Check Point Support Data Collector (CPSDC) Tool

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk164414
Technical Level
Product	Quantum Scalable Chassis, Quantum Maestro, Quantum Security Management, Quantum Security Gateways, Multi-Domain Security Management, VSX
Version	R80.20SP, R80.30SP, R80.20 (EOL), R80.30 (EOL), R80.40, R81, R81.10
OS	Gaia
Platform / Model	All
Date Created	29-Mar-2020
Last Modified	06-Sep-2022

Solution

Introduction
Availability

List of Resolved Issues and New Features
CLI Syntax

Logging Levels
Log Files

Introduction

The Check Point Support Data Collector (CPSDC) utility provides an easy and fast way to collect data such as files, logs, and commands from Gaia OS.

It is also an extension for CPInfo utility, we added a new flag (cpinfo -Q) which represent a quick mode for collecting data and support collecting data from the Scalable Platform appliances.

CPSDC can work in these modes:

Mode

Description

Full

Collects all files, logs, and command outputs that are specified in the configuration file.

Delta

Collects all files, logs, and command outputs that are specified in the configuration file.

The CPSDC runs based on the configured schedule.

The CPSDC collects the data only if these conditions are met:

Collects a file only if the file content changed since the last run of the CPSDC.
Collects a command output only if the command output changed since the last run of the CPSDC.
Collects a log file only if a log file was rotated (there are new log files *.1, *.2, and so on) since the last run of the CPSDC.

CPSDC can upload the collected data to a remote server over SFTP.

Availability

Take # Release Date Download package

21 20 March 2022 (TAR)

Release Timeline

Version Availability

R80.20 Jumbo Hotfix Accumulator for R80.20 Take 208 and higher

R80.30 Jumbo Hotfix Accumulator for R80.30 starting from Take 251

R80.40 Jumbo Hotfix Accumulator for R80.40 Take 158 and higher

R81 Jumbo Hotfix Accumulator for R81 Take 60 and higher

R81.10 Jumbo Hotfix Accumulator for R81.10 Take 38 and higher

R80.20SP for Maestro R80.20SP Jumbo Hotfix Accumulator Take 242 and higher

R80.20SP for Scalable Chassis R80.20SP Jumbo Hotfix Accumulator Take 242 and higher

R80.30SP for Maestro Built-in

List of Resolved Issues and New Features per Take

ID	Description
Take 21 (20 March 2022)
PMTR-80111	During an update, Check Point Support Data Collector may generate a coredump with no further impact.
Take 19 (2 January 2022)
MBS-13590	Added Check Point Support Data Collector as a self-updatable package.

CLI Syntax

You must run the CPSDC in the Expert Mode on the command line of the Security Group.

To control the CPSDC: cpdata_collector <CPSDC Flags>
To collect the data: cpdata_collector --run [<Run Flags>]
To configure a remote SFTP server (to upload the collected data): cpdata_collector --configure-sftp-server

Important Note: The command name changed from "cpdata_collector_sp" to "cpdata_collector" in:

R80.20SP Jumbo Hotfix Accumulator Take 310
R80.30SP Jumbo Hotfix Accumulator Take 73

CPSDC Flags

Flag Description

-h
--help Shows the built-in help.

-b
--build Shows the CPSDC build number.

-e
--enable-periodic-run Runs periodically (daily) in the Delta mode and uploads the collected data to the configured SFTP server randomly between 01:00 am and 04:00 am.
Note: You must configure the remote SFTP Server before you use this flag.

-l
--list Shows the list of items to be collected.

-s
--silent Runs in a silent way - does not show a progress bar or messages on the screen.

-v
--verbose Shows verbose output on screen.

-x
--disable-periodic-run Stops running periodically (stops the "-e" / "--enable-periodic-run" flag).

Run Flags ("--run"):

Flag Description

-a
--include-down Collects data also from Security Group Members that are in the "Down" status.

-b <SGM IDs>
--blades <SGM IDs> Specifies the Security Group Members (SGM IDs), from which to collect the data.
You must use one of these formats:

-b all - Collects the data from all Security Group Members (this is the default)

One Security Group Member (for example, -b 1_1)

A comma-separated list of Security Group Members (for example, -b 1_1,1_4)

A range of Security Group Members (for example, -b 1_1-1_4)

One Maestro Site, or one Chassis (-b chassis1, or -b chassis2)

The Active Maestro Site, or Active Chassis (chassis_active)

-c
--commands Collects output of the specified commands (in addition to the files and logs).

-cu
--clean-up Deletes all the saved files, archives, and created directories.

-d
--delta Collects only files that changed since the last run of the CPSDC.

-e
--enable-periodic-run Runs periodically (daily) in the Delta mode and uploads the collected data to the configured SFTP server randomly between 01:00 am and 04:00 am.
Note: You must configure the remote SFTP Server before you use this flag.

-m <Size>
--max-file-size <Size> Collects only files with size less than the specified number of megabytes.
By default, the CPSDC collects only files smaller than 100 MB.
To collect files without the size restrictions, use "--max-file-size all".

-p <Path>
--path <Path> Specifies the path for the output archive file.
If you do not specify the path, the CPSDC uses this default path:
/var/log/cpdata_collector_sp_<DATE>_<TIME>.tgz
Note: You cannot use this flag together with the flag "upload-to-sftp".

-t <Days>
--last-modification-day <Days> Collect files that were modified during the specified number of days.
By default, the CPSDC collects only files were modified during the last 7 days.
To collect files without the history restrictions, use "--last-modification-day all".

-u
--upload-to-sftp Uploads the collected data to the configured SFTP server.

-v
--version Shows the CPSDC version number.

-x
--disable-periodic-run
Stops running periodically (stops the "-e" / "--enable-periodic-run" flag).

Logging Levels

The CPSDC has different logging levels in its log files when it runs:

Logging Level Description
INFO
This is the default level.
The CPSDC writes only important messages in its log files.

In the CPSDC logging configuration file (/etc/cpsdc/conf/cpsdc_logger.json):
{
        "level": "INFO"
}
DEBUG
This is the debug level.
The CPSDC writes all messages in its log files.

In the CPSDC logging configuration file (/etc/cpsdc/conf/cpsdc_logger.json):
{
        "level": "DEBUG"
}

To change the logging level:

Connect to the command line on the Security Group.
Log in to the Expert mode.
Edit the CPSDC logging configuration file:
vi /etc/cpsdc/conf/cpsdc_logger.json
Change the value of the "level" parameter to the required level.
Save the changes in the file and exit Vi editor.
Copy updated the CPSDC logging configuration file to all Security Group Members:
asg_cp2blades /etc/cpsdc/conf/cpsdc_logger.json

Log Files

The CPSDC generates different log files when it runs:

Scalable Platform Log File

Main Train /var/log/cpsdc.elg

Scalable Platforms (Maestro/Chassis) /var/log/cpsdc.elg
/var/log/cpdata_collector_sp.log

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback

Please rate this document

[1=Worst,5=Best]

Comment
	Submitting rating