This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
bernhard_m
Collaborator
Collaborator
‎2018-06-07 12:28 AM
Jump to solution

Extract "migrate export" and "clish config" from backup

Does anyone know of a tool / script or an easy procedure to extract useful parts from a backup file?

I'm thinking of a "migrate export" format by repackaging the relevant files of a backup file and a conversion tool for converting the /config/inital file to clish configuration commands

Any help is appreciated,

Bernhard

1 Solution

Accepted Solutions
Danny
MVP Platinum
MVP Platinum
‎2018-06-07 07:21 AM
Jump to solution

In your case I would simply edit the configuration scheme for management backups

/var/CPbackup/schemes/mgmts.cpbak‍‍

and have it including a migrate export directly into the backup archive. This way you can simply extract it whenever you need it.

Alternatively you could also create a second cron job that performs an migrate export one hour before your backup schedule. Just include the path and filename of the created archive within the INCLUDE_FILES section:

<INCLUDE_FILES>
BERNHARDS_MIGRATE_EXPORT.tgz
</INCLUDE_FILES>‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

View solution in original post

10 Replies
G_W_Albrecht
MVP Silver
MVP Silver
‎2018-06-07 04:30 AM
Jump to solution

I do know no tool, so the procedure would be to restore on a fresh install before performing migrate export and save configuration.

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
bernhard_m
Collaborator
Collaborator
‎2018-06-07 05:15 AM
In response to G_W_Albrecht
Jump to solution

That's what i am aware of and wanted to avoid. Especialy because i think this is a task where the main parts of the code should be available already (at Check Point at least).

A really cool solution would be a BackupParserUtility (like the new DiagnosticView but fed with a backup-file instead of a cpinfo) and different export Features.

... just dreaming... could also add this request to the "Idea of the year section" Smiley Happy

0 Kudos
G_W_Albrecht
MVP Silver
MVP Silver
‎2018-06-07 05:34 AM
In response to bernhard_m
Jump to solution

Such a tool surely is possible - in R77.30, you could perform that manually (by copying fwauth.ndb, lcrulebases_5_0.fws, rulebases_5_0.fws, fgrulebases_5_0.fws, slprulebases_5_0.fws and Objects_5_0.C from SMS /conf), but now, all data is in an SQL database. But honestly, where and for what purpose should such a tool be needed ? If i have a backup, i can get a working configuration in a very short time. And if - on SMS - i never do a migrate export i have only myself to blame 😉

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
bernhard_m
Collaborator
Collaborator
‎2018-06-07 05:44 AM
In response to G_W_Albrecht
Jump to solution

Because it's easy to schedule and upload a backup to an external storage via clish. If i want the same with migrate export I have to write and schedule it myself (for scp, ftp, or whatever destination if want). Why doing it twice if the information is available in the backup file? And most of the time i need a migrate export instead of a full backup...

0 Kudos
G_W_Albrecht
MVP Silver
MVP Silver
‎2018-06-07 07:21 AM
In response to bernhard_m
Jump to solution

If you need a migrate export most of the time (i would suppose that for SMS, this is the ideal kind of backup), why not do it that way ? Easy to script and schedule in GAiA ! Is anyone else interested in such a tool ?

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Danny
MVP Platinum
MVP Platinum
‎2018-06-07 07:21 AM
Jump to solution

In your case I would simply edit the configuration scheme for management backups

/var/CPbackup/schemes/mgmts.cpbak‍‍

and have it including a migrate export directly into the backup archive. This way you can simply extract it whenever you need it.

Alternatively you could also create a second cron job that performs an migrate export one hour before your backup schedule. Just include the path and filename of the created archive within the INCLUDE_FILES section:

<INCLUDE_FILES>
BERNHARDS_MIGRATE_EXPORT.tgz
</INCLUDE_FILES>‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍
bernhard_m
Collaborator
Collaborator
‎2018-06-08 12:44 AM
In response to Danny
Jump to solution

Thanks Danny. That's great alternatives to repackage a migrate export format from the backup.

0 Kudos
bernhard_m
Collaborator
Collaborator
‎2018-06-08 12:49 AM
Jump to solution

Any ideas regaring the conversion of the /config/initial to clish configuration commands?

G_W_Albrecht
MVP Silver
MVP Silver
‎2018-06-08 04:47 AM
In response to bernhard_m
Jump to solution

I can only find /config/db/initial and /config/db/initial_db

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
bernhard_m
Collaborator
Collaborator
‎2018-06-08 05:17 AM
In response to G_W_Albrecht
Jump to solution

You are right. The correct path is /config/db/initial.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events