-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathautomation-CPCreateBackup.yml
71 lines (69 loc) · 2.98 KB
/
automation-CPCreateBackup.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
args:
- default: true
description: List of RemoteAccess instances of the checkpoint firewall appliances
to back up
name: devices
required: true
comment: Connect to a checkpoint firewall appliance using SSH and trigger a task to
create a configuration backup of the device. The user account being used to access
the device must be set to use the SSH shell and not the built in Checkpoint CLI.
Consult the Checkpoint documentation for instructions on how to do this.
commonfields:
id: CPCreateBackup
version: -1
dependson:
must:
- ssh
deprecated: true
enabled: true
name: CPCreateBackup
runonce: false
script: |-
CLI_ADD = "add backup local"
BASH_ADD = '/etc/cli.sh -c "' + CLI_ADD + '"'
res = []
tbl = []
devices = demisto.get(demisto.args(), 'devices')
devicesBackupStarted = []
devicesBackupError = []
if not devices:
res.append({"Type": entryTypes["error"], "ContentsFormat": formats["text"], "Contents": "Received empty device list!"})
else:
devices = ','.join(devices) if isinstance(devices, list) else devices
sshArgs = {"using": devices,
"cmd": BASH_ADD
}
resSSH = demisto.executeCommand("ssh", sshArgs)
try:
for entry in resSSH:
if isError(entry) and not demisto.get(entry, 'Contents.command'):
res += resSSH
break
else:
device = entry['ModuleName']
if demisto.get(entry, 'Contents.success'):
output = demisto.get(entry, 'Contents.output')
backFileLoc = output.find("Backup file location")
result = 'Answer returned'
devicesBackupStarted.append({
'DeviceName' : device,
'System' : demisto.get(entry, 'Contents.system'),
'Status': ("Done" if output.find("local backup succeeded.") > -1 else "Pending"),
'Path': (output[backFileLoc, :] if backFileLoc > -1 else None)
})
else:
devicesBackupError.append(device)
output = "Output:\n" + str(demisto.get(entry, 'Contents.output')) + "Error:\n" + str(demisto.get(entry, 'Contents.error'))
result = 'Failed to query'
tbl.append({'DeviceName': device, 'System': demisto.get(entry, 'Contents.system'), 'Query result': result, 'Output': output })
except Exception as ex:
res.append({"Type": entryTypes["error"], "ContentsFormat": formats["text"],
"Contents": "Error occurred while parsing output from command. Exception info:\n" + str(ex) + "\n\nInvalid output:\n" + str(resSSH)})
demisto.setContext('CheckpointBackup', devicesBackupStarted )
res.append({"Type": entryTypes["note"], "ContentsFormat": formats["table"], "Contents": tbl})
demisto.results(res)
scripttarget: 0
system: true
tags:
- checkpoint
type: python