Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
Join our TechTalk: Malware 2021 to Present Day
Building a Preventative Cyber Program
Be a CloudMate!
Check out our cloud security exclusive space!
Check Point's Cyber Park is Now Open
Let the Games Begin!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix! 
All Videos In One Space
the_rock
Hey guys,
Does anyone know the right syntax to export objects from one mgmt server using mgmt_cli command? I tried mgmt_cli export, but that appears to export the database and there is no way of telling where the file goes. Even TAC guy could not help and he suggested contact Professional services??!! Sounds ridiculous for such a small task...
I looked at api guide, but does not show there either...I tried below, but this does not work with the export flag:
mgmt_cli put-file file-path "/home/admin/" file-name "vsx_conf" file-content "vs ip 192.0.2.1\nvs2 ip 192.0.2.2" targets.1 "corporate-gateway" --format json • "--format json" is optional. By default the output is presented in plain text.
I also tried using script Eric Beasley wrote, but that was failing too.
Any idea if this can be done easily with mgmt_cli at all? Im pretty positive there is a flag missing somewhere...
PhoneBoy
There’s not a single mgmt_cli command that will do it.
That is because mgmt_cli is merely a front-end for the API, which has different endpoints for each object type, each of which returns a limited number of results by design.
You need to perform iterative calls to get all the objects, thus why I pointed you at a script in the other thread versus “just execute this command.”
Have no idea what put-file has to do with what you’re trying to accomplish here.
Meanwhile, as to what’s happening with the script, I recommend, perhaps on a separate thread, post some basic details about what happens when you run the script.
Also version/JHF of management.
the_rock
I figured put-file may show where the export is going, but it did not...thats all : )
Sure, here is what I get when I run the other script:
[Expert@tarion-mgmt:0]# ./cli_api_export_objects_to_csv.sh
./cli_api_export_objects_to_csv.sh
Script: cli_api_export_objects_to_csv Script Version: 00.50.00 Revision: 055
-------------------------------------------------------------------------------------------------
Check API Operational Status before starting
-------------------------------------------------------------------------------------------------
First make sure we do not have any issues:
product-version: "Check Point Gaia R80.40"
os-build: "294"
os-kernel-version: "3.10.0-957.21.3cpx86_64"
os-edition: "64-bit"
API is operating as expected so api status should work as expected!
Next check api status:
API Settings:
---------------------
Accessibility: Require ip 127.0.0.1
Automatic Start: Enabled
Processes:
Name State PID More Information
-------------------------------------------------
API Started 5340
CPM Started 9868 Check Point Security Management Server is running and ready
FWM Started 8909
APACHE Started 8508
Port Details:
-------------------
JETTY Internal Port: 50276
APACHE Gaia Port: 443
Profile:
------------
Machine profile: Medium env resources profile
CPM heap size: 1024m
API heap size: 256m
--------------------------------------------
Overall API Status: Started
--------------------------------------------
API readiness test SUCCESSFUL. The server is up and ready to receive connections
Notes:
------------
To collect troubleshooting data, please run 'api status -s <comment>'
API status check result ( 0 = OK ) : 0
API is operating as expected so API calls should work!
Current Log output in file /var/tmp/cli_api_export_objects_to_csv_v00x50x00_2020-12-10-164050EST.log
-------------------------------------------------------------------------------------------------
./common/identify_gaia_and_installation.action.common.006.v00.50.00.sh: line 402: [: -gt: unary operator expected
Gaia Version : $gaiaversion = R80.40
System is Security Management Server!
Security Management Server version R80.40
Final $gaiaversion = R80.40
NEW Kernel version 3.10.0-957.21.3cpx86_64
sys_type = SMS
System Type : SMS :true
System Type : MDS :false
System Type : SmartEvent :false
System Type : SmEv Correlation Unit :false
System Type : GATEWAY :false
System Type : STANDALONE :false
System Type : VSX :false
System Type : UEPM Endpoint Server :false
System Type : UEPM Policy Server :false
System Type : UEPM Installed :true
mkdir: created directory './dump'
Output and Log file, folder locations:
$APICLIpathbase : ./dump/2020-12-10-1640EST
$APICLIlogfilepath : ./dump/2020-12-10-1640EST/cli_api_export_objects_to_csv_v00x50x00_2020-12-10-164050EST.log
mgmt_cli Login!
Login to mgmt_cli as administrator and save to session file : id.20201210-164058EST.txt
Password:
mgmt_cli login error! EXITCODE = 1
{
"code" : "err_login_failed",
"message" : "Authentication to server failed."
}
Terminating script...
Exitcode 255
Log output in file ./dump/2020-12-10-1640EST/cli_api_export_objects_to_csv_v00x50x00_2020-12-10-164050EST.log
PhoneBoy
It's been a while since I've looked at this script, but I believe you have to modify it with the credentials you need to log into the management API before execution.
the_rock
No worries Dameon... I connected offline with Eric Beasley, so we will do remote this week and see if we can figure it out : )
Thanks as always!
Andy
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY