cpmiquerybin
Contents |
Usage
- cpmiquerybin <query_result_type> <database> <ta ble> <query> [-a <attributes_list>]
command | <query_result_type> | <database> | <t able> | <query> | [-a <attribute_list>] | description |
---|---|---|---|---|---|---|
cpmiquerybin | attr | "mdsdb" | row 1, col 4 | row 1, col 5 | row 1, col 6 | |
cpmiquerybin | row 2, col 2 | row 2, col 3 | row 2, col 4 | row 2, col 5 | row 2, col 6 | |
cpmiquerybin | row 3, col 2 | row 3, col 3 | row 3, col 4 | row 3, col 5 | row 3, col 6 | |
Total | 15.00 |
jumbled examples
cpmiquerybin attr "mdsdb" pv1_administrators "type='pv1_administrator'" -a __name__,auth_method,msp_perm
cpmiquerybin object "" network_objects "type='gateway'"|grep -E ":name|spoof"
cpmiquerybin object "mdsdb" pv1_administrators ""
cpmiquerybin attr "mdsdb" network_objects "management='true'" -a __name__,ipaddr
cpmiquerybin attr "mdsdb" pv1_administrators "type='pv1_administrator'" -a __name__,auth_method,msp_perm | awk '{ printf $1 ","; for (i=2; i<NF; i++) printf $i; printf ","; if ($NF==80000000) print "Provider-1 Superuser"; if ($NF==40000000) print "Customer Superuser"; if ($NF==20000000) print "Global Manageer"; if ($NF==10000000) print "Customer Manager"; if ($NF==00000000) print "None"; } '
get name of all objects of type cluster member
cpmiquerybin attr "" network_objects "type='cluster_member'" -a __name__
To get a list of names of all VALID cluster members from cluster object name
cpmiquerybin object "" network_objects "" |grep -A 12 cluster_members |grep Name | awk -F "(" '{printf $2}' | sed -e 's/)/|/g'
or
cpmiquerybin attr "" network_objects "name='KEBNC2SPB01_02_Cluster'" -a cluster_members
query all objects for an ip address
cpmiquerybin attr "" network_objects "ipaddr='192.168.1.2'" -a __name__,ipaddr
from cma env, list management/cma objects
# cpmiquerybin attr "" network_objects "management='true'" -a __name__,ipaddr
All members of a group
cpmiquerybin object "" network_objects "name='group_name_goes_here'" | grep ":Name"
All members of a group formatted
cpmiquerybin object "" network_objects "name='glb_IPBlock-12-69889'" | grep ":Name" | awk -F "(" '{print $2}' | sed -e 's/)//'
List services with 'Match for Any' ticked
cpmiquerybin attr "" services "include_in_any='true'" -a __name__
List log servers from CMA env (lists CMAs too usually)
cpmiquerybin attr "" network_objects "log_server='true'" -a __name__,ipaddr
MDS queries
list all MDSs
cpmiquerybin attr "mdsdb" mdss "" -a __name__
list primary MDS
cpmiquerybin attr "mdsdb" mdss "primary='true'" -a __name__
get IP for CLM name
cpmiquerybin attr "mdsdb" network_objects "name='clm_name_goes_here'" -a __name__,ipaddr
get CMA policy names
cpmiquerybin attr "" fw_policies "" -a __name__
Tables
queryable tables can be gleaned from tables.C cat tables.C |grep ": ("
Default Queries for mdsquerydb
mdsquerydb is utilizes cpmiquerybin. The table below defines all the queries it uses. It is included here as a reference for cpmiquerybin.
$MDSDIR/conf/queries.conf
# (c) Copyright 1993-2005 Check Point Software Technologies Ltd. # All rights reserved. # # This is proprietary information of Check Point Software Technologies # Ltd., which is provided for informational purposes only and for use # solely in conjunction with the authorized use of Check Point Software # Technologies Ltd. products. The viewing and use of this information is # subject, to the extent appropriate, to the terms and conditions of the # license agreement that authorizes the use of the relevant product. # # This configuration file is a part of Provider-1/SiteManager-1 Database Query Tool # # each line in queries.conf is: # $1 - query environment [ MDS | CMA | ANY ] # $2 - dbname # $3 - key # $4 - display format [ attr | object ] # $5 - tablename # $6 - query # $7 - fields to be printed # CMA "" NetworkObjects attr network_objects "" __name__,type # Get name and type of all network objects MDS "" GlobalNetworkObjects attr network_objects "" __name__,type # Get name and type of all global network objects MDS "mdsdb" NetworkObjects attr network_objects "" __name__,type # Get all customers' internal Check Point installed network objects MDS "mdsdb" Customers attr pv1_customers "" __name__ # Get names of all PV-1 Customers MDS "mdsdb" Administrators attr pv1_administrators "" __name__ # Get names of all PV-1 Administrators MDS "mdsdb" MDSs attr mdss "" __name__,ipaddr # Get names and IPs of all MDSs MDS "mdsdb" CMAs attr network_objects "management='true'" __name__ # Get names of all CMAs CMA "" Gateways attr network_objects "type='gateway'" __name__,ipaddr # Get names and IPs of all gateways MDS "mdsdb" GuiClients attr pv1_guiclients "" __name__,ipaddr # Get names and IPs of all gui clients CMA "" Status attr statuses "" __name__ CMA "" Policies object fw_policies ""