Check Point Firewall v2

Overview


Integration Overview Manage Check Point Firewall. Read information and to send commands to the Check Point Firewall server. This integration was integrated and tested with version R80.30 of CheckPoint SmartConsole.

Product Name: Check Point Firewall
Product Type: Network Security
Product Version: R80.30

How to configure the integration:

In the Smart Console, enable the web api: Management & SettingBladesManagement API, Advanced SettingAll IP address

Enable sftp on your server Check Point guide to walk you through: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk82281

  1. Navigate to Settings > Integrations > Servers & Services.
  2. Search for CheckPoint_FW.
  3. Click Add instance to create and configure a new integration instance.
ParameterDescriptionRequired
serverServer URL (e.g. example.net or 8.8.8.8)True
portServer Port (e.g. 4434)True
usernameusernameTrue
insecureTrust any certificate (not secure)False
proxyUse system proxy settingsFalse
  1. Click Test to validate the URLs, token, and connection.

Commands

You can execute these commands from the Demisto CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

checkpoint-host-list


Show all host objects

Base Command

checkpoint-host-list

Input

Argument NameDescriptionRequired
limitThe maximal number of returned results.Optional
offsetNumber of the results to initially skip.Optional
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.Host.nameStringobject name
CheckPoint.Host.uidStringobject uid
CheckPoint.Host.typeStringobject type
CheckPoint.Host.ipv4StringIP-v4 address of a spesific host

Command Example

!checkpoint-host-list limit=5

Context Example

{
"CheckPoint": {
"Host": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": "18.88.8.7",
"last-modifier": null,
"name": "18.88.8.7",
"read-only": null,
"type": "host",
"uid": "f083d3ce-8e95-460f-a386-0bc4eca1214a"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": "18.88.8.8",
"last-modifier": null,
"name": "18.88.8.8",
"read-only": null,
"type": "host",
"uid": "b032c0a7-096c-4b27-9a09-8d9437312135"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": "192.168.30.2",
"last-modifier": null,
"name": "192.168.30.2",
"read-only": null,
"type": "host",
"uid": "5bd98c85-f848-45ab-aa4c-c729fb8b1723"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": "200.200.200.112",
"last-modifier": null,
"name": "200.200.200.112",
"read-only": null,
"type": "host",
"uid": "23c4b2cf-0adc-4282-8f15-262cfec7f5f5"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": "192.192.10.10",
"last-modifier": null,
"name": "Demisto - 2096",
"read-only": null,
"type": "host",
"uid": "cded0c90-3402-4766-ad1b-adaf972b254f"
}
]
}
}

Human Readable Output

CheckPoint data for all hosts:

nameuidtypeipv4-address
18.88.8.7f083d3ce-8e95-460f-a386-0bc4eca1214ahost18.88.8.7
18.88.8.8b032c0a7-096c-4b27-9a09-8d9437312135host18.88.8.8
192.168.30.25bd98c85-f848-45ab-aa4c-c729fb8b1723host192.168.30.2
200.200.200.11223c4b2cf-0adc-4282-8f15-262cfec7f5f5host200.200.200.112
Demisto - 2096cded0c90-3402-4766-ad1b-adaf972b254fhost192.192.10.10

checkpoint-host-get


get all data of a given host

Base Command

checkpoint-host-get

Input

Argument NameDescriptionRequired
identifierobject unique identifier (uid) or nameRequired
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.Host.nameUnknownhost name
CheckPoint.Host.uidStringobject uid
CheckPoint.Host.typeUnknownobject type
CheckPoint.Host.domain-nameStringdomain name
CheckPoint.Host.domain-uidStringdomain uid
CheckPoint.Host.ipv4-addressStringIP address
CheckPoint.Host.ipv6-addressStringIP address
CheckPoint.Host.read-onlyBooleanindicates if the object is read only
CheckPoint.Host.creatorStringindicates the creator of the object
CheckPoint.Host.last-modifierStringindicates the last user modified the object
CheckPoint.Host.groups-nameStringGroup object name linked to current host object.
CheckPoint.Host.groups-uidUnknownGroup object uid linked to current host object.

Command Example

!checkpoint-host-get identifier=host_test

Context Example

{
"CheckPoint": {
"Host": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": [],
"ipv4-address": "1.1.1.1",
"last-modifier": "adminsh",
"name": "host_test",
"read-only": false,
"type": "host",
"uid": "11c194c4-db5f-46de-a9e2-95b8e858b98f"
}
}
}

Human Readable Output

CheckPoint data of host object host_test:

nameuidtypeipv4-addressdomain-namedomain-uidread-onlycreatorlast-modifier
host_test11c194c4-db5f-46de-a9e2-95b8e858b98fhost1.1.1.1SMC User41e821a0-3720-11e3-aa6e-0800200c9fdefalseadminshadminsh

checkpoint-host-add


Add new host

Base Command

checkpoint-host-add

Input

Argument NameDescriptionRequired
namename of the new hostRequired
ip_addressip addressRequired
groupsgroup identifier.Optional
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.Host.nameStringobject name
CheckPoint.Host.uidStringobject uid
CheckPoint.Host.typeStringobject type
CheckPoint.Host.domain-nameStringdomain name
CheckPoint.Host.domain-uidStringdomain uid
CheckPoint.Host.domain-typeStringdomain type
CheckPoint.Host.creatorStringindicates the creator of the object
CheckPoint.Host.last-modifierStringindicates the last user modifies the object
CheckPoint.Host.ipv4-addressStringip address
CheckPoint.Host.ipv6-addressStringIP address
CheckPoint.Host.read-onlyStringindicates if the object is read only
CheckPoint.Host.groupsStringCollection of group identifiers

Command Example

!checkpoint-host-add name=test_host_1 ip_address=18.18.18.18 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"Host": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": [],
"ipv4-address": "18.18.18.18",
"ipv6-address": null,
"last-modifier": "adminsh",
"name": "test_host_1",
"read-only": true,
"type": "host",
"uid": "7290f66a-fdd4-40fb-a639-774e3f387113"
}
}
}

Human Readable Output

CheckPoint data for adding host:

nameuidtypedomain-namedomain-uidcreatorlast-modifieripv4-addressread-only
test_host_17290f66a-fdd4-40fb-a639-774e3f387113hostSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshadminsh18.18.18.18true

checkpoint-host-update


update host changes

Base Command

checkpoint-host-update

Input

Argument NameDescriptionRequired
identifierObject unique identifier or nameRequired
ip_addressIPv4 or IPv6 address.Optional
new_nameNew name of the object.Optional
commentsComments string.Optional
ignore_warningsApply changes ignoring warnings.Optional
ignore_errorsApply changes ignoring errors. You won't be able to publish such a changes.
If ignore-warnings flag was omitted - warnings will also be ignored.
Optional
groupsCollection of group identifiers.Optional
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.Host.nameStringobject name
CheckPoint.Host.uidStringobject uid
CheckPoint.Host.typeStringobject type
CheckPoint.Host.domain-nameStringdomain name
CheckPoint.Host.domain-uidStringdomain uid
CheckPoint.Host.domain-typeStringdomain type
CheckPoint.Host.creatorStringindicates the creator of the object
CheckPoint.Host.last-modifierStringindicates the last user modified the object
CheckPoint.Host.ipv4-addressStringIP address
CheckPoint.Host.read-onlyBooleanIP address
CheckPoint.Host.group-nameStringGroup object name linked to the host.
CheckPoint.Host.group-uidStringGroup object name linked to the host

