This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
S_E_
Advisor
‎2018-11-14 01:57 AM

Hit Counter search

Hi,

In R77.30, it is possible to search for Hit Counter Level (Very High, High,..)  in the Policy Query Search bar on top of the SmartDashboard.

Looking at R80, I do not see the filter for Hit Counter anymore.

SmartConsole R80.20 Help 

Will this come back? 

Thanks

1 Reply
Maik
Advisor
‎2018-11-14 04:12 AM

Hey,

I am not sure about future plans - someone from Check Point needs to make a statement regarding that. But in the meanwhile you could use the management API to filter/search for specific/greater|smaller than hitcounts. The information can be obtained via "show access-rulebase name <type_name_here> show-hits true".

Afterwards you could analyze the results or pass the json into sth. different... or use the json to search directly for the required values. Example output of one rule in a rulebase via the above mentioned command:

- uid: "4583b580-1240-4629-a711-5972dda16422"
  name: "Cleanup"
  type: "access-section"
  from: 8
  to: 8
  rulebase:
  - uid: "ca429c69-6cfd-4ccc-b9c6-e50d7d685b8d"
    name: "Cleanup"
    type: "access-rule"
    domain:
      uid: "41e821a0-3720-11e3-aa6e-0800200c9fde"
      name: "SMC User"
      domain-type: "domain"
    rule-number: 8
    track:
      type: "598ead32-aa42-4615-90ed-f51a5928d41d"
      per-session: false
      per-connection: true
      accounting: false
      alert: "none"
    source:
    - "97aeb369-9aea-11d5-bd16-0090272ccb30"
    source-negate: false
    destination:
    - "97aeb369-9aea-11d5-bd16-0090272ccb30"
    destination-negate: false
    service:
    - "97aeb369-9aea-11d5-bd16-0090272ccb30"
    service-negate: false
    vpn:
    - "97aeb369-9aea-11d5-bd16-0090272ccb30"
    action: "6c488338-8eec-4103-ad21-cd461ac2c473"
    action-settings: {}
    content:
    - "97aeb369-9aea-11d5-bd16-0090272ccb30"
    content-negate: false
    content-direction: "any"
    time:
    - "97aeb369-9aea-11d5-bd16-0090272ccb30"
    hits:
      percentage: "0%"
      value: 0
    custom-fields:
      field-1: ""
      field-2: ""
      field-3: ""
    meta-info:
      lock: "unlocked"
      validation-state: "ok"
      last-modify-time:
        posix: 1494777048228
        iso-8601: "2017-05-14T18:50+0300"
      last-modifier: "admin"
      creation-time:
        posix: 1460465910414
        iso-8601: "2016-04-12T15:58+0300"
      creator: "admin"
    comments: ""
    enabled: true
    install-on:
    - "6c488338-8eec-4103-ad21-cd461ac2c476"

[This information was obtained via a mgmt demo instance, the hit count part is marked in red.]

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events