Management service down (Non-Virtual)-checkpoint-gaia

Management service down (Non-Virtual)-checkpoint-gaia

Management service down (Non-Virtual)-checkpoint-gaia

Vendor: checkpoint

OS: gaia

Alert if the management component is down on a device.

Remediation Steps:
This may be due to someone stopping the management component itself, a licensing or a performance issue.


name: chkp-cpmds-cpstat-mg
description: Shows status of all MDS in management server
type: monitoring
monitoring_interval: 5 minutes
    vendor: checkpoint gaia
    role-management: true
    vsx: true
    mds: true
        neq: true
        why: |
            To check the status of all CMA in management server
        how: |
            By running the Check point MDS command "MDSSTAT" and then the context of the CMA running the Check Point
            command "cpstat mg"
        can-with-snmp: false
        can-with-syslog: false
-   run:
        type: SSH
        file: cpstat-mg-mds.remote.1.bash
        type: AWK
        file: cpstat-mg-mds.parser.1.awk


// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.crossvendor

import com.indeni.ruleengine.expressions.conditions.{Contains, Equals => RuleEquals, Not => RuleNot, Or => RuleOr}
import com.indeni.ruleengine.utility.LastNNonEmptyValues
import{Equals => DataEquals, Not => DataNot}
import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.templates.StateDownTemplateRule
import com.indeni.server.rules.RemediationStepCondition

case class cross_vendor_mgmt_component_down_novsx() extends StateDownTemplateRule(
  ruleName = "cross_vendor_mgmt_component_down_novsx",
  ruleFriendlyName = "Management Devices: Management service down (Non-Virtual)",
  ruleDescription = "Alert if the management component is down on a device.",
  metricName = "mgmt-status",
  historyLength = 3,
  generateStateDownCondition = (historyLength, tsToTestAgainst, stateToLookFor) =>
    Contains(LastNNonEmptyValues(tsToTestAgainst, historyLength), stateToLookFor),
  stateDescriptionComplexMetricName = "mgmt-status-description",
  alertDescription = "The management component on this device is down.",
  metaCondition = !DataEquals("vsx", "true"),
  baseRemediationText = "This may be due to someone stopping the management component itself, a licensing or a performance issue.")(
  RemediationStepCondition.VENDOR_CP -> "The management service is handled by the \"fwm\" process. Run \"cpstat mg\" for more details. Review the licenses installed on the device, as well as whether or not anyone has run cpstop recently."