Command Example

!checkpoint-host-update identifier=host_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"Host": {
"comments": "",
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"ipv4-address": "1.1.1.1",
"last-modifier": "adminsh",
"name": "host_test",
"read-only": false,
"type": "host",
"uid": "11c194c4-db5f-46de-a9e2-95b8e858b98f"
}
}
}

Human Readable Output

CheckPoint data for updating a host:

nameuidtypedomain-namedomain-uidcreatoripv4-addresslast-modifierread-only
host_test11c194c4-db5f-46de-a9e2-95b8e858b98fhostSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminsh1.1.1.1adminshfalse

checkpoint-host-delete


delete host

Base Command

checkpoint-host-delete

Input

Argument NameDescriptionRequired
identifieruid or name.Required
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.Host.messageStringoperation status

Command Example

!checkpoint-host-delete identifier=host_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"Host": {
"message": "OK"
}
}
}

Human Readable Output

CheckPoint data for deleting host_test:

message
OK

checkpoint-group-list


Show a list of all groups

Base Command

checkpoint-group-list

Input

Argument NameDescriptionRequired
limitThe maximal number of returned results.Optional
offsetNumber of the results to initially skip.Optional
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.Group.nameStringobject's name
CheckPoint.Group.uidStringobject's uid
CheckPoint.Group.typeStringType of the object

Command Example

!checkpoint-group-list limit=5

Context Example

{
"CheckPoint": {
"Group": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "bensar",
"read-only": null,
"type": "group",
"uid": "fe26adc1-c0e1-4424-9a9e-f74f511a7f28"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "group10",
"read-only": null,
"type": "group",
"uid": "cf069504-5ea5-4eb2-9b97-ccdc500db118"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "group9",
"read-only": null,
"type": "group",
"uid": "c4635886-15c9-4416-8160-5c70d68462cd"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "group_test",
"read-only": null,
"type": "group",
"uid": "35a46b01-47f5-496f-9329-d55c7d2ab083"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "Group_test_for_demisto",
"read-only": null,
"type": "group",
"uid": "1deaead0-136c-4791-8d58-9229c143b8c5"
}
]
}
}

Human Readable Output

CheckPoint data for all groups:

nameuidtype
bensarfe26adc1-c0e1-4424-9a9e-f74f511a7f28group
group10cf069504-5ea5-4eb2-9b97-ccdc500db118group
group9c4635886-15c9-4416-8160-5c70d68462cdgroup
group_test35a46b01-47f5-496f-9329-d55c7d2ab083group
Group_test_for_demisto1deaead0-136c-4791-8d58-9229c143b8c5group

checkpoint-group-get


Get all data of a given group

Base Command

checkpoint-group-get

Input

Argument NameDescriptionRequired
identifierobject uid or nameRequired
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.Group.nameStringobject name
CheckPoint.Group.uidStringobject uid
CheckPoint.Group.typeStringobject type
CheckPoint.Group.domain-nameStringdomain name
CheckPoint.Group.domain-uidStringdomain uid
CheckPoint.Group.domain-typeStringdomain type
CheckPoint.Group.creatorStringindicates the creator of the object
CheckPoint.Group.last-modifierStringindicates the last user modified the object
CheckPoint.Group.read-onlyBooleanindicates if the object is read only

Command Example

!checkpoint-group-get identifier=group_test

Context Example

{
"CheckPoint": {
"Group": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": [],
"ipv4-address": null,
"last-modifier": "adminsh",
"name": "group_test",
"read-only": false,
"type": "group",
"uid": "35a46b01-47f5-496f-9329-d55c7d2ab083"
}
}
}

Human Readable Output

CheckPoint for group_test group:

nameuidtypedomain-namedomain-uidread-onlycreatorlast-modifier
group_test35a46b01-47f5-496f-9329-d55c7d2ab083groupSMC User41e821a0-3720-11e3-aa6e-0800200c9fdefalseadminshadminsh

checkpoint-group-add


add a group

Base Command

checkpoint-group-add

Input

Argument NameDescriptionRequired
nameObject name. Must be unique in the domain.Required
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.Group.nameStringobject's name
CheckPoint.Group.uidStringobject uid
CheckPoint.Group.typeUnknownobject type
CheckPoint.Group.domain-nameStringdomain name
CheckPoint.Group.domain-uidStringdomain uid
CheckPoint.Group.domain-typeStringdomain type
CheckPoint.Group.creatorStringIndicates the object creator
CheckPoint.Group.last-modifierStringIndicates the last user modified the object
CheckPoint.Group.read-onlyBooleanIndicates whether the object is read-only
CheckPoint.Group.groups-nameUnknowngroups name

Command Example

!checkpoint-group-add name=test_group_1 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"Group": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"last-modifier": "adminsh",
"name": "test_group_1",
"type": "group",
"uid": "11e751da-a0e7-499a-bcde-5bc638c73fb5"
}
}
}

Human Readable Output

CheckPoint data for adding Group:

creatordomain-namedomain-uidlast-modifiernametypeuid
adminshSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshtest_group_1group11e751da-a0e7-499a-bcde-5bc638c73fb5

checkpoint-group-update


update group object

Base Command

checkpoint-group-update

Input

Argument NameDescriptionRequired
identifieruid or name.Required
new_nameNew name of the group objectOptional
commentsComments string.Optional
ignore_warningsApply changes ignoring warnings.Optional
ignore_errorsApply changes ignoring errors.Optional
session_idExecute command with a specific session IDRequired
membersCollection of Network objects identified by the name or UID.Optional

Context Output

PathTypeDescription
CheckPoint.Group.nameStringobject name
CheckPoint.Group.uidStringobject uid
CheckPoint.Group.typeStringobject type
CheckPoint.Group.domain-nameStringdomain name
CheckPoint.Group.domain-uidStringdomain uid
CheckPoint.Group.domain-typeStringdomain type
CheckPoint.Group.creatorStringIndicates the creator of the object
CheckPoint.Group.last-modifierStringIndicates the lasr user modified the object
CheckPoint.Group.read-onlyBooleanIndicates if the object is read only

Command Example

!checkpoint-group-update identifier=group_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"Group": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"last-modifier": "adminsh",
"name": "group_test",
"read-only": false,
"type": "group",
"uid": "35a46b01-47f5-496f-9329-d55c7d2ab083"
}
}
}

Human Readable Output

CheckPoint data for updating a group:

nameuidtypedomain-namedomain-uidcreatorlast-modifierread-only
group_test35a46b01-47f5-496f-9329-d55c7d2ab083groupSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshadminshfalse

checkpoint-group-delete


delete a group object

Base Command

checkpoint-group-delete

Input

Argument NameDescriptionRequired
identifierobject name or uidRequired
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.Group.messageStringOperation massege

Command Example

!checkpoint-group-delete identifier=group_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"Group": {
"message": "OK"
}
}
}

Human Readable Output

CheckPoint data for deleting group_test:

message
OK

checkpoint-address-range-list


List all address range objects

Base Command

checkpoint-address-range-list

Input

Argument NameDescriptionRequired
limitThe maximal number of returned results.Optional
offsetNumber of the results to initially skip.Optional
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.AddressRange.nameStringObject's name
CheckPoint.AddressRange.uidStringObject's uid
CheckPoint.AddressRange.typeStringType of the object.

