Skip to main content

CheckPoint Firewall v2

This Integration is part of the Check Point Firewall Pack.#

Overview#


Integration Overview Manage Check Point Firewall. Read information and to send commands to the Check Point Firewall server. This integration was integrated and tested with version R80.30 of CheckPoint SmartConsole.

Product Name: Check Point Firewall
Product Type: Network Security
Product Version: R80.30

How to configure the integration:#

In the Smart Console, enable the web api: Management & Setting โ†’ Blades โ†’ Management API, Advanced Setting โ†’ All IP address

Enable sftp on your server Check Point guide to walk you through: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk82281

  1. Navigate to Settings > Integrations > Servers & Services.
  2. Search for CheckPoint_FW.
  3. Click Add instance to create and configure a new integration instance.
ParameterDescriptionRequired
serverServer URL (e.g. example.net or 8.8.8.8)True
portServer Port (e.g. 4434)True
domainDomain (used in Multi Domain Server)False
usernameUsernameTrue
insecureTrust any certificate (not secure)False
proxyUse system proxy settingsFalse
  1. Click Test to validate the URLs, token, and connection.

Commands#

You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

checkpoint-host-list#


Show all host objects

Base Command#

checkpoint-host-list

Input#

Argument NameDescriptionRequired
limitThe maximal number of returned results.Optional
offsetNumber of the results to initially skip.Optional
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.Host.nameStringobject name
CheckPoint.Host.uidStringobject uid
CheckPoint.Host.typeStringobject type
CheckPoint.Host.ipv4StringIP-v4 address of a spesific host
CheckPoint.Host.ipv6StringIP-v4 address of a spesific host

Command Example#

!checkpoint-host-list limit=5

Context Example#

{
"CheckPoint": {
"Host": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": "18.88.8.7",
"ipv6-address": "2001:0db8:85a3:0000:0000:8a2e:0370:7334",
"last-modifier": null,
"name": "18.88.8.7",
"read-only": null,
"type": "host",
"uid": "f083d3ce-8e95-460f-a386-0bc4eca1214a"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": "18.88.8.8",
"ipv6-address": "2001:0db8:85a3:0000:0000:8a2e:0370:7334",
"last-modifier": null,
"name": "18.88.8.8",
"read-only": null,
"type": "host",
"uid": "b032c0a7-096c-4b27-9a09-8d9437312135"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": "192.168.30.2",
"ipv6-address": "2001:0db8:85a3:0000:0000:8a2e:0370:7334",
"last-modifier": null,
"name": "192.168.30.2",
"read-only": null,
"type": "host",
"uid": "5bd98c85-f848-45ab-aa4c-c729fb8b1723"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": "200.200.200.112",
"ipv6-address": "2001:0db8:85a3:0000:0000:8a2e:0370:7334",
"last-modifier": null,
"name": "200.200.200.112",
"read-only": null,
"type": "host",
"uid": "23c4b2cf-0adc-4282-8f15-262cfec7f5f5"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": "192.192.10.10",
"ipv6-address": "2001:0db8:85a3:0000:0000:8a2e:0370:7334",
"last-modifier": null,
"name": "Demisto - 2096",
"read-only": null,
"type": "host",
"uid": "cded0c90-3402-4766-ad1b-adaf972b254f"
}
]
}
}

Human Readable Output#

CheckPoint data for all hosts:#

nameuidtypeipv4-addressipv6-address
18.88.8.7f083d3ce-8e95-460f-a386-0bc4eca1214ahost18.88.8.72001:0db8:85a3:0000:0000:8a2e:0370:7334
18.88.8.8b032c0a7-096c-4b27-9a09-8d9437312135host18.88.8.82001:0db8:85a3:0000:0000:8a2e:0370:7334
192.168.30.25bd98c85-f848-45ab-aa4c-c729fb8b1723host192.168.30.22001:0db8:85a3:0000:0000:8a2e:0370:7334
200.200.200.11223c4b2cf-0adc-4282-8f15-262cfec7f5f5host200.200.200.1122001:0db8:85a3:0000:0000:8a2e:0370:7334
Demisto - 2096cded0c90-3402-4766-ad1b-adaf972b254fhost192.192.10.102001:0db8:85a3:0000:0000:8a2e:0370:7334

checkpoint-host-get#


get all data of a given host

Base Command#

checkpoint-host-get

Input#

Argument NameDescriptionRequired
identifierobject unique identifier (uid) or nameRequired
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.Host.nameUnknownhost name
CheckPoint.Host.uidStringobject uid
CheckPoint.Host.typeUnknownobject type
CheckPoint.Host.domain-nameStringdomain name
CheckPoint.Host.domain-uidStringdomain uid
CheckPoint.Host.ipv4-addressStringIP address
CheckPoint.Host.ipv6-addressStringIP address
CheckPoint.Host.read-onlyBooleanindicates if the object is read only
CheckPoint.Host.creatorStringindicates the creator of the object
CheckPoint.Host.last-modifierStringindicates the last user modified the object
CheckPoint.Host.groups-nameStringGroup object name linked to current host object.
CheckPoint.Host.groups-uidUnknownGroup object uid linked to current host object.

Command Example#

!checkpoint-host-get identifier=host_test

Context Example#

{
"CheckPoint": {
"Host": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": [],
"ipv4-address": "1.1.1.1",
"last-modifier": "adminsh",
"name": "host_test",
"read-only": false,
"type": "host",
"uid": "11c194c4-db5f-46de-a9e2-95b8e858b98f"
}
}
}

Human Readable Output#

CheckPoint data of host object host_test:#

nameuidtypeipv4-addressdomain-namedomain-uidread-onlycreatorlast-modifier
host_test11c194c4-db5f-46de-a9e2-95b8e858b98fhost1.1.1.1SMC User41e821a0-3720-11e3-aa6e-0800200c9fdefalseadminshadminsh

checkpoint-host-add#


Add new host

Base Command#

checkpoint-host-add

Input#

Argument NameDescriptionRequired
namename of the new hostRequired
ip_addressip addressRequired
groupsgroup identifier.Optional
session_idExecute command with a specific session IDRequired
ignore_warningsWhether to ignore warnings when adding a host.Optional
ignore_errorsWhether to ignore errors when adding a host.Optional

Context Output#

PathTypeDescription
CheckPoint.Host.nameStringobject name
CheckPoint.Host.uidStringobject uid
CheckPoint.Host.typeStringobject type
CheckPoint.Host.domain-nameStringdomain name
CheckPoint.Host.domain-uidStringdomain uid
CheckPoint.Host.domain-typeStringdomain type
CheckPoint.Host.creatorStringindicates the creator of the object
CheckPoint.Host.last-modifierStringindicates the last user modifies the object
CheckPoint.Host.ipv4-addressStringip address
CheckPoint.Host.ipv6-addressStringIP address
CheckPoint.Host.read-onlyStringindicates if the object is read only
CheckPoint.Host.groupsStringCollection of group identifiers

Command Example#

!checkpoint-host-add name=test_host_1 ip_address=18.18.18.18 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"Host": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": [],
"ipv4-address": "18.18.18.18",
"ipv6-address": null,
"last-modifier": "adminsh",
"name": "test_host_1",
"read-only": true,
"type": "host",
"uid": "7290f66a-fdd4-40fb-a639-774e3f387113"
}
}
}

