Routes defined in clish/webUI are missing-checkpoint-all

Routes defined in clish/webUI are missing-checkpoint-all
0

Routes defined in clish/webUI are missing-checkpoint-all

Vendor: checkpoint

OS: all

Description:
Sometimes the routes that are defined in the Check Point Web UI or through clish may not be fully applied to the operating system layer. If this happens, Indeni will alert.

Remediation Steps:
A workaround to get it to work can be to restart the routeD daemon by running “cpstop;cpstart” or restarting the device. However since this should not happen a case can also be opened with your technical support provider. In the case of devices in a cluster it is possible that the issue happens only for one of the nodes and a failover to the other node could lessen the impact of the issue.

chkp-asg-route-novsx

name: chkp-asg-route-novsx
description: Retrieve routing data
type: monitoring
monitoring_interval: 5 minute
requires:
    vendor: checkpoint
    asg: true
    vsx:
        neq: true
comments:
    static-routing-table:
        why: |
            To get the static routing table for the blades
        how: |
            By running the Checkpoint Command "asg_route" and geting the Static configured routes.
        can-with-snmp: false
        can-with-syslog: false

    connected-networks-table:
        swhy: |
            To get the directly connected routing table for the blades
        how: |
            By running the Checkpoint Command "asg_route" and geting the directly configured routes.
        can-with-snmp: false
        can-with-syslog: false

    routes-missing-kernel:
        why: |
            To get the missing routes between the database and the operating system  blades
        how: |
            By running the Checkpoint Command "asg_route --comp_os_db" and geting the diffrence in the routes if any
        can-with-snmp: false
        can-with-syslog: false
steps:
-   run:
        type: SSH
        command: ${nice-path} -n 15 asg_route && ${nice-path} -n 15 asg_route --compare-os-db
    parse:
        type: AWK
        file: asg-route-novsx.parser.1.awk

chkp_firewall_routes_missing_vsx

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.checkpoint

import com.indeni.ruleengine.expressions.conditions.{Equals, Not}
import com.indeni.ruleengine.expressions.data.SnapshotExpression
import com.indeni.server.rules.{RuleCategory, RuleContext}
import com.indeni.server.common.data.conditions.{Equals => DataEquals}
import com.indeni.server.rules.library.RuleHelper
import com.indeni.server.rules.library.templates.MultiSnapshotValueCheckTemplateRule

case class chkp_firewall_routes_missing_vsx() extends MultiSnapshotValueCheckTemplateRule(
  ruleName = "chkp_firewall_routes_missing_vsx",
  ruleFriendlyName = "Check Point Firewalls (VSX): Routes defined in clish/webUI are missing",
  ruleDescription = "Sometimes the routes that are defined in the Check Point Web UI or through clish may not be fully applied to the operating system layer. If this happens, Indeni will alert.",
  metricName = "routes-missing-kernel",
  applicableMetricTag = "vs.name",
  alertItemsHeader = "Routes missing",
  alertDescription = "The configured routes have not been correctly applied to the Gaia OS. This means that some of the routes configured do not currently work.",
  baseRemediationText = "A workaround to get it to work can be to restart the routeD daemon by running \"cpstop;cpstart\" or restarting the device. However since this should not happen a case can also be opened with your technical support provider. In the case of devices in a cluster it is possible that the issue happens only for one of the nodes and a failover to the other node could lessen the impact of the issue.",
  complexCondition = Not(Equals(RuleHelper.createEmptyComplexArrayConstantExpression(), SnapshotExpression("routes-missing-kernel").asMulti().mostRecent().value().noneable)),
  ruleCategories = Set(RuleCategory.OrganizationStandards)
)()