Command Example

!checkpoint-address-range-list limit=5

Context Example

{
"CheckPoint": {
"AddressRange": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "address_range_1",
"read-only": null,
"type": "address-range",
"uid": "d4543195-8744-4592-906e-1cdcd534a564"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "address_range_test",
"read-only": null,
"type": "address-range",
"uid": "26887214-d639-4acd-ab48-508d900cdfc2"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "address_range_test_1",
"read-only": null,
"type": "address-range",
"uid": "46800cfe-e3ff-4101-867c-27772ade9d72"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "All_Internet",
"read-only": null,
"type": "address-range",
"uid": "f90e0a2b-f166-427a-b47f-a107b6fe43b9"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "LocalMachine_Loopback",
"read-only": null,
"type": "address-range",
"uid": "5d3b2752-4072-41e1-9aa0-488813b02a40"
}
]
}
}

Human Readable Output

CheckPoint data for all address ranges:

nameuidtype
address_range_1d4543195-8744-4592-906e-1cdcd534a564address-range
address_range_test26887214-d639-4acd-ab48-508d900cdfc2address-range
address_range_test_146800cfe-e3ff-4101-867c-27772ade9d72address-range
All_Internetf90e0a2b-f166-427a-b47f-a107b6fe43b9address-range
LocalMachine_Loopback5d3b2752-4072-41e1-9aa0-488813b02a40address-range

checkpoint-address-range-add


Add address range object

Base Command

checkpoint-address-range-add

Input

Argument NameDescriptionRequired
nameobject nameRequired
ip_address_firstFirst IP address in the range.Required
ip_address_lastLast IP address in the range.Required
set_if_existsIf another object with the same identifier already exists, it will be updated.Optional
ignore_warningsApply changes ignoring warnings.Optional
ignore_errorsApply changes ignoring errors.Optional
session_idExecute command with a specific session IDRequired
groupsCollection of group identifiers.Optional

Context Output

PathTypeDescription
CheckPoint.AddressRange.nameStringobject name
CheckPoint.AddressRange.uidStringobject uid
CheckPoint.AddressRange.typeStringobject type
CheckPoint.AddressRange.domain-nameStringdomain name
CheckPoint.AddressRange.domain-uidStringdomain uid
CheckPoint.AddressRange.domain-typeStringdomain type
CheckPoint.AddressRange.ipv4-address-firstStringFirst IPv4 address in the range
CheckPoint.AddressRange.ipv4-address-lastStringLast IPv4 address in the range
CheckPoint.AddressRange.ipv6-address-firstStringFirst IPv4 address in the range
CheckPoint.AddressRange.ipv6-address-lastStringLast IPv6 address in the range
CheckPoint.AddressRange.read-onlyBooleanIndicates whether the object is read-only.
CheckPoint.AddressRange.creatorStringIndicates the creator of the object
CheckPoint.AddressRange.last-modifierStringIndicates the last user modified the object
CheckPoint.AddressRange.groupsStringName of the group object

Command Example

!checkpoint-address-range-add name=address_range_test_2 ip_address_first=8.8.8.8 ip_address_last=9.9.9.9 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"AddressRange": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"ipv4-address-first": "8.8.8.8",
"ipv4-address-last": "9.9.9.9",
"ipv6-address-first": "",
"ipv6-address-last": "",
"last-modifier": "adminsh",
"name": "address_range_test_2",
"read-only": true,
"type": "address-range",
"uid": "4fb8174d-89db-42f8-88b8-525c8fe818be"
}
}
}

Human Readable Output

CheckPoint data for adding an address range:

nameuidtypedomain-namedomain-uidcreatoripv4-address-firstipv4-address-lastlast-modifierread-only
address_range_test_24fb8174d-89db-42f8-88b8-525c8fe818beaddress-rangeSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminsh8.8.8.89.9.9.9adminshtrue

checkpoint-address-range-update


Update an address range object

Base Command

checkpoint-address-range-update

Input

Argument NameDescriptionRequired
identifieruid or name.Required
ip_address_firstFirst IP address in the range. IPv4 or IPv6 address.Optional
ip_address_lastLast IP address in the range. IPv4 or IPv6 address.Optional
new_nameNew name of the object.Optional
commentsComments string.Optional
ignore_warningsApply changes ignoring warnings.Optional
ignore_errorsApply changes ignoring errors.Optional
groupsCollection of group identifiers.Optional
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.AddressRange.nameStringobject name
CheckPoint.AddressRange.uidStringobject uid
CheckPoint.AddressRange.typeStringobject type
CheckPoint.AddressRange.domain-nameStringdomain name
CheckPoint.AddressRange.domain-uidStringdomain uid
CheckPoint.AddressRange.domain-typeStringdomain type
CheckPoint.AddressRange.ipv4-address-firstStringFirst IPv4 address in the range
CheckPoint.AddressRange.ipv4-address-lastStringLast IPv4 address in the range
CheckPoint.AddressRange.ipv6-address-firstStringFirst IPv4 address in the range
CheckPoint.AddressRange.ipv6-address-lastStringLast IPv6 address in the range
CheckPoint.AddressRange.read-onlyBooleanIndicates whether the object is read-only.
CheckPoint.AddressRange.groupsStringList of all groups the address range is linked to

Command Example

!checkpoint-address-range-update identifier=address_range_test layer=Network session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"AddressRange": {
"comments": "",
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"ipv4-address": null,
"last-modifier": "adminsh",
"name": "address_range_test",
"read-only": false,
"type": "address-range",
"uid": "26887214-d639-4acd-ab48-508d900cdfc2"
}
}
}

Human Readable Output

CheckPoint data for updating an address range:

nameuidtypedomain-namedomain-uidcreatorlast-modifierread-only
address_range_test26887214-d639-4acd-ab48-508d900cdfc2address-rangeSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshadminshfalse

checkpoint-address-range-delete


Delete a given address range

Base Command

checkpoint-address-range-delete

Input

Argument NameDescriptionRequired
identifierobject name or uidRequired
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.AddressRange.messageStringOperation status

Command Example

!checkpoint-address-range-delete identifier=address_range_test session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"AddressRange": {
"message": "OK"
}
}
}

Human Readable Output

CheckPoint data for deleting address range:

message
OK

checkpoint-threat-indicator-list


List all threat indicators

Base Command

checkpoint-threat-indicator-list

Input

Argument NameDescriptionRequired
limitThe maximal number of returned results.Optional
offsetSkip that many results before beginning to return them.Optional
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.ThreatIndicator.nameStringobject name
CheckPoint.ThreatIndicator.uidStringobject uid
CheckPoint.ThreatIndicator.typeStringobject type