Human Readable Output#

CheckPoint data for adding host:#

nameuidtypedomain-namedomain-uidcreatorlast-modifieripv4-addressread-only
test_host_17290f66a-fdd4-40fb-a639-774e3f387113hostSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshadminsh18.18.18.18true

checkpoint-host-update#


update host changes

Base Command#

checkpoint-host-update

Input#

Argument NameDescriptionRequired
identifierObject unique identifier or nameRequired
ip_addressIPv4 or IPv6 address.Optional
new_nameNew name of the object.Optional
commentsComments string.Optional
ignore_warningsApply changes ignoring warnings.Optional
ignore_errorsApply changes ignoring errors. You won't be able to publish such a changes.
If ignore-warnings flag was omitted - warnings will also be ignored.
Optional
groupsCollection of group identifiers.Optional
session_idExecute command with a specific session IDRequired
ignore_warningsWhether to ignore warnings when adding a host.Optional
ignore_errorsWhether to ignore errors when adding a host.Optional

Context Output#

PathTypeDescription
CheckPoint.Host.nameStringobject name
CheckPoint.Host.uidStringobject uid
CheckPoint.Host.typeStringobject type
CheckPoint.Host.domain-nameStringdomain name
CheckPoint.Host.domain-uidStringdomain uid
CheckPoint.Host.domain-typeStringdomain type
CheckPoint.Host.creatorStringindicates the creator of the object
CheckPoint.Host.last-modifierStringindicates the last user modified the object
CheckPoint.Host.ipv4-addressStringIP address
CheckPoint.Host.read-onlyBooleanIP address
CheckPoint.Host.group-nameStringGroup object name linked to the host.
CheckPoint.Host.group-uidStringGroup object name linked to the host

Command Example#

!checkpoint-host-update identifier=host_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"Host": {
"comments": "",
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"ipv4-address": "1.1.1.1",
"last-modifier": "adminsh",
"name": "host_test",
"read-only": false,
"type": "host",
"uid": "11c194c4-db5f-46de-a9e2-95b8e858b98f"
}
}
}

Human Readable Output#

CheckPoint data for updating a host:#

nameuidtypedomain-namedomain-uidcreatoripv4-addresslast-modifierread-only
host_test11c194c4-db5f-46de-a9e2-95b8e858b98fhostSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminsh1.1.1.1adminshfalse

checkpoint-host-delete#


delete host

Base Command#

checkpoint-host-delete

Input#

Argument NameDescriptionRequired
identifieruid or name.Required
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.Host.messageStringoperation status

Command Example#

!checkpoint-host-delete identifier=host_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"Host": {
"message": "OK"
}
}
}

Human Readable Output#

CheckPoint data for deleting host_test:#

message
OK

checkpoint-group-list#


Show a list of all groups

Base Command#

checkpoint-group-list

Input#

Argument NameDescriptionRequired
limitThe maximal number of returned results.Optional
offsetNumber of the results to initially skip.Optional
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.Group.nameStringobject's name
CheckPoint.Group.uidStringobject's uid
CheckPoint.Group.typeStringType of the object

Command Example#

!checkpoint-group-list limit=5

Context Example#

{
"CheckPoint": {
"Group": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "bensar",
"read-only": null,
"type": "group",
"uid": "fe26adc1-c0e1-4424-9a9e-f74f511a7f28"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "group10",
"read-only": null,
"type": "group",
"uid": "cf069504-5ea5-4eb2-9b97-ccdc500db118"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "group9",
"read-only": null,
"type": "group",
"uid": "c4635886-15c9-4416-8160-5c70d68462cd"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "group_test",
"read-only": null,
"type": "group",
"uid": "35a46b01-47f5-496f-9329-d55c7d2ab083"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "Group_test_for_demisto",
"read-only": null,
"type": "group",
"uid": "1deaead0-136c-4791-8d58-9229c143b8c5"
}
]
}
}

Human Readable Output#

CheckPoint data for all groups:#

nameuidtype
bensarfe26adc1-c0e1-4424-9a9e-f74f511a7f28group
group10cf069504-5ea5-4eb2-9b97-ccdc500db118group
group9c4635886-15c9-4416-8160-5c70d68462cdgroup
group_test35a46b01-47f5-496f-9329-d55c7d2ab083group
Group_test_for_demisto1deaead0-136c-4791-8d58-9229c143b8c5group

checkpoint-group-get#


Get all data of a given group

Base Command#

checkpoint-group-get

Input#

Argument NameDescriptionRequired
identifierobject uid or nameRequired
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.Group.nameStringobject name
CheckPoint.Group.uidStringobject uid
CheckPoint.Group.typeStringobject type
CheckPoint.Group.domain-nameStringdomain name
CheckPoint.Group.domain-uidStringdomain uid
CheckPoint.Group.domain-typeStringdomain type
CheckPoint.Group.creatorStringindicates the creator of the object
CheckPoint.Group.last-modifierStringindicates the last user modified the object
CheckPoint.Group.read-onlyBooleanindicates if the object is read only
CheckPoint.Group.members.ipv4-addressStringGroup members IPv4 addresses
CheckPoint.Group.members.ipv6-addressStringGroup members IPv6 addresses

Command Example#

!checkpoint-group-get identifier=group_test

Context Example#

{
"CheckPoint": {
"Group": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": [],
"ipv4-address": null,
"last-modifier": "adminsh",
"name": "group_test",
"read-only": false,
"type": "group",
"uid": "35a46b01-47f5-496f-9329-d55c7d2ab083"
}
}
}

Human Readable Output#

CheckPoint for group_test group:#

nameuidtypedomain-namedomain-uidread-onlycreatorlast-modifier
group_test35a46b01-47f5-496f-9329-d55c7d2ab083groupSMC User41e821a0-3720-11e3-aa6e-0800200c9fdefalseadminshadminsh

checkpoint-group-add#


add a group

Base Command#

checkpoint-group-add

Input#

Argument NameDescriptionRequired
nameObject name. Must be unique in the domain.Required
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.Group.nameStringobject's name
CheckPoint.Group.uidStringobject uid
CheckPoint.Group.typeUnknownobject type
CheckPoint.Group.domain-nameStringdomain name
CheckPoint.Group.domain-uidStringdomain uid
CheckPoint.Group.domain-typeStringdomain type
CheckPoint.Group.creatorStringIndicates the object creator
CheckPoint.Group.last-modifierStringIndicates the last user modified the object
CheckPoint.Group.read-onlyBooleanIndicates whether the object is read-only
CheckPoint.Group.groups-nameUnknowngroups name

Command Example#

!checkpoint-group-add name=test_group_1 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"Group": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"last-modifier": "adminsh",
"name": "test_group_1",
"type": "group",
"uid": "11e751da-a0e7-499a-bcde-5bc638c73fb5"
}
}
}

Human Readable Output#

CheckPoint data for adding Group:#

creatordomain-namedomain-uidlast-modifiernametypeuid
adminshSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshtest_group_1group11e751da-a0e7-499a-bcde-5bc638c73fb5

checkpoint-group-update#


update group object

Base Command#

checkpoint-group-update

Input#

Argument NameDescriptionRequired
identifieruid or name.Required
new_nameNew name of the group objectOptional
commentsComments string.Optional
ignore_warningsApply changes ignoring warnings.Optional
ignore_errorsApply changes ignoring errors.Optional
session_idExecute command with a specific session IDRequired
membersCollection of Network objects identified by the name or UID.Optional

Context Output#

PathTypeDescription
CheckPoint.Group.nameStringobject name
CheckPoint.Group.uidStringobject uid
CheckPoint.Group.typeStringobject type
CheckPoint.Group.domain-nameStringdomain name
CheckPoint.Group.domain-uidStringdomain uid
CheckPoint.Group.domain-typeStringdomain type
CheckPoint.Group.creatorStringIndicates the creator of the object
CheckPoint.Group.last-modifierStringIndicates the lasr user modified the object
CheckPoint.Group.read-onlyBooleanIndicates if the object is read only

