CheckPoint Firewall v2
Check Point Firewall Pack.#
This Integration is part of the#
OverviewIntegration Overview Manage Check Point Firewall. Read information and to send commands to the Check Point Firewall server. This integration was integrated and tested with version R80.30 of CheckPoint SmartConsole.
Product Name: Check Point Firewall
Product Type: Network Security
Product Version: R80.30
#
How to configure the integration:In the Smart Console, enable the web api: Management & Setting โ Blades โ Management API, Advanced Setting โ All IP address
Enable sftp on your server Check Point guide to walk you through: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk82281
Parameter | Description | Required |
---|---|---|
server | Server URL (e.g. example.net or 8.8.8.8) | True |
port | Server Port (e.g. 4434) | True |
domain | Domain (used in Multi Domain Server) | False |
username | Username | True |
insecure | Trust any certificate (not secure) | False |
proxy | Use system proxy settings | False |
#
CommandsYou can execute these commands from the CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
#
checkpoint-host-listShow all host objects
#
Base Commandcheckpoint-host-list
#
InputArgument Name | Description | Required |
---|---|---|
limit | The maximal number of returned results. | Optional |
offset | Number of the results to initially skip. | Optional |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Host.name | String | object name |
CheckPoint.Host.uid | String | object uid |
CheckPoint.Host.type | String | object type |
CheckPoint.Host.ipv4 | String | IP-v4 address of a spesific host |
CheckPoint.Host.ipv6 | String | IP-v4 address of a spesific host |
#
Command Example!checkpoint-host-list limit=5
#
Context Example#
Human Readable Output#
CheckPoint data for all hosts:
name uid type ipv4-address ipv6-address 18.88.8.7 f083d3ce-8e95-460f-a386-0bc4eca1214a host 18.88.8.7 2001:0db8:85a3:0000:0000:8a2e:0370:7334 18.88.8.8 b032c0a7-096c-4b27-9a09-8d9437312135 host 18.88.8.8 2001:0db8:85a3:0000:0000:8a2e:0370:7334 192.168.30.2 5bd98c85-f848-45ab-aa4c-c729fb8b1723 host 192.168.30.2 2001:0db8:85a3:0000:0000:8a2e:0370:7334 200.200.200.112 23c4b2cf-0adc-4282-8f15-262cfec7f5f5 host 200.200.200.112 2001:0db8:85a3:0000:0000:8a2e:0370:7334 Demisto - 2096 cded0c90-3402-4766-ad1b-adaf972b254f host 192.192.10.10 2001:0db8:85a3:0000:0000:8a2e:0370:7334
#
checkpoint-host-getget all data of a given host
#
Base Commandcheckpoint-host-get
#
InputArgument Name | Description | Required |
---|---|---|
identifier | object unique identifier (uid) or name | Required |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Host.name | Unknown | host name |
CheckPoint.Host.uid | String | object uid |
CheckPoint.Host.type | Unknown | object type |
CheckPoint.Host.domain-name | String | domain name |
CheckPoint.Host.domain-uid | String | domain uid |
CheckPoint.Host.ipv4-address | String | IP address |
CheckPoint.Host.ipv6-address | String | IP address |
CheckPoint.Host.read-only | Boolean | indicates if the object is read only |
CheckPoint.Host.creator | String | indicates the creator of the object |
CheckPoint.Host.last-modifier | String | indicates the last user modified the object |
CheckPoint.Host.groups-name | String | Group object name linked to current host object. |
CheckPoint.Host.groups-uid | Unknown | Group object uid linked to current host object. |
#
Command Example!checkpoint-host-get identifier=host_test
#
Context Example#
Human Readable Output#
CheckPoint data of host object host_test:
name uid type ipv4-address domain-name domain-uid read-only creator last-modifier host_test 11c194c4-db5f-46de-a9e2-95b8e858b98f host 1.1.1.1 SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde false adminsh adminsh
#
checkpoint-host-addAdd new host
#
Base Commandcheckpoint-host-add
#
InputArgument Name | Description | Required |
---|---|---|
name | name of the new host | Required |
ip_address | ip address | Required |
groups | group identifier. | Optional |
session_id | Execute command with a specific session ID | Required |
ignore_warnings | Whether to ignore warnings when adding a host. | Optional |
ignore_errors | Whether to ignore errors when adding a host. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Host.name | String | object name |
CheckPoint.Host.uid | String | object uid |
CheckPoint.Host.type | String | object type |
CheckPoint.Host.domain-name | String | domain name |
CheckPoint.Host.domain-uid | String | domain uid |
CheckPoint.Host.domain-type | String | domain type |
CheckPoint.Host.creator | String | indicates the creator of the object |
CheckPoint.Host.last-modifier | String | indicates the last user modifies the object |
CheckPoint.Host.ipv4-address | String | ip address |
CheckPoint.Host.ipv6-address | String | IP address |
CheckPoint.Host.read-only | String | indicates if the object is read only |
CheckPoint.Host.groups | String | Collection of group identifiers |
#
Command Example!checkpoint-host-add name=test_host_1 ip_address=18.18.18.18 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for adding host:
name uid type domain-name domain-uid creator last-modifier ipv4-address read-only test_host_1 7290f66a-fdd4-40fb-a639-774e3f387113 host SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde adminsh adminsh 18.18.18.18 true
#
checkpoint-host-updateupdate host changes
#
Base Commandcheckpoint-host-update
#
InputArgument Name | Description | Required |
---|---|---|
identifier | Object unique identifier or name | Required |
ip_address | IPv4 or IPv6 address. | Optional |
new_name | New name of the object. | Optional |
comments | Comments string. | Optional |
ignore_warnings | Apply changes ignoring warnings. | Optional |
ignore_errors | Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored. | Optional |
groups | Collection of group identifiers. | Optional |
session_id | Execute command with a specific session ID | Required |
ignore_warnings | Whether to ignore warnings when adding a host. | Optional |
ignore_errors | Whether to ignore errors when adding a host. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Host.name | String | object name |
CheckPoint.Host.uid | String | object uid |
CheckPoint.Host.type | String | object type |
CheckPoint.Host.domain-name | String | domain name |
CheckPoint.Host.domain-uid | String | domain uid |
CheckPoint.Host.domain-type | String | domain type |
CheckPoint.Host.creator | String | indicates the creator of the object |
CheckPoint.Host.last-modifier | String | indicates the last user modified the object |
CheckPoint.Host.ipv4-address | String | IP address |
CheckPoint.Host.read-only | Boolean | IP address |
CheckPoint.Host.group-name | String | Group object name linked to the host. |
CheckPoint.Host.group-uid | String | Group object name linked to the host |
#
Command Example!checkpoint-host-update identifier=host_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for updating a host:
name uid type domain-name domain-uid creator ipv4-address last-modifier read-only host_test 11c194c4-db5f-46de-a9e2-95b8e858b98f host SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde adminsh 1.1.1.1 adminsh false
#
checkpoint-host-deletedelete host
