Create a Post
Showing results for 
Search instead for 
Did you mean: 
Employee Alumnus
Employee Alumnus

Using SandBlast API from commandline

Hi all,

I started writing a bash script to use TEAPI with a simple commandline syntax.

The attached bash script has the following pre-requisites (which can be installed on GAiA also):

Prerequisites to install
1) JQ
      curl -o /tmp/jq -k -L

      mv /tmp/jq /usr/bin

      chmod +x /usr/bin/jq

Changes according to your environment

Within the beginning of the script:

1) Set TESERVER variable 

         e.g. TESERVER= if you run the script directly on a TE appliance

2) Set TEIMAGES variable

         change the variable content to your available images

Usage of the script

# ./ <filename> <action>

Where <action> can be:

1) query

         queries the API for a result of <filename>´s hash and returns verdict if found

2) upload

         upload the file <filename>

3) report

         queries the API for available reports of <filename>´s hash. If reports are available they will be downloaded to separate files calles <filename sha1>_<reportid>.report.

         The files contain the XML data of the TE forensic report.

Have fun ! Any comments and additions are highly appreciated.

Regards Thomas

PS-Disclaimer:This script has no official Check Point TAC support 

2 Replies

Very nice! I will test it right now.

Without TAC support Smiley Happy.



0 Kudos
Employee Alumnus
Employee Alumnus

I´ll support Smiley Happy

Regards Thomas