Command Example#

!checkpoint-group-update identifier=group_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"Group": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"last-modifier": "adminsh",
"name": "group_test",
"read-only": false,
"type": "group",
"uid": "35a46b01-47f5-496f-9329-d55c7d2ab083"
}
}
}

Human Readable Output#

CheckPoint data for updating a group:#

nameuidtypedomain-namedomain-uidcreatorlast-modifierread-only
group_test35a46b01-47f5-496f-9329-d55c7d2ab083groupSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshadminshfalse

checkpoint-group-delete#


delete a group object

Base Command#

checkpoint-group-delete

Input#

Argument NameDescriptionRequired
identifierobject name or uidRequired
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.Group.messageStringOperation massege

Command Example#

!checkpoint-group-delete identifier=group_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"Group": {
"message": "OK"
}
}
}

Human Readable Output#

CheckPoint data for deleting group_test:#

message
OK

checkpoint-address-range-list#


List all address range objects

Base Command#

checkpoint-address-range-list

Input#

Argument NameDescriptionRequired
limitThe maximal number of returned results.Optional
offsetNumber of the results to initially skip.Optional
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.AddressRange.nameStringObject's name
CheckPoint.AddressRange.uidStringObject's uid
CheckPoint.AddressRange.typeStringType of the object.

Command Example#

!checkpoint-address-range-list limit=5

Context Example#

{
"CheckPoint": {
"AddressRange": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "address_range_1",
"read-only": null,
"type": "address-range",
"uid": "d4543195-8744-4592-906e-1cdcd534a564"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "address_range_test",
"read-only": null,
"type": "address-range",
"uid": "26887214-d639-4acd-ab48-508d900cdfc2"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "address_range_test_1",
"read-only": null,
"type": "address-range",
"uid": "46800cfe-e3ff-4101-867c-27772ade9d72"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "All_Internet",
"read-only": null,
"type": "address-range",
"uid": "f90e0a2b-f166-427a-b47f-a107b6fe43b9"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "LocalMachine_Loopback",
"read-only": null,
"type": "address-range",
"uid": "5d3b2752-4072-41e1-9aa0-488813b02a40"
}
]
}
}

Human Readable Output#

CheckPoint data for all address ranges:#

nameuidtype
address_range_1d4543195-8744-4592-906e-1cdcd534a564address-range
address_range_test26887214-d639-4acd-ab48-508d900cdfc2address-range
address_range_test_146800cfe-e3ff-4101-867c-27772ade9d72address-range
All_Internetf90e0a2b-f166-427a-b47f-a107b6fe43b9address-range
LocalMachine_Loopback5d3b2752-4072-41e1-9aa0-488813b02a40address-range

checkpoint-address-range-add#


Add address range object

Base Command#

checkpoint-address-range-add

Input#

Argument NameDescriptionRequired
nameobject nameRequired
ip_address_firstFirst IP address in the range.Required
ip_address_lastLast IP address in the range.Required
set_if_existsIf another object with the same identifier already exists, it will be updated.Optional
ignore_warningsApply changes ignoring warnings.Optional
ignore_errorsApply changes ignoring errors.Optional
session_idExecute command with a specific session IDRequired
groupsCollection of group identifiers.Optional

Context Output#

PathTypeDescription
CheckPoint.AddressRange.nameStringobject name
CheckPoint.AddressRange.uidStringobject uid
CheckPoint.AddressRange.typeStringobject type
CheckPoint.AddressRange.domain-nameStringdomain name
CheckPoint.AddressRange.domain-uidStringdomain uid
CheckPoint.AddressRange.domain-typeStringdomain type
CheckPoint.AddressRange.ipv4-address-firstStringFirst IPv4 address in the range
CheckPoint.AddressRange.ipv4-address-lastStringLast IPv4 address in the range
CheckPoint.AddressRange.ipv6-address-firstStringFirst IPv4 address in the range
CheckPoint.AddressRange.ipv6-address-lastStringLast IPv6 address in the range
CheckPoint.AddressRange.read-onlyBooleanIndicates whether the object is read-only.
CheckPoint.AddressRange.creatorStringIndicates the creator of the object
CheckPoint.AddressRange.last-modifierStringIndicates the last user modified the object
CheckPoint.AddressRange.groupsStringName of the group object

Command Example#

!checkpoint-address-range-add name=address_range_test_2 ip_address_first=8.8.8.8 ip_address_last=9.9.9.9 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"AddressRange": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"ipv4-address-first": "8.8.8.8",
"ipv4-address-last": "9.9.9.9",
"ipv6-address-first": "",
"ipv6-address-last": "",
"last-modifier": "adminsh",
"name": "address_range_test_2",
"read-only": true,
"type": "address-range",
"uid": "4fb8174d-89db-42f8-88b8-525c8fe818be"
}
}
}

Human Readable Output#

CheckPoint data for adding an address range:#

nameuidtypedomain-namedomain-uidcreatoripv4-address-firstipv4-address-lastlast-modifierread-only
address_range_test_24fb8174d-89db-42f8-88b8-525c8fe818beaddress-rangeSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminsh8.8.8.89.9.9.9adminshtrue

checkpoint-address-range-update#


Update an address range object

Base Command#

checkpoint-address-range-update

Input#

Argument NameDescriptionRequired
identifieruid or name.Required
ip_address_firstFirst IP address in the range. IPv4 or IPv6 address.Optional
ip_address_lastLast IP address in the range. IPv4 or IPv6 address.Optional
new_nameNew name of the object.Optional
commentsComments string.Optional
ignore_warningsApply changes ignoring warnings.Optional
ignore_errorsApply changes ignoring errors.Optional
groupsCollection of group identifiers.Optional
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.AddressRange.nameStringobject name
CheckPoint.AddressRange.uidStringobject uid
CheckPoint.AddressRange.typeStringobject type
CheckPoint.AddressRange.domain-nameStringdomain name
CheckPoint.AddressRange.domain-uidStringdomain uid
CheckPoint.AddressRange.domain-typeStringdomain type
CheckPoint.AddressRange.ipv4-address-firstStringFirst IPv4 address in the range
CheckPoint.AddressRange.ipv4-address-lastStringLast IPv4 address in the range
CheckPoint.AddressRange.ipv6-address-firstStringFirst IPv4 address in the range
CheckPoint.AddressRange.ipv6-address-lastStringLast IPv6 address in the range
CheckPoint.AddressRange.read-onlyBooleanIndicates whether the object is read-only.
CheckPoint.AddressRange.groupsStringList of all groups the address range is linked to

Command Example#

!checkpoint-address-range-update identifier=address_range_test layer=Network session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"AddressRange": {
"comments": "",
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"ipv4-address": null,
"last-modifier": "adminsh",
"name": "address_range_test",
"read-only": false,
"type": "address-range",
"uid": "26887214-d639-4acd-ab48-508d900cdfc2"
}
}
}

Human Readable Output#

CheckPoint data for updating an address range:#

nameuidtypedomain-namedomain-uidcreatorlast-modifierread-only
address_range_test26887214-d639-4acd-ab48-508d900cdfc2address-rangeSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshadminshfalse

checkpoint-address-range-delete#


Delete a given address range

Base Command#

checkpoint-address-range-delete

Input#

Argument NameDescriptionRequired
identifierobject name or uidRequired
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.AddressRange.messageStringOperation status

