Check Point R80

the check point r80 connector enables automated interactions with check point's security management system, facilitating streamlined security operations and policy management check point r80 is a comprehensive security management solution that provides advanced threat prevention and security management capabilities this connector enables swimlane turbine users to automate the creation, deletion, retrieval, and updating of security layers, access rules, application sites, domains, groups, hosts, and networks within the check point r80 environment by integrating with check point r80, security teams can streamline their security operations, enforce consistent policies, and respond to threats with agility and precision prerequisites to effectively utilize the check point r80 connector with swimlane turbine, ensure the following prerequisites are met api key authentication url the base url of the check point r80 management server api key a valid api key for authenticating requests to the check point r80 api http basic authentication url the base url of the check point r80 management server username the username for logging into the check point r80 management server password the password associated with the provided username capabilities the check point r80 connector has the following capabilities access layer create access layer delete access layer get access layer get all access layer update access rule create access rule delete access rule update application site create application site delete application site get application site get all application site update application site category create application site category delete and so on additional information about capabilities "host create" and "network create" tasks can be used to add a host/network to a group on creation "group update" can be used to add a pre existing host/network to a group to block objects, for example ips or domains, an access rule must be created and assigned to a group where the objects to be blocked are located in the case of applying or using "show logs" task, we have added the following two tasks in place "show logs using new query" task takes new query as input in the request body "show logs using query id" task takes query id as input in the request body notes check point r80 api documentation https //sc1 checkpoint com/documents/latest/apis/index html#introduction v1 6show logs documentation https //sc1 checkpoint com/documents/latest/apis/index html#web/show logs v1 9%20 this connector was last tested against product version 1 6 configurations check point r80 api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required apikey api key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional http basic authentication authenticates using username and password configuration parameters parameter description type required url a url to the target host string required username username string required password password string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions access layer create creates a new access layer in check point r80 with a specified name provided in the json body input endpoint url /web api/add access layer method post input argument name type required description name string optional object name must be unique in the domain add default rule boolean optional indicates whether to include a cleanup rule in the new layer applications and url filtering boolean optional whether to enable applications & url filtering blade on the layer content awareness boolean optional whether to enable content awareness blade on the layer detect using x forward for boolean optional whether to use x forward for http header, which is added by the proxy server to keep track of the original source ip firewall boolean optional whether to enable firewall blade on the layer implicit cleanup action string optional the default "catch all" action for traffic that does not match any explicit or implied rules in the layer valid values are "drop" or "accept" mobile access boolean optional whether to enable mobile access blade on the layer shared boolean optional whether this layer is shared tags array optional collection of tag identifiers color string optional color of the object should be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow comments string optional comments string details level string optional the level of detail for some of the fields in the response can vary from showing only the uid value of the object to a fully detailed representation of the object valid values are "uid", "standard", "full" ignore warnings boolean optional apply changes ignoring warnings ignore errors boolean optional apply changes ignoring errors you won't be able to publish such a changes if ignore warnings flag was omitted warnings will also be ignored input example {"name" "example name","add default rule"\ true,"applications and url filtering"\ true,"content awareness"\ true,"detect using x forward for"\ true,"firewall"\ true,"implicit cleanup action" "string","mobile access"\ true,"shared"\ true,"tags" \["string"],"color" "string","comments" "string","details level" "string","ignore warnings"\ true,"ignore errors"\ true} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource shared boolean output field shared applications and url filtering boolean url endpoint for the request content awareness boolean response content mobile access boolean output field mobile access detect using x forward for boolean output field detect using x forward for firewall boolean output field firewall implicit cleanup action string output field implicit cleanup action comments string output field comments color string output field color icon string output field icon tags array output field tags tags uid string unique identifier tags name string name of the resource tags type string type of the resource tags domain object output field tags domain tags domain uid string unique identifier output example {"status code" 200,"response headers" {"date" "tue, 27 dec 2022 13 47 48 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "a40b877c b723 4b0b ac91 cab00bb40f06","name" "hernan test rule 1","type" "access layer access layer delete removes a specified access layer from check point r80 by utilizing the provided 'name' parameter endpoint url /web api/delete access layer method post input argument name type required description name string optional object name input example {"name" "example name"} output parameter type description status code number http status code of the response reason string response reason phrase message string response message output example {"status code" 200,"response headers" {"date" "tue, 27 dec 2022 16 12 05 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"message" "ok"}} access layer get retrieve details of a specific access layer in check point r80 using the unique identifier (uid) endpoint url /web api/show access layer method post input argument name type required description uid string optional object unique identifier input example {"uid" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource shared boolean output field shared applications and url filtering boolean url endpoint for the request content awareness boolean response content mobile access boolean output field mobile access firewall boolean output field firewall implicit cleanup action string output field implicit cleanup action comments string output field comments color string output field color icon string output field icon tags array output field tags tags file name string name of the resource tags file string output field tags file meta info object output field meta info meta info lock string output field meta info lock meta info validation state string unique identifier meta info last modify time object time value output example {"status code" 200,"response headers" {"date" "tue, 27 dec 2022 13 16 19 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "ed5316fb 8b21 4dc8 a30e ad438434b605","name" "19380cbe20c24459836e29ccfb846582","type" access layer get all retrieve a comprehensive list of all access control boundaries defined in check point r80 endpoint url /web api/show access layers method post input argument name type required description limit number optional the maximal number of returned results offset number optional number of the results to initially skip input example {"limit" 123,"offset" 123} output parameter type description status code number http status code of the response reason string response reason phrase access layers array output field access layers access layers uid string unique identifier access layers name string name of the resource access layers type string type of the resource access layers domain object output field access layers domain access layers domain uid string unique identifier access layers domain name string name of the resource access layers domain domain type string type of the resource from number output field from to number output field to total number output field total output example {"status code" 200,"response headers" {"date" "tue, 27 dec 2022 13 01 23 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"access layers" \[{"uid" "1063010e 4878 48d2 ae1e f2cf056e142c","name" "6c1aa2ecb1424ec19e42f0 access layer update updates an existing access layer in check point r80 using the specified unique identifier (uid) endpoint url /web api/set access layer method post input argument name type required description uid string optional object's unique identifier applications and url filtering boolean optional whether to enable applications & url filtering blade on the layer content awareness boolean optional whether to enable content awareness blade on the layer detect using x forward for boolean optional whether to use x forward for http