License expiration nearing-radware-alteon-os

warn
alteon-os
radware
License expiration nearing-radware-alteon-os
0

#1

License expiration nearing-radware-alteon-os

Vendor: radware

OS: alteon-os

Description:
indeni will trigger an issue when a license is about to expire.

Remediation Steps:
Renew any licenses that need to be renewed.

alteon-api-config-AgLicenseInfoTable

#! META
name: alteon-api-config-AgLicenseInfoTable
description: Determine which loadbalancer features that are enabled
type: monitoring
monitoring_interval: 59 minutes
requires:
    os.name: "alteon-os"
    vendor: "radware"
    or:
        -
            vsx: "true"
        -
            standalone: "true"
#! COMMENTS
features-enabled:
    why: |
        The alteon loadbalancer has a set of features that can be enabled for each loadbalancer. These feature sets can be used in the critical infrastructure and are not enabled by default for each device. Usually, adding the license enables these features, but if the licenses generated for each unique Radware device has different featuresets enabled, this can become a problem should there be a failover and features such as the Web Application Firewall or the anti-DDoS are not enabled. We want to know ahead of time so that clustered loadbalancers do not experience any major issues.
    how: |
        This script runs the API query AgLicenseInfoTable and pulls the features that are enabled and identifies which ones are expiring.
    without-indeni: |
        An administrator would access the GUI->Configurations -> System -> Licenses -> Licensed Features.
    can-with-snmp: true
    can-with-syslog: false
    vendor-provided-management: |
        Can be done through Management GUI (Vision or Alteon VX).
#! REMOTE::HTTP
url: /config/AgLicenseInfoTable?props=SoftwareKey,TimeBasedLicenseStatus
protocol: HTTPS
#! PARSER::JSON
_metrics:
    -
        _groups:
            "$.AgLicenseInfoTable[0:]":
                _temp:
                    "name":
                        _value: "SoftwareKey"
                _tags:
                    "im.name":
                        _constant: "features-enabled"
                    "live-config":
                        _constant: "true"
                    "display-name":
                        _constant: "Features Enabled"
                    "im.identity-tags":
                        _constant: "Feature"
        _transform:
            _value.complex:
                "license": |
                    {
                    
                        #Let's define some friendly names for the known modules
                        moduleDictionary["global"] = "Global Server Load Balancing"
                        moduleDictionary["bwm"] = "Bandwidth Management"
                        moduleDictionary["ados"] = "Anti-DDos"
                        moduleDictionary["apm"] = "Application Performance Monitoring"
                        moduleDictionary["va"] = "Virtual Appliance"
                        moduleDictionary["fastview"] = "Fastview"
                        moduleDictionary["fastview+"] = "Fastview+"
                        moduleDictionary["fastview++"] = "Fastview++"
                        moduleDictionary["AppWall"] = "AppWall"
                        moduleDictionary["AppWall+"] = "AppWall+"
                        moduleDictionary["AppWall++"] = "AppWall++"
                        
                        #Look up the module in the moduleDictionary. If it does not exist, resort to the original value
                        if (temp("name") in moduleDictionary){
                            print moduleDictionary[temp("name")]
                        } else {
                            print temp("name")
                        }
                        
                    }
        _value: complex-array
    -
        _groups:
            "$.AgLicenseInfoTable[0:][?(@.TimeBasedLicenseStatus != 'Permanent')]":
                _tags:
                    "im.name":
                        _constant: "license-expiration"
                _temp:
                    "expiredDate":
                        _value: "TimeBasedLicenseStatus"
                    "name":
                        _value: "SoftwareKey"
        _transform:
            _tags:
                "name": |
                    {
                    
                        #Let's define some friendly names for the known modules
                        moduleDictionary["global"] = "Global Server Load Balancing"
                        moduleDictionary["bwm"] = "Bandwidth Management"
                        moduleDictionary["ados"] = "Anti-DDos"
                        moduleDictionary["apm"] = "Application Performance Monitoring"
                        moduleDictionary["va"] = "Virtual Appliance"
                        moduleDictionary["fastview"] = "Fastview"
                        moduleDictionary["fastview+"] = "Fastview+"
                        moduleDictionary["fastview++"] = "Fastview++"
                        moduleDictionary["AppWall"] = "AppWall"
                        moduleDictionary["AppWall+"] = "AppWall+"
                        moduleDictionary["AppWall++"] = "AppWall++"
                        
                        #Look up the module in the moduleDictionary. If it does not exist, resort to the original value
                        if(temp("name") in moduleDictionary){
                            print moduleDictionary[temp("name")]
                        } else {
                            print temp("name")
                        }
                        
                    }
            _value.double: |
                {
                
                    #Expires on 13-MAY-2018
                    split(temp("expiredDate"), lineArr, " ")
                    split(lineArr[3], dateArr, "-")
                    
