diff --git a/plugins/doc_fragments/checkpoint_commands.py b/plugins/doc_fragments/checkpoint_commands.py
index 9c5afaf..19e13ff 100644
--- a/plugins/doc_fragments/checkpoint_commands.py
+++ b/plugins/doc_fragments/checkpoint_commands.py
@@ -17,6 +17,11 @@ class ModuleDocFragment(object):
- Wait for the task to end. Such as publish task.
type: bool
default: True
+ wait_for_task_timeout:
+ description:
+ - How many minutes to wait until throwing a timeout error.
+ type: int
+ default: 30
version:
description:
- Version of checkpoint. If not given one, the latest version taken.
diff --git a/plugins/doc_fragments/checkpoint_objects.py b/plugins/doc_fragments/checkpoint_objects.py
index ffe7a60..6df1f2f 100644
--- a/plugins/doc_fragments/checkpoint_objects.py
+++ b/plugins/doc_fragments/checkpoint_objects.py
@@ -30,6 +30,11 @@ class ModuleDocFragment(object):
- Wait for the task to end. Such as publish task.
type: bool
default: True
+ wait_for_task_timeout:
+ description:
+ - How many minutes to wait until throwing a timeout error.
+ type: int
+ default: 30
version:
description:
- Version of checkpoint. If not given one, the latest version taken.
diff --git a/plugins/module_utils/checkpoint.py b/plugins/module_utils/checkpoint.py
index 64c87af..a29562b 100644
--- a/plugins/module_utils/checkpoint.py
+++ b/plugins/module_utils/checkpoint.py
@@ -37,6 +37,7 @@
checkpoint_argument_spec_for_objects = dict(
auto_publish_session=dict(type='bool'),
wait_for_task=dict(type='bool', default=True),
+ wait_for_task_timeout=dict(type='int', default=30),
state=dict(type='str', choices=['present', 'absent'], default='present'),
version=dict(type='str')
)
@@ -47,6 +48,7 @@
checkpoint_argument_spec_for_commands = dict(
wait_for_task=dict(type='bool', default=True),
+ wait_for_task_timeout=dict(type='int', default=30),
version=dict(type='str')
)
@@ -70,6 +72,7 @@ def is_checkpoint_param(parameter):
if parameter == 'auto_publish_session' or \
parameter == 'state' or \
parameter == 'wait_for_task' or \
+ parameter == 'wait_for_task_timeout' or \
parameter == 'version':
return False
return True
@@ -101,8 +104,11 @@ def get_payload_from_parameters(params):
def wait_for_task(module, version, connection, task_id):
task_id_payload = {'task-id': task_id, 'details-level': 'full'}
task_complete = False
+ minutes_until_timeout = 30
+ if module.params['wait_for_task_timeout'] is not None and module.params['wait_for_task_timeout'] >= 0:
+ minutes_until_timeout = module.params['wait_for_task_timeout']
+ max_num_iterations = minutes_until_timeout * 30
current_iteration = 0
- max_num_iterations = 300
# As long as there is a task in progress
while not task_complete and current_iteration < max_num_iterations:
diff --git a/plugins/modules/cp_mgmt_set_session.py b/plugins/modules/cp_mgmt_set_session.py
new file mode 100644
index 0000000..c51a2f2
--- /dev/null
+++ b/plugins/modules/cp_mgmt_set_session.py
@@ -0,0 +1,122 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_set_session
+short_description: Edit user's current session.
+description:
+ - Edit user's current session.
+ - All operations are performed over Web Services API.
+version_added: "2.9"
+author: "Or Soffer (@chkp-orso)"
+options:
+ description:
+ description:
+ - Session description.
+ type: str
+ new_name:
+ description:
+ - New name of the object.
+ type: str
+ tags:
+ description:
+ - Collection of tag identifiers.
+ type: list
+ color:
+ description:
+ - Color of the object. Should be one of existing colors.
+ type: str
+ choices: ['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green', 'khaki', 'orchid', 'dark orange', 'dark sea green',
+ 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown', 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon',
+ 'coral', 'sea green', 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna', 'yellow']
+ comments:
+ description:
+ - Comments string.
+ type: str
+ details_level:
+ description:
+ - The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed
+ representation of the object.
+ type: str
+ choices: ['uid', 'standard', 'full']
+ ignore_warnings:
+ description:
+ - Apply changes ignoring warnings.