#
Base Commandcheckpoint-host-delete
#
InputArgument Name | Description | Required |
---|---|---|
identifier | uid or name. | Required |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Host.message | String | operation status |
#
Command Example!checkpoint-host-delete identifier=host_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for deleting host_test:
message OK
#
checkpoint-group-listShow a list of all groups
#
Base Commandcheckpoint-group-list
#
InputArgument Name | Description | Required |
---|---|---|
limit | The maximal number of returned results. | Optional |
offset | Number of the results to initially skip. | Optional |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Group.name | String | object's name |
CheckPoint.Group.uid | String | object's uid |
CheckPoint.Group.type | String | Type of the object |
#
Command Example!checkpoint-group-list limit=5
#
Context Example#
Human Readable Output#
CheckPoint data for all groups:
name uid type bensar fe26adc1-c0e1-4424-9a9e-f74f511a7f28 group group10 cf069504-5ea5-4eb2-9b97-ccdc500db118 group group9 c4635886-15c9-4416-8160-5c70d68462cd group group_test 35a46b01-47f5-496f-9329-d55c7d2ab083 group Group_test_for_demisto 1deaead0-136c-4791-8d58-9229c143b8c5 group
#
checkpoint-group-getGet all data of a given group
#
Base Commandcheckpoint-group-get
#
InputArgument Name | Description | Required |
---|---|---|
identifier | object uid or name | Required |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Group.name | String | Object name. |
CheckPoint.Group.uid | String | Object UID. |
CheckPoint.Group.type | String | Object type. |
CheckPoint.Group.domain-name | String | Domain name. |
CheckPoint.Group.domain-uid | String | Domain UID. |
CheckPoint.Group.domain-type | String | Domain type. |
CheckPoint.Group.creator | String | The creator of the object. |
CheckPoint.Group.last-modifier | String | The user that last modified the object. |
CheckPoint.Group.read-only | Boolean | Indicates if the object is read-only. |
CheckPoint.Group.ipv4-address | string | Group IPv4 addresses. |
CheckPoint.Group.ipv6-address | string | Group IPv6 addresses. |
CheckPoint.Group.groups | Unknown | Collection of group identifiers. |
CheckPoint.Group.members.member-ipv4-address | string | Group members IPv4 addresses. |
CheckPoint.Group.members.member-ipv6-address | string | Group members IPv6 addresses. |
CheckPoint.Group.members.member-domain-name | string | Group members domain name. |
CheckPoint.Group.members.member-domain-uid | string | Group members domain UID. |
CheckPoint.Group.members.member-domain-type | string | Group members domain type. |
CheckPoint.Group.members.member-name | string | Group member name. |
CheckPoint.Group.members.member-uid | string | Group member UID. |
CheckPoint.Group.members.member-type | string | Group member type. |
#
Command Example!checkpoint-group-get identifier=group_test
#
Context Example#
Human Readable Output#
CheckPoint for group_test group:
name uid type domain-name domain-uid read-only creator last-modifier group_test 35a46b01-47f5-496f-9329-d55c7d2ab083 group SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde false adminsh adminsh
#
checkpoint-group-addadd a group
#
Base Commandcheckpoint-group-add
#
InputArgument Name | Description | Required |
---|---|---|
name | Object name. Must be unique in the domain. | Required |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Group.name | String | object's name |
CheckPoint.Group.uid | String | object uid |
CheckPoint.Group.type | Unknown | object type |
CheckPoint.Group.domain-name | String | domain name |
CheckPoint.Group.domain-uid | String | domain uid |
CheckPoint.Group.domain-type | String | domain type |
CheckPoint.Group.creator | String | Indicates the object creator |
CheckPoint.Group.last-modifier | String | Indicates the last user modified the object |
CheckPoint.Group.read-only | Boolean | Indicates whether the object is read-only |
CheckPoint.Group.groups-name | Unknown | groups name |
#
Command Example!checkpoint-group-add name=test_group_1 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for adding Group:
creator domain-name domain-uid last-modifier name type uid adminsh SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde adminsh test_group_1 group 11e751da-a0e7-499a-bcde-5bc638c73fb5
#
checkpoint-group-updateupdate group object
#
Base Commandcheckpoint-group-update
#
InputArgument Name | Description | Required |
---|---|---|
identifier | uid or name. | Required |
new_name | New name of the group object | Optional |
comments | Comments string. | Optional |
ignore_warnings | Apply changes ignoring warnings. | Optional |
ignore_errors | Apply changes ignoring errors. | Optional |
session_id | Execute command with a specific session ID | Required |
members | Collection of Network objects identified by the name or UID. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Group.name | String | object name |
CheckPoint.Group.uid | String | object uid |
CheckPoint.Group.type | String | object type |
CheckPoint.Group.domain-name | String | domain name |
CheckPoint.Group.domain-uid | String | domain uid |
CheckPoint.Group.domain-type | String | domain type |
CheckPoint.Group.creator | String | Indicates the creator of the object |
CheckPoint.Group.last-modifier | String | Indicates the lasr user modified the object |
CheckPoint.Group.read-only | Boolean | Indicates if the object is read only |
#
Command Example!checkpoint-group-update identifier=group_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for updating a group:
name uid type domain-name domain-uid creator last-modifier read-only group_test 35a46b01-47f5-496f-9329-d55c7d2ab083 group SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde adminsh adminsh false
#
checkpoint-group-deletedelete a group object
#
Base Commandcheckpoint-group-delete
#
InputArgument Name | Description | Required |
---|---|---|
identifier | object name or uid | Required |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Group.message | String | Operation massege |
#
Command Example!checkpoint-group-delete identifier=group_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for deleting group_test:
message OK
#
checkpoint-address-range-listList all address range objects
#
Base Commandcheckpoint-address-range-list
#
InputArgument Name | Description | Required |
---|---|---|
limit | The maximal number of returned results. | Optional |
offset | Number of the results to initially skip. | Optional |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.AddressRange.name | String | Object's name |
CheckPoint.AddressRange.uid | String | Object's uid |
CheckPoint.AddressRange.type | String | Type of the object. |
#
Command Example!checkpoint-address-range-list limit=5
#
Context Example#
Human Readable Output#
CheckPoint data for all address ranges:
name uid type address_range_1 d4543195-8744-4592-906e-1cdcd534a564 address-range address_range_test 26887214-d639-4acd-ab48-508d900cdfc2 address-range address_range_test_1 46800cfe-e3ff-4101-867c-27772ade9d72 address-range All_Internet f90e0a2b-f166-427a-b47f-a107b6fe43b9 address-range LocalMachine_Loopback 5d3b2752-4072-41e1-9aa0-488813b02a40 address-range
