Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
TexasT
Employee
Employee

Smarttask + policy presets

Goal:   use policy preset to automate policy installs – then email administrators status of installs.

In SmartTask,  configure triggers for "after policy installation."

In the scripts repository, there is already a script to "show policy status."  

1) when that script is ran,  where is the output?

2) how to modify that script to add an email function?  

 

We can clone the script while looking at the SmartTask function,  but cannot clone it if we are inside the scripts repository.  Even after cloning it, cannot modify it or view the actual script. can only delete it 😞

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

My guess is that it probably just runs a single command (either fw stat or cpstat -f policy fw).
In which case, you can write a script that just calls that and parses it accordingly.

0 Kudos
Jose_Tapia
Employee
Employee

I PhoneBoy, hope you be fine.

 

Can we through SmartTask, requiere a comment on a fw rule before install policy? and if is yes, do you know howto do it?

0 Kudos
PhoneBoy
Admin
Admin

At install policy time? No.
I believe you can do it before publishing the session where the rule is created, which is the correct time to do it.
It would involve parsing the contents of the show changes API (which is what is passed to the script).
You'd have to look for rule changes and see if they contain a comment or not.
The documentation explains the flow (with an example): https://sc1.checkpoint.com/documents/R80.40/WebAdminGuides/EN/CP_R80.40_SecurityManagement_AdminGuid...

0 Kudos