Try SpotterGet objects objects facts on Checkpoint over Web Services API
| "added in version" 3.0.0 of check_point.mgmt"
Authors: Eden Brillant (@chkp-edenbr)
preview | supported by community
Install with ansible-galaxy collection install check_point.mgmt:==5.2.3
collections:
- name: check_point.mgmt
version: 5.2.3Get objects facts on Checkpoint devices.
All operations are performed over Web Services API.
This module handles both operations, get a specific object and get several objects, For getting a specific object use the parameter 'name'.
- name: show-objects
cp_mgmt_objects_facts:
limit: 50
offset: 0
order:
- ASC: name
type: group
- name: show-object
cp_mgmt_objects_facts:
uid: ef82887c-d08f-49a3-a18f-a376be633848
uid:
description:
- Object unique identifier.
type: str
type:
description:
- The objects' type, e.g., host, service-tcp, network, address-range...
type: str
uids:
description:
- List of UIDs of the objects to retrieve.
elements: str
type: list
limit:
description:
- The maximal number of returned results. This parameter is relevant only for getting
a specific object.
type: int
order:
description:
- Sorts the results by search criteria. Automatically sorts the results by Name, in
the ascending order. This parameter is relevant only for getting a specific object.
elements: dict
suboptions:
ASC:
choices:
- name
description:
- Sorts results by the given field in ascending order.
type: str
DESC:
choices:
- name
description:
- Sorts results by the given field in descending order.
type: str
type: list
filter:
description:
- Search expression to filter objects by. The provided text should be exactly the
same as it would be given in Smart Console. The logical operators in the expression
('AND', 'OR') should be provided in capital letters. By default, the search involves
both a textual search and a IP search. To use IP search only, set the "ip-only"
parameter to true.
type: str
offset:
description:
- Number of the results to initially skip. This parameter is relevant only for getting
a specific object.
type: int
ip_only:
description:
- If using "filter", use this field to search objects by their IP address only, without
involving the textual search.<br><br>IP search use cases<br>
<ul><li>Full IPv4 address matches for,<br>
- Hosts, Check Point Hosts and Gateways with exact IPv4 match or with interfaces
which subnet contains the search address<br>
- IPv4 Networks and IPv4 Address Ranges that contain the search address</li> <br>
<li>Partial IPv4 address matches for,<br>
- Hosts, Networks, Check Point Hosts and Gateways with IPv4 address that starts
from the search address<br> - Hosts,
Check Point Hosts and Gateways with interfaces which subnet address starts from
the search address<br> - IPv4 Address
Ranges with first address or last address that starts from the search address<br>
- IPv4 Networks and IPv4 Address Ranges that contain the network derived from the
search address supplemented with missing octets (all zeroes)<br>
- Hosts, Check Point Hosts and Gateways with interfaces which subnet contains the
network derived from the search address supplemented with missing octets (all zeroes)</li><br>
<li>IPv6 address,<br> - Not supported</li></ul><br><br>
* Check Point Host is a server of type Network Policy Management, Logging & Status,
SmartEvent, etc.<br> * When one IP address is checked to start from another (partial)
IP address - only full octets are considered <br> * Check Examples part for IP search
examples.
type: bool
version:
description:
- Version of checkpoint. If not given one, the latest version taken.
type: str
details_level:
choices:
- uid
- standard
- full
description:
- The level of detail for some of the fields in the response can vary from showing
only the UID value of the object to a fully detailed representation of the object.
type: str
show_membership:
description:
- Indicates whether to calculate and show "groups" field for every object in reply.
type: bool
domains_to_process:
description:
- Indicates which domains to process the commands on. It cannot be used with the details-level
full, must be run from the System Domain only and with ignore-warnings true. Valid
values are, CURRENT_DOMAIN, ALL_DOMAINS_ON_THIS_SERVER.
elements: str
type: list
dereference_group_members:
description:
- Indicates whether to dereference "members" field by details level for every object
in reply.
type: bool
ansible_facts: description: The checkpoint object facts. returned: always. type: dict