Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Jordan_Martin1
Participant

Is there a way to get a file using the API?

I am trying to write an ansible script that will audit the configuration settings of the firewall and output to a text file.  I can do all of that, but I don't know how to use the API to retrieve that output file.  I've seen the command put-file, but is there any equivalent to get-file?

12 Replies
Robert_Decker
Advisor

Hi Jordan,

There is no API for get-file operation, but maybe you can use the run-script command to run a script on the management that returns the content of a file as its result.

BTW, I cannot sign in to GitHub from home and reply to you, but from your recent error I realize that you are not using the latest cpAnsible sources. Please check again.

Robert.

0 Kudos
Jordan_Martin1
Participant

Hi Robert.  You're right about GitHub.  I didn't realize that you had made a fix.  Thanks for that.  As for the run-script API, however, it is not possible to receive anything in response except for some json that indicates the command went through successfully.  You can never actually see the output of anything.  This is probably something that needs to be corrected by the API folks.

0 Kudos
Robert_Decker
Advisor

Jordan,

I'm the API folk 🙂

The response of the command should contain the full details of the command result.

You can run the mgmt_cli run-script command on your management and verify how the results should be.

Maybe you have to configure the ansible to correctly get the full results (verbose option...).

Robert.

0 Kudos
Jordan_Martin1
Participant

The response from run-script includes only one output as discussed in the documentation here: Check Point - Management API reference.  An example of the output is here: {"tasks": [{"target": "ztestintfw1","task-id": "7edefe91-b4b3-4c8a-bbe8-a7286ca86133"}]}.  Note that there is no output listed, just a target and a task-id.  Neither or which is particularly helpful.

0 Kudos
Robert_Decker
Advisor

Ok.

This looks like a problem here - the run-script command returns a tasks container and not a single task-id.

I'll check tomorrow at work and get back to you.

Robert.

0 Kudos
Jordan_Martin1
Participant

Any word on how to resolve this?

0 Kudos
Robert_Decker
Advisor

This will take some time.

I need to change the code in our Python SDK to fix the issue.

Robert.

Robert_Decker
Advisor

Jordan,

Please read this post, and watch the video, may be very helpful for you - 

https://community.checkpoint.com/thread/5478-leveraging-the-r8010-api-to-automate-and-streamline-sec...

The post also contains lots of scripts and ansible playbooks in a zip file.

Robert.

0 Kudos
Jordan_Martin1
Participant

I have probably watched that video ten times by now.  Thank you for the suggestion, though! Smiley Happy

0 Kudos
Robert_Decker
Advisor

Jordan,

Remove the "domain: System Data" parameter from the login command, this is the reason that the object ztestintfw1 cannot be found.

Robert.

0 Kudos
Jordan_Martin1
Participant

You are the man, Robert!  Thank you so much.  Quick question, though: When is System Data needed and when is it not?

0 Kudos
Robert_Decker
Advisor

the "system data" domain is needed for very specific objects, such as administrators.

most of the time you do not need to specify this dimain.

Robert.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events