Command Example

!checkpoint-threat-indicator-list limit=5

Context Example

{
"CheckPoint": {
"ThreatIndicator": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "My_Indicator!",
"read-only": null,
"type": "threat-indicator",
"uid": "a40ec97c-e286-474b-bff7-b922e3b3294d"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "test_indicator",
"read-only": null,
"type": "threat-indicator",
"uid": "3e6a22c0-0416-4a2d-b7c0-f81df12916e1"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "threat_test_1",
"read-only": null,
"type": "threat-indicator",
"uid": "88e502f1-2bd5-4ad4-ba6b-dbbb2fef8260"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "threat_test_2",
"read-only": null,
"type": "threat-indicator",
"uid": "f34c89f1-b18f-4cf2-b2bb-672462178b9d"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "threat_test_3",
"read-only": null,
"type": "threat-indicator",
"uid": "ee17772c-94aa-4e42-93e4-f0ba49de339b"
}
]
}
}

Human Readable Output

CheckPoint data for all threat indicators:

nameuidtype
My_Indicator!a40ec97c-e286-474b-bff7-b922e3b3294dthreat-indicator
test_indicator3e6a22c0-0416-4a2d-b7c0-f81df12916e1threat-indicator
threat_test_188e502f1-2bd5-4ad4-ba6b-dbbb2fef8260threat-indicator
threat_test_2f34c89f1-b18f-4cf2-b2bb-672462178b9dthreat-indicator
threat_test_3ee17772c-94aa-4e42-93e4-f0ba49de339bthreat-indicator

checkpoint-threat-indicator-get


Get data for a given list indicator

Base Command

checkpoint-threat-indicator-get

Input

Argument NameDescriptionRequired
identifierobject uid or nameRequired
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.ThreatIndicator.nameStringobject name
CheckPoint.ThreatIndicator.uidStringobject uid
CheckPoint.ThreatIndicator.typeStringobject type
CheckPoint.ThreatIndicator.domain-nameStringDomain name
CheckPoint.ThreatIndicator.domain-uidStringobject uid
CheckPoint.ThreatIndicator.domain-typeUnknowndomain type
CheckPoint.ThreatIndicator.creatorStringcreator
CheckPoint.ThreatIndicator.last-modifierStringIndicates the last user modified the object
CheckPoint.ThreatIndicator.read-onlyBooleanIndicates whether the object is read-only.

Command Example

!checkpoint-threat-indicator-get identifier=threat_test_1

Context Example

{
"CheckPoint": {
"ThreatIndicator": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": null,
"ipv4-address": null,
"last-modifier": "adminsh",
"name": "threat_test_1",
"number-of-observables": 1,
"read-only": false,
"type": "threat-indicator",
"uid": "88e502f1-2bd5-4ad4-ba6b-dbbb2fef8260"
}
}
}

Human Readable Output

CheckPoint data for threat_test_1 threat indicator:

nameuidtypedomain-namedomain-uidread-onlycreatorlast-modifiernumber-of-observables
threat_test_188e502f1-2bd5-4ad4-ba6b-dbbb2fef8260threat-indicatorSMC User41e821a0-3720-11e3-aa6e-0800200c9fdefalseadminshadminsh1

checkpoint-threat-indicator-add


Add a threat indicator

Base Command

checkpoint-threat-indicator-add

Input

Argument NameDescriptionRequired
namethreat indicator nameRequired
observablesThe indicator's observable or the contents of a file containing the indicator's observables.Required
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.ThreatIndicator.task-idStringAsynchronous task unique identifier.

Command Example

!checkpoint-threat-indicator-add name=threat_test2 observables=[] session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"ThreatIndicator": {
'task-id': 'c3b11fff-c58d-4242-af44-f549c40b0af5'
}
}
}

Human Readable Output

checkpoint-threat-indicator-update


Update a given indicator

Base Command

checkpoint-threat-indicator-update

Input

Argument NameDescriptionRequired
identifieruid or name.Required
actionthe action to set.Optional
new_nameNew name of the object.Optional
commentsComments string.Optional
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.ThreatIndicator.nameStringobject name
CheckPoint.ThreatIndicator.uidStringobject uid
CheckPoint.ThreatIndicator.typeStringobject type
CheckPoint.ThreatIndicator.actionStringThe indicator's action.
CheckPoint.ThreatIndicator.domain-nameStringdomain name
CheckPoint.ThreatIndicator.domain-uidStringdomain uid
CheckPoint.ThreatIndicator.domain-typeStringdomain type
CheckPoint.ThreatIndicator.creatorStringIndicates the creator of the object
CheckPoint.ThreatIndicator.last-modifierStringIndicates the last user modified the object
CheckPoint.ThreatIndicator.read-onlyBooleanIndicates whether the object is read-only.

Command Example

!checkpoint-threat-indicator-update identifier=threat_test_1 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"ThreatIndicator": {
"comments": "",
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"ipv4-address": null,
"last-modifier": "adminsh",
"name": "threat_test_1",
"read-only": false,
"type": "threat-indicator",
"uid": "88e502f1-2bd5-4ad4-ba6b-dbbb2fef8260"
}
}
}

Human Readable Output

CheckPoint data for update threat_test_1 threat indicator

nameuidtypedomain-namedomain-uidcreatorlast-modifierread-only
threat_test_188e502f1-2bd5-4ad4-ba6b-dbbb2fef8260threat-indicatorSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshadminshfalse

checkpoint-address-range-get


Get all date of a given address range object

Base Command

checkpoint-address-range-get

Input

Argument NameDescriptionRequired
identifieruid or name objectRequired
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.AddressRange.nameStringobject name
CheckPoint.AddressRange.uidStringobject uid
CheckPoint.AddressRange.typeStringobject type
CheckPoint.AddressRange.domain-nameStringdomain name
CheckPoint.AddressRange.domain-uidStringdomain uid
CheckPoint.AddressRange.domain-typeStringdomain type
CheckPoint.AddressRange.groups-nameStringGroup object name linked to current host object
CheckPoint.AddressRange.groups-uidStringGroup object uid linked to current host object

Command Example

!checkpoint-address-range-get identifier=address_range_test

Context Example

{
"CheckPoint": {
"AddressRange": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": [],
"ipv4-address": null,
"last-modifier": "adminsh",
"name": "address_range_test",
"read-only": false,
"type": "address-range",
"uid": "26887214-d639-4acd-ab48-508d900cdfc2"
}
}
}

Human Readable Output

CheckPoint data for address_range_test address range:

nameuidtypedomain-namedomain-uidread-onlycreatorlast-modifier
address_range_test26887214-d639-4acd-ab48-508d900cdfc2address-rangeSMC User41e821a0-3720-11e3-aa6e-0800200c9fdefalseadminshadminsh

checkpoint-threat-indicator-delete


delete threat indicator

Base Command

checkpoint-threat-indicator-delete

Input

Argument NameDescriptionRequired
identifierobject name or uidRequired
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.ThreatIndicator.messageStringOperation status

Command Example

!checkpoint-threat-indicator-delete identifier=threat_test_1 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"ThreatIndicator": {
"message": "OK"
}
}
}

Human Readable Output

CheckPoint status for deleting threat_test_1threat indicator:

message
OK

checkpoint-access-rule-list


Shows the entire Access Rules layer. This layer is divided into sections. An Access Rule may be within a section, or independent of a section.

