cpstat

Description

Displays the status and statistics information of Check Point applications.

Syntax

cpstat [-d] [-h <Host>] [-p <Port>] [-s <SICname>] [-f <Flavor>] [-o <Polling Interval> [-c <Count>] [-e <Period>]] <Application Flag>

Note - You can write the parameters in the syntax in any order.

Parameters

Parameter

Description

-d

Runs the command in debug mode.

Use only if you troubleshoot the command itself.

Best Practice - If you use this parameter, then redirect the output to a file, or use the script command to save the entire CLI session.

The output shows the SNMP queries and SNMP responses for the applicable SNMP OIDs.

-h <Host>

Optional.

When you run this command on a Management Server, this parameter specifies the managed Security Gateway.

<Host> is an IPv4 address, a resolvable hostname, or a DAIP object name.

The default is localhost.

Note - On a Multi-Domain Server, you must run this command in the context of the applicable Domain Management Server:mdsenv <IP Address or Name of Domain Management Server>.

-p <Port>

Optional.

Port number of the Application Monitoring (AMON) server.

The default port is 18192.

-s <SICname>

Optional.

Secure Internal Communication (SIC) name of the Application Monitoring (AMON) server.

-f <Flavor>

Optional.

Specifies the type of the information to collect.

If you do not specify a flavor explicitly, the command uses the first flavor in the <Application Flag>. To see all flavors, run the cpstat command without any parameters.

-o <Polling Interval>

Optional.

Specifies the polling interval (in seconds) - how frequently the command collects and shows the information.

Examples:

  • 0 - The command shows the results only once and the stops (this is the default value).

  • 5 - The command shows the results every 5 seconds in the loop.

  • 30 - The command shows the results every 30 seconds in the loop.

  • N - The command shows the results every N seconds in the loop.

Use this parameter together with the "-c <Count>" parameter and the "-e <Period>" parameter.

Example:

cpstat os -f perf -o 2

-c <Count>

Optional.

Specifies how many times the command runs and shows the results before it stops.

You must use this parameter together with the "-o <Polling Interval>" parameter.

Examples:

  • 0 - The command shows the results repeatedly every <Polling Interval> (this is the default value).

  • 10 - The command shows the results 10 times every <Polling Interval> and then stops.

  • 20 - The command shows the results 20 times every <Polling Interval> and then stops.

  • N - The command shows the results N times every <Polling Interval> and then stops.

Example:

cpstat os -f perf -o 2 -c 2

-e <Period>

Optional.

Specifies the time (in seconds), over which the command calculates the statistics.

You must use this parameter together with the "-o <Polling Interval>" parameter.

You can use this parameter together with the "-c <Count>" parameter.

Example:

cpstat os -f perf -o 2 -c 2 -e 60

<Application Flag>

Mandatory.

See the table below with flavors for the application flags.

These flavors are available for the application flags

Note - The available flags depend on the enabled Software Blades. Some flags are supported only by a Security Gateway, and some flags are supported only by a Management Server.

Feature or Software Blade

Flag

Flavors

List of enabled Software Blades

blades

fw, ips, av, urlf, vpn, cvpn, aspm, dlp, appi, anti_bot, default, content_awareness, threat-emulation, default

Operating System

os

default, ifconfig, routing, routing6, memory, old_memory, cpu, disk, perf, multi_cpu, multi_disk, raidInfo, sensors, power_supply, hw_info, all, average_cpu, average_memory, statistics, updates, licensing, connectivity, vsx

Firewall

fw

default, interfaces, policy, perf, hmem, kmem, inspect, cookies, chains, fragments, totals, totals64, ufp, http, ftp, telnet, rlogin, smtp, pop3, sync, log_connection, all

HTTPS Inspection

https_inspection

default, hsm_status, all

Identity Awareness

identityServer

default, authentication, logins, ldap, components, adquery, idc, muh

Application Control

appi

default, subscription_status, update_status, RAD_status, top_last_hour, top_last_day, top_last_week, top_last_month

