Network port(s) running in low speed-checkpoint-gaia

Network port(s) running in low speed-checkpoint-gaia
0

Network port(s) running in low speed-checkpoint-gaia

Vendor: checkpoint

OS: gaia

Description:
Indeni will alert one or more network ports is running in a speed lower than 1000Mbps.

Remediation Steps:
Many times ports are in a low speed due to an autonegotation error or a misconfiguration.

chkp-gaia-clish_show_interfaces_all-vsx

name: chkp-gaia-clish_show_interfaces_all-vsx
description: Run "show interfaces all" over clish in VSX
type: monitoring
monitoring_interval: 5 minute
requires:
    vendor: checkpoint
    os.name: gaia
    vsx: 'true'
    role-firewall: 'true'
comments:
    network-interface-state:
        why: |
            To check the network interface  state for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-admin-state:
        why: |
           To check the interface admin state for all the interfaces on the system
        how: |
           By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-speed:
        why: |
            To check the  network interface  speed for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-duplex:
        why: |
            To check the network interface duplex state for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-ipv4-address:
        why: |
            To check the network interface ipv4 address for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-ipv4-subnet:
        why: |
            To check the network interface ipv4 subnet for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false
    network-interface-type:
        why: |
            To check the network interface state for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-mtu:
        why: |
            To check the network interface MTU for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-mac:
        why: |
            To check the network interface mac for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-description:
        why: |
            To check the network interface description for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-tx-bits:
        why: |
            To check the network interface transmitted bits for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-rx-bits:
        why: |
            To check the network interface recieved bits for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-tx-packets:
        why: |
             To check the network interface transmitted packets for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-rx-packets:
        why: |
            To check the network interface recieved packets for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-tx-errors:
        why: |
            To check the network interface "tx-errors" for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-rx-dropped:
        why: |
            To check the network interface "rx-dropped" packets for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-tx-overruns:
        why: |
            To check the network interface "tx-overruns" for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-rx-overruns:
        why: |
            To check the network interface "rx-overrruns" for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-tx-carrier:

        why: |
            To check the network interface "tx-carrier" for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-rx-frame:
        why: |
            To check the network interface "rx-frame"  for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interfaces:
        why: |
            To list all the network interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-admin-state-logical:
        why: |
            To check the interface network state for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-state-logical:
        why: |
            To check the network interface logical state for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false

    network-interface-:
        why: |
            To check the network interface names for all the interfaces on the system
        how: |
            By parsing the information recived from commands "ifconfig -a", "ethtool" as well as Check point clish
            command "show interfaces all"
        can-with-snmp: false
        can-with-syslog: false
steps:
   -  run:
          type: SSH
          file: show-interfaces-all-vsx.remote.1.bash
      parse:
          type: AWK
          file: show-interfaces-all-vsx.parser.1.awk

cross_vendor_network_port_speed_low

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.crossvendor

import com.indeni.ruleengine.expressions.Expression
import com.indeni.ruleengine.expressions.conditions.{Equals => RuleEquals, Or => RuleOr}
import com.indeni.ruleengine.expressions.data.SnapshotExpression
import com.indeni.server.rules.library.RuleHelper.networkInterfaceAdminState
import com.indeni.server.rules.{RemediationStepCondition, RuleCategory, RuleContext}
import com.indeni.server.rules.library.templates.SingleSnapshotValueCheckTemplateRule
import com.indeni.server.rules.library.RuleHelper

/**
  *
  */
case class cross_vendor_network_port_speed_low() extends SingleSnapshotValueCheckTemplateRule(
  ruleName = "cross_vendor_network_port_speed_low",
  ruleFriendlyName = "All Devices: Network port(s) running in low speed",
  ruleDescription = "Indeni will alert one or more network ports is running in a speed lower than 1000Mbps.",
  ruleCategories = Set(RuleCategory.HealthChecks),
  metricName = "network-interface-speed",
  applicableMetricTag = "name",
  alertAlternativeMetricTag = Some("alert-item-port-speed"),
  alertItemsHeader = "Ports Affected",
  alertDescription = "One or more ports are set to a speed lower than 1000Mbps. This is usually an error. Review the list of ports below.",
  baseRemediationText = "Many times ports are in a low speed due to an autonegotation error or a misconfiguration.",
  complexCondition = RuleOr(
    RuleEquals(SnapshotExpression("network-interface-speed").asSingle().mostRecent().value().noneable,
      RuleHelper.createComplexStringConstantExpression("10M")),
    RuleEquals(SnapshotExpression("network-interface-speed").asSingle().mostRecent().value().noneable,
      RuleHelper.createComplexStringConstantExpression("100M"))
  ),
  secondaryCondition = c => networkInterfaceAdminState(c.tsDao, expected = 1.0),
  alertItemHeadlineExpersion = new Expression[String] {
    val networkInterfaceSpeedExpersion = SnapshotExpression("network-interface-speed").asSingle().mostRecent()
    override def eval(time: Long): String = networkInterfaceSpeedExpersion.eval(time).value.getOrElse("value", "")
    override def args: Set[Expression[_]] = Set(networkInterfaceSpeedExpersion)
  },
  headlineFormat = "%s set has a %s"
)(
  RemediationStepCondition.VENDOR_CISCO ->
    """|
       |1. Use the "show interface" NX-OS command to display speed and duplex settings of an interface.
       |2. Use the "show interface status" and "show interface capabilities" NX-OS commands to gather more information about ports.
       |3. You can disable link negotiation using the "no negotiate auto" command. Use the "negotiate auto" command to enable auto negotiation on 1-Gigabit ports when the connected peer does not support auto negotiation. By default, auto-negotiation is enabled on 1-Gigabit ports and disabled on 10-Gigabit ports.
       |4. Cisco does not recommend to enable auto negotiation on 10-Gigabit ports. Enabling auto-negotiation on 10-Gigabit ports brings the link down. By default, link negotiation is disabled on 10-Gigabit ports.
       |NOTE: A shut and no shut to the interface may be required after the aforementioned configuration change.""".stripMargin
)