Exporting objects with mgmt_cli

the_rock · ‎2020-12-10

Hey guys,

Does anyone know the right syntax to export objects from one mgmt server using mgmt_cli command? I tried mgmt_cli export, but that appears to export the database and there is no way of telling where the file goes. Even TAC guy could not help and he suggested contact Professional services??!! Sounds ridiculous for such a small task...

I looked at api guide, but does not show there either...I tried below, but this does not work with the export flag:

mgmt_cli put-file file-path "/home/admin/" file-name "vsx_conf" file-content "vs ip 192.0.2.1\nvs2 ip 192.0.2.2" targets.1 "corporate-gateway" --format json
 • "--format json" is optional. By default the output is presented in plain text.

I also tried using script Eric Beasley wrote, but that was failing too.

https://community.checkpoint.com/t5/API-CLI-Discussion-and-Samples/CLI-API-Example-for-exporting-imp...

Any idea if this can be done easily with mgmt_cli at all? Im pretty positive there is a flag missing somewhere...

Best,
Andy

PhoneBoy · ‎2020-12-10

There’s not a single mgmt_cli command that will do it.
That is because mgmt_cli is merely a front-end for the API, which has different endpoints for each object type, each of which returns a limited number of results by design.
You need to perform iterative calls to get all the objects, thus why I pointed you at a script in the other thread versus “just execute this command.”

Have no idea what put-file has to do with what you’re trying to accomplish here.

Meanwhile, as to what’s happening with the script, I recommend, perhaps on a separate thread, post some basic details about what happens when you run the script.
Also version/JHF of management.

the_rock · ‎2020-12-10

I figured put-file may show where the export is going, but it did not...thats all : )

Sure, here is what I get when I run the other script:

[Expert@tarion-mgmt:0]# ./cli_api_export_objects_to_csv.sh

./cli_api_export_objects_to_csv.sh

Script: cli_api_export_objects_to_csv Script Version: 00.50.00 Revision: 055

-------------------------------------------------------------------------------------------------

Check API Operational Status before starting

-------------------------------------------------------------------------------------------------

First make sure we do not have any issues:

product-version: "Check Point Gaia R80.40"

os-build: "294"

os-kernel-version: "3.10.0-957.21.3cpx86_64"

os-edition: "64-bit"

API is operating as expected so api status should work as expected!

Next check api status:

API Settings:

---------------------

Accessibility: Require ip 127.0.0.1

Automatic Start: Enabled

Processes:

Name State PID More Information

-------------------------------------------------

API Started 5340

CPM Started 9868 Check Point Security Management Server is running and ready

FWM Started 8909

APACHE Started 8508

Port Details:

-------------------

JETTY Internal Port: 50276

APACHE Gaia Port: 443

Profile:

------------

Machine profile: Medium env resources profile

CPM heap size: 1024m

API heap size: 256m

--------------------------------------------

Overall API Status: Started

--------------------------------------------

API readiness test SUCCESSFUL. The server is up and ready to receive connections

Notes:

------------

To collect troubleshooting data, please run 'api status -s <comment>'

API status check result ( 0 = OK ) : 0

API is operating as expected so API calls should work!

Current Log output in file /var/tmp/cli_api_export_objects_to_csv_v00x50x00_2020-12-10-164050EST.log

-------------------------------------------------------------------------------------------------

./common/identify_gaia_and_installation.action.common.006.v00.50.00.sh: line 402: [: -gt: unary operator expected

Gaia Version : $gaiaversion = R80.40

System is Security Management Server!

Security Management Server version R80.40

Final $gaiaversion = R80.40

NEW Kernel version 3.10.0-957.21.3cpx86_64

sys_type = SMS

System Type : SMS :true

System Type : MDS :false

System Type : SmartEvent :false

System Type : SmEv Correlation Unit :false

System Type : GATEWAY :false

System Type : STANDALONE :false

System Type : VSX :false

System Type : UEPM Endpoint Server :false

System Type : UEPM Policy Server :false

System Type : UEPM Installed :true

mkdir: created directory './dump'

Output and Log file, folder locations:

$APICLIpathbase : ./dump/2020-12-10-1640EST

$APICLIlogfilepath : ./dump/2020-12-10-1640EST/cli_api_export_objects_to_csv_v00x50x00_2020-12-10-164050EST.log

mgmt_cli Login!

Login to mgmt_cli as administrator and save to session file : id.20201210-164058EST.txt

Password:

mgmt_cli login error! EXITCODE = 1

{

"code" : "err_login_failed",

"message" : "Authentication to server failed."

}

Terminating script...

Exitcode 255

Log output in file ./dump/2020-12-10-1640EST/cli_api_export_objects_to_csv_v00x50x00_2020-12-10-164050EST.log

Best,
Andy

PhoneBoy · ‎2020-12-13

It's been a while since I've looked at this script, but I believe you have to modify it with the credentials you need to log into the management API before execution.

the_rock · ‎2020-12-13

No worries Dameon... I connected offline with Eric Beasley, so we will do remote this week and see if we can figure it out : )

Thanks as always!

Andy

Best,
Andy

Are you a member of CheckMates?

Exporting objects with mgmt_cli