URL Filtering

urlf

default, subscription_status, update_status, RAD_status, top_last_hour, top_last_day, top_last_week, top_last_month

IPS

ips

default, statistics, all

Anti-Virus

ci

default

Threat Prevention

antimalware

default, scanned_hosts, scanned_mails, subscription_status, update_status, ab_prm_contracts, av_prm_contracts, ab_prm_contracts, av_prm_contracts

Threat Emulation

threat-emulation

default, general_statuses, update_status, scanned_files, malware_detected, scanned_on_cloud, malware_on_cloud, average_process_time, emulated_file_size, queue_size, peak_size, file_type_stat_file_scanned, file_type_stat_malware_detected, file_type_stat_cloud_scanned, file_type_stat_cloud_malware_scanned, file_type_stat_filter_by_analysis, file_type_stat_cache_hit_rate, file_type_stat_error_count, file_type_stat_no_resource_count, contract, downloads_information_current, downloading_file_information, queue_table, history_te_incidents, history_te_comp_hosts

Threat Extraction

scrub

default, subscription_status, threat_extraction_statistics

Mobile Access

cvpn

cvpnd, sysinfo, products, overall

VSX

vsx

default, stat, traffic, conns, cpu, all, memory, cpu_usage_per_core

IPsec VPN

vpn

default, product, IKE, ipsec, traffic, compression, accelerator, nic, statistics, watermarks, all

Data Loss Prevention

dlp

default, dlp, exchange_agents, fingerprint

Content Awareness

ctnt

default

QoS

fg

all

High Availability

ha

default, all

Policy Server for Remote Access VPN clients

polsrv

default, all

Desktop Policy Server for Remote Access VPN clients

dtps

default, all

LTE / GX

gx

default, contxt_create_info, contxt_delete_info, contxt_update_info, contxt_path_mng_info, GXSA_GPDU_info, contxt_initiate_info, gtpv2_create_info, gtpv2_delete_info, gtpv2_update_info, gtpv2_path_mng_info, gtpv2_cmd_info, all

Management Server

mg

default, log_server, indexer

Certificate Authority

ca

default, crl, cert, user, all

SmartEvent

cpsemd

default

SmartEvent Correlation Unit

cpsead

default

Log Server

ls

default

CloudGuard Controller

vsec

default

SmartReporter

svr

default

Provisioning Agent

PA

default

Thresholds configured with the threshold_config command

thresholds

default, active_thresholds, destinations, error

Historical status values

persistency

product, TableConfig, SourceConfig

Examples

[Expert@MyGW:0]# cpstat -f interfaces fw
 
Network interfaces
--------------------------------------------------------------------------------------------------------------------
|Name|IP           |Netmask      |Flags|Peer name|Remote IP|Topology|Proxy name|Slaves|Ports|IPv6 Address|IPv6 Len|
--------------------------------------------------------------------------------------------------------------------
|eth0|192.168.30.40|255.255.255.0|    0|         |  0.0.0.0|       4|          |      |     |          ::|       0|
|eth1| 172.30.60.80|255.255.255.0|    0|         |  0.0.0.0|       4|          |      |     |          ::|       0|
|eth2|      0.0.0.0|      0.0.0.0|    0|         |  0.0.0.0|       4|          |      |     |          ::|       0|
|eth3|      0.0.0.0|      0.0.0.0|    0|         |  0.0.0.0|       4|          |      |     |          ::|       0|
|eth4|      0.0.0.0|      0.0.0.0|    0|         |  0.0.0.0|       4|          |      |     |          ::|       0|
|eth5|      0.0.0.0|      0.0.0.0|    0|         |  0.0.0.0|       4|          |      |     |          ::|       0|
|eth6|      0.0.0.0|      0.0.0.0|    0|         |  0.0.0.0|       4|          |      |     |          ::|       0|
|eth7|      0.0.0.0|      0.0.0.0|    0|         |  0.0.0.0|       4|          |      |     |          ::|       0|
--------------------------------------------------------------------------------------------------------------------
 
