Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Peter_Elmer
Employee
Employee

Using Logs API to see Endpoint VPN Client version used over the last 30 days

Sharing my limited API skills. Below script can be used to query logs API for the Endpoint VPN Client version used over the last 30 days into a json formatted file 'vpnclientversion.json'

You need R80.40 JHF Take 78 or later to use Logs API (link)

 

 

# Login as admin apiUser to query Logs API
mgmt_cli login user "apiUser" password "vpn123" > sessionID.txt

# show logs
echo "show logs" 2>&1 | tee -a sessionlog.out
/bin/date 2>&1 | tee -a sessionlog.out
mgmt_cli set session new-name "show VPN Client Versions" description "show VPN Client Versions" -s sessionID.txt
mgmt_cli show logs new-query.time-frame "last-30-days" new-query.filter "blade:\"Mobile Access"\" -s sessionID.txt --format json > ./vpnclientversion.json


echo "All done.." 2>&1 | tee -a sessionlog.out
/bin/date 2>&1 | tee -a sessionlog.out
mgmt_cli logout -s sessionID.txt

 

 

Then you can use jq to see the client versions found per logs message.

 

 cat vpnclientversion.json | jq -r '["client_name","client_version"], ( .logs[] | .client_name as $clientname | .client_version as $clientversion | [$clientname, $clientversion] )'

 

 

This is far from perfect but may help.

-pelmer

4 Replies
PhoneBoy
Admin
Admin

That’s handy.

0 Kudos
_Val_
Admin
Admin

Hi @Peter_Elmer, if you wrap it nicely and give it a name, this is a ToolBox material. Please let me know

0 Kudos
Andreas_Hofmann
Participant

Hi

why is there no smartlog report option available to find out which vpn dial in software versions are used?

Informations like

Name:                      Check Point Mobile

Version:                   E81.40

Are in the log?

0 Kudos
Peter_Elmer
Employee
Employee

Hello Andreas,

on the main thread you can find a reporting / view template

https://community.checkpoint.com/t5/General-Topics/IMPORTANT-Client-VPN-Endpoint-versions-E81-10-or-... 

-peter 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events