Base Command

checkpoint-access-rule-list

Input

Argument NameDescriptionRequired
identifierobject name or uidRequired
limitThe maximal number of returned results.Optional
offsetNumber of the results to initially skip.Optional
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.AccessRule.nameStringobject name
CheckPoint.AccessRule.uidStringobject uid

Command Example

!checkpoint-access-rule-list identifier=Network limit=5

Context Example

{
"CheckPoint": {
"AccessRule": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": null,
"read-only": null,
"type": "access-rule",
"uid": "6521b7b9-d340-44ec-a104-17d5ea669bc0"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": null,
"read-only": null,
"type": "access-rule",
"uid": "bb6016e3-36e8-4214-b17f-89623160dd10"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "test_access_rule_8",
"read-only": null,
"type": "access-rule",
"uid": "0c71cc44-a5ad-43cd-9af0-79e5f153f62f"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "None",
"read-only": null,
"type": "access-rule",
"uid": "c44add02-0f02-4b29-8ab3-d5ac687d31f7"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "est_access_rule",
"read-only": null,
"type": "access-rule",
"uid": "e5bc5918-7155-493e-89ce-5562586d3acc"
}
]
}
}

Human Readable Output

CheckPoint data for all access rule bases:

nameuidtype
6521b7b9-d340-44ec-a104-17d5ea669bc0access-rule
bb6016e3-36e8-4214-b17f-89623160dd10access-rule
test_access_rule_80c71cc44-a5ad-43cd-9af0-79e5f153f62faccess-rule
Nonec44add02-0f02-4b29-8ab3-d5ac687d31f7access-rule
est_access_rulee5bc5918-7155-493e-89ce-5562586d3accaccess-rule

checkpoint-access-rule-add


Create new access rule

Base Command

checkpoint-access-rule-add

Input

Argument NameDescriptionRequired
layerLayer that the rule belongs to identified by the name or UID.Required
positionPosition in the rulebase.Required
nameRule name.Optional
actionAction settings. valid values are: Accept, Drop, Apply Layer, Ask and Info. default value is Drop.Optional
vpnCommunities or Directional. Valid values: Any, All_GwToGw.Optional
destinationCollection of Network objects identified by the name or UID.Optional
serviceCollection of Network objects identified by the name or UID.Optional
sourceCollection of Network objects identified by the name or UID.Optional
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.AccessRule.nameStringobject name
CheckPoint.AccessRule.uidStringobject uid
CheckPoint.AccessRule.typeStringobject type
CheckPoint.AccessRule.domain-nameStringdomain name
CheckPoint.AccessRule.domain-uidStringdomain uid
CheckPoint.AccessRule.domain-typeStringdomain type
CheckPoint.AccessRule.enabledBooleanEnable/Disable the rule.
CheckPoint.AccessRule.layerStringLayer that the rule belongs to identified by the name or UID.
CheckPoint.AccessRule.creatorStringIndicated the object creator
CheckPoint.AccessRule.last-modifierStringIndicates the last user modofied the object

Command Example

!checkpoint-access-rule-add name=test_access_rule layer=Network position=top session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"AccessRule": {
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"enabled": true,
"last-modifier": "adminsh",
"layer": "c0264a80-1832-4fce-8a90-d0849dc4ba33",
"name": "test_access_rule",
"type": "access-rule",
"uid": "a9f00b65-bb3b-4548-b06a-6c5672df6c8b"
}
}
}

Human Readable Output

CheckPoint data for adding access rule:

nameuidtypedomain-namedomain-uidenabledlayercreatorlast-modifier
test_access_rulea9f00b65-bb3b-4548-b06a-6c5672df6c8baccess-ruleSMC User41e821a0-3720-11e3-aa6e-0800200c9fdetruec0264a80-1832-4fce-8a90-d0849dc4ba33adminshadminsh

checkpoint-access-rule-update


Edit existing access rule using object name or uid.

Base Command

checkpoint-access-rule-update

Input

Argument NameDescriptionRequired
identifierobject name or uid, OR rule numberRequired
layerLayer that the rule belongs to identified by the name or UID.Required
actionaction to be taken on the ruleOptional
enabledEnable/Disable the rule.Optional
new_nameNew name of the object.Optional
new_positionNew position in the rulebase. Value can be int to set specific position, ot str- 'top' or 'bottom'Optional
ignore_warningsApply changes ignoring warnings.Optional
ignore_errorsApply changes ignoring errorsOptional
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.AccessRule.nameStringobject name
CheckPoint.AccessRule.uidStringobject uid
CheckPoint.AccessRule.typeStringobject type
CheckPoint.AccessRule.action-nameStringaction name
CheckPoint.AccessRule.action-uidStringaction uid
CheckPoint.AccessRule.action-typeUnknownaction type
CheckPoint.AccessRule.action-domain-nameStringaction domain name
CheckPoint.AccessRule.content-directionStringOn which direction the file types processing is applied.
CheckPoint.AccessRule.domain-nameStringdomain name
CheckPoint.AccessRule.domain-uidStringdomain uid
CheckPoint.AccessRule.domain-typeStringdomain type
CheckPoint.AccessRule.enabledBooleanEnable/Disable the rule.
CheckPoint.AccessRule.layerStringLayer that the rule belongs to identified by the name or UID.
CheckPoint.AccessRule.creatorStringIndicates the creator of the object
CheckPoint.AccessRule.last-modifierStringIndicates the last user modified the object

Command Example

!checkpoint-access-rule-update identifier=7867e584-0e68-42b4-ba18-2dd16cdbd436 layer=Network session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"AccessRule": {
"action-name": "Drop",
"action-type": "RulebaseAction",
"action-uid": "6c488338-8eec-4103-ad21-cd461ac2c473",
"content-direction": "any",
"creator": "adminsh",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"enabled": true,
"last-modifier": "adminsh",
"name": "None",
"type": "access-rule",
"uid": "7867e584-0e68-42b4-ba18-2dd16cdbd436"
}
}
}

Human Readable Output

CheckPoint data for updating an access rule:

nameuidtypedomain-namedomain-uidaction-nameaction-uidaction-typecontent-directioncreatorenabledlast-modifier
None7867e584-0e68-42b4-ba18-2dd16cdbd436access-ruleSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeDrop6c488338-8eec-4103-ad21-cd461ac2c473RulebaseActionanyadminshtrueadminsh

checkpoint-access-rule-delete


Delete access rule

Base Command

checkpoint-access-rule-delete

Input

Argument NameDescriptionRequired
identifieruid, name or rule-number.Required
layerLayer that the rule belongs to identified by the name or UID.Required
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.AccessRule.messageStringOperation status

Command Example

!checkpoint-access-rule-delete identifier=7867e584-0e68-42b4-ba18-2dd16cdbd436 layer=Network session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"AccessRule": {
"message": "OK"
}
}
}

Human Readable Output

CheckPoint data for deleting access rule range: 7867e584-0e68-42b4-ba18-2dd16cdbd436

message
OK

checkpoint-application-site-list


Retrieve all objects.