header, which is added by the proxy server to keep track of the original source ip firewall boolean optional whether to enable firewall blade on the layer implicit cleanup action string optional the default "catch all" action for traffic that does not match any explicit or implied rules in the layer valid values are "drop" or "accept" mobile access boolean optional whether to enable mobile access blade on the layer shared boolean optional whether this layer is shared tags array optional collection of tag identifiers color string optional color of the object should be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow comments string optional comments string details level string optional the level of detail for some of the fields in the response can vary from showing only the uid value of the object to a fully detailed representation of the object valid values are "uid", "standard", "full" ignore warnings boolean optional apply changes ignoring warnings ignore errors boolean optional apply changes ignoring errors you won't be able to publish such a changes if ignore warnings flag was omitted warnings will also be ignored input example {"uid" "string","applications and url filtering"\ true,"content awareness"\ true,"detect using x forward for"\ true,"firewall"\ true,"implicit cleanup action" "string","mobile access"\ true,"shared"\ true,"tags" \["string"],"color" "string","comments" "string","details level" "string","ignore warnings"\ true,"ignore errors"\ true} output parameter type description status code number http status code of the response reason string response reason phrase code string output field code message string response message output example {"status code" 409,"response headers" {"date" "tue, 27 dec 2022 15 53 31 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "conflict","json body" {"code" "generic err object locked","message" "requested object with objid \[a40b877c b7 access rule create creates a new access rule at a specified layer and position in check point r80, with 'layer' and 'position' as required inputs endpoint url /web api/add access rule method post input argument name type required description layer string optional layer that the rule belongs to identified by the name or uid position string optional position in the rulebase valid values are "top" or "bottom" name string optional rule name action string optional one of "accept", "drop", "ask", "inform", "reject", "user auth", "client auth", "apply layer" content negate boolean optional true if negate is set for data enabled boolean optional enable/disable the rule source negate boolean optional true if negate is set for source comments string optional comments string input example {"layer" "string","position" "string","name" "example name","action" "drop","content negate"\ true,"enabled"\ true,"source negate"\ true,"comments" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource track object output field track track type object type of the resource track type uid string unique identifier track type name string name of the resource track type type string type of the resource track type domain object type of the resource track type domain uid string unique identifier track type domain name string name of the resource track type domain domain type string type of the resource track per session boolean output field track per session track per connection boolean output field track per connection track accounting boolean output field track accounting track enable firewall session boolean output field track enable firewall session track alert string output field track alert layer string output field layer source array output field source output example {"status code" 200,"response headers" {"date" "thu, 29 dec 2022 15 08 41 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "40ea885a 3d4a 4991 93c0 831865bd45e8","name" "hernan rule 2","type" "access rule","dom access rule delete removes a specified access rule from a layer in check point r80 using the provided uid and layer details endpoint url /web api/delete access rule method post input argument name type required description uid string optional object's unique identifier layer string optional layer that the rule belongs to identified by the name or uid input example {"uid" "string","layer" "string"} output parameter type description status code number http status code of the response reason string response reason phrase message string response message output example {"status code" 200,"response headers" {"date" "thu, 29 dec 2022 20 45 08 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"message" "ok"}} access rule update updates an existing access rule in check point r80 using a unique identifier and specified layer, with configuration details provided in json format endpoint url /web api/set access rule method post input argument name type required description uid string optional object unique identifier layer string optional layer that the rule belongs to identified by the name or uid new name string optional new name of the object new position string optional new position in the rulebase valid values are "top" or "bottom" action string optional one of "accept", "drop", "ask", "inform", "reject", "user auth", "client auth", "apply layer" content negate boolean optional true if negate is set for data enabled boolean optional enable/disable the rule source negate boolean optional true if negate is set for source comments string optional comments string input example {"uid" "string","layer" "string","new name" "example name","new position" "string","action" "drop","content negate"\ true,"enabled"\ true,"source negate"\ true,"comments" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource track object output field track track type object type of the resource track type uid string unique identifier track type name string name of the resource track type type string type of the resource track type domain object type of the resource track type domain uid string unique identifier track type domain name string name of the resource track type domain domain type string type of the resource track per session boolean output field track per session track per connection boolean output field track per connection track accounting boolean output field track accounting track enable firewall session boolean output field track enable firewall session track alert string output field track alert layer string output field layer source array output field source output example {"status code" 200,"response headers" {"date" "thu, 29 dec 2022 15 26 32 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "78f98014 b77c 4bb9 8e37 e410f3d3a412","name" "cleanup rule","type" "access rule","doma application site category create creates a new application site category in check point r80 using the specified name provided in the json body endpoint url /web api/add application site category method post input argument name type required description name string optional object name must be unique in the domain description string optional description tags string optional collection of tag identifiers color string optional color of the object must be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow comments string optional comments string input example {"name" "example name","description" "string","tags" "string","color" "string","comments" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource description string output field description user defined boolean output field user defined groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color icon string output field icon tags array output field tags tags file name string name of the resource tags file string output field tags file meta info object output field meta info meta info lock string output field meta info lock meta info validation state string unique identifier meta info last modify time object time value meta info last modify time posix number output field meta info last modify time posix output example {"status code" 200,"response headers" {"date" "thu, 29 dec 2022 21 06 40 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "2d07d799 8007 4ff8 9833 f29b5b664a1d","name" "hernan app site category 1","type" "appl application site category delete removes a specified application site category in check point r80 using the unique identifier (uid) endpoint url /web api/delete application site category method post input argument name type required description uid string optional unique object identifier input example {"uid" "string"} output parameter type description status code number http status code of the response reason string response reason phrase message string response message output example {"status code" 200,"response headers" {"date" "thu, 29 dec 2022 22 26 09 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"message" "ok"}} application site category get retrieve details for a specific application site category in check point r80 using the uid provided endpoint url /web api/show application site category method post input argument name type required description uid string optional object unique identifier input example {"uid" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource description string output field description user defined boolean output field user defined groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color icon string output field icon tags array output field tags tags uid string unique identifier tags name string name of the resource tags type string type of the resource tags domain object output field tags domain tags domain uid string unique identifier tags domain name string name of the resource tags domain domain type string type of the resource output example {"status code" 200,"response headers" {"date" "thu, 29 dec 2022 20 59 10 