[Expert@MyGW:0]#
 
[Expert@MyGW:0]# cpstat -f default fw
 
Policy name:  MyGW_Policy
Install time: Wed May 23 18:14:32 2018
 
 
Interface table
---------------------------------------
|Name|Dir|Total   |Accept|Deny    |Log|
---------------------------------------
|eth0|in | 2393126| 32589| 2360537| 52|
|eth0|out|   33016| 33016|       0|  0|
|eth1|in | 2360350|     0| 2360350|  0|
|eth1|out|       0|     0|       0|  0|
|eth2|in | 2360350|     0| 2360350|  0|
|eth2|out|       0|     0|       0|  0|
|eth3|in | 2348704|     0| 2348704|  1|
|eth3|out|       0|     0|       0|  0|
|eth4|in | 2360350|     0| 2360350|  0|
|eth4|out|       0|     0|       0|  0|
---------------------------------------
|    |   |11855896| 65605|11790291| 53|
---------------------------------------
 
... ... [truncated for brevity] ... ...
 
[Expert@MyGW:0]#
 
[Expert@HostName:0]# cpstat -f cpu os
CPU User Time (%):   1
CPU System Time (%): 0
CPU Idle Time (%):   99
CPU Usage (%):       1
CPU Queue Length:    -
CPU Interrupts/Sec:  172
CPUs Number:         8
 
[Expert@HostName:0]#
 
[Expert@HostName:0]# cpstat os -f perf -o 2 -c 2 -e 60
 
Total Virtual Memory (Bytes):            12417720320
Active Virtual Memory (Bytes):           3741331456
Total Real Memory (Bytes):               8231063552
Active Real Memory (Bytes):              3741331456
Free Real Memory (Bytes):                4489732096
Memory Swaps/Sec:                        -
Memory To Disk Transfers/Sec:            -
CPU User Time (%):                       0
CPU System Time (%):                     0
CPU Idle Time (%):                       100
CPU Usage (%):                           0
CPU Queue Length:                        -
CPU Interrupts/Sec:                      135
CPUs Number:                             8
Disk Servicing Read\Write Requests Time: -
Disk Requests Queue:                     -
Disk Free Space (%):                     61
Disk Total Free Space (Bytes):           12659716096
Disk Available Free Space (Bytes):       11606188032
Disk Total Space (Bytes):                20477751296
 
 
Total Virtual Memory (Bytes):            12417720320
Active Virtual Memory (Bytes):           3741556736
Total Real Memory (Bytes):               8231063552
Active Real Memory (Bytes):              3741556736
Free Real Memory (Bytes):                4489506816
Memory Swaps/Sec:                        -
Memory To Disk Transfers/Sec:            -
CPU User Time (%):                       3
CPU System Time (%):                     0
CPU Idle Time (%):                       97
CPU Usage (%):                           3
CPU Queue Length:                        -
CPU Interrupts/Sec:                      140
CPUs Number:                             8
Disk Servicing Read\Write Requests Time: -
Disk Requests Queue:                     -
Disk Free Space (%):                     61
Disk Total Free Space (Bytes):           12659716096
Disk Available Free Space (Bytes):       11606188032
Disk Total Space (Bytes):                20477751296
 
[Expert@HostName:0]#
 
[Expert@MGMT:0]# cpstat -f default mg
 
Product Name:  Check PointSecurity Management Server
Major version: 6
Minor version: 0
Build number:  994000031
Is started:    1
Active status: active
Status:        OK
 
Connected clients
-------------------------------------------------------
|Client type |Administrator|Host        |Database lock|
-------------------------------------------------------
|SmartConsole|admin        |JOHNDOE-PC  |false        |
-------------------------------------------------------
 
[Expert@MGMT:0]#