                    #["13", "MAY", "2018"]
                    day = dateArr[1]
                    month = parseMonthThreeLetter(dateArr[2])
                    year = dateArr[3]
                    #Convert the dates to seconds since epoch
                    secondSinceEpoch = date(year, month, day)
                    
                    print secondSinceEpoch
                    
                }

RuleMetadata

.builder("cross_vendor_license_expiration
package com.indeni.server.rules.library

import com.indeni.apidata.time.TimeSpan
import com.indeni.apidata.time.TimeSpan.TimePeriod
import com.indeni.ruleengine.expressions.conditions.{And, GreaterThan, LesserThan}
import com.indeni.ruleengine.expressions.core.{StatusTreeExpression, _}
import com.indeni.ruleengine.expressions.data._
import com.indeni.ruleengine.expressions.math.PlusExpression
import com.indeni.ruleengine.expressions.utility.NowExpression
import com.indeni.server.common.data.conditions.True
import com.indeni.server.params.ParameterDefinition
import com.indeni.server.params.ParameterDefinition.UIType
import com.indeni.server.rules._
import com.indeni.server.rules.library.core.PerDeviceRule
import com.indeni.server.sensor.models.managementprocess.alerts.dto.AlertSeverity

case class LicenseWillExpireRule(context: RuleContext) extends PerDeviceRule with RuleHelper {

  private val highThresholdParameterName = "Ahead_Alerting_Threshold"
  private val highThresholdParameter = new ParameterDefinition(highThresholdParameterName,
                                                               "",
                                                               "Expiration Threshold",
                                                               "How long before expiration should Indeni notify.",
                                                               UIType.TIMESPAN,
                                                               TimeSpan.fromDays(56))

  override val metadata: RuleMetadata = RuleMetadata
    .builder("cross_vendor_license_expiration",
             "All Devices: License expiration nearing",
             "indeni will trigger an issue when a license is about to expire.",
             AlertSeverity.WARN)
    .configParameter(highThresholdParameter)
    .build()

  override def expressionTree: StatusTreeExpression = {
    val actualValue = TimeSeriesExpression[Double]("license-expiration").last.toTimeSpan(TimePeriod.SECOND)

    StatusTreeExpression(
      // Which objects to pull (normally, devices)
      SelectTagsExpression(context.metaDao, Set(DeviceKey), True),
      // What constitutes an issue
      StatusTreeExpression(
        // The additional tags we care about (we'll be including this in alert data)
        SelectTagsExpression(context.tsDao, Set("name"), withTagsCondition("license-expiration")),
        StatusTreeExpression(
          // The time-series we check the test condition against:
          SelectTimeSeriesExpression[Double](context.tsDao, Set("license-expiration"), denseOnly = false),
          // The condition which, if true, we have an issue. Checked against the time-series we've collected
          And(
            GreaterThan(actualValue, NowExpression()),
            LesserThan(actualValue,
                       PlusExpression(NowExpression(), getParameterTimeSpanForTimeSeries(highThresholdParameter)))
          )

          // The Alert Item to add for this specific item
        ).withSecondaryInfo(
            scopableStringFormatExpression("${scope(\"name\")}"),
            scopableStringFormatExpression("Will expire on %s", timeSpanToDateExpression(actualValue)),
            title = "Affected Licenses"
          )
          .asCondition()
      ).withoutInfo().asCondition()
    ).withRootInfo(
      getHeadline(),
      ConstantExpression("One or more licenses are about to expire. See the list below."),
      ConditionalRemediationSteps(
        "Renew any licenses that need to be renewed.",
        ConditionalRemediationSteps.VENDOR_CP -> "Make sure you have purchased the required licenses and have updated them in your management server: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk33089",
        ConditionalRemediationSteps.VENDOR_PANOS -> "Review this page on licensing: https://www.paloaltonetworks.com/documentation/80/pan-os/pan-os/getting-started/activate-licenses-and-subscriptions",
        ConditionalRemediationSteps.OS_NXOS ->
          """1. Run the “show license usage” NX-OS command to display information about the current license usage and the expire date.
            |2. Run the “show license” NX-OS command to view the installed licenses.
            |3. Run the “show license usage XXX” NX-OS command e.g.” sh license usage ENHANCED_LAYER2_PKG” to display information about the activated features which utilize this license.
            |4. Consider activate the grace-period for the license.
            |5. Order new license from the CISCO.
            |6. For more information please review: <a target="_blank" href="https://www.cisco.com/c/m/en_us/techdoc/dc/reference/cli/nxos/commands/fund/show-license-usage.html">Cisco Guide</a> """.stripMargin,
        ConditionalRemediationSteps.VENDOR_FORTINET ->
          """
            |1. Login via ssh to the Fortinet firewall and execute the FortiOS “get system fortiguard-service status” and “diag autoupdate versions” commands to list current update package versions and license expiry status.
            |2. Login via https to the Fortinet firewall and go to the menu System > Dashboard > Status to locate the License Information widget. All subscribed services should have a green checkmark, indicating that connections are successful. A gray X indicates that the FortiGate unit cannot connect to the FortiGuard network, or that the FortiGate unit is not registered. A red X indicates that the FortiGate unit was able to connect but that a subscription has expired or has not been activated.
            |3. Login via https to the Fortinet firewall to view the FortiGuard connection status by going to System > Config > FortiGuard menu.
            |4. Purchase additional licenses if are needed.
            |5. Consider enabling the issue email setting to the Fortinet firewall in order to receive a issue email prior to FortiGuard license expiration (notification date range: 1 - 100 days). The current issue email status can be provided with the next command: “get alertemail setting”. More details can be found in the next link: https://docs.fortinet.com/uploaded/files/2798/fortigate-cli-ref-54.pdf
            |6. For more information about licensing review  the next  online article “Setting up FortiGuard services” : http://cookbook.fortinet.com/setting-fortiguard-services-54/
            |7. Contact Fortinet Technical support at https://support.fortinet.com/ for further assistance.""".stripMargin,
        ConditionalRemediationSteps.VENDOR_JUNIPER ->
          """|1. Run the “show system license usage” command to view installed licenses.
             |2. Check the current license usage and the expiry date for each license.
             |3. Review the following article on Juniper tech support site: <a target="_blank" href="https://www.juniper.net/documentation/en_US/junos/topics/task/verification/junos-licenses-verifying.html">Verifying Junos OS License Installation (CLI)</a>""".stripMargin
      )
    )
  }
}