PBR rules mismatch across cluster members-checkpoint-gaia
Vendor: checkpoint
OS: gaia
Description:
indeni will identify when two devices are part of a cluster and alert if the PBR rules settings are different.
Remediation Steps:
Compare the output of “show pbr rules” (under clish) across members of the cluster.
How does this work?
By parsing the gaia configuration database, /config/active, the PBR settings are retrieved. It can also be retrieved via clish, but that creates a lot of log entries in /var/log/messages.
Why is this important?
It is important that the routing is configured the same for all cluster members of the same cluster. Otherwise there can be downtime in the event of a failover.
Without Indeni how would you find this?
An administrator could login and manually run the command.
chkp-gaia-clish_show_pbr_rules
name: chkp-gaia-clish_show_pbr_rules
description: run "show pbr rules" over clish
type: monitoring
monitoring_interval: 60 minutes
requires:
vendor: checkpoint
os.name: gaia
comments:
pbr-rules:
why: |
It is important that the routing is configured the same for all cluster members of the same cluster. Otherwise there can be downtime in the event of a failover.
how: |
By parsing the gaia configuration database, /config/active, the PBR settings are retrieved. It can also be retrieved via clish, but that creates a lot of log entries in /var/log/messages.
can-with-snmp: false
can-with-syslog: false
steps:
- run:
type: SSH
command: ${nice-path} -n 15 grep "routed:instance:default:pbrrules:priority"
/config/active
parse:
type: AWK
file: show-pbr-rules.parser.1.awk
checkpoint_compare_pbr_rules
Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/checkpoint/checkpoint_compare_pbr_rules.scala