This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
JED
Participant
‎2024-02-14 09:20 AM
Jump to solution

mgmt_cli : Creation of Multiple Domain Objects & then adding to a Network Group

Hi all,

looking for some guidance and some examples on the following two requirements: I hope someone can assist?

1. Using "mgmt_cli"

a) there is a need to build (say 100 Domain) domain objects : how can this be done by using "mgmt_Cli"?  

b) there is a need to then Create a Network Group and then include the domain objects created in item 1 above.

 

The raw inputs that I  have are in clear text format as typically shown below for the domain objects :-

browser.events.data.microsoft.com
browser.events.data.msn.com

 

Having looked at the guide on the "mgmt_cli"  I have not seen any way to do item (a) above.

And consequently have not seen how item (b) can be done.

 

Can anyone please  advise and show some examples ?

Thanks, JED

 

 

 

 

0 Kudos
1 Solution

Accepted Solutions
4 Replies
Amir_Senn
MVP Silver CHKP MVP Silver CHKP
MVP Silver CHKP
‎2024-02-15 12:47 AM
Jump to solution

Hi,

You can find the syntax for adding a domain and adding a domain with multiple servers.

https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/add-domain~v1.9.1%20

Should be followed by set trusted clients for those domains:

https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/set-trusted-client~v1.9.1%20

1 command of each to every domain you want to create. Use a script for names and IPs if you want.

Do it with login first and adding session id instead of -r true, -r true publishes every command. When you login you can put all the commands and then send publish. This should execute all the commands and I believe domain creation will be in queue.

I would advice trying a lower number first.

Kind regards, Amir Senn
0 Kudos
Katherine561
Explorer
‎2024-02-15 01:42 AM
In response to Amir_Senn
Jump to solution

@Amir_Senn wrote:

Hi,

You can find the syntax for adding a domain and adding a domain with multiple servers.

https://sc1.checkpoint.com/ CatNeedsBest /documents/latest/APIs/index.html#cli/add-domain~v1.9.1%20

Should be followed by set trusted clients for those domains:

https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/set-trusted-client~v1.9.1%20

1 command of each to every domain you want to create. Use a script for names and IPs if you want.

Do it with login first and adding session id instead of -r true, -r true publishes every command. When you login you can put all the commands and then send publish. This should execute all the commands and I believe domain creation will be in queue.

I would advice trying a lower number first.


Thank you for your this help.

0 Kudos
JED
Participant
‎2024-02-15 11:21 AM
In response to Katherine561
Jump to solution

Hi, many thanks for the links to the documents. 

I'm not sure exactly on the syntax I see that it will do what I need.

1. as in normal SMS one would create a Network Object> more > Domain and then populate with the domain name. The domain FWDN would start with a "."  example :  .checkpoint.com.

What I need is a method to crate :  .checkpoint.com, .1checkpoint.com <> .100checkpoint.com  :  the 100  different domain names.

These would then be reflected in the SMS GUI as the domains.

Then the second item of the request would be to group all the FQDN Domains created  into one Group,

Is this at all possible? I have seen examples with Host ipV4 addresses being explained but none with FQDN.

Many thanks,

JED

0 Kudos
PhoneBoy
Admin
Admin
‎2024-02-15 06:47 PM
In response to JED
Jump to solution

The correct API for Domain objects: https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/add-dns-domain~v1.9.1%20
Adding a new group with members: https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/add-group~v1.9.1%20 
Modifying an existing group and adding members: https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/set-group~v1.9.1%20 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events