Failure with one or more ISP links-checkpoint-all
Indeni will alert when the connectivity to one or more ISPs are not in a healthy state.
Depending on the ISP link status, you should consider reaching out to your provider to get further assistance
name: chkp-cpstat_fw_vsx description: Run "cpstat fw" on all vs in VSX type: monitoring monitoring_interval: 5 minutes requires: vendor: checkpoint vsx: 'true' asg: neq: true role-firewall: 'true' comments: policy-installed: why: | If a security policy is not installed on the device, it will not be able to correctly forward traffic. If the ISP managment is enabled then check the interface state as well for the isp connections. how: | By using the Check Point built-in "cpstat fw" command, it is confirmed that a policy is installed. can-with-snmp: false can-with-syslog: false policy-install-last-modified: why: | If a security policy is resently modified, it can be interesting to know if part of maintainence or unscheduled change in the environment. how: | By using the Check Point built-in "cpstat fw" command, the last modified time stamp of the policy is noted. can-with-snmp: false can-with-syslog: false isp-link-status: why: | To check the link status of the ISP status and role for each ISP how: | By using the Check Point built-in "cpstat fw" command anf getting the ISP link status from the ISP table can-with-snmp: false can-with-syslog: false steps: - run: type: SSH file: cpstat-fw-vsx.remote.1.bash parse: type: AWK file: cpstat-fw-vsx.parser.1.awk
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/checkpoint/CheckPointIspLinkFailureVsxRule.scala