#
checkpoint-address-range-addAdd address range object
#
Base Commandcheckpoint-address-range-add
#
InputArgument Name | Description | Required |
---|---|---|
name | object name | Required |
ip_address_first | First IP address in the range. | Required |
ip_address_last | Last IP address in the range. | Required |
set_if_exists | If another object with the same identifier already exists, it will be updated. | Optional |
ignore_warnings | Apply changes ignoring warnings. | Optional |
ignore_errors | Apply changes ignoring errors. | Optional |
session_id | Execute command with a specific session ID | Required |
groups | Collection of group identifiers. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.AddressRange.name | String | object name |
CheckPoint.AddressRange.uid | String | object uid |
CheckPoint.AddressRange.type | String | object type |
CheckPoint.AddressRange.domain-name | String | domain name |
CheckPoint.AddressRange.domain-uid | String | domain uid |
CheckPoint.AddressRange.domain-type | String | domain type |
CheckPoint.AddressRange.ipv4-address-first | String | First IPv4 address in the range |
CheckPoint.AddressRange.ipv4-address-last | String | Last IPv4 address in the range |
CheckPoint.AddressRange.ipv6-address-first | String | First IPv4 address in the range |
CheckPoint.AddressRange.ipv6-address-last | String | Last IPv6 address in the range |
CheckPoint.AddressRange.read-only | Boolean | Indicates whether the object is read-only. |
CheckPoint.AddressRange.creator | String | Indicates the creator of the object |
CheckPoint.AddressRange.last-modifier | String | Indicates the last user modified the object |
CheckPoint.AddressRange.groups | String | Name of the group object |
#
Command Example!checkpoint-address-range-add name=address_range_test_2 ip_address_first=8.8.8.8 ip_address_last=9.9.9.9 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for adding an address range:
name uid type domain-name domain-uid creator ipv4-address-first ipv4-address-last last-modifier read-only address_range_test_2 4fb8174d-89db-42f8-88b8-525c8fe818be address-range SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde adminsh 8.8.8.8 9.9.9.9 adminsh true
#
checkpoint-address-range-updateUpdate an address range object
#
Base Commandcheckpoint-address-range-update
#
InputArgument Name | Description | Required |
---|---|---|
identifier | uid or name. | Required |
ip_address_first | First IP address in the range. IPv4 or IPv6 address. | Optional |
ip_address_last | Last IP address in the range. IPv4 or IPv6 address. | Optional |
new_name | New name of the object. | Optional |
comments | Comments string. | Optional |
ignore_warnings | Apply changes ignoring warnings. | Optional |
ignore_errors | Apply changes ignoring errors. | Optional |
groups | Collection of group identifiers. | Optional |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.AddressRange.name | String | object name |
CheckPoint.AddressRange.uid | String | object uid |
CheckPoint.AddressRange.type | String | object type |
CheckPoint.AddressRange.domain-name | String | domain name |
CheckPoint.AddressRange.domain-uid | String | domain uid |
CheckPoint.AddressRange.domain-type | String | domain type |
CheckPoint.AddressRange.ipv4-address-first | String | First IPv4 address in the range |
CheckPoint.AddressRange.ipv4-address-last | String | Last IPv4 address in the range |
CheckPoint.AddressRange.ipv6-address-first | String | First IPv4 address in the range |
CheckPoint.AddressRange.ipv6-address-last | String | Last IPv6 address in the range |
CheckPoint.AddressRange.read-only | Boolean | Indicates whether the object is read-only. |
CheckPoint.AddressRange.groups | String | List of all groups the address range is linked to |
#
Command Example!checkpoint-address-range-update identifier=address_range_test layer=Network session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for updating an address range:
name uid type domain-name domain-uid creator last-modifier read-only address_range_test 26887214-d639-4acd-ab48-508d900cdfc2 address-range SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde adminsh adminsh false
#
checkpoint-address-range-deleteDelete a given address range
#
Base Commandcheckpoint-address-range-delete
#
InputArgument Name | Description | Required |
---|---|---|
identifier | object name or uid | Required |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.AddressRange.message | String | Operation status |
#
Command Example!checkpoint-address-range-delete identifier=address_range_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for deleting address range:
message OK
#
checkpoint-threat-indicator-listList all threat indicators
#
Base Commandcheckpoint-threat-indicator-list
#
InputArgument Name | Description | Required |
---|---|---|
limit | The maximal number of returned results. | Optional |
offset | Skip that many results before beginning to return them. | Optional |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ThreatIndicator.name | String | object name |
CheckPoint.ThreatIndicator.uid | String | object uid |
CheckPoint.ThreatIndicator.type | String | object type |
#
Command Example!checkpoint-threat-indicator-list limit=5
#
Context Example#
Human Readable Output#
CheckPoint data for all threat indicators:
name uid type My_Indicator! a40ec97c-e286-474b-bff7-b922e3b3294d threat-indicator test_indicator 3e6a22c0-0416-4a2d-b7c0-f81df12916e1 threat-indicator threat_test_1 88e502f1-2bd5-4ad4-ba6b-dbbb2fef8260 threat-indicator threat_test_2 f34c89f1-b18f-4cf2-b2bb-672462178b9d threat-indicator threat_test_3 ee17772c-94aa-4e42-93e4-f0ba49de339b threat-indicator
#
checkpoint-threat-indicator-getGet data for a given list indicator
#
Base Commandcheckpoint-threat-indicator-get
#
InputArgument Name | Description | Required |
---|---|---|
identifier | object uid or name | Required |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ThreatIndicator.name | String | object name |
CheckPoint.ThreatIndicator.uid | String | object uid |
CheckPoint.ThreatIndicator.type | String | object type |
CheckPoint.ThreatIndicator.domain-name | String | Domain name |
CheckPoint.ThreatIndicator.domain-uid | String | object uid |
CheckPoint.ThreatIndicator.domain-type | Unknown | domain type |
CheckPoint.ThreatIndicator.creator | String | creator |
CheckPoint.ThreatIndicator.last-modifier | String | Indicates the last user modified the object |
CheckPoint.ThreatIndicator.read-only | Boolean | Indicates whether the object is read-only. |
#
Command Example!checkpoint-threat-indicator-get identifier=threat_test_1
#
Context Example#
Human Readable Output#
CheckPoint data for threat_test_1 threat indicator:
name uid type domain-name domain-uid read-only creator last-modifier number-of-observables threat_test_1 88e502f1-2bd5-4ad4-ba6b-dbbb2fef8260 threat-indicator SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde false adminsh adminsh 1
#
checkpoint-threat-indicator-addAdd a threat indicator
#
Base Commandcheckpoint-threat-indicator-add
#
InputArgument Name | Description | Required |
---|---|---|
name | threat indicator name | Required |