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "6a6536de 422b 40aa 8c52 d10cea3614c2","name" "022b2205d1554d6e9d5b65afd48be623","type" application site category get all retrieves all application site categories from check point r80, requiring a json body input for execution endpoint url /web api/show application site categories method post input argument name type required description limit number optional the maximal number of returned results offset number optional number of the results to initially skip input example {"limit" 123,"offset" 123} output parameter type description status code number http status code of the response reason string response reason phrase objects array output field objects objects uid string unique identifier objects name string name of the resource objects type string type of the resource objects domain object output field objects domain objects domain uid string unique identifier objects domain name string name of the resource objects domain domain type string type of the resource from number output field from to number output field to total number output field total output example {"status code" 200,"response headers" {"date" "thu, 29 dec 2022 20 54 57 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"objects" \[{"uid" "6a6536de 422b 40aa 8c52 d10cea3614c2","name" "022b2205d1554d6e9d5b65afd48b application site category update updates an existing application site category in check point r80 using the specified uid endpoint url /web api/set application site category method post input argument name type required description uid string optional object unique identifier new name string optional new name of the object description string optional description tags string optional collection of tag identifiers color string optional color of the object must be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow comments string optional comments string input example {"uid" "string","new name" "example name","description" "string","tags" "string","color" "string","comments" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource description string output field description user defined boolean output field user defined groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color icon string output field icon tags array output field tags tags file name string name of the resource tags file string output field tags file meta info object output field meta info meta info lock string output field meta info lock meta info validation state string unique identifier meta info last modify time object time value meta info last modify time posix number output field meta info last modify time posix output example {"status code" 200,"response headers" {"date" "thu, 29 dec 2022 22 22 05 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "2d07d799 8007 4ff8 9833 f29b5b664a1d","name" "hernan app site category 1","type" "appl application site create creates a new application site in check point r80 with a specified name, primary category, and list of urls endpoint url /web api/add application site method post input argument name type required description name string optional object name must be unique in the domain primary category string optional each application is assigned to one primary category based on its most defining aspect url list array optional urls that determine this particular application additional categories array optional used to configure or edit the additional categories of a custom application / site used in the application and url filtering or threat prevention description string optional a description for the application urls defined as regular expression boolean optional states whether the url is defined as a regular expression or not tags array optional collection of tag identifiers color string optional color of the object must be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow comments string optional comments string input example {"name" "example name","primary category" "string","url list" \["string"],"additional categories" \["string"],"description" "string","urls defined as regular expression"\ true,"tags" \["string"],"color" "string","comments" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource application id number unique identifier primary category string output field primary category description string output field description risk string output field risk user defined boolean output field user defined additional categories array output field additional categories url list array url endpoint for the request urls defined as regular expression boolean url endpoint for the request groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color icon string output field icon tags array output field tags tags uid string unique identifier output example {"status code" 200,"response headers" {"date" "thu, 29 dec 2022 23 30 01 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "3217f158 a635 4f9f 8c9b 7f460c4baa54","name" "hernan example application site 1","type application site delete removes a specified application site from check point r80 using the provided unique identifier (uid) endpoint url /web api/delete application site method post input argument name type required description uid string optional unique object identifier input example {"uid" "string"} output parameter type description status code number http status code of the response reason string response reason phrase message string response message output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 00 03 05 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"message" "ok"}} application site get retrieve detailed information for a specific application site in check point r80 by providing the unique identifier (uid) endpoint url /web api/show application site method post input argument name type required description uid string optional unique object id input example {"uid" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource application id number unique identifier primary category string output field primary category description string output field description risk string output field risk user defined boolean output field user defined additional categories array output field additional categories groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color icon string output field icon tags array output field tags tags file name string name of the resource tags file string output field tags file meta info object output field meta info output example {"status code" 200,"response headers" {"date" "thu, 29 dec 2022 23 10 12 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "00fa9e3c 36ef 0f65 e053 08241dc22da2","name" "#hashtags","type" "application site","do application site get all retrieves all application sites from check point r80 using specified json body input for configuration endpoint url /web api/show application sites method post input argument name type required description limit number optional the maximal number of returned results offset number optional number of the results to initially skip input example {"limit" 123,"offset" 123} output parameter type description status code number http status code of the response reason string response reason phrase objects array output field objects objects uid string unique identifier objects name string name of the resource objects type string type of the resource objects domain object output field objects domain objects domain uid string unique identifier objects domain name string name of the resource objects domain domain type string type of the resource from number output field from to number output field to total number output field total output example {"status code" 200,"response headers" {"date" "thu, 29 dec 2022 23 06 36 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"objects" \[{"uid" "00fa9e3c 36ef 0f65 e053 08241dc22da2","name" "#hashtags","type" "applicati application site update updates an existing application site in check point r80 using a unique identifier (uid) endpoint url /web api/set application site method post input argument name type required description uid string optional unique object id new name string optional object name must be unique in the domain primary category string optional each application is assigned to one primary category based on its most defining aspect url list array optional urls that determine this particular application additional categories array optional used to configure or edit the additional categories of a custom application / site used in the application and url filtering or threat prevention description string optional a description for the application urls defined as regular expression boolean optional states whether the url is defined as a regular expression or not tags array optional collection of tag identifiers color string optional color of the object must be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow comments string optional comments string input example {"uid" "string","new name" "example name","primary category" "string","url list" \["string"],"additional categories" \["string"],"description" "string","urls defined as regular expression"\ true,"tags" \["string"],"color" "string","comments" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource application id number unique identifier primary category string output field primary category description string output field description risk string output field risk user defined boolean output field user defined additional categories array output field additional categories url list array url endpoint for the request urls defined as regular expression boolean url endpoint for the request groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color icon string output field icon tags array output field tags tags uid string unique