Command Example#

!checkpoint-address-range-delete identifier=address_range_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"AddressRange": {
"message": "OK"
}
}
}

Human Readable Output#

CheckPoint data for deleting address range:#

message
OK

checkpoint-threat-indicator-list#


List all threat indicators

Base Command#

checkpoint-threat-indicator-list

Input#

Argument NameDescriptionRequired
limitThe maximal number of returned results.Optional
offsetSkip that many results before beginning to return them.Optional
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.ThreatIndicator.nameStringobject name
CheckPoint.ThreatIndicator.uidStringobject uid
CheckPoint.ThreatIndicator.typeStringobject type

Command Example#

!checkpoint-threat-indicator-list limit=5

Context Example#

{
"CheckPoint": {
"ThreatIndicator": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "My_Indicator!",
"read-only": null,
"type": "threat-indicator",
"uid": "a40ec97c-e286-474b-bff7-b922e3b3294d"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "test_indicator",
"read-only": null,
"type": "threat-indicator",
"uid": "3e6a22c0-0416-4a2d-b7c0-f81df12916e1"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "threat_test_1",
"read-only": null,
"type": "threat-indicator",
"uid": "88e502f1-2bd5-4ad4-ba6b-dbbb2fef8260"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "threat_test_2",
"read-only": null,
"type": "threat-indicator",
"uid": "f34c89f1-b18f-4cf2-b2bb-672462178b9d"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "threat_test_3",
"read-only": null,
"type": "threat-indicator",
"uid": "ee17772c-94aa-4e42-93e4-f0ba49de339b"
}
]
}
}

Human Readable Output#

CheckPoint data for all threat indicators:#

nameuidtype
My_Indicator!a40ec97c-e286-474b-bff7-b922e3b3294dthreat-indicator
test_indicator3e6a22c0-0416-4a2d-b7c0-f81df12916e1threat-indicator
threat_test_188e502f1-2bd5-4ad4-ba6b-dbbb2fef8260threat-indicator
threat_test_2f34c89f1-b18f-4cf2-b2bb-672462178b9dthreat-indicator
threat_test_3ee17772c-94aa-4e42-93e4-f0ba49de339bthreat-indicator

checkpoint-threat-indicator-get#


Get data for a given list indicator

Base Command#

checkpoint-threat-indicator-get

Input#

Argument NameDescriptionRequired
identifierobject uid or nameRequired
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.ThreatIndicator.nameStringobject name
CheckPoint.ThreatIndicator.uidStringobject uid
CheckPoint.ThreatIndicator.typeStringobject type
CheckPoint.ThreatIndicator.domain-nameStringDomain name
CheckPoint.ThreatIndicator.domain-uidStringobject uid
CheckPoint.ThreatIndicator.domain-typeUnknowndomain type
CheckPoint.ThreatIndicator.creatorStringcreator
CheckPoint.ThreatIndicator.last-modifierStringIndicates the last user modified the object
CheckPoint.ThreatIndicator.read-onlyBooleanIndicates whether the object is read-only.

Command Example#

!checkpoint-threat-indicator-get identifier=threat_test_1

Context Example#

{
"CheckPoint": {
"ThreatIndicator": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": null,
"ipv4-address": null,
"last-modifier": "adminsh",
"name": "threat_test_1",
"number-of-observables": 1,
"read-only": false,
"type": "threat-indicator",
"uid": "88e502f1-2bd5-4ad4-ba6b-dbbb2fef8260"
}
}
}

Human Readable Output#

CheckPoint data for threat_test_1 threat indicator:#

nameuidtypedomain-namedomain-uidread-onlycreatorlast-modifiernumber-of-observables
threat_test_188e502f1-2bd5-4ad4-ba6b-dbbb2fef8260threat-indicatorSMC User41e821a0-3720-11e3-aa6e-0800200c9fdefalseadminshadminsh1

checkpoint-threat-indicator-add#


Add a threat indicator

Base Command#

checkpoint-threat-indicator-add

Input#

Argument NameDescriptionRequired
namethreat indicator nameRequired
observablesThe indicator's observable or the contents of a file containing the indicator's observables.Required
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.ThreatIndicator.task-idStringAsynchronous task unique identifier.

Command Example#

!checkpoint-threat-indicator-add name=threat_test2 observables=[] session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"ThreatIndicator": {
'task-id': 'c3b11fff-c58d-4242-af44-f549c40b0af5'
}
}
}

Human Readable Output#

checkpoint-threat-indicator-update#


Update a given indicator

Base Command#

checkpoint-threat-indicator-update

Input#

Argument NameDescriptionRequired
identifieruid or name.Required
actionthe action to set.Optional
new_nameNew name of the object.Optional
commentsComments string.Optional
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.ThreatIndicator.nameStringobject name
CheckPoint.ThreatIndicator.uidStringobject uid
CheckPoint.ThreatIndicator.typeStringobject type
CheckPoint.ThreatIndicator.actionStringThe indicator's action.
CheckPoint.ThreatIndicator.domain-nameStringdomain name
CheckPoint.ThreatIndicator.domain-uidStringdomain uid
CheckPoint.ThreatIndicator.domain-typeStringdomain type
CheckPoint.ThreatIndicator.creatorStringIndicates the creator of the object
CheckPoint.ThreatIndicator.last-modifierStringIndicates the last user modified the object
CheckPoint.ThreatIndicator.read-onlyBooleanIndicates whether the object is read-only.

Command Example#

!checkpoint-threat-indicator-update identifier=threat_test_1 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"ThreatIndicator": {
"comments": "",
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"ipv4-address": null,
"last-modifier": "adminsh",
"name": "threat_test_1",
"read-only": false,
"type": "threat-indicator",
"uid": "88e502f1-2bd5-4ad4-ba6b-dbbb2fef8260"
}
}
}

Human Readable Output#

CheckPoint data for update threat_test_1 threat indicator#

nameuidtypedomain-namedomain-uidcreatorlast-modifierread-only
threat_test_188e502f1-2bd5-4ad4-ba6b-dbbb2fef8260threat-indicatorSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshadminshfalse

checkpoint-address-range-get#


Get all date of a given address range object

Base Command#

checkpoint-address-range-get

Input#

Argument NameDescriptionRequired
identifieruid or name objectRequired
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.AddressRange.nameStringobject name
CheckPoint.AddressRange.uidStringobject uid
CheckPoint.AddressRange.typeStringobject type
CheckPoint.AddressRange.domain-nameStringdomain name
CheckPoint.AddressRange.domain-uidStringdomain uid
CheckPoint.AddressRange.domain-typeStringdomain type
CheckPoint.AddressRange.groups-nameStringGroup object name linked to current host object
CheckPoint.AddressRange.groups-uidStringGroup object uid linked to current host object

Command Example#

!checkpoint-address-range-get identifier=address_range_test

Context Example#

{
"CheckPoint": {
"AddressRange": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": [],
"ipv4-address": null,
"last-modifier": "adminsh",
"name": "address_range_test",
"read-only": false,
"type": "address-range",
"uid": "26887214-d639-4acd-ab48-508d900cdfc2"
}
}
}

Human Readable Output#

CheckPoint data for address_range_test address range:#

nameuidtypedomain-namedomain-uidread-onlycreatorlast-modifier
address_range_test26887214-d639-4acd-ab48-508d900cdfc2address-rangeSMC User41e821a0-3720-11e3-aa6e-0800200c9fdefalseadminshadminsh

checkpoint-threat-indicator-delete#


delete threat indicator

Base Command#

checkpoint-threat-indicator-delete

Input#

Argument NameDescriptionRequired
identifierobject name or uidRequired
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.ThreatIndicator.messageStringOperation status

Command Example#

!checkpoint-threat-indicator-delete identifier=threat_test_1 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"ThreatIndicator": {
"message": "OK"
}
}
}

Human Readable Output#

CheckPoint status for deleting threat_test_1threat indicator:#

message
OK

checkpoint-access-rule-list#


Shows the entire Access Rules layer. This layer is divided into sections. An Access Rule may be within a section, or independent of a section.

