Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
the_rock
Champion
Champion

Exporting objects with mgmt_cli

Hey guys,

 

Does anyone know the right syntax to export objects from one mgmt server using mgmt_cli command? I tried mgmt_cli export, but that appears to export the database and there is no way of telling where the file goes. Even TAC guy could not help and he suggested contact Professional services??!! Sounds ridiculous for such a small task...

 

I looked at api guide, but does not show there either...I tried below, but this does not work with the export flag:

 

mgmt_cli put-file file-path "/home/admin/" file-name "vsx_conf" file-content "vs ip 192.0.2.1\nvs2 ip 192.0.2.2" targets.1 "corporate-gateway" --format json
 • "--format json" is optional. By default the output is presented in plain text.


I also tried using script Eric Beasley wrote, but that was failing too.

 

https://community.checkpoint.com/t5/API-CLI-Discussion-and-Samples/CLI-API-Example-for-exporting-imp...

 

Any idea if this can be done easily with mgmt_cli at all? Im pretty positive there is a flag missing somewhere... 

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

There’s not a single mgmt_cli command that will do it.
That is because mgmt_cli is merely a front-end for the API, which has different endpoints for each object type, each of which returns a limited number of results by design.
You need to perform iterative calls to get all the objects, thus why I pointed you at a script in the other thread versus “just execute this command.”

Have no idea what put-file has to do with what you’re trying to accomplish here.

Meanwhile, as to what’s happening with the script, I recommend, perhaps on a separate thread, post some basic details about what happens when you run the script.
Also version/JHF of management.

0 Kudos
the_rock
Champion
Champion

I figured put-file may show where the export is going, but it did not...thats all : )

Sure, here is what I get when I run the other script:

 

[Expert@tarion-mgmt:0]# ./cli_api_export_objects_to_csv.sh

 

./cli_api_export_objects_to_csv.sh

Script:  cli_api_export_objects_to_csv  Script Version: 00.50.00  Revision: 055

 

 

-------------------------------------------------------------------------------------------------

Check API Operational Status before starting

-------------------------------------------------------------------------------------------------

 

First make sure we do not have any issues:

 

 

product-version: "Check Point Gaia R80.40"

os-build: "294"

os-kernel-version: "3.10.0-957.21.3cpx86_64"

os-edition: "64-bit"

 

 

API is operating as expected so api status should work as expected!

 

Next check api status:

 

 

API Settings:

---------------------

Accessibility:                      Require ip 127.0.0.1

Automatic Start:                    Enabled

 

Processes:

 

Name      State     PID       More Information

-------------------------------------------------

API       Started   5340

CPM       Started   9868      Check Point Security Management Server is running and ready

FWM       Started   8909

APACHE    Started   8508

 

Port Details:

-------------------

JETTY Internal Port:      50276

APACHE Gaia Port:         443

 

Profile:

------------

Machine profile:  Medium env resources profile

CPM heap size:    1024m

API heap size:    256m

 

 

 

--------------------------------------------

Overall API Status: Started

--------------------------------------------

 

API readiness test SUCCESSFUL. The server is up and ready to receive connections

 

Notes:

------------

To collect troubleshooting data, please run 'api status -s <comment>'

 

 

API status check result ( 0 = OK ) : 0

 

API is operating as expected so API calls should work!

 

Current Log output in file /var/tmp/cli_api_export_objects_to_csv_v00x50x00_2020-12-10-164050EST.log

 

-------------------------------------------------------------------------------------------------

./common/identify_gaia_and_installation.action.common.006.v00.50.00.sh: line 402: [: -gt: unary operator expected

 

 

Gaia Version : $gaiaversion = R80.40

 

System is Security Management Server!

 

Security Management Server version R80.40

 

Final $gaiaversion = R80.40

 

NEW Kernel version 3.10.0-957.21.3cpx86_64

 

sys_type = SMS

 

System Type : SMS                   :true

System Type : MDS                   :false

System Type : SmartEvent            :false

System Type : SmEv Correlation Unit :false

System Type : GATEWAY               :false

System Type : STANDALONE            :false

System Type : VSX                   :false

System Type : UEPM Endpoint Server  :false

System Type : UEPM Policy Server    :false

System Type : UEPM Installed        :true

 

 

 

mkdir: created directory './dump'

Output and Log file, folder locations:

$APICLIpathbase       : ./dump/2020-12-10-1640EST

$APICLIlogfilepath    : ./dump/2020-12-10-1640EST/cli_api_export_objects_to_csv_v00x50x00_2020-12-10-164050EST.log

 

 

mgmt_cli Login!

 

Login to mgmt_cli as administrator and save to session file :  id.20201210-164058EST.txt

 

Password:

mgmt_cli login error!  EXITCODE = 1

 

 

{

  "code" : "err_login_failed",

  "message" : "Authentication to server failed."

}

 

 

Terminating script...

Exitcode 255

 

 

Log output in file ./dump/2020-12-10-1640EST/cli_api_export_objects_to_csv_v00x50x00_2020-12-10-164050EST.log

0 Kudos
PhoneBoy
Admin
Admin

It's been a while since I've looked at this script, but I believe you have to modify it with the credentials you need to log into the management API before execution.

0 Kudos
the_rock
Champion
Champion

No worries Dameon... I connected offline with Eric Beasley, so we will do remote this week and see if we can figure it out : )

 

Thanks as always!

 

Andy

0 Kudos