Introduction

The Check Point Support Data Collector (CPSDC) utility for Scalable Platforms (Quantum Maestro and Quantum Scalable Chassis) provides an easy and fast way to collect data such as files, logs, and command outputs.

CPSDC can work in these modes:

Mode	Description
Full	Collects all files, logs, and command outputs that are specified in the configuration file.
Delta	Collects all files, logs, and command outputs that are specified in the configuration file. The CPSDC runs based on the configured schedule. The CPSDC collects the data only if these conditions are met: Collects a file only if the file content changed since the last run of the CPSDC. Collects a command output only if the command output changed since the last run of the CPSDC. Collects a log file only if a log file was rotated (there are new log files *.1, *.2, and so on) since the last run of the CPSDC.

CPSDC can upload the collected data to a remote server over SFTP.

 

Availability

Version	Availability
R81.10 for Scalable Platforms	Planned.
R81 for Scalable Platforms	Planned.
R80.30SP for Maestro	Built-in. Important - In Take 73 of R80.30SP Jumbo Hotfix Accumulator, the command name changed from "cpdata_collector_sp" to "cpdata_collector".
R80.20SP for Maestro	R80.20SP Jumbo Hotfix Accumulator Take 242 and higher. Important: In Take 310 of the R80.20SP Jumbo Hotfix Accumulator , the command name changed from "cpdata_collector_sp" to "cpdata_collector". Install Take 313 or higher of the R80.20SP Jumbo Hotfix Accumulator to resolve sk173951 - "cpdata_collector: command not found".
R80.20SP for Scalable Chassis

CLI Syntax

You must run the CPSDC in the Expert Mode on the command line of the Security Group.

To control the CPSDC:

• cpdata_collector <CPSDC Flags>

To collect the data:

• cpdata_collector --run [<Run Flags>]

To configure a remote SFTP server (to upload the collected data):

• cpdata_collector --configure-sftp-server

CPSDC Flags:

Flag	Description
-h --help	Shows the built-in help.
-b --build	Shows the CPSDC build number.
-e --enable-periodic-run	Runs periodically (daily) in the Delta mode and uploads the collected data to the configured SFTP server randomly between 01:00 am and 04:00 am. Note: You must configure the remote SFTP Server before you use this flag.
-l --list	Shows the list of items to be collected.
-s --silent	Runs in a silent way - does not show a progress bar or messages on the screen.
-v --verbose	Shows verbose output on screen.
-x --disable-periodic-run	Stops running periodically (stops the "-e" / "--enable-periodic-run" flag).

Run Flags ("--run"):

Flag	Description
-a --include-down	Collects data also from Security Group Members that are in the "Down" status.
-b <SGM IDs> --blades <SGM IDs>	Specifies the Security Group Members (SGM IDs), from which to collect the data. You must use one of these formats: -b all - Collects the data from all Security Group Members (this is the default) One Security Group Member (for example, -b 1_1) A comma-separated list of Security Group Members (for example, -b 1_1,1_4) A range of Security Group Members (for example, -b 1_1-1_4) One Maestro Site, or one Chassis (-b chassis1, or -b chassis2) The Active Maestro Site, or Active Chassis (chassis_active)
-c --commands	Collects output of the specified commands (in addition to the files and logs).
-cu --clean-up	Deletes all the saved files, archives, and created directories.
-d --delta	Collects only files that changed since the last run of the CPSDC.
-e --enable-periodic-run	Runs periodically (daily) in the Delta mode and uploads the collected data to the configured SFTP server randomly between 01:00 am and 04:00 am. Note: You must configure the remote SFTP Server before you use this flag.
-m <Size> --max-file-size <Size>	Collects only files with size less than the specified number of megabytes. By default, the CPSDC collects only files smaller than 100 MB. To collect files without the size restrictions, use "--max-file-size all".
-p <Path> --path <Path>	Specifies the path for the output archive file. If you do not specify the path, the CPSDC uses this default path: /var/log/cpdata_collector_sp_<DATE>_<TIME>.tgz Note: You cannot use this flag together with the flag "upload-to-sftp".
-t <Days> --last-modification-day <Days>	Collect files that were modified during the specified number of days. By default, the CPSDC collects only files were modified during the last 7 days. To collect files without the history restrictions, use "--last-modification-day all".
-u --upload-to-sftp	Uploads the collected data to the configured SFTP server.
-v --version	Shows the CPSDC version number.
-x --disable-periodic-run	Stops running periodically (stops the "-e" / "--enable-periodic-run" flag).

 

Logging Levels

The CPSDC has different logging levels in its log files when it runs:

Logging Level	Description
INFO	This is the default level. The CPSDC writes only important messages in its log files. In the CPSDC logging configuration file (/etc/cpsdc/conf/cpsdc_logger.json): { "level": "INFO" }
DEBUG	This is the debug level. The CPSDC writes all messages in its log files. In the CPSDC logging configuration file (/etc/cpsdc/conf/cpsdc_logger.json): { "level": "DEBUG" }

To change the logging level:

1. Connect to the command line on the Security Group.
2. Log in to the Expert mode.
3. Edit the CPSDC logging configuration file:
   vi /etc/cpsdc/conf/cpsdc_logger.json
4. Change the value of the "level" parameter to the required level.
5. Save the changes in the file and exit Vi editor.
6. Copy updated the CPSDC logging configuration file to all Security Group Members:
   asg_cp2blades /etc/cpsdc/conf/cpsdc_logger.json

 

Log Files

The CPSDC generates different log files when it runs:

Scalable Platform	Log File
Maestro	/var/log/cpsdc.elg
Scalable Chassis	/var/log/cpsdc.elg /var/log/cpdata_collector_sp.log

This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.