observables | The indicator's observable or the contents of a file containing the indicator's observables. | Required |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ThreatIndicator.task-id | String | Asynchronous task unique identifier. |
#
Command Example!checkpoint-threat-indicator-add name=threat_test2 observables=[] session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
checkpoint-threat-indicator-updateUpdate a given indicator
#
Base Commandcheckpoint-threat-indicator-update
#
InputArgument Name | Description | Required |
---|---|---|
identifier | uid or name. | Required |
action | the action to set. | Optional |
new_name | New name of the object. | Optional |
comments | Comments string. | Optional |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ThreatIndicator.name | String | object name |
CheckPoint.ThreatIndicator.uid | String | object uid |
CheckPoint.ThreatIndicator.type | String | object type |
CheckPoint.ThreatIndicator.action | String | The indicator's action. |
CheckPoint.ThreatIndicator.domain-name | String | domain name |
CheckPoint.ThreatIndicator.domain-uid | String | domain uid |
CheckPoint.ThreatIndicator.domain-type | String | domain type |
CheckPoint.ThreatIndicator.creator | String | Indicates the creator of the object |
CheckPoint.ThreatIndicator.last-modifier | String | Indicates the last user modified the object |
CheckPoint.ThreatIndicator.read-only | Boolean | Indicates whether the object is read-only. |
#
Command Example!checkpoint-threat-indicator-update identifier=threat_test_1 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for update threat_test_1 threat indicator
name uid type domain-name domain-uid creator last-modifier read-only threat_test_1 88e502f1-2bd5-4ad4-ba6b-dbbb2fef8260 threat-indicator SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde adminsh adminsh false
#
checkpoint-address-range-getGet all date of a given address range object
#
Base Commandcheckpoint-address-range-get
#
InputArgument Name | Description | Required |
---|---|---|
identifier | uid or name object | Required |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.AddressRange.name | String | object name |
CheckPoint.AddressRange.uid | String | object uid |
CheckPoint.AddressRange.type | String | object type |
CheckPoint.AddressRange.domain-name | String | domain name |
CheckPoint.AddressRange.domain-uid | String | domain uid |
CheckPoint.AddressRange.domain-type | String | domain type |
CheckPoint.AddressRange.groups-name | String | Group object name linked to current host object |
CheckPoint.AddressRange.groups-uid | String | Group object uid linked to current host object |
#
Command Example!checkpoint-address-range-get identifier=address_range_test
#
Context Example#
Human Readable Output#
CheckPoint data for address_range_test address range:
name uid type domain-name domain-uid read-only creator last-modifier address_range_test 26887214-d639-4acd-ab48-508d900cdfc2 address-range SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde false adminsh adminsh
#
checkpoint-threat-indicator-deletedelete threat indicator
#
Base Commandcheckpoint-threat-indicator-delete
#
InputArgument Name | Description | Required |
---|---|---|
identifier | object name or uid | Required |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ThreatIndicator.message | String | Operation status |
#
Command Example!checkpoint-threat-indicator-delete identifier=threat_test_1 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint status for deleting threat_test_1threat indicator:
message OK
#
checkpoint-access-rule-listShows the entire Access Rules layer. This layer is divided into sections. An Access Rule may be within a section, or independent of a section.
#
Base Commandcheckpoint-access-rule-list
#
InputArgument Name | Description | Required |
---|---|---|
identifier | object name or uid | Required |
limit | The maximal number of returned results. | Optional |
offset | Number of the results to initially skip. | Optional |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.AccessRule.name | String | Object name. |
CheckPoint.AccessRule.uid | String | Object UID. |
CheckPoint.AccessRule.type | String | Object type. |
CheckPoint.AccessRule.ipv4-address | String | IPv4 address of the specified object. |
CheckPoint.AccessRule.ipv6-address | String | IPv6 address of the specified object. |
CheckPoint.AccessRule.domain-name | String | Domain name. |
CheckPoint.AccessRule.domain-uid | String | Domain UID. |
CheckPoint.AccessRule.creator | String | The creator of the object. |
CheckPoint.AccessRule.last-modifier | String | The user that last modified the object. |
CheckPoint.AccessRule.read-only | Boolean | Indicates if the object is read-only. |
CheckPoint.AccessRule.groups | Unknown | Collection of group identifiers. |
#
Command Example!checkpoint-access-rule-list identifier=Network limit=5
#
Context Example#
Human Readable Output#
CheckPoint data for all access rule bases:
name uid type 6521b7b9-d340-44ec-a104-17d5ea669bc0 access-rule bb6016e3-36e8-4214-b17f-89623160dd10 access-rule test_access_rule_8 0c71cc44-a5ad-43cd-9af0-79e5f153f62f access-rule None c44add02-0f02-4b29-8ab3-d5ac687d31f7 access-rule est_access_rule e5bc5918-7155-493e-89ce-5562586d3acc access-rule
#
checkpoint-access-rule-addCreate new access rule
#
Base Commandcheckpoint-access-rule-add
#
InputArgument Name | Description | Required |
---|---|---|
layer | Layer that the rule belongs to identified by the name or UID. | Required |
position | Position in the rulebase. | Required |
name | Rule name. | Optional |
action | Action settings. valid values are: Accept, Drop, Apply Layer, Ask and Info. default value is Drop. | Optional |
vpn | Communities or Directional. Valid values: Any, All_GwToGw. | Optional |
destination | Collection of Network objects identified by the name or UID. | Optional |
service | Collection of Network objects identified by the name or UID. | Optional |
source | Collection of Network objects identified by the name or UID. | Optional |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.AccessRule.name | String | object name |
CheckPoint.AccessRule.uid | String | object uid |
CheckPoint.AccessRule.type | String | object type |
CheckPoint.AccessRule.domain-name | String | domain name |
CheckPoint.AccessRule.domain-uid | String | domain uid |
CheckPoint.AccessRule.domain-type | String | domain type |
CheckPoint.AccessRule.enabled | Boolean | Enable/Disable the rule. |
CheckPoint.AccessRule.layer | String | Layer that the rule belongs to identified by the name or UID. |
CheckPoint.AccessRule.creator | String | Indicated the object creator |
CheckPoint.AccessRule.last-modifier | String | Indicates the last user modofied the object |
#
Command Example!checkpoint-access-rule-add name=test_access_rule layer=Network position=top session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for adding access rule:
name uid type domain-name domain-uid enabled layer creator last-modifier test_access_rule a9f00b65-bb3b-4548-b06a-6c5672df6c8b access-rule SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde true c0264a80-1832-4fce-8a90-d0849dc4ba33 adminsh adminsh
#
checkpoint-access-rule-updateEdit existing access rule using object name or uid.
