OS/Software version does not match requirement-checkpoint-all

OS/Software version does not match requirement-checkpoint-all
0

OS/Software version does not match requirement-checkpoint-all

Vendor: checkpoint

OS: all

Description:
Indeni can verify that the OS/software version installed is a specific one.

Remediation Steps:
Install the OS/software version required.

chkp-cpstat-os-monitoring

name: chkp-cpstat-os-monitoring
description: Get information from cpstat os
type: monitoring
monitoring_interval: 50 minute
requires:
    vendor: checkpoint
    asg:
        neq: 'true'
comments:
    model:
        skip-documentation: true
    os-name:
        skip-documentation: true
    vendor:
        skip-documentation: true
    os-version:
        skip-documentation: true
    serial-numbers:
        skip-documentation: true
    chkp-os-build:
        skip-documentation: true
    chkp-os-kernel:
        skip-documentation: true
    chkp-os-bit:
        skip-documentation: true
steps:
-   run:
        type: SSH
        command: ${nice-path} -n 15 cpstat os; ${nice-path} -n 15 clish -c "show version
            all"
    parse:
        type: AWK
        file: os-monitoring.parser.1.awk

crossvendor_compliance_check_os_version

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.crossvendor.compliance

import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.templates.SingleSnapshotComplianceCheckTemplateRule
import com.indeni.server.sensor.models.managementprocess.alerts.dto.AlertSeverity
import com.indeni.server.rules.RemediationStepCondition

case class crossvendor_compliance_check_os_version() extends SingleSnapshotComplianceCheckTemplateRule(
  ruleName = "crossvendor_compliance_check_os_version",
  ruleFriendlyName = "Compliance Check: OS/Software version does not match requirement",
  ruleDescription = "Indeni can verify that the OS/software version installed is a specific one.",
  severity = AlertSeverity.WARN,
  metricName = "os-version",
  baseRemediationText = "Install the OS/software version required.",
  parameterName = "OS/Software Version",
  parameterDescription = "The OS/software version to compare against.",
  expectedValue = "")(
  RemediationStepCondition.VENDOR_CISCO ->
    """|
      |1. Check that the vPC peers have the same NX-OS version except during the non-disruptive upgrade, that is, In-Service Software Upgrade (ISSU).
      |2. Execute the "show version" NX-OS command and check the installed NX-OS version across the vPC peer switches.
      |3. Schedule a Maintenance Window for NX-OS upgrade in order the vPC peer switches have exact the same NX-OS version.
      |4. You can follow the next NX-OS upgrade guides for Nexus 9k, 7k, 5k and 3k series:
      |
      |https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/6-x/upgrade/guide/b_Cisco_Nexus_9000_Series_NX-OS_Software_Upgrade_and_Downgrade_Guide_Release_6x/b_Cisco_Nexus_9000_Series_NX-OS_Software_Upgrade_and_Downgrade_Guide_Release_6x_chapter_01.html
      |https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/6_x/nx-os/upgrade/guide/b_Cisco_Nexus_7000_Series_NX-OS_Software_Upgrade_and_Downgrade_Guide_Release_6-x.html
      |https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/upgrade/503_N1_1/n5k_upgrade_downgrade_503.html
      |https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/upgrade/6_x/Cisco_n3k_Upgrade_Downgrade_6x.html
    """.stripMargin
)