Print Download PDF Send Feedback

Previous

Next

The CDT Primary Configuration File

In This Section:

Introduction to the CDT Primary Configuration File

Elements of the CDT Primary Configuration File

Example CDT Configuration File

Introduction to the CDT Primary Configuration File

The CentralDeploymentTool.xml file is the CDT's primary configuration file.

Important Notes:

A sample configuration file is supplied with the Central Deployment Tool.

Elements of the CDT Primary Configuration File

To configure the "PackageToInstall" element for the CDT Basic Mode:

In the CDT Advanced Mode, the packages to install are configured in the Deployment Plan. If you configure the element <PackageToInstall> in the CDT primary configuration file, the CDT tries to run in Basic Mode.

The <PackageToInstall> element contains these attributes:

Attribute

Default value

Description

Path

None

Holds the absolute path (with the file name) on the Management Server to the CPUSE Offline package you wish to deploy.

ConnectivityUpgrade

TRUE

Defines whether to perform a Connectivity Upgrade when upgrading a cluster.

To configure the "Logging" element:

The <Logging> element controls the CDT messages its writes to the CDT log file (/var/log/CPcdt/<execution time>/<log file name>).

The <Logging> element contains these Attributes:

Attribute

Default value

Description

FileLevel

DEBUG

Holds the value of the desired priority to filter the CDT log entries that are saved in the CDT log file (order below is from highest to lowest priority):

  1. DEBUG
  2. NORMAL
  3. ERROR
  4. ALWAYS
  5. NONE

For example, if FileLevel is set to ERROR, then messages marked as DEBUG and NORMAL are not written to the CDT log file - only messages marked as ERROR and ALWAYS are written to the CDT log file.

For example, if FileLevel is set to NONE, then no messages are written to the CDT log file.

ScreenLevel

NORMAL

Holds the value of the desired priority to filter the CDT log entries that are displayed on the screen (order below is from highest to lowest priority):

  1. DEBUG
  2. NORMAL
  3. ERROR
  4. ALWAYS
  5. NONE

For example, if ScreenLevel is set to ERROR, then messages marked as DEBUG and NORMAL are not shown on the screen - only messages marked as ERROR and ALWAYS are shown on the screen.

For example, if ScreenLevel is set to NONE, then no messages are shown on the screen.

SyslogLevel

NONE

Holds the value of the desired priority to filter the CDT log entries that are sent to a Syslog server. All CDT messages are sent to the local 0 facility with the prefix CDT (order below is from highest to lowest priority):

  1. DEBUG
  2. NORMAL
  3. ERROR
  4. ALWAYS
  5. NONE

For example, if SyslogLevel is set to ERROR, then messages marked as DEBUG and NORMAL are not sent to a Syslog server - only messages marked as ERROR and ALWAYS are sent to a Syslog server.

For example, if SyslogLevel is set to NONE, then no messages are sent to a Syslog server.

Mapping between the CDT Log Level priority in the SyslogLevel element and the Syslog Severity:

  • DEBUG - debug
  • NORMAL - normal
  • ERROR - err
  • ALWAYS - info
  • NONE - Not sent to Syslog server

Colors

FALSE

Configures if the CDT shows log messages on the screen in color:

  • FALSE - the CDT uses your default terminal settings
  • TRUE - the CDT uses color

To configure the "CPUSE" element:

The <CPUSE> element contains this attribute:

Attribute

Default value

Description

RPMPath

/home/admin/CPda-00-00.i386.rpm"

Holds the absolute path (with the file name) on the Management Server to the CPUSE Agent's RPM package:
CPda-00-00.i386.rpm

To configure the "Batch" element:

The <Batch> element contains these attributes:

Attribute

Default value

Description

MaxMachinesCount

UNLIMITED

Configures the maximal integer number of Security Gateways to put in one batch, when generating the Candidates List.

LatestAllowedDate

31/12/2099

The latest date, on which a new batch is permitted to start. Format is: DD/MM/YYYY.

LatestAllowedTime

23:59

The latest time, on which a new batch is permitted to start. Format is: HH:MM.

To configure the "PreInstallationScript" element for the CDT Basic Mode:

The <PreInstallationScript> element contains these attributes:

Attribute

Default value

Description

Path

None

Holds the absolute path (with the script name) on the Management Server to the user Pre-Installation shell script.

IsBlocking

TRUE

Configures if the CDT stops or continues the package installation, if the user Pre-Installation script returns an error during its execution:

  • TRUE - the CDT stops
  • FALSE - the CDT continues

To configure the "PostInstallationScript" element for the CDT Basic Mode:

The <PostInstallationScript> element contains these attributes:

Attribute

Default value

Description

Path

None

Holds the absolute path (with the script name) on the Management Server to the user Post-Installation shell script.

IsBlocking

TRUE

Configures if the CDT stop or continues the package installation, if the user Post-Installation script returns an error during its execution:

  • TRUE - the CDT stops
  • FALSE - the CDT continues

Duplicate the <PreInstallationScript> and <PostInstallationScript> elements according to the number of user shell scripts that the CDT needs to run on the Security Gateway. The CDT runs these shell scripts in the order they are defined in the CDT primary configuration file.

To configure the "MailNotification" element:

Important - This step applies only if you configured a valid mail server on the Security Management Server or Multi-Domain Security Management. Otherwise, delete this element.

The <MailNotification> element contains this attribute:

Attribute

Default value

Description

SendTo

aa@xyz.com

Holds one valid e-mail address.

You must first configure a mail notification server on the Gaia OS of the Management Server (see the Gaia Administration Guide for your version):

Where

Instructions

In Gaia Portal

Perform these steps:

  1. In the left navigation tree, click System Management > Mail Notification.
  2. In the Mail Server field, enter the IP address or hostname of the Mail Server that receives the e-mails.

    For example: mail.example.com

  3. In the User Name field, enter the user name on the Mail Server that receives the e-mails.

    For example: user@mail.example.com

  4. Click Apply.

In Gaia Clish

Perform these steps:

  1. Connect to the command line.
  2. Log in to the Gaia Clish.
  3. Configure the IP address or hostname of the Mail Server that receives the e-mails (for example, mail.example.com):

    HostName> set mail-notification server <IP Address or HostName of Mail Server>

    For example: mail.example.com

  4. Configure the user name on the Mail Server that receives the e-mails (for example, user@mail.example.com):

    HostName> set mail-notification username <UserName on Mail Server>@<Domain Name>

    For example: user@mail.example.com

  5. Save the changes:

    HostName> save config

  6. Examine the configuration:

    HostName> show mail-notification server

    HostName> show mail-notification username

The Gaia OS sends an email notification in these events:

To configure the "Repository" element for RMA Mode:

The <Repository> element contains this attribute:

Attribute

Default value

Description

path

/home/admin/

Holds the location of package files on the Management Server for the RMA Mode.

18 October 2018
Was this helpful?
Incorrect information Not what I'm looking for Too much information Confusing information
© 2018 Check Point Software Technologies Ltd. All rights reserved.