Re: Identity Awareness Watcher

TurgutKaplanogl

Identity Awareness Watcher is an interactive, read-only troubleshooting tool designed for Check Point Gateways.

It provides real-time visibility into Identity Awareness blade status, user-to-IP mappings, and allows querying by username, IP address, or computer name all from a single, menu-driven interface.

Note: One-time before running the script

Expert mode: chmod +x identity_awareness_watcher.sh

Expert mode: dos2unix identity_awareness_watcher.sh

the_rock

Awesome! Will test it in the lab Monday.

Best,
Andy

Vincent_Bacher

For people who don't already know the pdp commands inside out, this is a really useful tool.
You could also add query by group.

I would perhaps extend it with pep commands for enforcing gateways.
It might be even more helpful here if I think of "pep s u q usr <username>", for example.

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite

the_rock

will have to test it out.

Best,
Andy

Vincent_Bacher

Maybe to test this?

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite

the_rock

Will check Monday.

Best,
Andy

TurgutKaplanogl

Hello,

In V2, I can also include PEP queries.

Thank you

TK

the_rock

Very cool!

Worth pointing out dos2unix needs to be ran as well before running the script.

Lab output:

============================================================
IDENTITY AWARENESS WATCHER
============================================================
Gateway : CP-GW
Version :
============================================================
Identity Awareness Status:
Status: OK
============================================================
1) Query by IP Address
2) Query by Username
3) Query by Computer Name
4) Generate cpinfo
0) Exit

Select an option:

Best,
Andy

TurgutKaplanogl

Thank you. Yes, I mentioned "dos2unix" in my note above. 😊

From Notes: "Note: One-time before running the script

Expert mode: chmod +x identity_awareness_watcher.sh

Expert mode: dos2unix identity_awareness_watcher.sh"

the_rock

I know, but from my own experience when it comes to scripts, people usually download it and think it will run. Well, truth be told, I speak for myself lol

Best,
Andy

TurgutKaplanogl

Thanks for your experience 😊

the_rock

THANK YOU!

Best,
Andy

the_rock

Great script btw!

Best,
Andy

Vincent_Bacher

Yes, well done!

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite

Filters

Sort By

Categories

Identity Awareness Watcher

Disclaimer: Check Point does not provide maintenance services or technical or customer support for third party content provided on this Site, including in CheckMates Toolbox. See also our Third Party Software Disclaimer.