This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Dima_M
Employee
Employee
‎2020-02-20 04:22 AM

Automate your everyday tasks with SmartTasks

In R80.40 we introduced SmartTasks, a powerful feature that further expands the openness and extensibility approach.

SmartTasks saves admins valuable time by automating routine tasks with pre-defined or customizable actions. A SmartTask is a combination of trigger and action.

Triggers are events – currently defined in terms of existing management operations, such as install policy or publish

Actions are automatic responses that take place after a trigger is fired, such as running a script, posting a web request.

Below you can find some of the SmartTasks we created. To start using them, just import the SmartTask into your R80.40 Security Management Server.

You're  very welcome to check out the scripts, modify and create your own SmartTasks.

 

SmartTask - Validate Session Name Format

SmartTask - Custom Permissions 

SmartTask - Restrict use of specific objects in Access Control Policy 

7 Replies
Harmesh_Yadav
Collaborator
‎2021-01-29 12:43 AM

Dear Team ,

can we do schedule for policy installation ?

Harmesh Yadav
0 Kudos
Ivo_Hrbacek
Contributor
Contributor
‎2021-03-12 06:18 AM

Hi there,

I have a question, having smart task to check if IDA Access role objects have been modified/created.. If yes, policy to dedicated PDP gateways is pushed. Smart task trigger is after publish with bash script below.

#!/bin/bash
@ihr@actinet.cz

trigger_json=`echo $1 | base64 --decode -i`


session_objcets=`echo $trigger_json | jq '.operations | (."added-objects"[] | {"name":.name , "type":.type}) , (."deleted-objects"[] | {"name":.name, "type":.type}), (."modified-objects"[] | {"name":."new-object".name, "type":."new-object".type})' | jq -s .`

session_objects_details=`echo $session_objcets | jq '.[] | {"name":.name, "type":.type, "valid_type": ( [.type]-["access-role"]| length == 0)}' | jq -s .`
number_of_objects_changed=`echo $session_objects_details | jq '.[] | select(."valid_type" == true)' | jq -s '. | length'`
list_of_objects_changed=`echo $session_objects_details | jq '.[] | select(."valid_type" == true)' | jq -s -c '[.[] | .name]' | tr -d [ | tr -d ]`

if [ $number_of_objects_changed -gt 0 ]; then
mgmt_cli -r true install-policy policy-package "AXXXX" access true threat-prevention false targets.1 "XXX" targets.2 "YYY" --format json > /dev/null 2>&1
m1="IDA objects changed, PDP policy was installed on IAP gateways"
m2="The following objects were modified : $list_of_objects_changed"
m2=${m2//\"/\\\"}
printf '{"result":"success","message":"%s %s"}\n' "$m1" "$m2"
exit 0

else
m1="No IDA objects changed, I wont install PDP policy"
printf '{"result":"success","message":"%s"}\n' "$m1"
exit 0

fi

This works fine if you do just few changes in GUI..

 

There is an issue when there are many changes like updating cluster objects with 250 interfaces - get interfaces with topology, basically huge publish changes via GUI.. smart task will crash after 300 sec (max running time) with no output.

I tested also something like this, just to get all data before sorting, same it did not produced any output at all:

#!/bin/bash

trigger_json=`echo $1 | base64 --decode -i`

printf "trigger_json"

 

So my question is, did someone tested to run smart task (after publish trigger) when there are more changes published, specially if you modify cluster object as I described? Or is there other way how to get operations data after publish?

thx!

ivo

Preview file
64 KB
0 Kudos
Dima_M
Employee
Employee
‎2021-03-16 11:53 AM
In response to Ivo_Hrbacek

Hi Ivo, thanks for reporting.  We're looking into this issue now in order to offer a solution.

0 Kudos
Ivo_Hrbacek
Contributor
Contributor
‎2021-03-17 03:35 AM
In response to Dima_M

thx

0 Kudos
Hash1
Contributor
‎2021-05-04 05:16 AM

In this video https://www.youtube.com/watch?v=steOVo6T2iY
You guys show an example of smarttask which involves sending an e-mail with all the changes from a published session. How can I do that? Said e-mail has a nice design on it already.

0 Kudos
PhoneBoy
Admin
Admin
‎2021-05-09 07:32 PM
In response to Hash1

@Tomer_Sole I realize this isn't your area anymore, but it was when this came out.
Can you find the right resource to publish this particular SmartTasks?
Also @Dima_M 

0 Kudos
Dima_M
Employee
Employee
‎2021-05-13 09:09 AM
In response to Hash1

Hi, 

 

We're working on adding " send email" action to SmartTasks, currently you can use "run script" action to send an email with sendmail daemon.

    /opt/CPsuite-Rxx.xx/fw1/bin/sendmail -t IP_of_MailServer -s "Subject" -f from@example.com to@example.com 

 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events