Base Command

checkpoint-application-site-list

Input

Argument NameDescriptionRequired
limitThe maximal number of returned results.Optional
offsetNumber of the results to initially skipOptional
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.ApplicationSite.nameStringobjects name
CheckPoint.ApplicationSite.uidStringobjects uid
CheckPoint.ApplicationSite.typeStringobjects type

Command Example

!checkpoint-application-site-list limit=5

Context Example

{
"CheckPoint": {
"ApplicationSite": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "#hashtags",
"read-only": null,
"type": "application-site",
"uid": "00fa9e3c-36ef-0f65-e053-08241dc22da2"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "050 Plus",
"read-only": null,
"type": "application-site",
"uid": "00fa9e44-4035-0f65-e053-08241dc22da2"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "0test_application_site_10",
"read-only": null,
"type": "application-site",
"uid": "446cff2c-7e1f-4dbc-a943-66740e890d67"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "1000keyboards",
"read-only": null,
"type": "application-site",
"uid": "00fa9e3d-a077-0f65-e053-08241dc22da2"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "1000memories",
"read-only": null,
"type": "application-site",
"uid": "00fa9e43-56d7-0f65-e053-08241dc22da2"
}
]
}
}

Human Readable Output

CheckPoint data for all access rule bases:

nameuidtype
#hashtags00fa9e3c-36ef-0f65-e053-08241dc22da2application-site
050 Plus00fa9e44-4035-0f65-e053-08241dc22da2application-site
0test_application_site_10446cff2c-7e1f-4dbc-a943-66740e890d67application-site
1000keyboards00fa9e3d-a077-0f65-e053-08241dc22da2application-site
1000memories00fa9e43-56d7-0f65-e053-08241dc22da2application-site

checkpoint-application-site-add


Add application site

Base Command

checkpoint-application-site-add

Input

Argument NameDescriptionRequired
nameObject name. Must be unique in the domainRequired
primary_categoryEach application is assigned to one primary category based on its most defining aspectRequired
identifiercan be:
url-list(str): URLs that determine this particular application.
application-signature(str): Application signature generated by Signature Tool.
Required
session_idExecute command with a specific session IDRequired
groupsCollection of group identifiers.Optional

Context Output

PathTypeDescription
CheckPoint.ApplicationSite.nameStringobject name
CheckPoint.ApplicationSite.uidStringobject uid
CheckPoint.ApplicationSite.typeStringobject type
CheckPoint.ApplicationSite.application-idNumberapplication ID
CheckPoint.ApplicationSite.descriptionStringA description for the application.
CheckPoint.ApplicationSite.domain-nameStringdomain name
CheckPoint.ApplicationSite.domain-uidStringdomain uid
CheckPoint.ApplicationSite.domain-typeStringdomain name
CheckPoint.ApplicationSite.url-listStringURLs that determine this particular application.
CheckPoint.ApplicationSite.creatorStringIndicates the creator of the object
CheckPoint.ApplicationSite.last-modifierStringIndicates the last user modified this object
CheckPoint.ApplicationSite.groupsUnknownCollection of group identifiers

Command Example

!checkpoint-application-site-add name="test_application_site_1" primary_category="Test Category" identifier="qmasters.co" session_id="TEAK9kWnZ9Dhql9hYP5IR4aZEw1mrKdPjw3lRnxvp88"

Context Example

{
"CheckPoint": {
"ApplicationSite": {
'name': 'test_application_site_1',
'uid': '452f6cff-e7fb-47b8-abfe-53c668dc0038',
'type': 'application-site',
'domain-name': 'SMC User',
'domain-uid': '41e821a0-3720-11e3-aa6e-0800200c9fde',
'domain-type': None,
'creator': 'adminsh',
'last-modifier': 'adminsh',
'application-id': 0,
'description': '',
'url-list': [
'qmasters.co'
]
}
}

Human Readable Output

CheckPoint data for adding application site:

application-idcreatordomain-namedomain-uidlast-modifiernametypeuidurl-list
0adminshSMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshtest_application_site_1application-site452f6cff-e7fb-47b8-abfe-53c668dc0038qmasters.co

checkpoint-application-site-update


Edit existing application using object name or uid. It's impossible to set 'application-signature' when the application was initialized with 'url-list' and vice-verse.

Base Command

checkpoint-application-site-update

Input

Argument NameDescriptionRequired
identifieruid or name.Required
descriptionA description for the application.Optional
primary_categoryEach application is assigned to one primary category based on its most defining aspect.Optional
application_signatureApplication signature generated by Signature Tool.Optional
new_nameNew name of the object.Optional
urls_defined_as_regular_expressionStates whether the URL is defined as a Regular Expression or not.Optional
url_listURLs that determine this particular application. This will replace the current url collection.Optional
url_list_to_addAdds to collection of values.Optional
url_list_to_removeRemoves from collection of values.Optional
groupsCollection of group identifiers. Can be a single group or a list of groups.Optional
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.ApplicationSite.nameStringobject name
CheckPoint.ApplicationSite.uidStringobject uid
CheckPoint.ApplicationSite.typeStringobject ty[e
CheckPoint.ApplicationSite.application-idNumberapplication ID
CheckPoint.ApplicationSite.descriptionStringA description for the application.
CheckPoint.ApplicationSite.domain-nameStringdomain name
CheckPoint.ApplicationSite.domain-uidStringdomain uid
CheckPoint.ApplicationSite.domain-typeStringdomain type
CheckPoint.ApplicationSite.url-listStringURLs that determine this particular application.
CheckPoint.ApplicationSite.groupsStringCollection of group identifiers
CheckPoint.ApplicationSite.primary-categoryStringObjects primary category.

Command Example

!checkpoint-application-site-update identifier=test_application_site session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"ApplicationSite": {
"application-id": 1073741861,
"description": "",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": [],
"name": "test_application_site",
"primary-category": "Test Category",
"type": "application-site",
"uid": "ccc788d1-b798-4e5c-8530-a6c375853730",
"url-list": [
"qmasters.co"
]
}
}
}

Human Readable Output

CheckPoint data for updating an application site:

nameuidtypeapplication-idprimary-categoryurl-listdomain-namedomain-uid
test_application_siteccc788d1-b798-4e5c-8530-a6c375853730application-site1073741861Test Categoryqmasters.coSMC User41e821a0-3720-11e3-aa6e-0800200c9fde

checkpoint-application-site-delete


Delete existing application site object using object name or uid.

Base Command

checkpoint-application-site-delete

Input

Argument NameDescriptionRequired
identifieruid or name objectRequired
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.ApplicationSite.messageStringOperation status.

Command Example

!checkpoint-application-site-delete identifier=test_application_site session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"ApplicationSite": {
"message": "OK"
}
}
}

Human Readable Output

CheckPoint data for deleting application site : test_application_site

message
OK

checkpoint-publish


publish changes

Base Command

checkpoint-publish

Input

Argument NameDescriptionRequired
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.Publish.task-idStringTask id of the publish command.

