Support Center > Search Results > SecureKnowledge Details
Check Point Support Data Collector (CPSDC) Tool for Scalable Platforms and Maestro Security Appliances Technical Level
Solution

Introduction

The Check Point Support Data Collector (CPSDC) utility for Scalable Platforms (Quantum Maestro and Quantum Scalable Chassis) provides an easy and fast way to collect data such as files, logs, and command outputs.

CPSDC can work in these modes:

Mode Description
Full Collects all files, logs, and command outputs that are specified in the configuration file.
Delta

Collects all files, logs, and command outputs that are specified in the configuration file.

The CPSDC runs based on the configured schedule.

The CPSDC collects the data only if these conditions are met:

  • Collects a file only if the file content changed since the last run of the CPSDC.
  • Collects a command output only if the command output changed since the last run of the CPSDC.
  • Collects a log file only if a log file was rotated (there are new log files *.1, *.2, and so on) since the last run of the CPSDC.

CPSDC can upload the collected data to a remote server over SFTP.

 

Availability

Version Availability

R81.10 for Scalable Platforms

Planned.

R81 for Scalable Platforms

Planned.

R80.30SP for Maestro

Built-in.

Important - In Take 73 of R80.30SP Jumbo Hotfix Accumulator, the command name changed from "cpdata_collector_sp" to "cpdata_collector".

R80.20SP for Maestro

R80.20SP Jumbo Hotfix Accumulator Take 242 and higher.

Important:

  • In Take 310 of the R80.20SP Jumbo Hotfix Accumulator , the command name changed from "cpdata_collector_sp" to "cpdata_collector".
  • Install Take 313 or higher of the R80.20SP Jumbo Hotfix Accumulator to resolve sk173951 - "cpdata_collector: command not found".

R80.20SP for Scalable Chassis

CLI Syntax

You must run the CPSDC in the Expert Mode on the command line of the Security Group.

To control the CPSDC:

  • cpdata_collector <CPSDC Flags>

To collect the data:

  • cpdata_collector --run [<Run Flags>]

To configure a remote SFTP server (to upload the collected data):

  • cpdata_collector --configure-sftp-server

CPSDC Flags:

Flag Description

-h

--help

Shows the built-in help.

-b

--build

Shows the CPSDC build number.

-e

--enable-periodic-run

Runs periodically (daily) in the Delta mode and uploads the collected data to the configured SFTP server randomly between 01:00 am and 04:00 am.

Note: You must configure the remote SFTP Server before you use this flag.

-l

--list

Shows the list of items to be collected.

-s

--silent

Runs in a silent way - does not show a progress bar or messages on the screen.

-v

--verbose

Shows verbose output on screen.

-x

--disable-periodic-run

Stops running periodically (stops the "-e" / "--enable-periodic-run" flag).

Run Flags ("--run"):

Flag Description

-a

--include-down

Collects data also from Security Group Members that are in the "Down" status.

-b <SGM IDs>

--blades <SGM IDs>

Specifies the Security Group Members (SGM IDs), from which to collect the data.

You must use one of these formats:

  • -b all - Collects the data from all Security Group Members (this is the default)
  • One Security Group Member (for example, -b 1_1)
  • A comma-separated list of Security Group Members (for example, -b 1_1,1_4)
  • A range of Security Group Members (for example, -b 1_1-1_4)
  • One Maestro Site, or one Chassis (-b chassis1, or -b chassis2)
  • The Active Maestro Site, or Active Chassis (chassis_active)

-c

--commands

Collects output of the specified commands (in addition to the files and logs).

-cu

--clean-up

Deletes all the saved files, archives, and created directories.

-d

--delta

Collects only files that changed since the last run of the CPSDC.

-e

--enable-periodic-run

Runs periodically (daily) in the Delta mode and uploads the collected data to the configured SFTP server randomly between 01:00 am and 04:00 am.

Note: You must configure the remote SFTP Server before you use this flag.

-m <Size>

--max-file-size <Size>

Collects only files with size less than the specified number of megabytes.

By default, the CPSDC collects only files smaller than 100 MB.

To collect files without the size restrictions, use "--max-file-size all".

-p <Path>

--path <Path>

Specifies the path for the output archive file.

If you do not specify the path, the CPSDC uses this default path:

/var/log/cpdata_collector_sp_<DATE>_<TIME>.tgz

Note: You cannot use this flag together with the flag "upload-to-sftp".

-t <Days>

--last-modification-day <Days>

Collect files that were modified during the specified number of days.

By default, the CPSDC collects only files were modified during the last 7 days.

To collect files without the history restrictions, use "--last-modification-day all".

-u

--upload-to-sftp

Uploads the collected data to the configured SFTP server.

-v

--version

Shows the CPSDC version number.

-x

--disable-periodic-run

Stops running periodically (stops the "-e" / "--enable-periodic-run" flag).

 

Logging Levels

The CPSDC has different logging levels in its log files when it runs:

Logging Level Description

INFO

This is the default level.

The CPSDC writes only important messages in its log files.

In the CPSDC logging configuration file (/etc/cpsdc/conf/cpsdc_logger.json):

{
        "level": "INFO"
}

DEBUG

This is the debug level.

The CPSDC writes all messages in its log files.

In the CPSDC logging configuration file (/etc/cpsdc/conf/cpsdc_logger.json):

{
        "level": "DEBUG"
}

To change the logging level:

  1. Connect to the command line on the Security Group.
  2. Log in to the Expert mode.
  3. Edit the CPSDC logging configuration file:
    vi /etc/cpsdc/conf/cpsdc_logger.json
  4. Change the value of the "level" parameter to the required level.
  5. Save the changes in the file and exit Vi editor.
  6. Copy updated the CPSDC logging configuration file to all Security Group Members:
    asg_cp2blades /etc/cpsdc/conf/cpsdc_logger.json

 

Log Files

The CPSDC generates different log files when it runs:

Scalable Platform Log File

Maestro

/var/log/cpsdc.elg

Scalable Chassis

/var/log/cpsdc.elg

/var/log/cpdata_collector_sp.log

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.

Give us Feedback
Please rate this document
[1=Worst,5=Best]
Comment