+ type: bool
+ ignore_errors:
+ description:
+ - Apply changes ignoring errors. You won't be able to publish such a changes. If ignore-warnings flag was omitted - warnings will also be ignored.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: set-session
+ cp_mgmt_set_session:
+ description: Session to work on ticket number CR00323665
+ state: present
+"""
+
+RETURN = """
+cp_mgmt_set_session:
+ description: The checkpoint set-session output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ description=dict(type='str'),
+ new_name=dict(type='str'),
+ tags=dict(type='list'),
+ color=dict(type='str', choices=['aquamarine', 'black', 'blue', 'crete blue', 'burlywood', 'cyan', 'dark green',
+ 'khaki', 'orchid', 'dark orange', 'dark sea green', 'pink', 'turquoise', 'dark blue', 'firebrick', 'brown',
+ 'forest green', 'gold', 'dark gold', 'gray', 'dark gray', 'light green', 'lemon chiffon', 'coral', 'sea green',
+ 'sky blue', 'magenta', 'purple', 'slate blue', 'violet red', 'navy blue', 'olive', 'orange', 'red', 'sienna',
+ 'yellow']),
+ comments=dict(type='str'),
+ details_level=dict(type='str', choices=['uid', 'standard', 'full']),
+ ignore_warnings=dict(type='bool'),
+ ignore_errors=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "set-session"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()
diff --git a/plugins/modules/cp_mgmt_show_logs.py b/plugins/modules/cp_mgmt_show_logs.py
new file mode 100644
index 0000000..09a3ccd
--- /dev/null
+++ b/plugins/modules/cp_mgmt_show_logs.py
@@ -0,0 +1,148 @@
+#!/usr/bin/python
+# -*- coding: utf-8 -*-
+#
+# Ansible module to manage CheckPoint Firewall (c) 2019
+#
+# Ansible is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+#
+# Ansible is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with Ansible. If not, see .
+#
+
+from __future__ import (absolute_import, division, print_function)
+
+__metaclass__ = type
+
+ANSIBLE_METADATA = {'metadata_version': '1.1',
+ 'status': ['preview'],
+ 'supported_by': 'community'}
+
+DOCUMENTATION = """
+---
+module: cp_mgmt_show_logs
+short_description: Showing logs according to the given filter.
+description:
+ - Showing logs according to the given filter.
+ - All operations are performed over Web Services API.
+version_added: "2.9"
+author: "Or Soffer (@chkp-orso)"
+options:
+ new_query:
+ description:
+ - Running a new query.
+ type: dict
+ suboptions:
+ filter:
+ description:
+ - The filter as entered in SmartConsole/SmartView.
+ type: str
+ time_frame:
+ description:
+ - Specify the time frame to query logs.
+ type: str
+ choices: ['last-7-days', 'last-hour', 'today', 'last-24-hours', 'yesterday', 'this-week', 'this-month', 'last-30-days', 'all-time', 'custom']
+ custom_start:
+ description:
+ - This option is only applicable when using the custom time-frame option.
+ type: str
+ custom_end:
+ description:
+ - This option is only applicable when using the custom time-frame option.
+ type: str
+ max_logs_per_request:
+ description:
+ - Limit the number of logs to be retrieved.
+ type: int
+ top:
+ description:
+ - Top results configuration.
+ type: dict
+ suboptions:
+ field:
+ description:
+ - The field on which the top command is executed.
+ type: str
+ choices: ['sources', 'destinations', 'services', 'actions', 'blades' , 'origins', 'users', 'applications']
+ count:
+ description:
+ - The number of results to retrieve.
+ type: int
+ type:
+ description:
+ - Type of logs to return.
+ type: str
+ choices: ['logs', 'audit']
+ log_servers:
+ description:
+ - List of IP's of logs servers to query.
+ type: list
+ query_id:
+ description:
+ - Get the next page of last run query with specified limit.
+ type: str
+ ignore_warnings:
+ description:
+ - Ignore warnings if exist.
+ type: bool
+extends_documentation_fragment: check_point.mgmt.checkpoint_commands
+"""
+
+EXAMPLES = """
+- name: show-logs
+ cp_mgmt_show_logs:
+ new_query:
+ filter: blade:"Threat Emulation"
+ max_logs_per_request: '2'
+ time_frame: today
+"""
+
+RETURN = """
+cp_mgmt_show_logs:
+ description: The checkpoint show-logs output.
+ returned: always.
+ type: dict
+"""
+
+from ansible.module_utils.basic import AnsibleModule
+from ansible_collections.check_point.mgmt.plugins.module_utils.checkpoint import checkpoint_argument_spec_for_commands, api_command
+
+
+def main():
+ argument_spec = dict(
+ new_query=dict(type='dict', options=dict(
+ filter=dict(type='str'),
+ time_frame=dict(type='str', choices=['last-7-days', 'last-hour', 'today', 'last-24-hours', 'yesterday',
+ 'this-week', 'this-month', 'last-30-days', 'all-time', 'custom']),
+ custom_start=dict(type='str'),
+ custom_end=dict(type='str'),
+ max_logs_per_request=dict(type='int'),
+ top=dict(type='dict', options=dict(
+ field=dict(type='str', choices=['sources', 'destinations', 'services', 'actions', 'blades', 'origins', 'users', 'applications']),
+ count=dict(type='int')
+ )),
+ type=dict(type='str', choices=['logs', 'audit']),
+ log_servers=dict(type='list')
+ )),
+ query_id=dict(type='str'),
+ ignore_warnings=dict(type='bool')
+ )
+ argument_spec.update(checkpoint_argument_spec_for_commands)
+
+ module = AnsibleModule(argument_spec=argument_spec)
+
+ command = "show-logs"
+
+ result = api_command(module, command)
+ module.exit_json(**result)
+
+
+if __name__ == '__main__':
+ main()