#
Base Commandcheckpoint-access-rule-update
#
InputArgument Name | Description | Required |
---|---|---|
identifier | object name or uid, OR rule number | Required |
layer | Layer that the rule belongs to identified by the name or UID. | Required |
action | action to be taken on the rule | Optional |
enabled | Enable/Disable the rule. | Optional |
new_name | New name of the object. | Optional |
new_position | New position in the rulebase. Value can be int to set specific position, ot str- 'top' or 'bottom' | Optional |
ignore_warnings | Apply changes ignoring warnings. | Optional |
ignore_errors | Apply changes ignoring errors | Optional |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.AccessRule.name | String | object name |
CheckPoint.AccessRule.uid | String | object uid |
CheckPoint.AccessRule.type | String | object type |
CheckPoint.AccessRule.action-name | String | action name |
CheckPoint.AccessRule.action-uid | String | action uid |
CheckPoint.AccessRule.action-type | Unknown | action type |
CheckPoint.AccessRule.action-domain-name | String | action domain name |
CheckPoint.AccessRule.content-direction | String | On which direction the file types processing is applied. |
CheckPoint.AccessRule.domain-name | String | domain name |
CheckPoint.AccessRule.domain-uid | String | domain uid |
CheckPoint.AccessRule.domain-type | String | domain type |
CheckPoint.AccessRule.enabled | Boolean | Enable/Disable the rule. |
CheckPoint.AccessRule.layer | String | Layer that the rule belongs to identified by the name or UID. |
CheckPoint.AccessRule.creator | String | Indicates the creator of the object |
CheckPoint.AccessRule.last-modifier | String | Indicates the last user modified the object |
#
Command Example!checkpoint-access-rule-update identifier=7867e584-0e68-42b4-ba18-2dd16cdbd436 layer=Network session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for updating an access rule:
name uid type domain-name domain-uid action-name action-uid action-type content-direction creator enabled last-modifier None 7867e584-0e68-42b4-ba18-2dd16cdbd436 access-rule SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde Drop 6c488338-8eec-4103-ad21-cd461ac2c473 RulebaseAction any adminsh true adminsh
#
checkpoint-access-rule-deleteDelete access rule
#
Base Commandcheckpoint-access-rule-delete
#
InputArgument Name | Description | Required |
---|---|---|
identifier | uid, name or rule-number. | Required |
layer | Layer that the rule belongs to identified by the name or UID. | Required |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.AccessRule.message | String | Operation status |
#
Command Example!checkpoint-access-rule-delete identifier=7867e584-0e68-42b4-ba18-2dd16cdbd436 layer=Network session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for deleting access rule range: 7867e584-0e68-42b4-ba18-2dd16cdbd436
message OK
#
checkpoint-application-site-listRetrieve all objects.
#
Base Commandcheckpoint-application-site-list
#
InputArgument Name | Description | Required |
---|---|---|
limit | The maximal number of returned results. | Optional |
offset | Number of the results to initially skip | Optional |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ApplicationSite.name | String | objects name |
CheckPoint.ApplicationSite.uid | String | objects uid |
CheckPoint.ApplicationSite.type | String | objects type |
#
Command Example!checkpoint-application-site-list limit=5
#
Context Example#
Human Readable Output#
CheckPoint data for all access rule bases:
name uid type #hashtags 00fa9e3c-36ef-0f65-e053-08241dc22da2 application-site 050 Plus 00fa9e44-4035-0f65-e053-08241dc22da2 application-site 0test_application_site_10 446cff2c-7e1f-4dbc-a943-66740e890d67 application-site 1000keyboards 00fa9e3d-a077-0f65-e053-08241dc22da2 application-site 1000memories 00fa9e43-56d7-0f65-e053-08241dc22da2 application-site
#
checkpoint-application-site-addAdd application site
#
Base Commandcheckpoint-application-site-add
#
InputArgument Name | Description | Required |
---|---|---|
name | Object name. Must be unique in the domain | Required |
primary_category | Each application is assigned to one primary category based on its most defining aspect | Required |
identifier | can be: url-list(str): URLs that determine this particular application. application-signature(str): Application signature generated by Signature Tool. | Required |
session_id | Execute command with a specific session ID | Required |
groups | Collection of group identifiers. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ApplicationSite.name | String | object name |
CheckPoint.ApplicationSite.uid | String | object uid |
CheckPoint.ApplicationSite.type | String | object type |
CheckPoint.ApplicationSite.application-id | Number | application ID |
CheckPoint.ApplicationSite.description | String | A description for the application. |
CheckPoint.ApplicationSite.domain-name | String | domain name |
CheckPoint.ApplicationSite.domain-uid | String | domain uid |
CheckPoint.ApplicationSite.domain-type | String | domain name |
CheckPoint.ApplicationSite.url-list | String | URLs that determine this particular application. |
CheckPoint.ApplicationSite.creator | String | Indicates the creator of the object |
CheckPoint.ApplicationSite.last-modifier | String | Indicates the last user modified this object |
CheckPoint.ApplicationSite.groups | Unknown | Collection of group identifiers |
#
Command Example !checkpoint-application-site-add name="test_application_site_1" primary_category="Test Category" identifier="qmasters.co" session_id="TEAK9kWnZ9Dhql9hYP5IR4aZEw1mrKdPjw3lRnxvp88"
#
Context Example#
Human Readable Output#
CheckPoint data for adding application site:application-id | creator | domain-name | domain-uid | last-modifier | name | type | uid | url-list |
---|---|---|---|---|---|---|---|---|
0 | adminsh | SMC User | 41e821a0-3720-11e3-aa6e-0800200c9fde | adminsh | test_application_site_1 | application-site | 452f6cff-e7fb-47b8-abfe-53c668dc0038 | qmasters.co |
#
checkpoint-application-site-updateEdit existing application using object name or uid. It's impossible to set 'application-signature' when the application was initialized with 'url-list' and vice-verse.
