Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Robert_Decker
Advisor

R80 Management API tips and tricks - "show-objects" command

The show-objects API command is very useful for general objects search, by specifying the objects "type" parameter and filtering the results by "filter" parameter.

Here is a list of available object types (R80.10) that can be used:

access-role
address-range
administrator
application-site
application-site-category
application-site-group
data-center
data-center-object
dns-domain
dynamic-object
gateways-and-servers
group
group-with-exclusion
host
host-ckp
mds
multicast-address-range
network
opsec-application
scada-application
security-zone
service-dce-rpc
service-icmp
service-icmp6
service-other
service-rcp
service-sctp
service-tcp
service-udp
service-group
session
simple-gateway
tag
task
time
time-group
vpn-community-meshed
vpn-community-star
unused-object

The "filter" parameter can be made up as an expression, containing logical operators -  'AND', 'OR', in capital letters. The provided expression should be exactly the same as it would be given in SmartConsole GUI.

For example, to search all tcp services with names containing "aol" or "bgp", use - 

show-objects type service-tcp filter "aol OR bgp"

To search all tcp services having a name containing both "edonkey" and "466", use - 

show-objects type service-tcp filter "edonkey AND 466"

In addition, there are undocumented parameters "in" and "not in", for string matching in textual fields, such as name and comments.

For example, to search all tcp services containing "ext" in the name field, use - 

show-objects type service-tcp in.1 name in.2 ext

To search all tcp services containing "cifs" in the comments field, use - 

show-objects type service-tcp in.1 comments in.2 cifs

To search all tcp services NOT containing "cifs" in the comments field, use - 

show-objects type service-tcp not.in.1 comments not.in.2 cifs

Hope this helps.

Robert.

7 Replies
Kim_Moberg
Advisor

Awsome!!!

Best Regards
Kim
0 Kudos
Petr_Hantak
Advisor
Advisor

Thank you for it!

PhoneBoy
Admin
Admin

Curious, shouldn't this be in Developers (Code Hub)‌?

0 Kudos
_Val_
Admin
Admin

I would say yes

0 Kudos
Christian_Hofma
Employee
Employee

Hi Robert,

show objects is really nice, I would love to have the filters in all show commands.

Is there a way to filter by domain? Especially on services it would be super helpful to filter our the pre-defined ones from the "Check Point Data" domain as you cannot edit them.

Thanks

Christian

Luis_Miguel_Mig
Advisor

Is it possible to filter by more than one type ? For example type host or group.

0 Kudos
Luis_Miguel_Mig
Advisor

the best way I found was with a loop with an array  like this 


querytype: [host, group]

- name: Host Check
checkpoint_object_facts:
object_type: "{{item}}"
object_filter: "{{newip}}"
ip_only: yes

with_items:  "{querytype}'

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events