Command Example

!checkpoint-publish session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"Publish": {
"task-id": "01234567-89ab-cdef-9338-e44df5384ac3"
}
}
}

Human Readable Output

CheckPoint data for publishing current session:

task-id
01234567-89ab-cdef-9338-e44df5384ac3

checkpoint-install-policy


Intsalling policy

Base Command

checkpoint-install-policy

Input

Argument NameDescriptionRequired
policy_packageThe name of the Policy Package to be installed.Required
targetsOn what targets to execute this command. Targets may be identified by their name, or object unique identifier.Required
accessSet to be true in order to install the Access Control policy.Optional
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.InstallPolicy.task-idStringOperation task ID.

Command Example

!checkpoint-install-policy policy_package=standard targets=test-gw session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"InstallPolicy": {
"task-id": "d461078b-cc1e-41b6-869b-096438673323"
}
}
}

Human Readable Output

CheckPoint data for installing policy:

task-id
d461078b-cc1e-41b6-869b-096438673323

checkpoint-verify-policy


Verifies the policy of the selected package.

Base Command

checkpoint-verify-policy

Input

Argument NameDescriptionRequired
policy_packageThe name of the Policy Package to be installed.Required
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.VerifyPolicy.task-idStringOperation task ID.

Command Example

!checkpoint-policy-verify policy_package=standard session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Human Readable Output

checkpoint-show-task


Show task progress and details.

Base Command

checkpoint-show-task

Input

Argument NameDescriptionRequired
task_idUnique identifier of one or more tasks.Required
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.ShowTask.task-idStringTask ID
CheckPoint.ShowTask.task-nameStringTask name
CheckPoint.ShowTask.statusStringTask status
CheckPoint.ShowTask.progress-percentageUnknownTask prograss in percentage
CheckPoint.ShowTask.suppressedBooleanIndicates if the task is suppressed

Command Example

!checkpoint-show-task task_id=01234567-89ab-cdef-997f-2e3e3b4b2541

Context Example

{
"CheckPoint": {
"ShowTask": {
"progress-percentage": 100,
"status": "succeeded",
"suppressed": false,
"task-id": "01234567-89ab-cdef-997f-2e3e3b4b2541",
"task-name": "Publish operation"
}
}
}

Human Readable Output

CheckPoint data for tasks:

task-nametask-idstatussuppressedprogress-percentage
Publish operation01234567-89ab-cdef-997f-2e3e3b4b2541succeededfalse100

checkpoint-login-and-get-session-id


Login to CheckPoint and get the session id

Base Command

checkpoint-login-and-get-session-id

Input

Argument NameDescriptionRequired
session_timeoutSession expiration timeout in seconds. Default 600 seconds. Session timeout range is between 600 to 3600 seconds.Optional

Context Output

PathTypeDescription
CheckPoint.Login.session-idStringSession ID

Command Example

!checkpoint-login-and-get-session-id

Context Example

{
"CheckPoint": {
"Login": {
"session-id": "LoUhF29pRkJsBiIWlMdBFy1LhHWXzE0VJT_lWpz4v0k"
}
}
}

Human Readable Output

CheckPoint session data:

session-id
LoUhF29pRkJsBiIWlMdBFy1LhHWXzE0VJT_lWpz4v0k

checkpoint-logout


Logout from a given session

Base Command

checkpoint-logout

Input

Argument NameDescriptionRequired
session_idSession ID to logout fromRequired

Context Output

There is no context output for this command.

Command Example

!checkpoint-logout session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{}

Human Readable Output

OK

checkpoint-packages-list


List all packages.

Base Command

checkpoint-packages-list

Input

Argument NameDescriptionRequired
limitThe maximal number of returned resultsOptional
offsetNumber of the results to initially skipOptional
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.Packages.nameStringName of the package
CheckPoint.Packages.uidStringUID of the package
CheckPoint.Packages.typeStringType of the package
CheckPoint.Packages.domain-nameStringDomain name
CheckPoint.Packages.domain-uidStringDomain uid
CheckPoint.Packages.domain-typeStringDomain type

Command Example

!checkpoint-packages-list session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"Packages": [
{
"name": "BenLayer",
"type": "package",
"uid": "9daac370-ad2d-4a21-a503-a312755aceaf"
},
{
"name": "Standard",
"type": "package",
"uid": "ca4e32a8-bee0-423c-84f0-19bab6751d5e"
}
]
}
}

Human Readable Output

CheckPoint data for all packages:

nameuidtype
BenLayer9daac370-ad2d-4a21-a503-a312755aceafpackage
Standardca4e32a8-bee0-423c-84f0-19bab6751d5epackage

checkpoint-gateways-list


Retrieve all gateways and servers

Base Command

checkpoint-gateways-list

Input

Argument NameDescriptionRequired
limitThe maximal number of returned resultsOptional
offsetNumber of the results to initially skipOptional
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.Gateways.nameStringGateway name
CheckPoint.Gateways.uidStringGateway uid
CheckPoint.Gateways.typeStringGateway type
CheckPoint.Gateways.versionStringGateway vesion
CheckPoint.Gateways.network-security-bladesStringGateway network security blades
CheckPoint.Gateways.management-bladesStringGateway management blades
CheckPoint.Gateways.domain-nameStringDomain name
CheckPoint.Gateways.domain-uidStringDomain UID
CheckPoint.Gateways.domain-typeStringDoamin type

Command Example

!checkpoint-gateways-list session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"Gateways": [
{
"management-blades": {
"logging-and-status": true,
"network-policy-management": true
},
"name": "gw-88a290",
"network-security-blades": {},
"type": "CpmiHostCkp",
"uid": "98bee60f-23ab-bf41-ba29-4c574b9d6f7c",
"version": "R80.30"
},
{
"management-blades": {},
"name": "test-gw",
"network-security-blades": {
"firewall": true
},
"type": "simple-gateway",
"uid": "3b83b6cb-d3cb-4596-8d90-ba9735d7d53c",
"version": "R80.30"
}
]
}
}

Human Readable Output

CheckPoint data for all gateways:

nameuidtypeversionnetwork-security-bladesmanagement-blades
gw-88a29098bee60f-23ab-bf41-ba29-4c574b9d6f7cCpmiHostCkpR80.30network-policy-management: true
logging-and-status: true
test-gw3b83b6cb-d3cb-4596-8d90-ba9735d7d53csimple-gatewayR80.30firewall: true

checkpoint-application-site-category-list


Retrieve all application site category.

