forked from shaniacht1/content
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathautomation-CheckpointFWBackupStatus.yml
86 lines (83 loc) · 3.51 KB
/
automation-CheckpointFWBackupStatus.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
args:
- default: true
description: List of devices to backup, comma separated
name: devices
required: true
- description: In seconds. If not provided, does not wait.
name: waittimeout
comment: Connect to a checkpoint firewall appliance using SSH and retrieve status
for backup tasks. The user account being used to access the device must be set to
use the SSH shell and not the built in Checkpoint CLI. Consult the Checkpoint documentation
for instructions on how to do this.
commonfields:
id: CheckpointFWBackupStatus
version: -1
dependson:
must:
- ssh
enabled: true
name: CheckpointFWBackupStatus
outputs:
- contextPath: CheckpointBackup.DeviceName
description: Name of backed-up device
- contextPath: CheckpointBackup.System
description: Backed up system
- contextPath: CheckpointBackup.Status
description: Status of the backup process
- contextPath: CheckpointBackup.Path
description: Path of backup file
runonce: false
script: |+
from re import escape
CLI_SHOW = 'show backup status'
BASH_SHOW = '/etc/cli.sh -c "' + CLI_SHOW + '"'
keepPolling = True
res = []
tbl = []
devices = demisto.get(demisto.args(), 'devices')
devicesBackupStarted = []
devicesBackupError = []
if not devices:
res.append({"Type": entryTypes["error"], "ContentsFormat": formats["text"], "Contents": "Received empty device list!"})
else:
devices = ','.join(devices) if isinstance(devices, list) else devices
sshArgs = {"using": devices,
"cmd": CLI_SHOW
}
while keepPolling:
resSSH = demisto.executeCommand("ssh", sshArgs)
try:
for entry in resSSH:
if isError(entry):
res += resSSH
break
else:
device = entry['ModuleName']
if demisto.get(entry, 'Contents.success'):
output = demisto.get(entry, 'Contents.output')
backFileLoc = output.find("Backup file location")
backFileLocEnd = output.find("Backup process finished")
result = 'Answer returned'
devicesBackupStarted.append({
'DeviceName' : device,
'System' : demisto.get(entry, 'Contents.system'),
'Status': ("Done" if output.find("local backup succeeded.") > -1 else "Pending"),
'Path': (output[backFileLoc+len("Backup file location: ") : backFileLocEnd-1] if backFileLoc > -1 else None)
})
else:
devicesBackupError.append(device)
output = "Output:\n" + str(demisto.get(entry, 'Contents.output')) + "Error:\n" + str(demisto.get(entry, 'Contents.error'))
result = 'Failed to query'
tbl.append({'DeviceName': device, 'System': demisto.get(entry, 'Contents.system'), 'Query result': result, 'Output': output })
except Exception as ex:
res.append({"Type": entryTypes["error"], "ContentsFormat": formats["text"],
"Contents": "Error occurred while parsing output from command. Exception info:\n" + str(ex) + "\n\nInvalid output:\n" + str(resSSH)})
keepPolling = False
demisto.setContext('CheckpointBackup', devicesBackupStarted)
res.append({"Type": entryTypes["note"], "ContentsFormat": formats["table"], "Contents": tbl})
demisto.results(res)
scripttarget: 0
system: true
tags:
- checkpoint
type: python