Critical configuration files mismatch across cluster members-checkpoint-ipso
Vendor: checkpoint
OS: ipso
Description:
Indeni will identify when two devices are part of a cluster and alert if critical configuration files are different.
Remediation Steps:
Correct any differences found to ensure a complete match between device members.
How does this work?
Compare all configuration lines in important configuration files across cluster members. Some lines in the files are, however, member or time specific, so these lines are excluded. All comments (lines starting with #) and blank lines are ignored. For the local.arp file, MAC addresses are removed because these are device values that change on each device.
Why is this important?
Making sure members of a cluster have the same settings is critical. In this process comparing the actual contents of important files is needed.
Without Indeni how would you find this?
An administrator could login to all cluster members and manually check differences between config files in all cluster members, but would also need to know which lines in the files to exempt.
chkp-os-file-diff-ipso
name: chkp-os-file-diff-ipso
description: Populates a complex metric array with all relevant config for a list
of files
type: monitoring
monitoring_interval: 10 minutes
requires:
vendor: checkpoint
high-availability: true
os.name: ipso
comments:
lines-config-files:
why: |
Making sure members of a cluster have the same settings is critical. In this process comparing the actual contents of important files is needed.
how: |
Compare all configuration lines in important configuration files across cluster members. Some lines in the files are, however, member or time specific, so these lines are excluded. All comments (lines starting with #) and blank lines are ignored. For the local.arp file, MAC addresses are removed because these are device values that change on each device.
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
file: chkp-os-file-diff.remote.1.bash
parse:
type: AWK
file: chkp-os-file-diff.parser.1.awk
CrossVendorCompareConfigurationFilesRule
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/crossvendor/CrossVendorCompareConfigurationFilesRule.scala