Base Command

checkpoint-application-site-category-list

Input

Argument NameDescriptionRequired
limitThe maximal number of returned resultsOptional
offsetNumber of the results to initially skipOptional
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.ApplicationSiteCategory.nameStringName of the package
CheckPoint.ApplicationSiteCategory.uidStringUID of the package
CheckPoint.ApplicationSiteCategory.typeStringType of the package
CheckPoint.ApplicationSiteCategory.domain-nameStringDomain name
CheckPoint.ApplicationSiteCategory.domain-uidStringDomain uid
CheckPoint.ApplicationSiteCategory.domain-typeStringDomain type

Command Example

!checkpoint-application-site-category-list limit=5

Context Example

{
"CheckPoint": {
"ApplicationSiteCategory": [
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "0new_app_site_category",
"read-only": null,
"type": "application-site-category",
"uid": "d42e14e7-1c50-48d5-9412-2306dc8e5219"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "0new_category_1",
"read-only": null,
"type": "application-site-category",
"uid": "13e91cb3-1025-41a5-8203-89e28102f82f"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "0new_category_2",
"read-only": null,
"type": "application-site-category",
"uid": "f49849de-9132-479d-b73a-56696976c235"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "0new_category_3",
"read-only": null,
"type": "application-site-category",
"uid": "51ebf347-290f-4d8c-b99d-7aba73a5698c"
},
{
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "0new_category_4",
"read-only": null,
"type": "application-site-category",
"uid": "6b996605-099c-41fa-a4c6-1733ff895bac"
}
]
}
}

Human Readable Output

CheckPoint data for all application site category:

nameuidtype
0new_app_site_categoryd42e14e7-1c50-48d5-9412-2306dc8e5219application-site-category
0new_category_113e91cb3-1025-41a5-8203-89e28102f82fapplication-site-category
0new_category_2f49849de-9132-479d-b73a-56696976c235application-site-category
0new_category_351ebf347-290f-4d8c-b99d-7aba73a5698capplication-site-category
0new_category_46b996605-099c-41fa-a4c6-1733ff895bacapplication-site-category

checkpoint-application-site-category-add


Add new application site category

Base Command

checkpoint-application-site-category-add

Input

Argument NameDescriptionRequired
identifierObject name or uid. Must be unique in the domain.Required
groupsCollection of group identifiers.Optional
session_idExecute command with a specific session IDRequired

Context Output

PathTypeDescription
CheckPoint.ApplicationSiteCategory.nameStringobject name
CheckPoint.ApplicationSiteCategory.uidStringobject uid
CheckPoint.ApplicationSiteCategory.typeStringobject type
CheckPoint.ApplicationSiteCategory.descriptionStringA description for the application.
CheckPoint.ApplicationSiteCategory.domain-nameStringdomain name
CheckPoint.ApplicationSiteCategory.domain-uidStringdomain uid
CheckPoint.ApplicationSiteCategory.domain-typeStringdomain name
CheckPoint.ApplicationSiteCategory.creatorStringIndicates the creator of the object
CheckPoint.ApplicationSiteCategory.last-modifierStringIndicates the last user modified this object
CheckPoint.ApplicationSiteCategory.groupsUnknownCollection of group identifiers

Command Example

!checkpoint-application-site-category-add identifier=application_site_category_0101 session_id=GFcJQ9N-Zv8eG33qc4WQ7d4zmdsNvK_l3GcnOUqo8ew

Context Example

{
"CheckPoint": {
"ApplicationSite": {
"application-id": null,
"creator": "adminsh",
"description": "",
"domain-name": "SMC User",
"domain-type": null,
"domain-uid": "41e821a0-3720-11e3-aa6e-0800200c9fde",
"groups": [],
"last-modifier": "adminsh",
"name": "application_site_category_0101",
"type": "application-site-category",
"uid": "5fb2e946-7e9c-42db-8b0a-cf5056f427d8",
"url-list": null
}
}
}

Human Readable Output

CheckPoint data for adding application site category application_site_category_0101:

nameuidtypedomain-namedomain-uidcreatorlast-modifier
application_site_category_01015fb2e946-7e9c-42db-8b0a-cf5056f427d8application-site-categorySMC User41e821a0-3720-11e3-aa6e-0800200c9fdeadminshadminsh

checkpoint-application-site-category-get


Retrieve application site category object using object name or uid.

Base Command

checkpoint-application-site-category-get

Input

Argument NameDescriptionRequired
identifierapplication site category object name or UID.Required
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.ApplicationSiteCategory.nameUnknownhost name
CheckPoint.ApplicationSiteCategory.uidStringobject uid
CheckPoint.ApplicationSiteCategory.typeUnknownobject type
CheckPoint.ApplicationSiteCategory.domain-nameStringdomain name
CheckPoint.ApplicationSiteCategory.domain-uidStringdomain uid
CheckPoint.ApplicationSiteCategory.read-onlyBooleanindicates if the object is read only
CheckPoint.ApplicationSiteCategory.creatorStringindicates the creator of the object
CheckPoint.ApplicationSiteCategory.last-modifierStringindicates the last user modified the object

Command Example

!checkpoint-application-site-category-get identifier=Alcohol

Context Example

{
"CheckPoint": {
"ApplicationSiteCategory": {
"creator": "System",
"domain-name": "APPI Data",
"domain-type": null,
"domain-uid": "8bf4ac51-2df7-40e1-9bce-bedbedbedbed",
"groups": [],
"ipv4-address": null,
"last-modifier": "System",
"name": "Alcohol",
"read-only": false,
"type": "application-site-category",
"uid": "00fa9e44-409e-0f65-e053-08241dc22da2"
}
}
}

Human Readable Output

CheckPoint data for adding application site category:

nameuidtypedomain-namedomain-uidread-onlycreatorlast-modifier
Alcohol00fa9e44-409e-0f65-e053-08241dc22da2application-site-categoryAPPI Data8bf4ac51-2df7-40e1-9bce-bedbedbedbedfalseSystemSystem

checkpoint-show-objects


Retrieve data about objects.

Base Command

checkpoint-show-objects

Input

Argument NameDescriptionRequired
limitThe maximal number of returned results.Optional
offsetNumber of the results to initially skip.Optional
filter_searchSearch expression to filter objects by. The provided text should be exactly the same as it would be given in Smart Console. The logical operators in the expression ('AND', 'OR') should be provided in capital letters. By default, the search involves both a textual search and a IP search. To use IP search only, set the "ip-only" parameter to true.Optional
ip_onlyIf using "filter", use this field to search objects by their IP address only, without involving the textual search.Optional
object_typehe objects' type, e.g.: host, service-tcp, network, address-range. Default value is objectOptional
session_idExecute command with a specific session IDOptional

Context Output

PathTypeDescription
CheckPoint.Object.nameStringobject name
CheckPoint.Object.uidStringobject uid
CheckPoint.Object.typeStringobject type
CheckPoint.Object.ipv4StringIP-v4 address of a spesific object

Command Example

!checkpoint-show-objects limit=3 filter_search=1.2.3.4 ip_only=true

Context Example

{
"CheckPoint": {
"Objects": {
"creator": null,
"domain-name": null,
"domain-uid": null,
"groups": null,
"ipv4-address": null,
"last-modifier": null,
"name": "All_Internet",
"read-only": null,
"type": "address-range",
"uid": "f90e0a2b-f166-427a-b47f-a107b6fe43b9"
}
}
}

Human Readable Output

CheckPoint data for objects:

nameuidtype
All_Internetf90e0a2b-f166-427a-b47f-a107b6fe43b9address-range