#
Base Commandcheckpoint-application-site-update
#
InputArgument Name | Description | Required |
---|---|---|
identifier | uid or name. | Required |
description | A description for the application. | Optional |
primary_category | Each application is assigned to one primary category based on its most defining aspect. | Optional |
application_signature | Application signature generated by Signature Tool. | Optional |
new_name | New name of the object. | Optional |
urls_defined_as_regular_expression | States whether the URL is defined as a Regular Expression or not. | Optional |
url_list | URLs that determine this particular application. This will replace the current url collection. | Optional |
url_list_to_add | Adds to collection of values. | Optional |
url_list_to_remove | Removes from collection of values. | Optional |
groups | Collection of group identifiers. Can be a single group or a list of groups. | Optional |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ApplicationSite.name | String | object name |
CheckPoint.ApplicationSite.uid | String | object uid |
CheckPoint.ApplicationSite.type | String | object ty[e |
CheckPoint.ApplicationSite.application-id | Number | application ID |
CheckPoint.ApplicationSite.description | String | A description for the application. |
CheckPoint.ApplicationSite.domain-name | String | domain name |
CheckPoint.ApplicationSite.domain-uid | String | domain uid |
CheckPoint.ApplicationSite.domain-type | String | domain type |
CheckPoint.ApplicationSite.url-list | String | URLs that determine this particular application. |
CheckPoint.ApplicationSite.groups | String | Collection of group identifiers |
CheckPoint.ApplicationSite.primary-category | String | Objects primary category. |
#
Command Example!checkpoint-application-site-update identifier=test_application_site session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for updating an application site:
name uid type application-id primary-category url-list domain-name domain-uid test_application_site ccc788d1-b798-4e5c-8530-a6c375853730 application-site 1073741861 Test Category qmasters.co SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde
#
checkpoint-application-site-deleteDelete existing application site object using object name or uid.
#
Base Commandcheckpoint-application-site-delete
#
InputArgument Name | Description | Required |
---|---|---|
identifier | uid or name object | Required |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ApplicationSite.message | String | Operation status. |
#
Command Example!checkpoint-application-site-delete identifier=test_application_site session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for deleting application site : test_application_site
message OK
#
checkpoint-publishpublish changes
#
Base Commandcheckpoint-publish
#
InputArgument Name | Description | Required |
---|---|---|
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Publish.task-id | String | Task id of the publish command. |
#
Command Example!checkpoint-publish session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for publishing current session:
task-id 01234567-89ab-cdef-9338-e44df5384ac3
#
checkpoint-install-policyIntsalling policy
#
Base Commandcheckpoint-install-policy
#
InputArgument Name | Description | Required |
---|---|---|
policy_package | The name of the Policy Package to be installed. | Required |
targets | On what targets to execute this command. Targets may be identified by their name, or object unique identifier. | Required |
access | Set to be true in order to install the Access Control policy. | Optional |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.InstallPolicy.task-id | String | Operation task ID. |
#
Command Example!checkpoint-install-policy policy_package=standard targets=test-gw session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for installing policy:
task-id d461078b-cc1e-41b6-869b-096438673323
#
checkpoint-verify-policyVerifies the policy of the selected package.
#
Base Commandcheckpoint-verify-policy
#
InputArgument Name | Description | Required |
---|---|---|
policy_package | The name of the Policy Package to be installed. | Required |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.VerifyPolicy.task-id | String | Operation task ID. |
#
Command Example!checkpoint-policy-verify policy_package=standard session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Human Readable Output#
checkpoint-show-taskShow task progress and details.
#
Base Commandcheckpoint-show-task
#
InputArgument Name | Description | Required |
---|---|---|
task_id | Unique identifier of one or more tasks. | Required |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ShowTask.task-id | String | Task ID |
CheckPoint.ShowTask.task-name | String | Task name |
CheckPoint.ShowTask.status | String | Task status |
CheckPoint.ShowTask.progress-percentage | Unknown | Task prograss in percentage |
CheckPoint.ShowTask.suppressed | Boolean | Indicates if the task is suppressed |
#
Command Example!checkpoint-show-task task_id=01234567-89ab-cdef-997f-2e3e3b4b2541
#
Context Example#
Human Readable Output#
CheckPoint data for tasks:
task-name task-id status suppressed progress-percentage Publish operation 01234567-89ab-cdef-997f-2e3e3b4b2541 succeeded false 100
#
checkpoint-login-and-get-session-idLogin to CheckPoint and get the session id
#
Base Commandcheckpoint-login-and-get-session-id
#
InputArgument Name | Description | Required |
---|---|---|
session_timeout | Session expiration timeout in seconds. Default 600 seconds. Session timeout range is between 600 to 3600 seconds. | Optional |
domain | Name of domain to log in to, for use with MDS. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Login.session-id | String | Session ID |
#
Command Example#
Context Example#
Human Readable Output#
CheckPoint session data:
session-id LoUhF29pRkJsBiIWlMdBFy1LhHWXzE0VJT_lWpz4v0k
#
checkpoint-logoutLogout from a given session
#
Base Commandcheckpoint-logout
#
InputArgument Name | Description | Required |
---|---|---|
session_id | Session ID to logout from | Required |
#
Context OutputThere is no context output for this command.
#
Command Example!checkpoint-logout session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable OutputOK
#
checkpoint-packages-listList all packages.
