Introduction
The Check Point Support Data Collector (CPSDC) utility provides you with an easy and fast way to collect data such as files, logs, and commands from Gaia OS, with full support for Scalable Platforms / Maestro Security Appliances.
CPSDC can work in two different modes:
- Full Mode: collects all files, logs, and command specified in the configuration file.
- Delta Mode: can be scheduled to periodically collect files, logs, and commands specified in the configuration file only if:
- Files: if the file content changed since the last collect.
- Command: if the command output changed since the last collect.
- Log file (rotation): only files with new content will be collected.
CPSDC supports uploading the collected output to a remote server via SFTP.
The feature is available starting from R80.20SP JHF Take 242.
Usage Instructions
To work with CPSDC, log into the machine in Expert mode and run:
cpdata_collector --run [flags]
To configure an SFTP server to upload the collected data run:
cpdata_collector --configure-sftp-server
cpdata_collector runs in various modes, such as:
-c [ --commands ]
|
Collect output of the configured commands (in addition to the files and logs)
|
-d [ --delta ]
|
Collect only files that have changed since the last collect
|
-u [ --upload-to-sftp ]
|
Upload the collected data to the configured SFTP server
|
cpdata_collector has some additional flags, such as:
-b [ --build ]
|
Display the build number
|
-v [ --verbose ]
|
Be verbose and log to the standard output
|
-l [ --list ]
|
List the items that will be collected
|
-s [ --silent ]
|
Run silently, without output and progress bar
|
-e [ --enable-periodic-run ]
|
Run periodically (daily) in delta mode and upload to SFTP server between
1 a.m. and 4 a.m. (random).
Note: SFTP Server must be configured to work in this mode.
|
-x [ --disable-periodic-run ]
|
Stop periodic daily mode
|
Scalable Platforms / Maestro Security Appliances
CPSDC supports Scalable Platforms / Maestro Security Appliances to ease the collection from multiple members at the same time.
Usage
To work with CPSDC in Scalable Platforms / Maestro Security Appliances, log into the machine in Expert mode and run:
cpdata_collector_sp --run [flags]cpdata_collector_sp flags:
-b [ --blades ]
|
Blades to collect data from.
Use one of these formats:
-
all (default)
-
1_1,1_4 or 1_1-1_4 or 1_01,1_03-1_08,1_10
-
chassis1
-
chassis_active
|
-a [ --include-down ]
|
Collect data from all members (includes the blades in down mode)
|
-p [ --path ]
|
Archive file path.
default: /var/log/cpdata_collector_sp_[date]_[time].tgz
Note: cannot be used with upload flag
|
-cu [ --clean-up ]
|
Clean up all the saved files, archives, and created directories
|
-c [ --commands ]
|
Collect output of the configured commands (in addition to the files and logs)
|
-d [ --delta ]
|
Collect only files that have changed since the last collect
|
-u [ --upload ]
|
Upload the collected data to the configured SFTP server
|
-e [ --enable-periodic-run ]
|
Run periodically (daily) in delta mode and upload to SFTP server between
1 a.m. and 4 a.m.(random).
Note: SFTP Server must be configured to work in this mode
|
-x [ --disable-periodic-run ]
|
Stop periodic daily mode
|
-v [ --version ]
|
Show version number
|
Logs
cpdata_collector logs located at /var/log/cpsdc.elg
cpdata_collector_sp logs located at /var/log/cpdata_collector_sp.log
Logger Levels
CPSDC has two logging levels: DEBUG and INFO.
By default, the logger is set to INFO. To change it, do the following:
Modify the logger configuration file at
/etc/cpsdc/conf/cpsdc_logger.json in the level field.
INFO level - default:
{
"level": "INFO"
}
DEBUG level:
{
"level": "DEBUG"
}
|
This solution has been verified for the specific scenario, described by the combination of Product, Version and Symptoms. It may not work in other scenarios.
|
