This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Mattias_Jansson
Contributor
‎2020-11-19 12:07 PM

Finding tcp and udp service timeouts

Jump to solution

Hi!

I have some tcp and udp services that I have increased the virtual session timeout for a long time ago.

Now I dont remember all the services that I increased, as this was back in the R77 days.


In the R77.30 SmartConsole there was a column for the session timeout value in the object explorer that could be sorted (highest to lowest) and very easy to find.

Is this possible in the R80.30 SmartConsole too? I cannot find that column and no way to add it either.

0 Kudos
1 Solution

Accepted Solutions
Bob_Zimmerman
Advisor
‎2020-11-19 02:01 PM

Jump to solution

I don't know if there's a way to do it in SmartConsole, but it's pretty easy with the API. You can use a script a bit like this:

mgmt_cli -r true \
show services-tcp \
details-level full \
limit 500 \
offset 0 \
--format json \
| jq -c ".objects[]|{timeout:.\"session-timeout\",name:.name}"

That will spit out data like this:

{"timeout":3600,"name":"AOL"}
{"timeout":3600,"name":"AP-Defender"}
{"timeout":3600,"name":"AT-Defender"}
...

The maximum number of entries a single API call can return is 500. If you have more than 500 TCP services, you would need to run this several times with stepped offsets. First time with offset 0, second with offset 500, and so on.

For UDP, it's the same thing, just with 'show services-udp' in the second line.

Once you have the output, you can filter it in whatever way you want. 'grep -v ":3600,"' would be a good option to get rid of TCP services with the default timeout.

View solution in original post

2 Replies
Bob_Zimmerman
Advisor
‎2020-11-19 02:01 PM

Jump to solution

I don't know if there's a way to do it in SmartConsole, but it's pretty easy with the API. You can use a script a bit like this:

mgmt_cli -r true \
show services-tcp \
details-level full \
limit 500 \
offset 0 \
--format json \
| jq -c ".objects[]|{timeout:.\"session-timeout\",name:.name}"

That will spit out data like this:

{"timeout":3600,"name":"AOL"}
{"timeout":3600,"name":"AP-Defender"}
{"timeout":3600,"name":"AT-Defender"}
...

The maximum number of entries a single API call can return is 500. If you have more than 500 TCP services, you would need to run this several times with stepped offsets. First time with offset 0, second with offset 500, and so on.

For UDP, it's the same thing, just with 'show services-udp' in the second line.

Once you have the output, you can filter it in whatever way you want. 'grep -v ":3600,"' would be a good option to get rid of TCP services with the default timeout.

Mattias_Jansson
Contributor
‎2020-11-19 10:24 PM
In response to Bob_Zimmerman

Jump to solution

 Thanks! I will try it

I also tried to open the Https inspection settings in R80.30, which opens the legacy R77.30 SmartDashboard. 
That also work, the column is still there.

0 Kudos