SecureXL configuration mismatch across cluster members-checkpoint-all

SecureXL configuration mismatch across cluster members-checkpoint-all

Vendor: checkpoint

OS: all

Description:
indeni will identify when two devices are part of a cluster and alert if the SecureXL settings are different for different VS’s.

Remediation Steps:
Compare the output of “fwaccel stat” across members of the cluster, make sure to run the command in the correct vsenv context.

chkp-fw-accel-stat-vsx

name: chkp-fw-accel-stat-vsx
description: Get securexl status information
type: monitoring
monitoring_interval: 5 minutes
requires:
    vendor: checkpoint
    role-firewall: 'true'
    vsx: 'true'
comments:
    securexl-status:
        why: |
            To check the status of the SecureXL mechanism. SecureXL not fucntioning can have adverse effect on perfromance
            of the gateway
        how: |
            By running the command "fwaccel stat" the status of secureXL can be retrived
        can-with-snmp: false
        can-with-syslog: false

    securexl-disabled-from-rule:
        why: |
            To check the status of the SecureXL mechanism and also check if the SecureXL not fucntioning from a
            specific rule.
        how: |
            By running the command "fwaccel stat" the status of secureXL can be retrived and can be checked from which Rule
            it is disabled.
        can-with-snmp: false
        can-with-syslog: false
steps:
-   run:
        type: SSH
        file: fwaccel-stat-vsx.remote.1.bash
    parse:
        type: AWK
        file: fwaccel-stat-vsx.parser.1.awk

checkpoint_compare_securexl_setting_vsx

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/checkpoint/checkpoint_compare_securexl_setting_vsx.scala