identifier output example {"status code" 200,"response headers" {"date" "thu, 29 dec 2022 23 39 59 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "3217f158 a635 4f9f 8c9b 7f460c4baa54","name" "hernan application example 3","type" "ap domain create creates a new domain or sub domain in check point r80 with specified 'name' and 'is sub domain' attributes endpoint url /web api/add dns domain method post input argument name type required description name string optional dns domain name should always start with a ' ' character should be unique in the domain is sub domain boolean optional whether to match sub domains in addition to the domain itself tags array optional collection of tag identifiers color string optional color of the object must be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow comments string optional comments string input example {"name" "example name","is sub domain"\ true,"tags" \["string"],"color" "string","comments" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource is sub domain boolean output field is sub domain comments string output field comments color string output field color icon string output field icon tags array output field tags tags file name string name of the resource tags file string output field tags file meta info object output field meta info meta info lock string output field meta info lock meta info validation state string unique identifier meta info last modify time object time value meta info last modify time posix number output field meta info last modify time posix meta info last modify time iso 8601 string output field meta info last modify time iso 8601 meta info last modifier string output field meta info last modifier meta info creation time object time value meta info creation time posix number output field meta info creation time posix output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 15 36 39 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "b33aacce a5be 4521 a467 a40a0bee86f3","name" " www swimlane com","type" "dns domain"," domain delete removes a specified domain from check point r80 using the provided unique identifier (uid) endpoint url /web api/delete dns domain method post input argument name type required description uid string optional unique object identifier input example {"uid" "string"} output parameter type description status code number http status code of the response reason string response reason phrase message string response message output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 15 47 38 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"message" "ok"}} domain get retrieves details of a specific domain in check point r80 using the provided uid endpoint url /web api/show dns domain method post input argument name type required description uid string optional unique object identifier input example {"uid" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource is sub domain boolean output field is sub domain comments string output field comments color string output field color icon string output field icon tags array output field tags tags uid string unique identifier tags name string name of the resource tags type string type of the resource tags domain object output field tags domain tags domain uid string unique identifier tags domain name string name of the resource tags domain domain type string type of the resource meta info object output field meta info meta info lock string output field meta info lock meta info validation state string unique identifier meta info last modify time object time value output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 15 07 33 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "540cbca6 4310 4d20 8b71 9dc24dc669a6","name" " 269a0d7638494a48ba4f14a467532a41","type domain get all retrieves all domains from check point r80, requiring a specified json body input for execution endpoint url /web api/show dns domains method post input argument name type required description limit number optional the maximal number of returned results offset number optional number of the results to initially skip input example {"limit" 123,"offset" 123} output parameter type description status code number http status code of the response reason string response reason phrase objects array output field objects objects uid string unique identifier objects name string name of the resource objects type string type of the resource objects domain object output field objects domain objects domain uid string unique identifier objects domain name string name of the resource objects domain domain type string type of the resource from number output field from to number output field to total number output field total output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 15 03 43 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"objects" \[{"uid" "540cbca6 4310 4d20 8b71 9dc24dc669a6","name" " 269a0d7638494a48ba4f14a4675 domain update updates a specified domain in check point r80 using the provided uid include uid in the json body for successful operation endpoint url /web api/set dns domain method post input argument name type required description uid string optional unique object identifier new name string optional dns domain name should always start with a ' ' character should be unique in the domain is sub domain boolean optional whether to match sub domains in addition to the domain itself tags array optional collection of tag identifiers color string optional color of the object must be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow comments string optional comments string input example {"uid" "string","new name" "example name","is sub domain"\ true,"tags" \["string"],"color" "string","comments" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource is sub domain boolean output field is sub domain comments string output field comments color string output field color icon string output field icon tags array output field tags tags uid string unique identifier tags name string name of the resource tags type string type of the resource tags domain object output field tags domain tags domain uid string unique identifier tags domain name string name of the resource tags domain domain type string type of the resource meta info object output field meta info meta info lock string output field meta info lock meta info validation state string unique identifier meta info last modify time object time value output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 15 44 32 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "540cbca6 4310 4d20 8b71 9dc24dc669a6","name" " 269a0d7638494a48ba4f14a467532a41","type group create creates a new group in check point r80 with a specified name provided in the json body input endpoint url /web api/add group method post input argument name type required description name string optional object name must be unique in the domain members array optional collection of network objects identified by the name or uid tags array optional collection of tag identifiers color string optional color of the object must be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow comments string optional comments string input example {"name" "example name","members" \["string"],"tags" \["string"],"color" "string","comments" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource members array output field members members uid string unique identifier members name string name of the resource members type string type of the resource members domain object output field members domain members domain uid string unique identifier members domain name string name of the resource members domain domain type string type of the resource members ipv4 address string output field members ipv4 address groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color icon string output field icon tags array output field tags output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 16 58 04 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "0897ebc6 7f8b 4019 96b9 0efef1cc1d0a","name" "swimlane group 1","type" "group","domain group delete removes a specified group from check point r80 using the provided unique identifier (uid) endpoint url /web api/delete group method post input argument name type required description uid string optional unique object identifier input example {"uid" "string"} output parameter type description status code number http status code of the response reason string response reason phrase message string response message output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 17 15 14 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"message" "ok"}} group get retrieves details for a specified group in check point r80 using the provided unique identifier (uid) endpoint url /web api/show group method post input argument name type required description uid string optional unique object identifier show as ranges boolean optional when true, the group's matched content is displayed as ranges of ip addresses rather than network objects input example {"uid" "string","show as ranges"\ true} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource members array output field members members uid string unique identifier members name string name of the resource members type string type of the resource members domain object output field members domain members domain uid string unique identifier members domain name string name of the resource members domain domain type string type of the resource members subnet4 string output field members subnet4 members mask length4 number output field members mask length4 members subnet mask string output field members subnet mask groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 16 33 40 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "b92f7002 