Failure with one or more ISP links-checkpoint-all

Failure with one or more ISP links-checkpoint-all

Vendor: checkpoint

OS: all

Description:
Indeni will alert when the connectivity to one or more ISPs are not in a healthy state.

Remediation Steps:
Depending on the ISP link status, you should consider reaching out to your provider to get further assistance

chkp-cpstat_fw_vsx

name: chkp-cpstat_fw_vsx
description: Run "cpstat fw" on all vs in VSX
type: monitoring
monitoring_interval: 5 minutes
requires:
    vendor: checkpoint
    vsx: 'true'
    asg:
        neq: true
    role-firewall: 'true'
comments:

    policy-installed:
        why: |
            If a security policy is not installed on the device, it will not be able to correctly forward traffic. If
            the ISP managment is enabled then check the interface state as well for the isp connections.
        how: |
            By using the Check Point built-in "cpstat fw" command, it is confirmed that a policy is installed.
        can-with-snmp: false
        can-with-syslog: false

    policy-install-last-modified:
        why: |
            If a security policy is resently modified, it can be interesting to know if part of maintainence or unscheduled change in the environment.
        how: |
            By using the Check Point built-in "cpstat fw" command, the last modified time stamp of the policy is noted.
        can-with-snmp: false
        can-with-syslog: false

    isp-link-status:
        why: |
            To check the link status of the ISP status and role for each ISP
        how: |
            By using the Check Point built-in "cpstat fw" command anf getting the ISP link status from the ISP table
        can-with-snmp: false
        can-with-syslog: false
steps:
-   run:
        type: SSH
        file: cpstat-fw-vsx.remote.1.bash
    parse:
        type: AWK
        file: cpstat-fw-vsx.parser.1.awk

CheckPointIspLinkFailureNoVsxRule

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/checkpoint/CheckPointIspLinkFailureNoVsxRule.scala