#
Base Commandcheckpoint-packages-list
#
InputArgument Name | Description | Required |
---|---|---|
limit | The maximal number of returned results | Optional |
offset | Number of the results to initially skip | Optional |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Packages.name | String | Name of the package |
CheckPoint.Packages.uid | String | UID of the package |
CheckPoint.Packages.type | String | Type of the package |
CheckPoint.Packages.domain-name | String | Domain name |
CheckPoint.Packages.domain-uid | String | Domain uid |
CheckPoint.Packages.domain-type | String | Domain type |
#
Command Example!checkpoint-packages-list session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for all packages:
name uid type BenLayer 9daac370-ad2d-4a21-a503-a312755aceaf package Standard ca4e32a8-bee0-423c-84f0-19bab6751d5e package
#
checkpoint-gateways-listRetrieve all gateways and servers
#
Base Commandcheckpoint-gateways-list
#
InputArgument Name | Description | Required |
---|---|---|
limit | The maximal number of returned results | Optional |
offset | Number of the results to initially skip | Optional |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Gateways.name | String | Gateway name |
CheckPoint.Gateways.uid | String | Gateway uid |
CheckPoint.Gateways.type | String | Gateway type |
CheckPoint.Gateways.version | String | Gateway vesion |
CheckPoint.Gateways.network-security-blades | String | Gateway network security blades |
CheckPoint.Gateways.management-blades | String | Gateway management blades |
CheckPoint.Gateways.domain-name | String | Domain name |
CheckPoint.Gateways.domain-uid | String | Domain UID |
CheckPoint.Gateways.domain-type | String | Doamin type |
#
Command Example!checkpoint-gateways-list session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for all gateways:
name uid type version network-security-blades management-blades gw-88a290 98bee60f-23ab-bf41-ba29-4c574b9d6f7c CpmiHostCkp R80.30 network-policy-management: true
logging-and-status: truetest-gw 3b83b6cb-d3cb-4596-8d90-ba9735d7d53c simple-gateway R80.30 firewall: true
#
checkpoint-application-site-category-listRetrieve all application site category.
#
Base Commandcheckpoint-application-site-category-list
#
InputArgument Name | Description | Required |
---|---|---|
limit | The maximal number of returned results | Optional |
offset | Number of the results to initially skip | Optional |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ApplicationSiteCategory.name | String | Name of the package |
CheckPoint.ApplicationSiteCategory.uid | String | UID of the package |
CheckPoint.ApplicationSiteCategory.type | String | Type of the package |
CheckPoint.ApplicationSiteCategory.domain-name | String | Domain name |
CheckPoint.ApplicationSiteCategory.domain-uid | String | Domain uid |
CheckPoint.ApplicationSiteCategory.domain-type | String | Domain type |
#
Command Example!checkpoint-application-site-category-list limit=5
#
Context Example#
Human Readable Output#
CheckPoint data for all application site category:
name uid type 0new_app_site_category d42e14e7-1c50-48d5-9412-2306dc8e5219 application-site-category 0new_category_1 13e91cb3-1025-41a5-8203-89e28102f82f application-site-category 0new_category_2 f49849de-9132-479d-b73a-56696976c235 application-site-category 0new_category_3 51ebf347-290f-4d8c-b99d-7aba73a5698c application-site-category 0new_category_4 6b996605-099c-41fa-a4c6-1733ff895bac application-site-category
#
checkpoint-application-site-category-addAdd new application site category
#
Base Commandcheckpoint-application-site-category-add
#
InputArgument Name | Description | Required |
---|---|---|
identifier | Object name or uid. Must be unique in the domain. | Required |
groups | Collection of group identifiers. | Optional |
session_id | Execute command with a specific session ID | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ApplicationSiteCategory.name | String | object name |
CheckPoint.ApplicationSiteCategory.uid | String | object uid |
CheckPoint.ApplicationSiteCategory.type | String | object type |
CheckPoint.ApplicationSiteCategory.description | String | A description for the application. |
CheckPoint.ApplicationSiteCategory.domain-name | String | domain name |
CheckPoint.ApplicationSiteCategory.domain-uid | String | domain uid |
CheckPoint.ApplicationSiteCategory.domain-type | String | domain name |
CheckPoint.ApplicationSiteCategory.creator | String | Indicates the creator of the object |
CheckPoint.ApplicationSiteCategory.last-modifier | String | Indicates the last user modified this object |
CheckPoint.ApplicationSiteCategory.groups | Unknown | Collection of group identifiers |
#
Command Example!checkpoint-application-site-category-add identifier=application_site_category_0101 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for adding application site category application_site_category_0101:
name uid type domain-name domain-uid creator last-modifier application_site_category_0101 5fb2e946-7e9c-42db-8b0a-cf5056f427d8 application-site-category SMC User 41e821a0-3720-11e3-aa6e-0800200c9fde adminsh adminsh
#
checkpoint-application-site-category-getRetrieve application site category object using object name or uid.
#
Base Commandcheckpoint-application-site-category-get
#
InputArgument Name | Description | Required |
---|---|---|
identifier | application site category object name or UID. | Required |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ApplicationSiteCategory.name | Unknown | host name |
CheckPoint.ApplicationSiteCategory.uid | String | object uid |
CheckPoint.ApplicationSiteCategory.type | Unknown | object type |
CheckPoint.ApplicationSiteCategory.domain-name | String | domain name |
CheckPoint.ApplicationSiteCategory.domain-uid | String | domain uid |
CheckPoint.ApplicationSiteCategory.read-only | Boolean | indicates if the object is read only |
CheckPoint.ApplicationSiteCategory.creator | String | indicates the creator of the object |
CheckPoint.ApplicationSiteCategory.last-modifier | String | indicates the last user modified the object |
#
Command Example!checkpoint-application-site-category-get identifier=Alcohol
#
Context Example#
Human Readable Output#
CheckPoint data for adding application site category:
name uid type domain-name domain-uid read-only creator last-modifier Alcohol 00fa9e44-409e-0f65-e053-08241dc22da2 application-site-category APPI Data 8bf4ac51-2df7-40e1-9bce-bedbedbedbed false System System
#
checkpoint-show-objectsRetrieve data about objects.