Base Command#

checkpoint-access-rule-list

Input#

Argument NameDescriptionRequired
identifierobject name or uidRequired
limitThe maximal number of returned results.Optional
offsetNumber of the results to initially skip.Optional
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.AccessRule.nameStringobject name
CheckPoint.AccessRule.uidStringobject uid

Command Example#

!checkpoint-access-rule-list identifier=Network limit=5

Context Example#

{
"CheckPoint": {
"AccessRule": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": null,
"read-only": null,
"type": "access-rule",
"uid": "6521b7b9-d340-44ec-a104-17d5ea669bc0"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": null,
"read-only": null,
"type": "access-rule",
"uid": "bb6016e3-36e8-4214-b17f-89623160dd10"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "test_access_rule_8",
"read-only": null,
"type": "access-rule",
"uid": "0c71cc44-a5ad-43cd-9af0-79e5f153f62f"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "None",
"read-only": null,
"type": "access-rule",
"uid": "c44add02-0f02-4b29-8ab3-d5ac687d31f7"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "est_access_rule",
"read-only": null,
"type": "access-rule",
"uid": "e5bc5918-7155-493e-89ce-5562586d3acc"
}
]
}
}

Human Readable Output#

CheckPoint data for all access rule bases:#

nameuidtype
6521b7b9-d340-44ec-a104-17d5ea669bc0access-rule
bb6016e3-36e8-4214-b17f-89623160dd10access-rule
test_access_rule_80c71cc44-a5ad-43cd-9af0-79e5f153f62faccess-rule
Nonec44add02-0f02-4b29-8ab3-d5ac687d31f7access-rule
est_access_rulee5bc5918-7155-493e-89ce-5562586d3accaccess-rule

checkpoint-access-rule-add#


Create new access rule

Base Command#

checkpoint-access-rule-add

Input#

Argument NameDescriptionRequired
layerLayer that the rule belongs to identified by the name or UID.Required
positionPosition in the rulebase.Required
nameRule name.Optional
actionAction settings. valid values are: Accept, Drop, Apply Layer, Ask and Info. default value is Drop.Optional
vpnCommunities or Directional. Valid values: Any, All_GwToGw.Optional
destinationCollection of Network objects identified by the name or UID.Optional
serviceCollection of Network objects identified by the name or UID.Optional
sourceCollection of Network objects identified by the name or UID.Optional
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.AccessRule.nameStringobject name
CheckPoint.AccessRule.uidStringobject uid
CheckPoint.AccessRule.typeStringobject type
CheckPoint.AccessRule.domain-nameStringdomain name
CheckPoint.AccessRule.domain-uidStringdomain uid
CheckPoint.AccessRule.domain-typeStringdomain type
CheckPoint.AccessRule.enabledBooleanEnable/Disable the rule.
CheckPoint.AccessRule.layerStringLayer that the rule belongs to identified by the name or UID.
CheckPoint.AccessRule.creatorStringIndicated the object creator
CheckPoint.AccessRule.last-modifierStringIndicates the last user modofied the object

Command Example#

!checkpoint-access-rule-add name=test_access_rule layer=Network position=top session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"AccessRule": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"enabled": true,
"last-modifier": "adminsh",
"layer": "c0264a80-1832-4fce-8a90-d0849dc4ba33",
"name": "test_access_rule",
"type": "access-rule",
"uid": "a9f00b65-bb3b-4548-b06a-6c5672df6c8b"
}
}
}

Human Readable Output#

CheckPoint data for adding access rule:#

nameuidtypedomain-namedomain-uidenabledlayercreatorlast-modifier
test_access_rulea9f00b65-bb3b-4548-b06a-6c5672df6c8baccess-ruleSMC User41e821a0-3720-11e3-aa6e-0800200c9fdetruec0264a80-1832-4fce-8a90-d0849dc4ba33adminshadminsh

checkpoint-access-rule-update#


Edit existing access rule using object name or uid.

Base Command#

checkpoint-access-rule-update

Input#

Argument NameDescriptionRequired
identifierobject name or uid, OR rule numberRequired
layerLayer that the rule belongs to identified by the name or UID.Required
actionaction to be taken on the ruleOptional
enabledEnable/Disable the rule.Optional
new_nameNew name of the object.Optional
new_positionNew position in the rulebase. Value can be int to set specific position, ot str- 'top' or 'bottom'Optional
ignore_warningsApply changes ignoring warnings.Optional
ignore_errorsApply changes ignoring errorsOptional
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.AccessRule.nameStringobject name
CheckPoint.AccessRule.uidStringobject uid
CheckPoint.AccessRule.typeStringobject type
CheckPoint.AccessRule.action-nameStringaction name
CheckPoint.AccessRule.action-uidStringaction uid
CheckPoint.AccessRule.action-typeUnknownaction type
CheckPoint.AccessRule.action-domain-nameStringaction domain name
CheckPoint.AccessRule.content-directionStringOn which direction the file types processing is applied.
CheckPoint.AccessRule.domain-nameStringdomain name
CheckPoint.AccessRule.domain-uidStringdomain uid
CheckPoint.AccessRule.domain-typeStringdomain type
CheckPoint.AccessRule.enabledBooleanEnable/Disable the rule.
CheckPoint.AccessRule.layerStringLayer that the rule belongs to identified by the name or UID.
CheckPoint.AccessRule.creatorStringIndicates the creator of the object
CheckPoint.AccessRule.last-modifierStringIndicates the last user modified the object

Command Example#

!checkpoint-access-rule-update identifier=7867e584-0e68-42b4-ba18-2dd16cdbd436 layer=Network session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"AccessRule": {
"action-name": "Drop",
"action-type": "RulebaseAction",
"action-uid": "6c488338-8eec-4103-ad21-cd461ac2c473",
"content-direction": "any",
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"enabled": true,
"last-modifier": "adminsh",
"name": "None",
"type": "access-rule",
"uid": "7867e584-0e68-42b4-ba18-2dd16cdbd436"
}
}
}

Human Readable Output#

CheckPoint data for updating an access rule:#

nameuidtypedomain-namedomain-uidaction-nameaction-uidaction-typecontent-directioncreatorenabledlast-modifier
None7867e584-0e68-42b4-ba18-2dd16cdbd436access-ruleSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeDrop6c488338-8eec-4103-ad21-cd461ac2c473RulebaseActionanyadminshtrueadminsh

checkpoint-access-rule-delete#


Delete access rule

Base Command#

checkpoint-access-rule-delete

Input#

Argument NameDescriptionRequired
identifieruid, name or rule-number.Required
layerLayer that the rule belongs to identified by the name or UID.Required
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.AccessRule.messageStringOperation status

Command Example#

!checkpoint-access-rule-delete identifier=7867e584-0e68-42b4-ba18-2dd16cdbd436 layer=Network session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"AccessRule": {
"message": "OK"
}
}
}

Human Readable Output#

CheckPoint data for deleting access rule range: 7867e584-0e68-42b4-ba18-2dd16cdbd436#

message
OK

checkpoint-application-site-list#


Retrieve all objects.

