Communication between management server and specific devices not working-paloaltonetworks-panos

error
health-checks
panos
paloaltonetworks
Communication between management server and specific devices not working-paloaltonetworks-panos
0

#1

Communication between management server and specific devices not working-paloaltonetworks-panos

Vendor: paloaltonetworks

OS: panos

Description:
A management server needs to communicate with its managed devices at all times. indeni will alert if the communication is broken.

Remediation Steps:
Troubleshoot any possible connectivity issues.

How does this work?
This script uses the Palo Alto Networks API to retrieve the current list of devices and their connection state (the equivalent of running “show devices all” in CLI).

Why is this important?
For Panorama to successfully manage all the devices it is connected to, one must make sure the connectivity works 24/7.

Without Indeni how would you find this?
An administrator would be required to write a script to periodically pull the connection status from Panorama to all devices.

panos-show-devices-all

#! META
name: panos-show-devices-all
description: fetch the list of devices managed by panorama and their status
type: monitoring
monitoring_interval: 60 minutes
requires:
    vendor: paloaltonetworks
    os.name: panos
    product: panorama

#! COMMENTS
known-devices:
    why: |
        To make it easier to add devices to indeni, the list of devices managed by Panorama is retrieved.
    how: |
        This script uses the Palo Alto Networks API to retrieve the current list of devices and their connection state (the equivalent of running "show devices all" in CLI).
    without-indeni: |
        This wouldn't be relevant without indeni.
    can-with-snmp: false
    can-with-syslog: false
trust-connection-state:
    why: |
        For Panorama to successfully manage all the devices it is connected to, one must make sure the connectivity works 24/7.
    how: |
        This script uses the Palo Alto Networks API to retrieve the current list of devices and their connection state (the equivalent of running "show devices all" in CLI).
    without-indeni: |
        An administrator would be required to write a script to periodically pull the connection status from Panorama to all devices.
    can-with-snmp: false
    can-with-syslog: false

#! REMOTE::HTTP
url: /api?type=op&cmd=<show><devices><all></all></devices><%2Fshow>&key=${api-key}
protocol: HTTPS

#! PARSER::XML
_optional_metrics:
    -
        _groups:
            /response/result/devices/entry:
                _value.complex:
                    name:
                        _text: "hostname"
                    ip:
                        _text: "ip-address"
                _tags:
                    "im.name":
                        _constant: "known-devices"
        _value: complex-array
    -
        _groups:
            /response/result/devices/entry:
                _temp:
                    isconnection:
                        _text: connected
                    "name":
                        _text: "hostname"
                    ip:
                        _text: "ip-address"                        
                _tags:
                    "im.name":
                        _constant: "trust-connection-state"
        _transform:
            _value.double: |
                {
                    if (temp("isconnection") == "yes") {
                        print "1"
                    } else {
                        print "0"
                    }
                }
            _tags:
                name: |
                    {
                        print temp("name") " (" temp("ip") ")"
                    }


cross_vendor_connection_from_mgmt_to_device

package com.indeni.server.rules.library.templatebased.crossvendor

import com.indeni.ruleengine.expressions.conditions.EndsWithRepetition
import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.{ConditionalRemediationSteps, StateDownTemplateRule}

/**
  *
  */
case class cross_vendor_connection_from_mgmt_to_device() extends StateDownTemplateRule(
  ruleName = "cross_vendor_connection_from_mgmt_to_device",
  ruleFriendlyName = "All Devices: Communication between management server and specific devices not working",
  ruleDescription = "A management server needs to communicate with its managed devices at all times. indeni will alert if the communication is broken.",
  metricName = "trust-connection-state",
  applicableMetricTag = "name",
  alertItemsHeader = "Unreachable Managed Devices",
  alertDescription = "Some of the devices managed by this device cannot be reached by the management device. " +
    "Please review the list below. Note that the list may include devices that are not covered by indeni at this " +
    "point, as the check is done from the management server to all managed devices.",
  historyLength = 2,
  baseRemediationText = "Troubleshoot any possible connectivity issues.") (
  ConditionalRemediationSteps.VENDOR_CP -> "Read https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk60522"
)