This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
Mark as Verified by CP
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

PSQL - Show all centrally managed Check Point systems

Danny
MVP Platinum
MVP Platinum

🏆 PSQL wizardry!
✔️ Works on all Single Domain Managements
👉 Directly queries the management database

PSQL query to show all centrally managed Check Point systems of a Check Point Security Management (SmartCenter).
In expert mode run:


    psql_client monitoring postgres -c "SELECT alive_gateways.gateway, statuses_view.cp_shared_version AS version, REGEXP_REPLACE(os_installed_packages_view.deployment_packages_package_name, '.*(?:Bundle_T|JHF_T)(\d+).*', 'Take \1
...;
TO ACCESS CHECKMATES TOOLBOX
REGISTER SIGN IN
it's simple and free

Disclaimer: Check Point does not provide maintenance services or technical or customer support for third party content provided on this Site, including in CheckMates Toolbox. See also our Third Party Software Disclaimer.




Mark as Verified by CP
(1)
6 Replies

the_rock
MVP Platinum
MVP Platinum
‎2025-10-30 05:50 AM

Just ran it in the lab...amazing.


[Expert@CP-MANAGEMENT:0]# psql_client monitoring postgres -c "SELECT alive_gateways.gateway, statuses_view.cp_shared_vrsion AS version, REGEXP_REPLACE(os_installed_packages_view.deployment_packages_package_name, '.*(?:Bundle_T|JHF_T)(\d).*', 'Take \1') AS jhf, alive_gateways.ip, string_agg(DISTINCT entitlement_view.family, ', ') AS families, statuses_vew.fw_policy_name, statuses_view.fw_install_time AS last_policy_install FROM alive_gateways JOIN statu

...;
TO ACCESS CHECKMATES TOOLBOX
REGISTER SIGN IN
it's simple and free


0 Kudos
Mark as Verified by CP

PhoneBoy
Admin
Admin
‎2025-10-30 07:21 AM

Directly from Postgres...nice 🙂

;
TO ACCESS CHECKMATES TOOLBOX
REGISTER SIGN IN
it's simple and free


0 Kudos
Mark as Verified by CP

Bob_Zimmerman
MVP Gold
MVP Gold
‎2025-10-30 07:50 AM

It works on an R82 MDS, it just doesn't tell you which CMA a given firewall belongs to. A bigger issue is it seems to sometimes (but not always!) include more packages than it should. Here's an example from one of my managements:


    gateway | version | jhf | ip | families | fw_policy_name | last_policy_install ------------------------+---------+-------------------------------------------------------+----------------+---------------------+----------------+-------------------------- So
...;
TO ACCESS CHECKMATES TOOLBOX
REGISTER SIGN IN
it's simple and free


0 Kudos
Mark as Verified by CP

Danny
MVP Platinum
MVP Platinum
‎2025-10-30 08:22 AM

@Bob_Zimmerman : Thanks for quick MDS test. Adding the CMA domain_id is pretty easy, as shown below. I just need to find a table or view to get the CMA name from, so that I don't have to show its id instead.


   psql_client monitoring postgres -c "SELECT alive_gateways.gateway, statuses_view.cp_shared_version AS version, REGEXP_REPLACE(os_installed_packages_view.deployment_packages_package_name, '.*(?:Bundle_T|JHF_T)(\d+).*', 'Take \1') AS jhf, alive_gateways.ip, string_agg(DISTINC
...;
TO ACCESS CHECKMATES TOOLBOX
REGISTER SIGN IN
it's simple and free


0 Kudos
Mark as Verified by CP

Flo
Contributor
Contributor
Thursday

Very nice one. It works fine on my lab.

it would be nice, if you also can show the information for the embedded gaia (spark) systems. In my environment with R82 Mgmt it does not show any information about it.

Thank you.

;
TO ACCESS CHECKMATES TOOLBOX
REGISTER SIGN IN
it's simple and free


0 Kudos
Mark as Verified by CP

PhoneBoy
Admin
Admin
Monday

SMB gateways are a different object type and are probably not reflected in the psql query.

;
TO ACCESS CHECKMATES TOOLBOX
REGISTER SIGN IN
it's simple and free


0 Kudos
Mark as Verified by CP