#
Base Commandcheckpoint-show-objects
#
InputArgument Name | Description | Required |
---|---|---|
limit | The maximal number of returned results. | Optional |
offset | Number of the results to initially skip. | Optional |
filter_search | Search expression to filter objects by. The provided text should be exactly the same as it would be given in Smart Console. The logical operators in the expression ('AND', 'OR') should be provided in capital letters. By default, the search involves both a textual search and a IP search. To use IP search only, set the "ip-only" parameter to true. | Optional |
ip_only | If using "filter", use this field to search objects by their IP address only, without involving the textual search. | Optional |
object_type | he objects' type, e.g.: host, service-tcp, network, address-range. Default value is object | Optional |
session_id | Execute command with a specific session ID | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Objects.name | String | Object name. |
CheckPoint.Objects.uid | String | Object UID. |
CheckPoint.Objects.type | String | Object type. |
CheckPoint.Objects.ipv4-address | String | IPv4 address of the specified object. |
CheckPoint.Objects.ipv6-address | String | IPv6 address of the specified object. |
CheckPoint.Objects.domain-name | String | Domain name. |
CheckPoint.Objects.domain-uid | String | Domain UID. |
CheckPoint.Objects.creator | String | The creator of the object. |
CheckPoint.Objects.last-modifier | String | The user that last modified the object. |
CheckPoint.Objects.read-only | Boolean | Indicates if the object is read-only. |
CheckPoint.Objects.groups | Unknown | Collection of group identifiers. |
#
Command Example!checkpoint-show-objects limit=3 filter_search=1.2.3.4 ip_only=true
#
Context Example#
Human Readable Output#
CheckPoint data for objects:
name uid type All_Internet f90e0a2b-f166-427a-b47f-a107b6fe43b9 address-range
#
checkpoint-package-listGet checkpoint-packages details.
#
Base Commandcheckpoint-package-list
#
InputArgument Name | Description | Required |
---|---|---|
identifier | Object unique identifier or name. | Required |
session_id | Execute command with a specific session ID. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.Package.name | String | The name of the package. |
CheckPoint.Package.target-name | String | The name of the targe. |
CheckPoint.Package.target-uid | String | The UID of the target. |
CheckPoint.Package.revision.domain.domain-type | String | The type of the domain. |
CheckPoint.Package.revision.domain.name | String | The name of the domain. |
CheckPoint.Package.revision.domain.uid | String | The UID of the domain. |
CheckPoint.Package.revision.type | String | The type of the revision. |
CheckPoint.Package.revision.uid | String | The UID of the revision. |
#
Command Example!checkpoint-package-list identifier=Standard session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew
#
Context Example#
Human Readable Output#
CheckPoint data for objects:
target-name name target-uid revision Host1 Standard 41e821a0-3720-11e3-aa6e-0800200c9fde "domain": {
"name": "test",
"domain-type": "domain",
"uid": "41e821a0-3720-11e3-aa6e-0800200c9fde"
},
"type": "session",
"uid", "41e821a0-3720-11e3-aa6e-0800200c9fde"#
checkpoint-add-objects-batchCreates new objects in batch. To achieve optimum performance when adding more than one object, use this API. Note: Errors and warnings are ignored when using this API, operation will apply changes while ignoring errors. It is not possible to publish changes that contain validations errors.
#
Base Commandcheckpoint-add-objects-batch
#
InputArgument Name | Description | Required |
---|---|---|
session_id | Executes the command with the specified session ID. | Required |
object_type | Type of objects to be created. Default is host. | Required |
ipaddress | ip addresses to be added. | Required |
name | names of the ip objects to be added. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.AddObjectBatch.task-id | string | Task id of the add-objects-batch command. |
#
checkpoint-delete-objects-batchDeletes existing objects in batch using object name or uid. To achieve optimum performance when deleting more than one object, use this API.
#
Base Commandcheckpoint-delete-objects-batch
#
InputArgument Name | Description | Required |
---|---|---|
session_id | Executes the command with the specified session ID. | Required |
name | a comma separated list of names of the ip objects to be deleted. | Required |
object_type | Type of objects to be deleted. Default is host. | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.DeleteObjectsBatch.task-id | string | Task id of the delete-objects-batch command. |
#
checkpoint-show-threat-protectionShows an existing threat protection using object name or uid
#
Base Commandcheckpoint-show-threat-protection
#
InputArgument Name | Description | Required |
---|---|---|
uid | . | Optional |
name | . | Optional |
showProfiles | . Possible values are: true, false. Default is false. | Optional |
additionalProperties | . Possible values are: true, false. Default is false. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ShowThreatProtection | unknown |
#
checkpoint-show-threat-protectionsShows existing threat protections using a filter
#
Base Commandcheckpoint-show-threat-protections
#
InputArgument Name | Description | Required |
---|---|---|
filter | . | Optional |
limit | . | Optional |
offset | . | Optional |
order | . | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.ShowThreatProtections | unknown |
#
checkpoint-set-threat-protectionEdit existing object using object name or uid.
#
Base Commandcheckpoint-set-threat-protection
#
InputArgument Name | Description | Required |
---|---|---|
uid | . | Optional |
name | . | Optional |
comments | . | Optional |
follow_up | . Possible values are: true, false. | Optional |
action | . | Optional |
track | . Possible values are: None, Log, SNMP-Trap, Mail, Alert, User-Alert, User-Alert-2, User-Alert-3. | Optional |
capturePackets | . | Optional |
profiles | . | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.SetThreatProtections | unknown |
#
checkpoint-add-threat-profileAdd a new threat profile
#
Base Commandcheckpoint-add-threat-profile
#
InputArgument Name | Description | Required |
---|---|---|
name | . | Required |
active_protections_performance_impact | . | Optional |
active_protections_severity | . | Optional |
confidence_level_high | . | Optional |
confidence_level_low | . | Optional |
confidence_level_medium | . | Optional |
ips_settings | . | Optional |
tags | . | Optional |
use_indicators | . | Optional |
anti_bot | . | Optional |
anti_virus | . | Optional |
ips | . | Optional |
threat_emulation | . | Optional |
exclude_protection_with_performance_impact | . | Optional |
exclude_protection_with_performance_impact_mode | . Possible values are: very low, low or very low, medium or lower, high or lower. | Optional |
exclude_protection_with_severity | . | Optional |
exclude_protection_with_severity_mode | . Possible values are: low or above, medium or above, high or above, critical. | Optional |
newly_updated_protections | . Possible values are: active, inactive, staging. | Optional |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.AddedThreatProfiles | unknown |
#
checkpoint-delete-threat-protectionsDeletes threat protections.
#
Base Commandcheckpoint-delete-threat-protections
#
InputArgument Name | Description | Required |
---|---|---|
packageFormat | Valid response is "snort". | Required |
#
Context OutputPath | Type | Description |
---|---|---|
CheckPoint.DeletedThreatProtections | unknown |