Base Command#

checkpoint-application-site-list

Input#

Argument NameDescriptionRequired
limitThe maximal number of returned results.Optional
offsetNumber of the results to initially skipOptional
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.ApplicationSite.nameStringobjects name
CheckPoint.ApplicationSite.uidStringobjects uid
CheckPoint.ApplicationSite.typeStringobjects type

Command Example#

!checkpoint-application-site-list limit=5

Context Example#

{
"CheckPoint": {
"ApplicationSite": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "#hashtags",
"read-only": null,
"type": "application-site",
"uid": "00fa9e3c-36ef-0f65-e053-08241dc22da2"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "050 Plus",
"read-only": null,
"type": "application-site",
"uid": "00fa9e44-4035-0f65-e053-08241dc22da2"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "0test_application_site_10",
"read-only": null,
"type": "application-site",
"uid": "446cff2c-7e1f-4dbc-a943-66740e890d67"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "1000keyboards",
"read-only": null,
"type": "application-site",
"uid": "00fa9e3d-a077-0f65-e053-08241dc22da2"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "1000memories",
"read-only": null,
"type": "application-site",
"uid": "00fa9e43-56d7-0f65-e053-08241dc22da2"
}
]
}
}

Human Readable Output#

CheckPoint data for all access rule bases:#

nameuidtype
#hashtags00fa9e3c-36ef-0f65-e053-08241dc22da2application-site
050 Plus00fa9e44-4035-0f65-e053-08241dc22da2application-site
0test_application_site_10446cff2c-7e1f-4dbc-a943-66740e890d67application-site
1000keyboards00fa9e3d-a077-0f65-e053-08241dc22da2application-site
1000memories00fa9e43-56d7-0f65-e053-08241dc22da2application-site

checkpoint-application-site-add#


Add application site

Base Command#

checkpoint-application-site-add

Input#

Argument NameDescriptionRequired
nameObject name. Must be unique in the domainRequired
primary_categoryEach application is assigned to one primary category based on its most defining aspectRequired
identifiercan be:
url-list(str): URLs that determine this particular application.
application-signature(str): Application signature generated by Signature Tool.
Required
session_idExecute command with a specific session IDRequired
groupsCollection of group identifiers.Optional

Context Output#

PathTypeDescription
CheckPoint.ApplicationSite.nameStringobject name
CheckPoint.ApplicationSite.uidStringobject uid
CheckPoint.ApplicationSite.typeStringobject type
CheckPoint.ApplicationSite.application-idNumberapplication ID
CheckPoint.ApplicationSite.descriptionStringA description for the application.
CheckPoint.ApplicationSite.domain-nameStringdomain name
CheckPoint.ApplicationSite.domain-uidStringdomain uid
CheckPoint.ApplicationSite.domain-typeStringdomain name
CheckPoint.ApplicationSite.url-listStringURLs that determine this particular application.
CheckPoint.ApplicationSite.creatorStringIndicates the creator of the object
CheckPoint.ApplicationSite.last-modifierStringIndicates the last user modified this object
CheckPoint.ApplicationSite.groupsUnknownCollection of group identifiers

Command Example#

!checkpoint-application-site-add name="test_application_site_1" primary_category="Test Category" identifier="qmasters.co" session_id="TEAK9kWnZ9Dhql9hYP5IR4aZEw1mrKdPjw3lRnxvp88"

Context Example#

{
"CheckPoint": {
"ApplicationSite": {
'name': 'test_application_site_1',
'uid': '452f6cff-e7fb-47b8-abfe-53c668dc0038',
'type': 'application-site',
'domain-name': 'SMC User',
'domain-uid': '41e821a0-3720-11e3-aa6e-0800200c9fde',
'domain-type': None,
'creator': 'adminsh',
'last-modifier': 'adminsh',
'application-id': 0,
'description': '',
'url-list': [
'qmasters.co'
]
}
}

Human Readable Output#

CheckPoint data for adding application site:#

application-idcreatordomain-namedomain-uidlast-modifiernametypeuidurl-list
0adminshSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshtest_application_site_1application-site452f6cff-e7fb-47b8-abfe-53c668dc0038qmasters.co

checkpoint-application-site-update#


Edit existing application using object name or uid. It's impossible to set 'application-signature' when the application was initialized with 'url-list' and vice-verse.

Base Command#

checkpoint-application-site-update

Input#

Argument NameDescriptionRequired
identifieruid or name.Required
descriptionA description for the application.Optional
primary_categoryEach application is assigned to one primary category based on its most defining aspect.Optional
application_signatureApplication signature generated by Signature Tool.Optional
new_nameNew name of the object.Optional
urls_defined_as_regular_expressionStates whether the URL is defined as a Regular Expression or not.Optional
url_listURLs that determine this particular application. This will replace the current url collection.Optional
url_list_to_addAdds to collection of values.Optional
url_list_to_removeRemoves from collection of values.Optional
groupsCollection of group identifiers. Can be a single group or a list of groups.Optional
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.ApplicationSite.nameStringobject name
CheckPoint.ApplicationSite.uidStringobject uid
CheckPoint.ApplicationSite.typeStringobject ty[e
CheckPoint.ApplicationSite.application-idNumberapplication ID
CheckPoint.ApplicationSite.descriptionStringA description for the application.
CheckPoint.ApplicationSite.domain-nameStringdomain name
CheckPoint.ApplicationSite.domain-uidStringdomain uid
CheckPoint.ApplicationSite.domain-typeStringdomain type
CheckPoint.ApplicationSite.url-listStringURLs that determine this particular application.
CheckPoint.ApplicationSite.groupsStringCollection of group identifiers
CheckPoint.ApplicationSite.primary-categoryStringObjects primary category.

Command Example#

!checkpoint-application-site-update identifier=test_application_site session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"ApplicationSite": {
"application-id": 1073741861,
"description": "",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": [],
"name": "test_application_site",
"primary-category": "Test Category",
"type": "application-site",
"uid": "ccc788d1-b798-4e5c-8530-a6c375853730",
"url-list": [
"qmasters.co"
]
}
}
}

Human Readable Output#

CheckPoint data for updating an application site:#

nameuidtypeapplication-idprimary-categoryurl-listdomain-namedomain-uid
test_application_siteccc788d1-b798-4e5c-8530-a6c375853730application-site1073741861Test Categoryqmasters.coSMC User41e821a0-3720-11e3-aa6e-0800200c9fde

checkpoint-application-site-delete#


Delete existing application site object using object name or uid.

Base Command#

checkpoint-application-site-delete

Input#

Argument NameDescriptionRequired
identifieruid or name objectRequired
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.ApplicationSite.messageStringOperation status.

Command Example#

!checkpoint-application-site-delete identifier=test_application_site session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"ApplicationSite": {
"message": "OK"
}
}
}

Human Readable Output#

CheckPoint data for deleting application site : test_application_site#

message
OK

checkpoint-publish#


publish changes

Base Command#

checkpoint-publish

Input#

Argument NameDescriptionRequired
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.Publish.task-idStringTask id of the publish command.

Command Example#

!checkpoint-publish session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"Publish": {
"task-id": "01234567-89ab-cdef-9338-e44df5384ac3"
}
}
}

Human Readable Output#

CheckPoint data for publishing current session:#

task-id
01234567-89ab-cdef-9338-e44df5384ac3

checkpoint-install-policy#


Intsalling policy

Base Command#

checkpoint-install-policy

Input#

Argument NameDescriptionRequired
policy_packageThe name of the Policy Package to be installed.Required
targetsOn what targets to execute this command. Targets may be identified by their name, or object unique identifier.Required
accessSet to be true in order to install the Access Control policy.Optional
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.InstallPolicy.task-idStringOperation task ID.

