This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
John_Fleming
Advisor
‎2020-12-23 12:54 PM

R80.40 - can't cancel task

I started using the python SDK to set log servers. In my first attempt I was playing with setting the log server to a CLM for a given simple cluster. I noticed afterwards I didn't have anything in the API call to publish so I went to the gui and hit publish and disconnect now its just sitting at %10.  

Any idea how to cancel this task? Discard & disconnect rows "An internal error occurred."

0 Kudos
14 Replies
John_Fleming
Advisor
‎2020-12-23 01:38 PM

So looks like setting the log server via API will basically eff up the API on the CMA until I mdsstop. 😕

This is JH 87 BTW.

0 Kudos
PhoneBoy
Admin
Admin
‎2020-12-23 05:57 PM
In response to John_Fleming

Ouch, sounds like a TAC case is in order.
Also tagging @Omer_Kleinstern 

0 Kudos
John_Fleming
Advisor
‎2020-12-23 08:26 PM
In response to PhoneBoy

I haven't had a chance to debug or bother diamond, which i'll wait until next week. 

0 Kudos
Alex_Zelinsky
Employee
Employee
‎2020-12-24 01:33 AM

Please specify more details, is this set-simple-cluster api? And what exactly did you try to do

0 Kudos
John_Fleming
Advisor
‎2020-12-24 09:31 AM

I plan on creating a replication I just haven't had time. Yes set simple cluster and send-logs-to-server. I set name and send-logs-to-server as a single member list. 

The docs say its an object but others say string or list and description says Servers so i'm not %100 what I should be sending. I didn't try logs and alerts (or whatever that other one was).

0 Kudos
Alex_Zelinsky
Employee
Employee
‎2020-12-26 10:24 PM

I set it as follows:

Here is an example of setting log server for a cluster:
mgmt_cli --session-id "$session_id" set-simple-cluster name "$CLUSTERNAME" ipv4-address "$CLUSTERMGMTIP" ipv6-address "$IPV6_CLUSTERMGMTIP" \
	version "$GWVERSION" os-name "Gaia" cluster-mode "opsec-ha" firewall true ips false vpn false \
	send-logs-to-server.0 "$MGMTNAME" send-alerts-to-server.0 "$MGMTNAME"
It's network object name, and you can provide a few.
However the issue of cancelling task is not related.
Actually there is now way to cancel a task.
To better understand your issue I need more details and cpm.elg when you're getting INteranl Error.
I undertsatand you get that error when you try to discradand disconnect API session from SC, right?

 

0 Kudos
John_Fleming
Advisor
‎2020-12-28 08:20 AM
In response to Alex_Zelinsky

Hi Alex, I haven't had a chance to put something meaningful in here yet. I can't send logs or anything as the customer will not allow this. Its a pretty strict env. I'll see if I can replicate and send is the smallest replication of the python code to trigger when I get a few. Should be this week.

0 Kudos
John_Fleming
Advisor
‎2020-12-28 03:33 PM
In response to John_Fleming

Test env is stood up. I'll start working on the code python code next.

First.. Nachos for they indeed rule.

0 Kudos
John_Fleming
Advisor
‎2020-12-28 05:57 PM
In response to John_Fleming

Eff.. couldn't replicate. I'm going to move this code back to the lab and see if it fails again. I'll check log files you pointed out and engage support if needed.

Any input on debugs I should turn on?

0 Kudos
John_Fleming
Advisor
‎2020-12-28 06:00 PM

Here is the python code.

from cpapi import APIClient, APIClientArgs
import pprint
pp = pprint.PrettyPrinter(indent=4)

api_server='10.1.18.100'
username='admin'
password='somepw'
domain_name='Test_Domain'

def main():
    client_args = APIClientArgs(server=api_server)
    with APIClient(client_args) as domain_client:
        login_res = domain_client.login(username, password, domain=domain_name)
        if login_res.success is False:
            print("Try upgrading to R81 maybe?")
            exit(81)
        json_data = { "name": "TestCluster",
                      "send-logs-to-server": "TestDomainLogServer" }
        print("Calling set cluster api")
        simple_cluster_output = domain_client.api_call("set-simple-cluster", json_data)
        pp.pprint(simple_cluster_output)
        print("Calling publish api")
        publish_output = domain_client.api_call("publish",{})
        pp.pprint(publish_output)

if __name__ == "__main__":
    main()

 

 

0 Kudos
Alex_Zelinsky
Employee
Employee
‎2020-12-28 11:08 PM

turn on the following logs in $MDS_FWDIR/conf/tdlog.com

log4j.logger.com.checkpoint.management.gateway_legacy.services.internal.LegacyGatewayObjectCrudSvcImpl=DEBUG
log4j.logger.com.checkpoint.management.gateway_legacy.objects.cluster.ClusterUtils=DEBUG
log4j.logger.com.checkpoint.management.gateway_legacy.web_services.internal.LegacyGatewayObjectCrudSvcRemoteImpl=DEBUG

 

What version do you run? R80.40 jumbo?

 

0 Kudos
Alex_Zelinsky
Employee
Employee
‎2020-12-28 11:10 PM

Python code seems pretty simple and straightforward.

Do you see the following line printing:

pp.pprint(simple_cluster_output)

 and what does it print?

 

 

0 Kudos
John_Fleming
Advisor
‎2020-12-29 07:39 AM
In response to Alex_Zelinsky

Everything ran clean on the replication so nothing useful other then http 200 etc. 

0 Kudos
Alex_Zelinsky
Employee
Employee
‎2020-12-30 12:13 AM
In response to John_Fleming

well, let me know if it happens again

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events