This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
ukohae
Contributor
‎2021-03-12 01:35 PM
Jump to solution

Using Run-Script with Ansible

Hi, I am trying to use Run-Script module. Below is my code

 

---
- hosts: check_point
  connection: httpapi
  gather_facts: False
  vars_files:
    - 'credentials/ansible_login_information.yml'
  tasks:
  - name: run-script
    check_point.mgmt.cp_mgmt_run_script:
      script: ./stat.sh
      script_name: 'Check stat'
      targets:
      - Some_Server
      wait_for_task_timeout: 30

 


shell script

 

#!/bin/bash
cpstat os -f all

 

 TASK [run-script] ******************************************************************************************************************************************
fatal: [check_point]: FAILED! => {"changed": false, "msg": "Task Some_Server - Check stat with task id af3660dc-9e23-4a90-a398-6d54357a failed. Look at the logs for more details"}


I  noticed this playbook is not running my script. What can I do to fix this erroor

0 Kudos
1 Solution

Accepted Solutions
masher
Employee
Employee
‎2021-03-15 08:41 AM
In response to ukohae
Jump to solution

My only guess regarding the SIC error is that the target definition isn't reachable or hasn't been fully configured yet.

The run-script will not copy a script from the local directory and deploy it to a remote deployment for use. You need to insert the body of the script into the "script" command before running it from the management API.

From https://github.com/CheckPointSW/CheckPointAnsibleMgmtCollection/blob/master/plugins/modules/checkpoi...

 

 

  script:
    description:
    - Script body contents.
    type: str
    required: true

 

 

This mirrors the run-script API documentation.

- https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/run-script~v1.7%20

I haven't run this in my lab, so this might not provide the results. However, I would expect it to look similar to below.

 

 

---
- hosts: check_point
  connection: httpapi
  gather_facts: False
  vars_files:
    - 'credentials/ansible_login_information.yml'
  tasks:
  - name: run-script
    check_point.mgmt.cp_mgmt_run_script:
      script: "cpstat os -f all"
      script_name: 'Check stat'
      targets:
      - deployed-gw-1
      wait_for_task_timeout: 30

 

EDIT: One other thing I didn't mention is that you'll need to query the task-id from the run-script command to see the results for this particular playbook.

 

View solution in original post

0 Kudos
3 Replies
PhoneBoy
Admin
Admin
‎2021-03-12 08:07 PM
Jump to solution

Try specifying the full path to the script.
If not, I recommend checking the task status in SmartConsole to see what it says.

0 Kudos
ukohae
Contributor
‎2021-03-15 07:25 AM
In response to PhoneBoy
Jump to solution

The shell script is in the same directory as the playbook.

Error message on SmartConsole

Run One Time Script

Results ..............................................................
Task Results Connection failed for 192.1.1.1
             Make sure that the machine is up and running, and that  
             SIC has been established

Details ..............................................................
Script  ./stat.sh


Connection failed for IP Address

Makes sure that the machine is up and running, and that SIC has been established

 

Preview file
14 KB
0 Kudos
masher
Employee
Employee
‎2021-03-15 08:41 AM
In response to ukohae
Jump to solution

My only guess regarding the SIC error is that the target definition isn't reachable or hasn't been fully configured yet.

The run-script will not copy a script from the local directory and deploy it to a remote deployment for use. You need to insert the body of the script into the "script" command before running it from the management API.

From https://github.com/CheckPointSW/CheckPointAnsibleMgmtCollection/blob/master/plugins/modules/checkpoi...

 

 

  script:
    description:
    - Script body contents.
    type: str
    required: true

 

 

This mirrors the run-script API documentation.

- https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/run-script~v1.7%20

I haven't run this in my lab, so this might not provide the results. However, I would expect it to look similar to below.

 

 

---
- hosts: check_point
  connection: httpapi
  gather_facts: False
  vars_files:
    - 'credentials/ansible_login_information.yml'
  tasks:
  - name: run-script
    check_point.mgmt.cp_mgmt_run_script:
      script: "cpstat os -f all"
      script_name: 'Check stat'
      targets:
      - deployed-gw-1
      wait_for_task_timeout: 30

 

EDIT: One other thing I didn't mention is that you'll need to query the task-id from the run-script command to see the results for this particular playbook.

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events