This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Yasushi_Kono1
Collaborator
Collaborator
Friday
Jump to solution

Getting hitcount information out the NAT Policy per json

I am wondering whether it is possible to extract the NAT rule base usage according to hitcount. As I extracted the nat rule base, I could use the details-level full syntax, but in the output, there is no hitcount information at all. 
Eventually, I could get into the monitoring instance of the PostgreSQL database, but before doing this, I would get your opinion on how to get the requested information. I wanted to write a bash script sorting the nat rule by its respective hitcount.

Any ideas?

0 Kudos
1 Solution

Accepted Solutions
Vincent_Bacher
Leader Leader
Leader
Friday
Jump to solution

According to management API 2.01 docu it should work:

POST https://<mgmt-server>:<port>/web_api/show-nat-rulebase


e.g.

POST https://<mgmt-server>:<port>/web_api/show-nat-rulebase
Content-Type: application/json
X-chkp-sid: <session-id>


{
  "package": "standard",
  "offset": 0,
  "limit": 50,
  "details-level": "standard",
  "use-object-dictionary": true,
  "show-hits": true,
  "hits-settings": {
    "from-date": "2024-12-12",
    "to-date": "2025-12-12"
  }
}

 

show-hits boolean Show hitcount data.
hits-settings Object 
Parameter name Value Description
from-date string Format: YYYY-MM-DD, YYYY-mm-ddThh:mm:ss.
target string Target gateway name or UID.
to-date string Format: YYYY-MM-DD, YYYY-mm-ddThh:mm:ss.
 
 Hitcount settings, define the range if hits to show.
and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite

View solution in original post

4 Replies
Vincent_Bacher
Leader Leader
Leader
Friday
Jump to solution

According to management API 2.01 docu it should work:

POST https://<mgmt-server>:<port>/web_api/show-nat-rulebase


e.g.

POST https://<mgmt-server>:<port>/web_api/show-nat-rulebase
Content-Type: application/json
X-chkp-sid: <session-id>


{
  "package": "standard",
  "offset": 0,
  "limit": 50,
  "details-level": "standard",
  "use-object-dictionary": true,
  "show-hits": true,
  "hits-settings": {
    "from-date": "2024-12-12",
    "to-date": "2025-12-12"
  }
}

 

show-hits boolean Show hitcount data.
hits-settings Object 
Parameter name Value Description
from-date string Format: YYYY-MM-DD, YYYY-mm-ddThh:mm:ss.
target string Target gateway name or UID.
to-date string Format: YYYY-MM-DD, YYYY-mm-ddThh:mm:ss.
 
 Hitcount settings, define the range if hits to show.
and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
the_rock
MVP Platinum
MVP Platinum
Friday
In response to Vincent_Bacher
Jump to solution

Hey Vince,

I wanted to give it a go, but cant find it in the doc...is it this one?

https://sc1.checkpoint.com/documents/latest/APIs/index.html?#cli/introduction~v2.0.1%20

Best,
Andy
0 Kudos
Vincent_Bacher
Leader Leader
Leader
Friday
In response to the_rock
Jump to solution

Looking at access control and Nat there is a section Nat rule and here show-Nat-rulebase 

At request body you see filter options 

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite
the_rock
MVP Platinum
MVP Platinum
Friday
In response to Vincent_Bacher
Jump to solution

Ah, got it, missed that part the first time. Thanks!

Best,
Andy
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events