cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Employee+
Employee+

Alert on rule time expire

Jump to solution

Hi gurus,

do we have any option to alert admins via e-mail about time limited rules about to expire?

Br,

Aleksandr

Tags (2)
1 Solution

Accepted Solutions

Re: Alert on rule time expire

Jump to solution

Hi,

SmartConsole does not have such feature at the moment. For R80, setting up the customized email template to the specific users, with the specific pre-expiration threshold, could be achieved by using API commands such as "show-access-rulebase", or alternatively "show-times" and then "where-used" per expired time object.

0 Kudos
6 Replies

Re: Alert on rule time expire

Jump to solution

Hi,

SmartConsole does not have such feature at the moment. For R80, setting up the customized email template to the specific users, with the specific pre-expiration threshold, could be achieved by using API commands such as "show-access-rulebase", or alternatively "show-times" and then "where-used" per expired time object.

0 Kudos
Employee+
Employee+

Re: Alert on rule time expire

Jump to solution

Hi Tomer,

Do we have this feature in roadmap for near future? This is the  feature people a asking about and missing a lot .

/Alec

0 Kudos

Re: Alert on rule time expire

Jump to solution

We have this in our roadmap plan.

thanks,

Tomer.

0 Kudos

Re: Alert on rule time expire

Jump to solution

Hi Tomer Sole,

How to find expired rules using "show-access-rulebase" API.

I am not able to find any field which provides me this information. 

Looks like I am missing something.

0 Kudos

Re: Alert on rule time expire

Jump to solution

Hi, just like SmartConsole, this option is not available with the R80.10 API either. This is because the logics happen on the Management Server. Both SmartConsole and the MGMT API are simply clients that utilize the logics that happen on the Management Server.

In our next releases, this gap will be closed, and then both clients (SmartConsole & API) will have this capability. 

As a workaround, you will have to iterate per rule and check whether it has a time object, and the time object's data.

0 Kudos
Highlighted

Re: Alert on rule time expire

Jump to solution

Hi, I created a small python script that is using the web services API. maybe you can use it.

#!/usr/bin/python
import requests, json, urllib3, os, smtplib, re
from datetime import datetime
from email.parser import Parser
from pprint import pprint
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)

mgmtserv = 'ip of your mgmt server'
mgmtport = '443'
mgmtuser = 'yourapiuser'
mtmtpass = 'apiuserpassword'
mailpath = '/root/maildir/'
smtpserver = 'yourmailserver'

def api_call(command, json_payload, sid):
    url = 'https://' + mgmtserv + ':' + mgmtport + '/web_api/' + command
    if sid == '':
        request_headers = {'Content-Type' : 'application/json'}
    else:
        request_headers = {'Content-Type' : 'application/json', 'X-chkp-sid' : sid}
    r = requests.post(url,data=json.dumps(json_payload), headers=request_headers, verify=False)
    return r.json()


def login(user,password):
    payload = {'user':user, 'password':password}
    response = api_call('login', payload, '')
    return response["sid"]


def createmails(userarr,content,delta):
    for mail in userarr:
        mailfile = mailpath + mail.lower()
        if not os.path.isfile(mailfile):
            filehandler = open(mailfile,"w+")
            if re.search(r'@',mail.lower()):
                filehandler.write("To:" + mail.lower() + "\n")
            else:
                filehandler.write("To:" + mail.lower() + "@<yourdomainname here>\n")
            filehandler.write("From: \n")
            filehandler.write("Cc: \n")
            filehandler.write("Subject: rule expiration\n")
            filehandler.write("Content-Type: text/html; charset=UTF-8\n\n")
            filehandler.write("<html><body>\n")
            filehandler.write("<p><span style=\"font-family:sans-serif\"; font-size:\"0.5em\">\n")
            filehandler.write("Hi,<br>The following rules are about to expire.<br><br>")
            filehandler.write("<table border='1'>\n<tr>\n<th>source</th>\n<th>destination</th>\n<th>service</th>\n<th>days left</th>\n<th>contacts</th>\n<th>ticket number</th>\n<th>additional rule information</th>\n</tr>\n")
            filehandler.close()
        appendcontenttomail(mailfile,content,delta)

def appendcontenttomail(mailfile,content,delta):
    filehandler = open(mailfile,"a")
    daysleft = delta.days
    print daysleft
    filehandler.write("<tr><td>")
    for item in content['source']:
        filehandler.write(item['name'] + "<br>")
    filehandler.write("</td><td>")
    for item in content['destination']:
        filehandler.write(item['name'] + "<br>")
    filehandler.write("</td><td>")
    for item in content['service']:
        filehandler.write(item['name'] + "<br>")
    filehandler.write("</td><td>")
    filehandler.write(str(daysleft))
    filehandler.write("</td><td>")
    filehandler.write(content['custom-fields']['field-3'])
    filehandler.write("</td><td>")
    filehandler.write(content['custom-fields']['field-2'])
    filehandler.write("</td><td>")
    filehandler.write(content['custom-fields']['field-1'])
    filehandler.write("</td>\n")
    filehandler.close()

sid = login(mgmtuser,mtmtpass)

result = api_call('show-times', {}, sid)

for i in result['objects']:
    timedetail = api_call('show-time', {'uid':i['uid']}, sid)
    if not timedetail['end-never']:
        date1 = datetime.strptime(timedetail['end']['date'], "%d-%b-%Y")
        date2 = datetime.now()
        delta = date1 - date2

        if (int(delta.days) == 45) or (int(delta.days) == 21) or (int(delta.days) == 3):
            rules = api_call('where-used', {'uid':i['uid']}, sid)
            for rulenr in rules['used-directly']['access-control-rules']:
                accessrule = api_call('show-access-rule', {'layer':rulenr['layer']['uid'],'uid':rulenr['rule']['uid']}, sid)
                if accessrule['custom-fields']['field-3'] != '':
                    users = accessrule['custom-fields']['field-3'].split("/")
                    createmails(users,accessrule,delta)

                    
for file in os.listdir(mailpath):
    mailfile = mailpath + file
    filehandler = open(mailfile,"a")
    filehandler.write("</table>\n</span>\n</p>\n</body>\n</html>\n")
    filehandler.close

    headers = Parser().parse(open(mailfile, 'r'))
    fromaddr = headers['From']

    toaddr = headers['To']
    ccaddr = headers['Cc']
    toaddrs = [toaddr] + [ccaddr]
    server = smtplib.SMTP(smtpserver)
    server.sendmail(fromaddr, toaddrs, headers.as_string())
    server.quit()


logout_result = api_call('logout', {}, sid)

you need to change the from, CC and <yourdomainname here> to your needs.