Command Example#

!checkpoint-install-policy policy_package=standard targets=test-gw session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"InstallPolicy": {
"task-id": "d461078b-cc1e-41b6-869b-096438673323"
}
}
}

Human Readable Output#

CheckPoint data for installing policy:#

task-id
d461078b-cc1e-41b6-869b-096438673323

checkpoint-verify-policy#


Verifies the policy of the selected package.

Base Command#

checkpoint-verify-policy

Input#

Argument NameDescriptionRequired
policy_packageThe name of the Policy Package to be installed.Required
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.VerifyPolicy.task-idStringOperation task ID.

Command Example#

!checkpoint-policy-verify policy_package=standard session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Human Readable Output#

checkpoint-show-task#


Show task progress and details.

Base Command#

checkpoint-show-task

Input#

Argument NameDescriptionRequired
task_idUnique identifier of one or more tasks.Required
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.ShowTask.task-idStringTask ID
CheckPoint.ShowTask.task-nameStringTask name
CheckPoint.ShowTask.statusStringTask status
CheckPoint.ShowTask.progress-percentageUnknownTask prograss in percentage
CheckPoint.ShowTask.suppressedBooleanIndicates if the task is suppressed

Command Example#

!checkpoint-show-task task_id=01234567-89ab-cdef-997f-2e3e3b4b2541

Context Example#

{
"CheckPoint": {
"ShowTask": {
"progress-percentage": 100,
"status": "succeeded",
"suppressed": false,
"task-id": "01234567-89ab-cdef-997f-2e3e3b4b2541",
"task-name": "Publish operation"
}
}
}

Human Readable Output#

CheckPoint data for tasks:#

task-nametask-idstatussuppressedprogress-percentage
Publish operation01234567-89ab-cdef-997f-2e3e3b4b2541succeededfalse100

checkpoint-login-and-get-session-id#


Login to CheckPoint and get the session id

Base Command#

checkpoint-login-and-get-session-id

Input#

Argument NameDescriptionRequired
session_timeoutSession expiration timeout in seconds. Default 600 seconds. Session timeout range is between 600 to 3600 seconds.Optional
domainName of domain to log in to, for use with MDS.Optional

Context Output#

PathTypeDescription
CheckPoint.Login.session-idStringSession ID

Command Example#

!checkpoint-login-and-get-session-id
!checkpoint-login-and-get-session-id domain='Corp'

Context Example#

{
"CheckPoint": {
"Login": {
"session-id": "LoUhF29pRkJsBiIWlMdBFy1LhHWXzE0VJT_lWpz4v0k"
}
}
}

Human Readable Output#

CheckPoint session data:#

session-id
LoUhF29pRkJsBiIWlMdBFy1LhHWXzE0VJT_lWpz4v0k

checkpoint-logout#


Logout from a given session

Base Command#

checkpoint-logout

Input#

Argument NameDescriptionRequired
session_idSession ID to logout fromRequired

Context Output#

There is no context output for this command.

Command Example#

!checkpoint-logout session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{}

Human Readable Output#

OK

checkpoint-packages-list#


List all packages.

Base Command#

checkpoint-packages-list

Input#

Argument NameDescriptionRequired
limitThe maximal number of returned resultsOptional
offsetNumber of the results to initially skipOptional
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.Packages.nameStringName of the package
CheckPoint.Packages.uidStringUID of the package
CheckPoint.Packages.typeStringType of the package
CheckPoint.Packages.domain-nameStringDomain name
CheckPoint.Packages.domain-uidStringDomain uid
CheckPoint.Packages.domain-typeStringDomain type

Command Example#

!checkpoint-packages-list session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"Packages": [
{
"name": "BenLayer",
"type": "package",
"uid": "9daac370-ad2d-4a21-a503-a312755aceaf"
},
{
"name": "Standard",
"type": "package",
"uid": "ca4e32a8-bee0-423c-84f0-19bab6751d5e"
}
]
}
}

Human Readable Output#

CheckPoint data for all packages:#

nameuidtype
BenLayer9daac370-ad2d-4a21-a503-a312755aceafpackage
Standardca4e32a8-bee0-423c-84f0-19bab6751d5epackage

checkpoint-gateways-list#


Retrieve all gateways and servers

Base Command#

checkpoint-gateways-list

Input#

Argument NameDescriptionRequired
limitThe maximal number of returned resultsOptional
offsetNumber of the results to initially skipOptional
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.Gateways.nameStringGateway name
CheckPoint.Gateways.uidStringGateway uid
CheckPoint.Gateways.typeStringGateway type
CheckPoint.Gateways.versionStringGateway vesion
CheckPoint.Gateways.network-security-bladesStringGateway network security blades
CheckPoint.Gateways.management-bladesStringGateway management blades
CheckPoint.Gateways.domain-nameStringDomain name
CheckPoint.Gateways.domain-uidStringDomain UID
CheckPoint.Gateways.domain-typeStringDoamin type

Command Example#

!checkpoint-gateways-list session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"Gateways": [
{
"management-blades": {
"logging-and-status": true,
"network-policy-management": true
},
"name": "gw-88a290",
"network-security-blades": {},
"type": "CpmiHostCkp",
"uid": "98bee60f-23ab-bf41-ba29-4c574b9d6f7c",
"version": "R80.30"
},
{
"management-blades": {},
"name": "test-gw",
"network-security-blades": {
"firewall": true
},
"type": "simple-gateway",
"uid": "3b83b6cb-d3cb-4596-8d90-ba9735d7d53c",
"version": "R80.30"
}
]
}
}

Human Readable Output#

CheckPoint data for all gateways:#

nameuidtypeversionnetwork-security-bladesmanagement-blades
gw-88a29098bee60f-23ab-bf41-ba29-4c574b9d6f7cCpmiHostCkpR80.30network-policy-management: true
logging-and-status: true
test-gw3b83b6cb-d3cb-4596-8d90-ba9735d7d53csimple-gatewayR80.30firewall: true

checkpoint-application-site-category-list#


Retrieve all application site category.

Base Command#

checkpoint-application-site-category-list

Input#

Argument NameDescriptionRequired
limitThe maximal number of returned resultsOptional
offsetNumber of the results to initially skipOptional
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.ApplicationSiteCategory.nameStringName of the package
CheckPoint.ApplicationSiteCategory.uidStringUID of the package
CheckPoint.ApplicationSiteCategory.typeStringType of the package
CheckPoint.ApplicationSiteCategory.domain-nameStringDomain name
CheckPoint.ApplicationSiteCategory.domain-uidStringDomain uid
CheckPoint.ApplicationSiteCategory.domain-typeStringDomain type

Command Example#

!checkpoint-application-site-category-list limit=5

Context Example#

{
"CheckPoint": {
"ApplicationSiteCategory": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "0new_app_site_category",
"read-only": null,
"type": "application-site-category",
"uid": "d42e14e7-1c50-48d5-9412-2306dc8e5219"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "0new_category_1",
"read-only": null,
"type": "application-site-category",
"uid": "13e91cb3-1025-41a5-8203-89e28102f82f"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "0new_category_2",
"read-only": null,
"type": "application-site-category",
"uid": "f49849de-9132-479d-b73a-56696976c235"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "0new_category_3",
"read-only": null,
"type": "application-site-category",
"uid": "51ebf347-290f-4d8c-b99d-7aba73a5698c"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "0new_category_4",
"read-only": null,
"type": "application-site-category",
"uid": "6b996605-099c-41fa-a4c6-1733ff895bac"
}
]
}
}

