRAM> mgmt_cli -m 3.80.173.165 -u aa -p aaaa login > \temp\sid.txt

This logs in with the username aa, password aaaa, and writes the session information to \temp\sid.txt so it can be used later.
Then you can issue the command to show gateways-and-servers:

C:\Program Files (x86)\CheckPoint\SmartConsole\R80.30\PROGRAM> mgmt_cli -m 3.80.173.65 -s \temp\sid.txt show gateways-and-servers

- uid: "453ea708-cb36-4ca1-8c51-831e86c7a5d3"
  name: "BranchOffice"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "7f994e69-f997-47bd-9f80-621cf622941e"
  name: "Corporate-GW"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "a9f2d9bd-35e4-4571-bebb-4aeec04730df"
  name: "EuropeBranchGw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "b69b4a9c-1386-4bb1-8057-926551cfcdad"
  name: "HQgw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "e1fdc743-e9c8-df44-95bd-b842bcbac362"
  name: "mgmt"
  type: "CpmiHostCkp"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "71ec8bfb-5924-4672-a207-0682e46285ad"
  name: "Remote-1-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "95201290-08b3-405f-a4ae-0785f76e8e4b"
  name: "Remote-2-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "2c68301f-e1f9-4ce4-af46-8f4ded4a9fd2"
  name: "Remote-3-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "167c76ab-12d2-4e34-834a-00ea056289d3"
  name: "Remote-4-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "004b689b-797a-4212-b21c-8df4c8b992e3"
  name: "Remote-5-gw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "f6bb4929-a831-406a-93da-af6f95525437"
  name: "RemoteBranchGw"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
- uid: "37b07654-bc93-469a-9991-27a3b757e9aa"
  name: "ThreatEmulationDevice"
  type: "simple-gateway"
  domain:
    uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
    name: "SMC User"
    domain-type: "domain"
from: 1
to: 12
total: 12

Since you're not making any changes here, no publish is required.
Logout to release the session:

C:\Program Files (x86)\CheckPoint\SmartConsole\R80.30\PROGRAM> mgmt_cli -m 3.80.173.65 -s \temp\sid.txt logout

View solution in original post

0 Kudos
Kaspars_Zibarts
Authority
Authority

This was asked before here and I put small script together 

https://community.checkpoint.com/thread/7023-security-gateway-inventory