60dc 49bf 9b96 3e3367068687","name" "01138b85ae344cd5b6a07c82971bd7e6","type" group get all retrieves a comprehensive list of all configured groups within check point r80, with an option to specify criteria in a json body endpoint url /web api/show groups method post input argument name type required description limit number optional the maximal number of returned results offset number optional number of the results to initially skip input example {"limit" 123,"offset" 123} output parameter type description status code number http status code of the response reason string response reason phrase objects array output field objects objects uid string unique identifier objects name string name of the resource objects type string type of the resource objects domain object output field objects domain objects domain uid string unique identifier objects domain name string name of the resource objects domain domain type string type of the resource from number output field from to number output field to total number output field total output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 16 25 10 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"objects" \[{"uid" "b92f7002 60dc 49bf 9b96 3e3367068687","name" "01138b85ae344cd5b6a07c82971b group update updates an existing group in check point r80 using the specified unique identifier (uid) endpoint url /web api/set group method post input argument name type required description uid string optional unified object identifier new name string optional object name must be unique in the domain members object optional collection of network objects identified by the name or uid members add array optional parameter for group update members remove array optional parameter for group update groups object optional collection of group identifiers groups add array optional parameter for group update groups remove array optional parameter for group update tags array optional collection of tag identifiers color string optional color of the object must be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow comments string optional comments string input example {"uid" "string","new name" "example name","members" {"add" \["string"],"remove" \["string"]},"groups" {"add" \["string"],"remove" \["string"]},"tags" \["string"],"color" "string","comments" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource members array output field members members uid string unique identifier members name string name of the resource members type string type of the resource members domain object output field members domain members domain uid string unique identifier members domain name string name of the resource members domain domain type string type of the resource members ipv4 address string output field members ipv4 address groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color icon string output field icon tags array output field tags output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 17 11 56 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "0897ebc6 7f8b 4019 96b9 0efef1cc1d0a","name" "swimlane group 1","type" "group","domain host create creates a new host object in check point r80 with a specified name and ip address endpoint url /web api/add host method post input argument name type required description name string optional object name must be unique in the domain ip address string optional ipv4 or ipv6 address if both addresses are required use ipv4 address and ipv6 address fields explicitly color string optional color of the object must be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow tags array optional collection of tag identifiers comments string optional comment string groups array optional collection of group identifiers input example {"name" "example name","ip address" "string","color" "string","tags" \["string"],"comments" "string","groups" \["string"]} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource ipv4 address string output field ipv4 address interfaces array output field interfaces interfaces file name string name of the resource interfaces file string output field interfaces file nat settings object output field nat settings nat settings auto rule boolean output field nat settings auto rule groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color icon string output field icon tags array output field tags tags file name string name of the resource tags file string output field tags file meta info object output field meta info output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 18 29 09 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "def1f565 7732 49e4 a766 c25e91629a26","name" "swimlane host 1","type" "host","domain" host delete removes an existing host object from check point r80 using its name or uid endpoint url /web api/delete host method post input argument name type required description uid string optional object unique identifier name string optional object name details level string optional the level of detail for some of the fields in the response can vary from showing only the uid value of the object to a fully detailed representation of the object ignore warnings boolean optional apply changes ignoring warnings default value is false ignore errors boolean optional apply changes ignoring errors you won't be able to publish such a changes if ignore warnings flag was omitted warnings will also be ignored default value is false input example {"json body" {"uid" "def1f565 7732 49e4 a766 c25e91629a26","name" "new host 1","details level" "standard","ignore warnings"\ false,"ignore errors"\ false}} output parameter type description status code number http status code of the response reason string response reason phrase message string response message output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 18 36 24 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"message" "ok"}} host get retrieves details of a specific host from check point r80 using the provided unique identifier (uid) endpoint url /web api/show host method post input argument name type required description uid string optional unique object identifier input example {"uid" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource ipv4 address string output field ipv4 address interfaces array output field interfaces interfaces file name string name of the resource interfaces file string output field interfaces file nat settings object output field nat settings nat settings auto rule boolean output field nat settings auto rule groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color icon string output field icon tags array output field tags tags file name string name of the resource tags file string output field tags file meta info object output field meta info output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 18 04 30 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "5ccebaae 2138 41ff bddf 442ce62f2442","name" "1 1 1 1","type" "host","domain" {"uid" " host get all retrieves a comprehensive list of all hosts from check point r80, requiring a json body with query details endpoint url /web api/show hosts method post input argument name type required description limit number optional the maximal number of returned results offset number optional number of the results to initially skip input example {"limit" 123,"offset" 123} output parameter type description status code number http status code of the response reason string response reason phrase objects array output field objects objects uid string unique identifier objects name string name of the resource objects type string type of the resource objects domain object output field objects domain objects domain uid string unique identifier objects domain name string name of the resource objects domain domain type string type of the resource objects ipv4 address string output field objects ipv4 address from number output field from to number output field to total number output field total output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 17 59 00 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"objects" \[{"uid" "5ccebaae 2138 41ff bddf 442ce62f2442","name" "1 1 1 1","type" "host","doma host update updates an existing host in check point r80 using a unique identifier (uid) provided in the json body endpoint url /web api/set host method post input argument name type required description uid string optional unique object identifier new name string optional object name must be unique in the domain ip address string optional ipv4 or ipv6 address if both addresses are required use ipv4 address and ipv6 address fields explicitly color string optional color of the object must be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow tags array optional collection of tag identifiers comments string optional comment string groups object optional collection of group identifiers groups add array optional parameter for host update groups remove array optional parameter for host update input example {"uid" "string","new name" "example name","ip address" "string","color" "string","tags" \["string"],"comments" "string","groups" {"add" \["string"],"remove" \["string"]}} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource ipv4 address string output field ipv4 address interfaces array output field interfaces interfaces file name string name of the resource interfaces file string output field interfaces file nat settings object output field nat settings nat settings auto rule boolean output field nat settings auto rule groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color icon string output field icon tags array output field tags tags file name string name of the resource tags file string output field tags file meta info object output field meta info output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 18 