This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Jan_Kleinhans
Advisor
‎2025-04-29 11:37 PM

Entries in Database which are not default

Hello,

over the years we had to change many values in the checkpoint database to special setting (url_filtering cache for example). 

Is there a way to export or show all database entries where the value is not default?

 

Jan

0 Kudos
5 Replies
PhoneBoy
Admin
Admin
‎2025-04-30 05:42 AM

It’s not clear exactly what settings you’re referring to here.
Defaults can also change from version to version in any case.
More details (including the specific settings you’re interested, possibly with screenshots, and versions involved) will help.

In general, any changes made through SmartConsole/API should show in the audit logs.
Changes made outside of this (Expert Mode) may not be reflected in logs.
Nothing that I’m aware of that will show you “differences from a default configuration.”

0 Kudos
Lesley
MVP Gold
MVP Gold
‎2025-04-30 07:39 AM

No there is not something out there. There are ways to verify specific changes. In GuiDBedit if you find the relevant object there is a column "last modify time'' this is an indication of a change. Also the column display current value and default value. That is the second indication.

For other changes set with fw ctl set I would recommend this sk: https://support.checkpoint.com/results/sk/sk33156

Creating a file with all the kernel parameters and their values

This will create a file with all important kernel parameters. As a reference you should get the same file from a similar default installed system (in a lab for example, same version / take)

I recommend always to keep track of custom changes like this. Check Point is a very open system, meaning you can change a lot. It is simply impossible to always be able to keep track what has been changed and what is different from factory default. Only way is solid documentation. 

-------
Please press "Accept as Solution" if my post solved it 🙂
0 Kudos
Jan_Kleinhans
Advisor
‎2025-05-04 11:19 PM
In response to Lesley

Thank you for your reply. I almost expected the answer. I was trying to figure out the changes made via dbedit over the last decades 🙂 We try to track all changes, but sometimes you change something in a remote session with TAC and miss documentation.  That's why I had the hope that you can make a database diff or something like that. As you mentioned the default values are already in the database.

Thanks,

 

Jan

0 Kudos
Amir_Senn
MVP Silver CHKP MVP Silver CHKP
MVP Silver CHKP
‎2025-05-04 07:52 AM

Recommending to use show objects API command.

https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/show-objects~v2%20

I used the following:

mgmt_cli -r true show objects type "application-site-group" details-level full

 

You can see creator/last modified.

Kind regards, Amir Senn
0 Kudos
Tal_Paz-Fridman
MVP Silver CHKP MVP Silver CHKP
MVP Silver CHKP
‎2025-05-05 04:24 AM

By the way, you can also set up a simple "clean" Management Server and copy the relevant files from $FWDIR/conf/ to compare them with those from your Production Management Server using a file diff.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events