Solved: Re: NAT policy rules hit count not visible in .csv... - Page 2

the_rock · ‎2023-02-23

Hey guys,

I was doing some R81.20 lab testing yesterday and its great to see that NAT rules hit count now works consistently, but weird thing is when I export the NAT rules in csv format, I dont see column for hit count.

If I do same for regular rules, its there and I see the actual hit count, like you see it in smart console. I did same for urlf+appc and content awareness ordered layer rules and hit count shows in csv file. I have a feeling maybe this is by design, but not 100% sure. Anyway, not a big deal, just curious : - )

Thanks as always for the help 🙌

Cheers,

Andy

AOBELAR

Thank you very much for the comments!!!!

the_rock

Of course, no problem. I even ran through below sk, but I am fairly sure steps dont apply to NAT rule base. I also created bogus manual nat rule as a test, but same issue.

Andy

https://support.checkpoint.com/results/sk/sk79240

PhoneBoy

No idea on that one, suggest involving TAC.

the_rock

K, fair enough. I cant open case on it, since its just a lab, but will keep trying 🙂

Andy

Timothy_Hall

This issue has been fixed in R81.20 Jumbo 96+, note that not only do you need the latest JHFA installed you must also have the latest version of the SmartConsole as well. Access to the NAT hit counts is now accessible through the management API too:

RJ-51150,
PMTR-90911

Security Management

NEW: In SmartConsole, the CSV export file of Access Policy NAT rules now contains the hit count data: "Hits", "First Hits" and "Last Hits" columns.

Requires R81.20 SmartConsole Build 661 or higher.

PRJ-56656,
PMTR-92241

Security Management

NEW: The "show nat-rule" and "show nat-rulebase" Management API commands now support displaying hit count data with optional date range filtering through the "show-hits true" parameter, allowing users to retrieve hit statistics for NAT rules with flexible time-based querying in JSON format.

Syntax examples:

mgmt_cli show nat-rule rule-number 1 show-hits true package "standard" --format json
mgmt_cli show nat-rulebase offset 0 limit 20 details-level "standard" use-object-dictionary true package "standard" show-hits true --format json
mgmt_cli show nat-rule rule-number 1 show-hits true package "standard" hits-settings.from-date "2014-01-01" hits-settings.to-date "2014-12-31T23:59" --format json

Gateway Performance Optimization R81.20 Course
now available at maxpowerfirewalls.com

the_rock

Thanks Tim, will try it later tonight when home. Gotta drive 6 hours first to get there lol

Will let you know.

Andy

AOBELAR

Thank you very much for the recommendations, I'm going to try them next week and tell you how it went.

the_rock

As soon as I install it in my lab now that Im back home, will let you know.

Andy

the_rock

@AOBELAR I cant say 100% if it would work if you ONLY installed jumbo 96 on the mgmt, but you can certainly test that.

Andy

the_rock

I attached basic csv export file fort nat rules (Its just OM net being natted by default, but it does show hits now)

Andy

the_rock

Thanks @Timothy_Hall , worked! To quote "Borat"...GREAT SUCCESS 🙂

I installed jumbo 96 on mgmt, clustrer, se server and single gateway, rebooted, all good now.

@AOBELAR ...Im confident would work for you as well. If you need any reference, happy to test anything in my lab.

Best,

Andy

Pedro_Madeira

Take 96

Released on 05 January 2025

Take 96 - New Functionality

NEW: In SmartConsole, the CSV export file of Access Policy NAT rules now contains the hit count data: "Hits", "First Hits" and "Last Hits" columns.

Requires R81.20 SmartConsole Build 661 or higher.

the_rock

Thats right Pedro. Its what Tim Hall mentioned as well.

Thanks a a lot, all is good now!

Andy

Happy New Year.

Pedro_Madeira

I missed his update sorry for the dup.

Are you a member of CheckMates?

NAT policy rules hit count not visible in .csv export file