33 42 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "def1f565 7732 49e4 a766 c25e91629a26","name" "swimlane host 1","type" "host","domain" install policy executes the install policy command on specified targets in check point r80, requiring a 'policy package' name endpoint url web api/install policy method post input argument name type required description policy package string optional the name of the policy package to be installed targets array optional on what targets to execute this command in case 'specific gateways' is chosen, input installation targets must be in the specific targets list of the policy package targets may be identified by their name or object unique identifier access boolean optional set to be true in order to install the access control policy by default, the value is true if access control policy is enabled on the input policy package, otherwise false desktop security boolean optional set to be true in order to install the desktop security policy by default, the value is true if desktop security policy is enabled on the input policy package, otherwise false qos boolean optional set to be true in order to install the qos policy by default, the value is true if quality of service policy is enabled on the input policy package, otherwise false threat prevention boolean optional set to be true in order to install the threat prevention policy by default, the value is true if threat prevention policy is enabled on the input policy package, otherwise false install on all cluster members or fail boolean optional relevant for the gateway clusters if true, the policy is installed on all the cluster members if the installation on a cluster member fails, don't install on that cluster prepare only boolean optional if true, prepares the policy for the installation, but doesn't install it on an installation target revision string optional the uid of the revision of the policy to install ignore warnings boolean optional install policy ignoring policy mismatch warnings input example {"json body" {"policy package" "standard","targets" \["gateway1"],"access"\ true,"desktop security"\ false,"qos"\ false,"threat prevention"\ true,"install on all cluster members or fail"\ true,"prepare only"\ false,"revision" "test revision","ignore warnings"\ false}} output parameter type description status code number http status code of the response reason string response reason phrase task id string unique identifier output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"task id" "01234567 89ab cdef a930 8c37a59972b3"}} login log in to the check point r80 server using credentials to obtain a session unique identifier for subsequent requests endpoint url /web api/login method post input argument name type required description user string optional administrator user name password string optional administrator password api key string optional administrator api key when using api key, there is no need to send user/password parameters continue last session boolean optional when 'continue last session' is set to 'true', the new session would continue where the last session was stopped this option is available when the administrator has only one session that can be continued if there is more than one session, see 'switch session' api domain string optional use domain to login to specific domain domain can be identified by name or uid enter last published session boolean optional login to the last published session such login is done with the read only permissions read only boolean optional login with read only permissions this parameter is not considered in case continue last session is true session comments string optional session comments can be viewed only using the show session api session description string optional a description of the session's purpose session name string optional session unique name session timeout number optional session expiration timeout in seconds default 600 seconds input example {"json body" {"user" "test","password" "test","api key" "12345","continue last session"\ false,"domain" "example com","enter last published session"\ false,"read only"\ false,"session comments" "test comments","session description" "test description","session name" "test session","session timeout" 600}} output parameter type description status code number http status code of the response reason string response reason phrase sid string unique identifier url string url endpoint for the request uid string unique identifier session timeout number output field session timeout last login was at object output field last login was at last login was at posix number output field last login was at posix last login was at iso 8601 string output field last login was at iso 8601 output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"sid" "97bvprfn4j81ogn v2xqgymw3ddwihosn0og8pikdim","url" "https //192 0 2 1 443/web api","uid" "7a13a360 9b24 40d7 acd3 5b50247be33e","session timeout" 600,"last login was at" {"posix" 1430032266851,"iso 8601" "2015 04 26t10 11+0300"}}} logout terminate the current session in check point r80, invalidating the session id endpoint url web api/logout method post input argument name type required description headers object required http headers for the request headers x chkp sid string required session unique identifier as it returned by the login request headers content type string optional send json object to use the api web services input example {"json body" {},"headers" {"x chkp sid" "97bvprfn4j81ogn v2xqgymw3ddwihosn0og8pikdim","content type" "application/json"}} output parameter type description status code number http status code of the response reason string response reason phrase message string response message output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"message" "ok"}} network create creates a new network object in check point r80 with specified name, subnet, and subnet mask endpoint url /web api/add network method post input argument name type required description name string optional object name must be unique in the domain subnet mask string optional ipv4 network mask subnet string optional ipv4 or ipv6 network address if both addresses are required use subnet4 and subnet6 fields explicitly tags array optional collection of tag identifiers color string optional color of the object must be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow comments string optional comment string groups array optional collection of group identifiers input example {"name" "example name","subnet mask" "string","subnet" "string","tags" \["string"],"color" "string","comments" "string","groups" \["string"]} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource broadcast string output field broadcast subnet4 string output field subnet4 mask length4 number output field mask length4 subnet mask string output field subnet mask nat settings object output field nat settings nat settings auto rule boolean output field nat settings auto rule groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color icon string output field icon tags array output field tags tags file name string name of the resource tags file string output field tags file meta info object output field meta info output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 19 29 11 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "a11b304a 5465 44cc b030 eb8684c74e62","name" "swimlane network 1","type" "network","do network delete removes a specified network from check point r80 using the provided unique identifier (uid) endpoint url /web api/delete network method post input argument name type required description uid string optional unique object identifier input example {"uid" "string"} output parameter type description status code number http status code of the response reason string response reason phrase message string response message output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 19 37 06 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"message" "ok"}} network get retrieves details of a specific network from check point r80 using the provided uid endpoint url /web api/show network method post input argument name type required description uid string optional unique object identifier input example {"uid" "string"} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource broadcast string output field broadcast subnet4 string output field subnet4 mask length4 number output field mask length4 subnet mask string output field subnet mask nat settings object output field nat settings nat settings auto rule boolean output field nat settings auto rule groups array output field groups groups uid string unique identifier groups name string name of the resource groups type string type of the resource groups domain object output field groups domain groups domain uid string unique identifier groups domain name string name of the resource groups domain domain type string type of the resource comments string output field comments color string output field color output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 19 19 19 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "4f078348 5f64 45a2 b501 944b78511eba","name" "22def595c2a64f8f976461beff69da69","type" network get all retrieves all network objects within the check point r80 environment, with optional specifications via json body endpoint url /web api/show networks method post input argument name type required description limit number optional the maximal number of returned results offset number optional number of the results to initially skip input example {"limit" 123,"offset" 123} output parameter type description status code number http status code of the response reason string response reason phrase objects array output field objects objects uid string unique identifier objects