Required interface(s) down-checkpoint-all

Required interface(s) down-checkpoint-all
0

Required interface(s) down-checkpoint-all

Vendor: checkpoint

OS: all

Description:
iClusterXL requires a certain number of interfaces to be up for the member to be considered OK.

Remediation Steps:
Determine why the interfaces are down and resolve the issue.

cphaprob_a_if_novsx

name: cphaprob_a_if_novsx
description: run "cphaprob -a if" on non-vsx
type: monitoring
monitoring_interval: 1 minute
requires:
    vendor: checkpoint
    high-availability: 'true'
    vsx:
        neq: true
    clusterxl: 'true'
    role-firewall: true
comments:
    cphaprob-required-interfaces:
        why: |
            ClusterXL defines a certain number of interfaces which are required to be up for the cluster to be considered
            healthy. If there are less than these actually up, the cluster is not in a healthy state and traffic flow may be affected.
        how: |
            By using the Check Point built-in "cphaprob" command, the information is retrieved.
        can-with-snmp: false
        can-with-syslog: false

    cphaprob-required-secured-interfaces:
        why: |
            ClusterXL defines a certain number of secured (sync) interfaces which are required to be up for the cluster
            to be considered healthy. If there are less than these actually up, the cluster is not in a healthy state
            and traffic flow may be affected.
        how: |
            By using the Check Point built-in "cphaprob" command, the information is retrieved.
        can-with-snmp: false
        can-with-syslog: false

    cphaprob-up-interfaces:
        why: |
            To check the healthy state of the cluster interfaces important factor for Cluster stability and redundancy
        how: |
            By Checking the input of Check Point clusterXL command "cphaprob -a if"
        can-with-snmp: false
        can-with-syslog: false

    cluster-vip:
        why: |
            This is the list of cluster virtual IP addresses also called floating IP adddresses for the cluster interfaces.
        how: |
            By using the Check Point built-in "cphaprob" command, the information is retrieved.
        can-with-snmp: false
        can-with-syslog: false

    clusterxl-ccp-mode:
        why: |
            ClusterXL can operate in different modes, multicast or broadcast. All members of the same clusters should have the same setting to ensure redundancy works correctly.
        how: |
            By using the Check Point built-in "cphaprob" command, the information is retrieved.
        can-with-snmp: false
        can-with-syslog: false

    cphaprob-up-secured-interfaces:
        why: |
            To check the status of the "Sync" interface is up
        how: |
            By running the command "cphaprob -a if"
        can-with-snmp: false
        can-with-syslog: false
steps:
-   run:
        type: SSH
        command: ${nice-path} -n 15 cphaprob -a if
    parse:
        type: AWK
        file: cphaprob-a-if-novsx.parser.1.awk

cphaprob_a_if_novsx

name: cphaprob_a_if_novsx
description: run "cphaprob -a if" on non-vsx
type: monitoring
monitoring_interval: 1 minute
requires:
    vendor: checkpoint
    high-availability: 'true'
    vsx:
        neq: true
    clusterxl: 'true'
    role-firewall: true
comments:
    cphaprob-required-interfaces:
        why: |
            ClusterXL defines a certain number of interfaces which are required to be up for the cluster to be considered
            healthy. If there are less than these actually up, the cluster is not in a healthy state and traffic flow may be affected.
        how: |
            By using the Check Point built-in "cphaprob" command, the information is retrieved.
        can-with-snmp: false
        can-with-syslog: false

    cphaprob-required-secured-interfaces:
        why: |
            ClusterXL defines a certain number of secured (sync) interfaces which are required to be up for the cluster
            to be considered healthy. If there are less than these actually up, the cluster is not in a healthy state
            and traffic flow may be affected.
        how: |
            By using the Check Point built-in "cphaprob" command, the information is retrieved.
        can-with-snmp: false
        can-with-syslog: false

    cphaprob-up-interfaces:
        why: |
            To check the healthy state of the cluster interfaces important factor for Cluster stability and redundancy
        how: |
            By Checking the input of Check Point clusterXL command "cphaprob -a if"
        can-with-snmp: false
        can-with-syslog: false

    cluster-vip:
        why: |
            This is the list of cluster virtual IP addresses also called floating IP adddresses for the cluster interfaces.
        how: |
            By using the Check Point built-in "cphaprob" command, the information is retrieved.
        can-with-snmp: false
        can-with-syslog: false

    clusterxl-ccp-mode:
        why: |
            ClusterXL can operate in different modes, multicast or broadcast. All members of the same clusters should have the same setting to ensure redundancy works correctly.
        how: |
            By using the Check Point built-in "cphaprob" command, the information is retrieved.
        can-with-snmp: false
        can-with-syslog: false

    cphaprob-up-secured-interfaces:
        why: |
            To check the status of the "Sync" interface is up
        how: |
            By running the command "cphaprob -a if"
        can-with-snmp: false
        can-with-syslog: false
steps:
-   run:
        type: SSH
        command: ${nice-path} -n 15 cphaprob -a if
    parse:
        type: AWK
        file: cphaprob-a-if-novsx.parser.1.awk

clusterxl_insufficient_nics_novsx

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.checkpoint
import com.indeni.server.common.data.conditions.Equals
import com.indeni.server.rules.library.templates.NearingCapacityTemplateRule
import com.indeni.server.rules.ThresholdDirection

case class ClusterXLInsufficientNicsNoVsxRule()
  extends NearingCapacityTemplateRule(
    ruleName = "clusterxl_insufficient_nics_novsx",
    ruleFriendlyName = "Check Point ClusterXL (Non-VSX): Required interface(s) down",
    ruleDescription =
      "iClusterXL requires a certain number of interfaces to be up for the member to be considered OK.",
    usageMetricName = "cphaprob-up-interfaces",
    limitMetricName = "cphaprob-required-interfaces",
    threshold = 100.0,
    thresholdDirection = ThresholdDirection.BELOW,
    alertDescriptionFormat = "Only %.0f interfaces are up, while %.0f interfaces are required.",
    baseRemediationText = "Determine why the interfaces are down and resolve the issue.",
    metaCondition = !Equals("vsx", "true"))()