Human Readable Output#

CheckPoint data for all application site category:#

nameuidtype
0new_app_site_categoryd42e14e7-1c50-48d5-9412-2306dc8e5219application-site-category
0new_category_113e91cb3-1025-41a5-8203-89e28102f82fapplication-site-category
0new_category_2f49849de-9132-479d-b73a-56696976c235application-site-category
0new_category_351ebf347-290f-4d8c-b99d-7aba73a5698capplication-site-category
0new_category_46b996605-099c-41fa-a4c6-1733ff895bacapplication-site-category

checkpoint-application-site-category-add#


Add new application site category

Base Command#

checkpoint-application-site-category-add

Input#

Argument NameDescriptionRequired
identifierObject name or uid. Must be unique in the domain.Required
groupsCollection of group identifiers.Optional
session_idExecute command with a specific session IDRequired

Context Output#

PathTypeDescription
CheckPoint.ApplicationSiteCategory.nameStringobject name
CheckPoint.ApplicationSiteCategory.uidStringobject uid
CheckPoint.ApplicationSiteCategory.typeStringobject type
CheckPoint.ApplicationSiteCategory.descriptionStringA description for the application.
CheckPoint.ApplicationSiteCategory.domain-nameStringdomain name
CheckPoint.ApplicationSiteCategory.domain-uidStringdomain uid
CheckPoint.ApplicationSiteCategory.domain-typeStringdomain name
CheckPoint.ApplicationSiteCategory.creatorStringIndicates the creator of the object
CheckPoint.ApplicationSiteCategory.last-modifierStringIndicates the last user modified this object
CheckPoint.ApplicationSiteCategory.groupsUnknownCollection of group identifiers

Command Example#

!checkpoint-application-site-category-add identifier=application_site_category_0101 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"ApplicationSite": {
"application-id": null,
"creator": "adminsh",
"description": "",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": [],
"last-modifier": "adminsh",
"name": "application_site_category_0101",
"type": "application-site-category",
"uid": "5fb2e946-7e9c-42db-8b0a-cf5056f427d8",
"url-list": null
}
}
}

Human Readable Output#

CheckPoint data for adding application site category application_site_category_0101:#

nameuidtypedomain-namedomain-uidcreatorlast-modifier
application_site_category_01015fb2e946-7e9c-42db-8b0a-cf5056f427d8application-site-categorySMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshadminsh

checkpoint-application-site-category-get#


Retrieve application site category object using object name or uid.

Base Command#

checkpoint-application-site-category-get

Input#

Argument NameDescriptionRequired
identifierapplication site category object name or UID.Required
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.ApplicationSiteCategory.nameUnknownhost name
CheckPoint.ApplicationSiteCategory.uidStringobject uid
CheckPoint.ApplicationSiteCategory.typeUnknownobject type
CheckPoint.ApplicationSiteCategory.domain-nameStringdomain name
CheckPoint.ApplicationSiteCategory.domain-uidStringdomain uid
CheckPoint.ApplicationSiteCategory.read-onlyBooleanindicates if the object is read only
CheckPoint.ApplicationSiteCategory.creatorStringindicates the creator of the object
CheckPoint.ApplicationSiteCategory.last-modifierStringindicates the last user modified the object

Command Example#

!checkpoint-application-site-category-get identifier=Alcohol

Context Example#

{
"CheckPoint": {
"ApplicationSiteCategory": {
"creator": "System",
"domain-name": "APPI Data",
"domain-type": null,
"domain-uid": "8bf4ac51-2df7-40e1-9bce-bedbedbedbed",
"groups": [],
"ipv4-address": null,
"last-modifier": "System",
"name": "Alcohol",
"read-only": false,
"type": "application-site-category",
"uid": "00fa9e44-409e-0f65-e053-08241dc22da2"
}
}
}

Human Readable Output#

CheckPoint data for adding application site category:#

nameuidtypedomain-namedomain-uidread-onlycreatorlast-modifier
Alcohol00fa9e44-409e-0f65-e053-08241dc22da2application-site-categoryAPPI Data8bf4ac51-2df7-40e1-9bce-bedbedbedbedfalseSystemSystem

checkpoint-show-objects#


Retrieve data about objects.

Base Command#

checkpoint-show-objects

Input#

Argument NameDescriptionRequired
limitThe maximal number of returned results.Optional
offsetNumber of the results to initially skip.Optional
filter_searchSearch expression to filter objects by. The provided text should be exactly the same as it would be given in Smart Console. The logical operators in the expression ('AND', 'OR') should be provided in capital letters. By default, the search involves both a textual search and a IP search. To use IP search only, set the "ip-only" parameter to true.Optional
ip_onlyIf using "filter", use this field to search objects by their IP address only, without involving the textual search.Optional
object_typehe objects' type, e.g.: host, service-tcp, network, address-range. Default value is objectOptional
session_idExecute command with a specific session IDOptional

Context Output#

PathTypeDescription
CheckPoint.Object.nameStringobject name
CheckPoint.Object.uidStringobject uid
CheckPoint.Object.typeStringobject type
CheckPoint.Object.ipv4StringIP-v4 address of a spesific object

Command Example#

!checkpoint-show-objects limit=3 filter_search=1.2.3.4 ip_only=true

Context Example#

{
"CheckPoint": {
"Objects": {
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "All_Internet",
"read-only": null,
"type": "address-range",
"uid": "f90e0a2b-f166-427a-b47f-a107b6fe43b9"
}
}
}

Human Readable Output#

CheckPoint data for objects:#

nameuidtype
All_Internetf90e0a2b-f166-427a-b47f-a107b6fe43b9address-range

checkpoint-package-list#


Get checkpoint-packages details.

Base Command#

checkpoint-package-list

Input#

Argument NameDescriptionRequired
identifierObject unique identifier or name.Required
session_idExecute command with a specific session ID.Optional

Context Output#

PathTypeDescription
CheckPoint.Package.nameStringThe name of the package.
CheckPoint.Package.target-nameStringThe name of the targe.
CheckPoint.Package.target-uidStringThe UID of the target.
CheckPoint.Package.revision.domain.domain-typeStringThe type of the domain.
CheckPoint.Package.revision.domain.nameStringThe name of the domain.
CheckPoint.Package.revision.domain.uidStringThe UID of the domain.
CheckPoint.Package.revision.typeStringThe type of the revision.
CheckPoint.Package.revision.uidStringThe UID of the revision.

Command Example#

!checkpoint-package-list identifier=Standard session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example#

{
"CheckPoint": {
"Package": {
"name": "Standard",
"target-name": "Host1",
"target-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde"
"revision": {
"domain": {
"name": "test",
"domain-type": "domain",
"uid": "41e821a0-3720-11e3-aa6e-0800200c9fde"
},
"type": "session",
"uid", "41e821a0-3720-11e3-aa6e-0800200c9fde"
}
}
}
}

Human Readable Output#

CheckPoint data for objects:#

target-namenametarget-uidrevision
Host1Standard41e821a0-3720-11e3-aa6e-0800200c9fde"domain": {
"name": "test",
"domain-type": "domain",
"uid": "41e821a0-3720-11e3-aa6e-0800200c9fde"
},
"type": "session",
"uid", "41e821a0-3720-11e3-aa6e-0800200c9fde"