Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Bernhard_Sayer
Contributor

Finding main IP of any managed gateway

I am looking for a way to export main IP addresses of all managed gateways on R80.10 SMS, to use this list for some maintenance stuff (cprid_util, ...).

I found sk85621, which is only for MDM, and the command "mgmt_cli show simple-gateways details-level "full"", which shows me all IP addresses of each gateway.

Does anyone have a solution or hint how to create a simple list of the management IP address of each gateway?

0 Kudos
18 Replies
Robert_Decker
Advisor

You can do this by specifying a JSON formatted output and then apply a JQ command on the output:

mgmt_cli -r true show simple-gateways details-level full --format json | $CPDIR/jq/jq -r '.objects[]["ipv4-address"]'

You can also redirect the output to a file:

mgmt_cli -r true show simple-gateways details-level full --format json | $CPDIR/jq/jq -r '.objects[]["ipv4-address"]' > iplist

Please refer to this link for more info on JQ and API.

Robert.

Bernhard_Sayer
Contributor

Many thanks Robert! Now I understand the Management API reference a little bit better ☺.

But I only get 23 of 110 gateway IP addresses. When I add “limit 500”, which seems to be maximum, I see 27 gateway IP addresses.

So it seems, that the output is limited to a number of lines ….

0 Kudos
Robert_Decker
Advisor

Right, the default limit is 50, so you need to specify a manual upper limit if you need.

This command only returns simple-gateways, there may be non simple-gateways, and they are not returned.

Try the "show gateways-and-servers" command instead. It will return ALL gateways.

Robert.

0 Kudos
Bernhard_Sayer
Contributor

You are right - "show gateways-and-servers" shows all gateways.

But unfortunately this command shows also the cluster objects. Is it possible to filter out these cluster objects, so that i get only real gateway IP addresses? 

Bernhard

0 Kudos
Bernhard_Sayer
Contributor

I found this way working: 

mgmt_cli -r true show gateways-and-servers limit 500 offset 0 details-level full --format json --root true | $CPDIR/jq/jq -r '.objects[]|[.["type"], .["ipv4-address"]]| @csv' | egrep "CpmiClusterMember|simple-gateway" | cut -d "," -f 2 | tr -d '"'

Is there a way to filter like grep with json?

Bernhard

0 Kudos
Robert_Decker
Advisor

No, AFAIK, but you can use the select/contains/not combinations on the output. For Example - 

 | select(.values[] | contains(\"cluster\") | not)

Robert.

0 Kudos
Robert_Decker
Advisor

Here you go, the fully working command - 

mgmt_cli -r true show gateways-and-servers details-level full --format json | $CPDIR/jq/jq -r '.objects[] | select(.type | contains("Cluster") | not) | ."ipv4-address"'

Enjoy,

Robert.

(1)
Bernhard_Sayer
Contributor

But this command displays management server, log server as well as interoperable devices. To catch only managed gateways, only "CpmiClusterMember" and "simple-gateway" (maybe "CpmiSofawareGateway" for embedded appliances) have to filter. Is it possible to use "contains" with OR?

Thanks,

Bernhard

0 Kudos
Robert_Decker
Advisor

Hi, sorry for the late reply, I was on vacation.

You can use multiple elements inside contains statement - 

contains(["simple", "cluster"])

Robert.

0 Kudos
Bernhard_Sayer
Contributor

works - many thanks!!

0 Kudos
Edward_Rule
Explorer

Hello, i'm having this same issue, i've tried to run this command in the checkpoint command line, but when i do i the the error 'The flag "-r" is not supported within SmartConsole's CLI window.' we are using checkpoint r80.40. Do you know where I'm going wrong? 

0 Kudos
Danny
Champion Champion
Champion

Don't run it from the SmartConsole's CLI. Login via SSH and go into expert mode. Then run the command.

0 Kudos
MikaelJohnsson
Contributor

Maybe not the right place to ask but does anyone know how to do it for R77.X versions?

The information seems to be retrievable via dbedit, but as fas a I can tell I have to go through multiple tables to

get the information.

Querying all the firewalls and then filter for SIC (id_value:) gives the main IP in some cases but not in all ?!?

/Mikael

0 Kudos
PhoneBoy
Admin
Admin

Why not just get the object IP?

That's what the manager actually uses to communicate to the gateway. 

0 Kudos
MikaelJohnsson
Contributor

Sure, but how? 🙂

In the objects_5_0.C (and via the output of dbedit) there are multiple "IP address" statements, both what seems to be the Main IP but also under the "interfaces-branch". So a grep for "IP address" will return all those. I haven't seen an entry for "Main IP" or some other unique entry besides the value in the "SIC-branch"... Which isn't always there...

Cheers

Mikael

(I'm replying via my phone so the exact name of the IP-field might not be correct)

0 Kudos
PhoneBoy
Admin
Admin

It's the main object IP...the one identified by ipaddr (not listed in the interfaces branch).

0 Kudos
Olavi_Lentso
Contributor

In the older versions and even in R80.10 cpmiquerybin tool (cpwiki.net) might be used.

The following query to returns firewalls and cluster members:

cpmiquerybin attr "" network_objects "(type='cluster_member') | (type='gateway') & (location='internal')" -a __name__,ipaddr

It should return

object1 IP
object2 IP

In a Multi-Domain Server either run this query in each CMA or use the next query in the MDS context

cpmiquerybin attr "mdsdb" network_objects "(type='gateway') | (type='cluster_member')" -a __name__,ipaddr

Some awk or sed is necessary to get desired output.

Tomer_Sole
Mentor
Mentor

I would upgrade my MGMT to R80.10 for this purpose alone - to use the better API - but maybe that’s just me Smiley Happy 

either way if you plan to upgrade at some point to R80.10, this R77 script’s shelf life won’t be too long...

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events