dbedit
is a CLI utility that lets you make changes to objects in the Check Point databases (see skI3301).
Run dbedit
in these modes:
We recommend that you use batch mode (dbedit -f
) for automation scripts. You can write the script on the Security Management Server or Multi-Domain Server with standard Linux commands, or import a text file with the script.
When the dbedit
prompt is showing, you can run dbedit
commands or scripts. Before you use the dbedit
utility, make sure that you can log in to Expert mode on the Security Management Server or Multi-Domain Server.
To launch the dbedit
utility:
expert
The Expert prompt is shown.
dbedit
The dbedit
prompt is shown.
Please enter a command, -h for help or -q to quit: dbedit> |
Use these dbedit
commands to create and configure objects and rules:
create
- Creates the object modify
- Changes the applicable object update
- Commits the most recent change to the Security Management Server database update_all
- Commits all the changes to the Security Management Server databaseThis table shows sample commands and the results.
Example |
Result |
---|---|
|
Creates the object for the network |
|
Changes the IP address of the |
|
Saves the changes for the |
We recommend that you use the -globallock
option when you use dbedit
to make changes to the Security Management Server database. dbedit
partially locks the database, if a user configures objects with SmartDashboard, there can be problems in the database. The -globallock
option does not let SmartDashboard or a dbedit
user make changes to the database.
When the -globallock
option is enabled, dbedit
commands run on a copy of the database. After you change the database and run the savedb
command, it is saved and committed on the actual database. You can use the savedb
command multiple times in a dbedit
script.
At the end of a script, it is a best practice to run these commands:
# update_all
# savedb
You can create sample objects in SmartDashboard that have the parameters that you are using in a script or dbedit
command. Export these objects to help make sure that you are using the correct names for the parameters. You can show the parameters in plain or XML format.
To show the parameters for a sample SmartDashboard object: