Introduction
The Check Point Support Data Collector (CPSDC) utility provides you with an easy and fast way to collect data such as files, logs, and commands from Gaia OS, with full support for Scalable Platforms / Maestro Security Appliances.
CPSDC can work in two different modes:
- Full Mode: collects all files, logs, and command specified in the configuration file.
- Delta Mode: can be scheduled to periodically collect files, logs, and commands specified in the configuration file only if:
- Files: if the file content changed since the last collect.
- Command: if the command output changed since the last collect.
- Log file (rotation): only files with new content will be collected.
CPSDC supports uploading the collected output to a remote server via SFTP.
The feature is available starting from R80.20SP JHF Take 242.
Usage Instructions
To work with CPSDC, log into the machine in Expert mode and run:
cpdata_collector --run [flags]
To configure an SFTP server to upload the collected data run:
cpdata_collector --configure-sftp-server
cpdata_collector runs in various modes, such as:
-c [ --commands ]
|
Collect output of the configured commands (in addition to the files and logs)
|
-d [ --delta ]
|
Collect only files that have changed since the last collect
|
-u [ --upload-to-sftp ]
|
Upload the collected data to the configured SFTP server
|
-t [ --last-modification-day ]
|
Collect files that were modified in the last N-days.
By default only files that were modified in the last 7 days will be collected.
To collect everything use "--last-modification-day all"
|
-m [ --max-file-size ]
|
Collect only files with size less than N-Megabytes.
By default only files smaller than 100.0MB will be collected.
To collect files with no size restrictions use "--max-file-size all"
|
cpdata_collector has some additional flags, such as:
-b [ --build ]
|
Display the build number
|
-v [ --verbose ]
|
Be verbose and log to the standard output
|
-l [ --list ]
|
List the items that will be collected
|
-s [ --silent ]
|
Run silently, without output and progress bar
|
-e [ --enable-periodic-run ]
|
Run periodically (daily) in delta mode and upload to SFTP server between
1 a.m. and 4 a.m. (random).
Note: SFTP Server must be configured to work in this mode.
|
-x [ --disable-periodic-run ]
|
Stop periodic daily mode
|
Scalable Platforms / Maestro Security Appliances
CPSDC supports Scalable Platforms / Maestro Security Appliances to ease the collection from multiple members at the same time.
Usage
To work with CPSDC in Scalable Platforms / Maestro Security Appliances, log into the machine in Expert mode and run:
cpdata_collector --run [flags]cpdata_collector flags:
-b [ --blades ]
|
Blades to collect data from.
Use one of these formats:
-
all (default)
-
1_1,1_4 or 1_1-1_4 or 1_01,1_03-1_08,1_10
-
chassis1
-
chassis_active
|
-a [ --exclude-down ]
|
Don't collect data from members in down mode
|
-p [ --path ]
|
Archive file path.
default: /var/log/cpdata_collector_sp_[date]_[time].tgz
Note: cannot be used with upload flag
|
-cu [ --clean-up ]
|
Clean up all the saved files, archives, and created directories
|
-c [ --commands ]
|
Collect output of the configured commands (in addition to the files and logs)
|
-d [ --delta ]
|
Collect only files that have changed since the last collect
|
-u [ --upload ]
|
Upload the collected data to the configured SFTP server
|
-t [ --last-modification-day ]
|
Collect files that were modified in the last N-days.
By default only files that were modified in the last 7 days will be collected.
To collect everything use "--last-modification-day all"
|
-m [ --max-file-size ]
|
Collect only files with size less than N-Megabytes.
By default only files smaller than 100.0MB will be collected.
To collect files with no size restrictions use "--max-file-size all"
|
-e [ --enable-periodic-run ]
|
Run periodically (daily) in delta mode and upload to SFTP server between
1 a.m. and 4 a.m.(random).
Note: SFTP Server must be configured to work in this mode
|
-x [ --disable-periodic-run ]
|
Stop periodic daily mode
|
-v [ --version ]
|
Show version number
|
Logs
cpdata_collector logs located at /var/log/cpsdc.elg
cpdata_collector in Scalable Platforms have additional logs located at /var/log/cpdata_collector_sp.log
Logger Levels
CPSDC has two logging levels: DEBUG and INFO.
By default, the logger is set to INFO. To change it, do the following:
Modify the logger configuration file at
/etc/cpsdc/conf/cpsdc_logger.json in the level field.
INFO level - default:
{
"level": "INFO"
}
DEBUG level:
{
"level": "DEBUG"
}
|
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.
|