name string name of the resource objects type string type of the resource objects domain object output field objects domain objects domain uid string unique identifier objects domain name string name of the resource objects domain domain type string type of the resource objects subnet4 string output field objects subnet4 objects mask length4 number output field objects mask length4 objects subnet mask string output field objects subnet mask objects subnet6 string output field objects subnet6 objects mask length6 number output field objects mask length6 from number output field from to number output field to total number output field total output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 19 12 55 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"objects" \[{"uid" "4f078348 5f64 45a2 b501 944b78511eba","name" "22def595c2a64f8f976461beff69 network update updates an existing network object in check point r80 using the provided unique identifier (uid) endpoint url /web api/set network method post input argument name type required description uid string optional unique object identifier new name string optional object name must be unique in the domain subnet mask string optional ipv4 network mask subnet string optional ipv4 or ipv6 network address if both addresses are required use subnet4 and subnet6 fields explicitly tags array optional collection of tag identifiers color string optional color of the object must be one of aquamarine, black, blue, crete blue, burlywood, cyan, dark green, khaki, orchid, dark orange, dark sea green, pink, turquoise, dark blue, firebrick, brown, forest green, gold, dark gold, gray, dark gray, light green, lemon chiffon, coral, sea green, sky blue, magenta, purple, slate blue, violet red, navy blue, olive, orange, red, sienna, yellow comments string optional comment string groups object optional collection of group identifiers groups add array optional parameter for network update groups remove array optional parameter for network update input example {"uid" "string","new name" "example name","subnet mask" "string","subnet" "string","tags" \["string"],"color" "string","comments" "string","groups" {"add" \["string"],"remove" \["string"]}} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource type string type of the resource domain object output field domain domain uid string unique identifier domain name string name of the resource domain domain type string type of the resource broadcast string output field broadcast subnet4 string output field subnet4 mask length4 number output field mask length4 subnet mask string output field subnet mask nat settings object output field nat settings nat settings auto rule boolean output field nat settings auto rule groups array output field groups groups file name string name of the resource groups file string output field groups file comments string output field comments color string output field color icon string output field icon tags array output field tags tags file name string name of the resource tags file string output field tags file meta info object output field meta info output example {"status code" 200,"response headers" {"date" "fri, 30 dec 2022 19 34 01 gmt","server" "cpws","strict transport security" "max age=31536000; includesubdomains","x frame options" "sameorigin","content type" "application/json","x ua compatible" "ie=emulateie8","x forwarded host port" "443","keep alive" "timeout=15, max=99","connection" "keep alive","transfer encoding" "chunked"},"reason" "ok","json body" {"uid" "a11b304a 5465 44cc b030 eb8684c74e62","name" "swimlane network 1","type" "network","do publish applies all configuration changes made by the user across check point r80, requiring a 'uid' for identification endpoint url web api/publish method post input argument name type required description uid string optional session unique identifier specify it to publish a different session than the one you currently use input example {"json body" {"uid" "7a13a360 9b24 40d7 acd3 5b50247be33e"}} output parameter type description status code number http status code of the response reason string response reason phrase task id string unique identifier output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"task id" "01234567 89ab cdef a930 8c37a59972b3"}} show access rulebase displays the entire access rules layer in check point r80, requiring either uid or object name endpoint url web api/show access rulebase method post input argument name type required description name string optional object name must be unique in the domain uid string optional object unique identifier filter string optional search expression to filter the rulebase the provided text should be exactly the same as it would be given in smart console the logical operators in the expression ('and', 'or') should be provided in capital letters if an operator is not used, the default or operator applies filter settings object optional sets filter preferences filter settings search mode string optional when set to 'general', both the full text search and packet search are enabled in this mode, packet search will not match on 'any' object, a negated cell or a group with exclusion when the search mode is set to 'packet', by default, the match on 'any' object, a negated cell or a group with exclusion are enabled packet search settings may be provided to change the default behavior filter settings packet search settings object optional when 'search mode' is set to 'packet', this object allows to set the packet search preferences filter settings packet search settings expand group members boolean optional when true, if the search expression contains a uid or a name of a group object, results will include rules that match on at least one member of the group filter settings packet search settings expand group with exclusion members boolean optional when true, if the search expression contains a uid or a name of a group with exclusion object, results will include rules that match at least one member of the "include" part and is not a member of the "except" part filter settings packet search settings match on any boolean optional whether to match on 'any' object filter settings packet search settings match on group with exclusion boolean optional whether to match on a group with exclusion filter settings packet search settings match on negate boolean optional whether to match on a negated cell limit number optional the maximal number of returned results offset number optional number of the results to initially skip order array optional sorts the results by search criteria automatically sorts the results by name, in the ascending order order asc string optional sorts results by the given field in ascending order order desc string optional sorts results by the given field in descending order package string optional name of the package show as ranges boolean optional when true, the source, destination and services & applications parameters are displayed as ranges of ip addresses and port numbers rather than network objects objects that are not represented using ip addresses or port numbers are presented as objects in addition, the response of each rule does not contain the parameters are source, source negate, destination, destination negate, service and service negate, but instead it contains the parameters are source ranges, destination ranges and service ranges note requesting to show rules as ranges is limited up to 20 rules per request, otherwise an error is returned if you wish to request more rules, use the offset and limit parameters to limit your request show hits boolean optional indicates whether to show hits for the rules use object dictionary boolean optional indicates whether to use the object dictionary hits settings object optional specifies the settings for the hits hits settings from date string optional format is yyyy mm dd, "yyyy mm ddthh\ mm \ ss " hits settings target string optional target gateway name or uid hits settings to date string optional format is yyyy mm dd, "yyyy mm ddthh\ mm \ ss " dereference group members boolean optional indicates whether to dereference "members" field by details level for every object in reply input example {"json body" {"name" "test rule","uid" "7a13a360 9b24 40d7 acd3 5b50247be33e","filter" "source 192 168 1 1 and destination 10 0 0 1","filter settings" {"search mode" "general","packet search settings" {"expand group members"\ false,"expand group with exclusion members"\ false,"match on any"\ true,"match on group with exclusion"\ true,"match on negate"\ true}},"limit" 50,"offset" 0,"order" \[{"asc" "name"}],"package" "standard","show as ranges"\ false,"show hits"\ false,"use object dictionary"\ false,"hits settings" {"from date" "2024 01 01","target" "gateway1","to date" "2024 12 31"},"dereference group members"\ false,"show membership"\ false,"details level" "standard"}} output parameter type description status code number http status code of the response reason string response reason phrase uid string unique identifier name string name of the resource from number output field from to number output field to total number output field total rulebase array output field rulebase rulebase uid string unique identifier rulebase name string name of the resource rulebase type string type of the resource rulebase domain object output field rulebase domain rulebase domain uid string unique identifier rulebase domain name string name of the resource rulebase domain domain type string type of the resource rulebase enabled boolean output field rulebase enabled rulebase comments string output field rulebase comments rulebase meta info object output field rulebase meta info rulebase meta info lock string output field rulebase meta info lock rulebase meta info validation state string unique identifier rulebase meta info last modify time object time value rulebase meta info last modify time posix number output field rulebase meta info last modify time posix rulebase meta info last modify time iso 8601 string output field rulebase meta info last modify time iso 8601 rulebase meta info last modifier string output field rulebase meta info last modifier rulebase meta info creation time object time value output example {"uid" "string","name" "example name","from" 123,"to" 123,"total" 123,"rulebase" \[{"uid" "string","name" "example name","type" "string","domain" {},"enabled"\ true,"comments" "string","meta info" {},"install on" \[],"source" \[],"source negate"\ true,"destination" \[],"destination negate"\ true,"service" \[],"service negate"\ true,"vpn" \[]}],"objects dictionary" \[{"uid" "string","name" "example name","type" "string","domain" {}}]} show logs using new query retrieve filtered logs from check point r80 using a specified 'new query' parameter to tailor search results endpoint url /web api/show logs method post input argument name type required description new query object optional running a new query new query time frame string optional specify the time frame to query logs new query max logs per request string optional limit the number of logs to be retrieved new query filter string optional the filter as entered in smartconsole/smartview new query custom start string optional this option is only applicable when using the custom time frame option new query custom end string optional this option is only applicable when using the custom time frame option new query top object required top results configuration new query top field string required the field on which the top command is executed new query top count string optional the number of results to retrieve valid value is 1 50 new query type string optional type of logs to return new query log servers array optional list of ip's of logs servers to query ignore warnings boolean optional ignore warnings if exist input example {"json body" {"new query" {"time frame" "today","max logs per request" "100","filter" "blade \\"threat emulation\\"","custom start" "2019 09 07t15 50 04 00","custom end" "2020 09 07t15 50 04 00","top" {"field" "blades","count" "10"},"type" "logs","log servers" \["all"]},"ignore warnings"\ false}} output parameter type description status code number http status code of the response reason string response reason phrase incidents array unique identifier incidents ischkpobject string unique identifier incidents resolved string unique identifier logs array output field logs logs analyzed on string output field logs analyzed on logs i f dir string output field logs i f dir logs proto attr array output field logs proto attr logs proto attr ischkpobject string output field logs proto attr ischkpobject logs proto attr resolved string output field logs proto attr resolved logs count number count value query id string unique identifier tops array output field tops tops firewall string output field tops firewall tops system monitor string output field tops system monitor tops count number count value output example {"status code" 200,"response headers" {"content length" "140","content type" "application/json","date" "wed, 13 dec 2023 20 37 23 gmt"},"reason" "ok","json body" {"incidents" \[{}],"logs" \[{}],"logs count" 2,"query id" "aa be383957 9167 4ca3 b101 a25bc0fbec1c","tops" \[{},{}],"tops count" 935}} show logs using query id retrieves logs from check point r80 using a specified 'query id' provided in the json body endpoint url /web api/show logs method post input argument name type required description query id string optional get the next page of last run query with specified limit ignore warnings boolean optional ignore warnings if exist input example {"json body" {"query id" "aa be383957 9167 4ca3 b101 a25bc0fbec1c","ignore warnings"\ false}} output parameter type description status code number http status code of the response reason string response reason phrase incidents array unique identifier incidents ischkpobject string unique identifier incidents resolved string unique identifier logs array output field logs logs analyzed on string output field logs analyzed on logs i f dir string output field logs i f dir logs proto attr array output field logs proto attr logs proto attr ischkpobject string output field logs proto attr ischkpobject logs proto attr resolved string output field logs proto attr resolved logs count number count value query id string unique identifier tops array output field tops tops firewall string output field tops firewall tops system monitor string output field tops system monitor tops count number count value output example {"status code" 200,"response headers" {"content length" "140","content type" "application/json","date" "wed, 13 dec 2023 20 37 23 gmt"},"reason" "ok","json body" {"incidents" \[{}],"logs" \[{}],"logs count" 2,"query id" "aa be383957 9167 4ca3 b101 a25bc0fbec1c","tops" \[{},{}],"tops count" 935}} where used identifies where the specified object is utilized within check point r80 configurations, requiring either uid or name endpoint url searches for usage of the target object in other objects and rules method post input argument name type required description uid string optional object unique identifier name string optional object name dereference group members boolean optional indicates whether to dereference "members" field by details level for every object in reply show membership boolean optional indicates whether to calculate and show "groups" field for every object in reply async response boolean optional run command in asynchronous mode and return task uid use show task command to check the progress of the task details level string optional the level of detail for some of the fields in the response can vary from showing only the uid value of the object to a fully detailed representation of the object domains to process array optional indicates which domains to process the commands on it cannot be used with the details level full, must be run from the system domain only and with ignore warnings true valid values are current domain, all domains on this server indirect boolean optional search for indirect usage indirect max depth number optional maximum nesting level during indirect usage search input example {"json body" {"uid" "7a13a360 9b24 40d7 acd3 5b50247be33e","name" "test rule","dereference group members"\ false,"show membership"\ false,"async response"\ false,"details level" "standard","domains to process" \["current domain"],"indirect"\ false,"indirect max depth" 5}} output parameter type description status code number http status code of the response reason string response reason phrase used directly object output field used directly used directly total number output field used directly total used directly objects array output field used directly objects used directly threat prevention rules array output field used directly threat prevention rules used directly threat prevention rules file name string name of the resource used directly threat prevention rules file string output field used directly threat prevention rules file used directly nat rules array output field used directly nat rules used directly nat rules file name string name of the resource used directly nat rules file string output field used directly nat rules file used directly access control rules array output field used directly access control rules used directly access control rules rule string output field used directly access control rules rule used directly access control rules position string output field used directly access control rules position used directly access control rules owner string output field used directly access control rules owner used directly access control rules policy string output field used directly access control rules policy used directly access control rules layer string output field used directly access control rules layer used directly access control rules layer position number output field used directly access control rules layer position used directly access control rules package string output field used directly access control rules package used indirectly object output field used indirectly used indirectly total number output field used indirectly total used indirectly objects array output field used indirectly objects used indirectly threat prevention rules array output field used indirectly threat prevention rules used indirectly threat prevention rules file name string name of the resource used indirectly threat prevention rules file string output field used indirectly threat prevention rules file output example {"status code" 200,"response headers" {},"reason" "ok","json body" {"used directly" {"total" 2,"objects" \[],"threat prevention rules" \[],"nat rules" \[],"access control rules" \[]},"used indirectly" {"total" 6,"objects" \[],"threat prevention rules" \[],"nat rules" \[],"access control rules" \[]}}} response headers header description example connection http response header connection keep alive content length the length of the response body in bytes 140 content type the media type of the resource application/json date the date and time at which the message was originated fri, 30 dec 2022 17 11 56 gmt keep alive http response header keep alive timeout=15, max=99 server information about the software used by the origin server cpws strict transport security http response header strict transport security max age=31536000; includesubdomains transfer encoding http response header transfer encoding chunked x forwarded host port http response header x forwarded host port 443 x frame options http response header x frame options sameorigin x ua compatible http response header x ua compatible ie=emulateie8