This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Andrey_Gromov
Explorer
‎2017-11-22 11:08 PM
Jump to solution

Rule export

Hello. Is there a way to export rulebase easily anywhere on management server so that other people could read it?

For r80 right now I'm using command line (F9) from SmartConsole. For example:

show access-rulebase name "Lan-policy Security" details-level "standard" use-object-dictionary true filter "(dec1-17)" --format text

It's nice. But it would be very nice if there were options to:

1. change uid automatically (for example for network objects)

2. print out only necessary fields like source, destination, service, time, comments

Is it possible without knowing programming languages?

Labels
0 Kudos
1 Solution

Accepted Solutions
7 Replies
Andrey_Gromov
Explorer
‎2017-11-23 01:03 AM
In response to Tomer_Sole
Jump to solution

Thank you. I have tried this script. Nevertheless I can't filter out anything using SmartConsole syntax, so even if I copy the output to Excel, I can't use entities like ip/mask.

0 Kudos
Tomer_Sole
Mentor
Mentor
‎2017-11-23 11:42 AM
In response to Andrey_Gromov
Jump to solution

which one of the tools are you referring to?

0 Kudos
Andrey_Gromov
Explorer
‎2017-11-23 10:00 PM
In response to Tomer_Sole
Jump to solution

I used this script:

$MDS_FWDIR/scripts/web_api_show_package.sh -k <PACKAGE NAME> -d <DOMAIN NAME>

0 Kudos
Robert_Decker
Advisor
‎2017-11-26 12:10 AM
In response to Andrey_Gromov
Jump to solution

You can output the results into a JSON file format and then use a popular and easy JQ to filter any data.

There are plenty of JQ examples in this community. For example - 

https://community.checkpoint.com/message/1151 

Robert.

0 Kudos
Andrey_Gromov
Explorer
‎2017-11-27 01:55 AM
In response to Robert_Decker
Jump to solution

Thanks for your response. But....popular? maybe. Easy? unlikely. I spent 3 hours reading documentation.

Filter .rulebase[].rulebase[0:][].comments got me necessary information partly. But I also needed the source, the destination and the service for those rules. That's crazy.

0 Kudos
Robert_Decker
Advisor
‎2017-11-27 02:15 AM
In response to Andrey_Gromov
Jump to solution

I'm sorry to hear this.

You need some scripting abilities to parse API commands output.

Did you finally manage to get all info you needed?

Here is an additional link that may be useful for you:

https://community.checkpoint.com/thread/6229-how-to-parse-json-output-from-r80-management-api-with-j...

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top