- Products
- Learn
- Local User Groups
- Partners
- More
Check Point Jump-Start Online Training
Now Available on CheckMates for Beginners!
Why do Hackers Love IoT Devices so Much?
Join our TechTalk on Aug 17, at 5PM CET | 11AM EST
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
The SMB Cyber Master
Boost your knowledge on Quantum Spark SMB gateways!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Hi!
I have some tcp and udp services that I have increased the virtual session timeout for a long time ago.
Now I dont remember all the services that I increased, as this was back in the R77 days.
In the R77.30 SmartConsole there was a column for the session timeout value in the object explorer that could be sorted (highest to lowest) and very easy to find.
Is this possible in the R80.30 SmartConsole too? I cannot find that column and no way to add it either.
I don't know if there's a way to do it in SmartConsole, but it's pretty easy with the API. You can use a script a bit like this:
mgmt_cli -r true \
show services-tcp \
details-level full \
limit 500 \
offset 0 \
--format json \
| jq -c ".objects[]|{timeout:.\"session-timeout\",name:.name}"
That will spit out data like this:
{"timeout":3600,"name":"AOL"}
{"timeout":3600,"name":"AP-Defender"}
{"timeout":3600,"name":"AT-Defender"}
...
The maximum number of entries a single API call can return is 500. If you have more than 500 TCP services, you would need to run this several times with stepped offsets. First time with offset 0, second with offset 500, and so on.
For UDP, it's the same thing, just with 'show services-udp' in the second line.
Once you have the output, you can filter it in whatever way you want. 'grep -v ":3600,"' would be a good option to get rid of TCP services with the default timeout.
I don't know if there's a way to do it in SmartConsole, but it's pretty easy with the API. You can use a script a bit like this:
mgmt_cli -r true \
show services-tcp \
details-level full \
limit 500 \
offset 0 \
--format json \
| jq -c ".objects[]|{timeout:.\"session-timeout\",name:.name}"
That will spit out data like this:
{"timeout":3600,"name":"AOL"}
{"timeout":3600,"name":"AP-Defender"}
{"timeout":3600,"name":"AT-Defender"}
...
The maximum number of entries a single API call can return is 500. If you have more than 500 TCP services, you would need to run this several times with stepped offsets. First time with offset 0, second with offset 500, and so on.
For UDP, it's the same thing, just with 'show services-udp' in the second line.
Once you have the output, you can filter it in whatever way you want. 'grep -v ":3600,"' would be a good option to get rid of TCP services with the default timeout.
Thanks! I will try it
I also tried to open the Https inspection settings in R80.30, which opens the legacy R77.30 SmartDashboard.
That also work, the column is still there.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY