SNMP location information does not match across cluster members-checkpoint-gaia,ipso

SNMP location information does not match across cluster members-checkpoint-gaia,ipso
0

SNMP location information does not match across cluster members-checkpoint-gaia,ipso

Vendor: checkpoint

OS: gaia,ipso

Description:
Indeni will identify when two devices are part of a cluster and alert if the SNMP settings do not match.

Remediation Steps:
Ensure all of the SNMP settings are configured correctly on all cluster members.

How does this work?
Parse the GAiA configuration database in /config/active and retrieve the current configuration for SNMP.

Why is this important?
The SNMP location is important, since it gives the administrator a fast and easy way to determine where it is located.

Without Indeni how would you find this?
An administrator could login and manually run the command.

chkp-clish-show_snmp_agent

name: chkp-clish-show_snmp_agent
description: Show all SNMP settings
type: monitoring
monitoring_interval: 60 minutes
requires:
    vendor: checkpoint
    or:
    -   os.name: gaia
    -   os.name: ipso
comments:
    snmp-enabled:
        skip-documentation: true
    snmp-version:
        skip-documentation: true
    snmp-contact:
        why: |
            If the wrong contact is specified in the SNMP settings, the network monitoring team might contact the wrong person or team when there is an issue.
        how: |
            Parse the GAiA configuration database in /config/active and retrieve the current configuration for SNMP.
        without-indeni: |
            An administrator could login and manually run the command.
        can-with-snmp: false
        can-with-syslog: false
        vendor-provided-management: |
            Listing SNMP information is only available from the command line interface and WebUI.
    snmp-location:
        why: |
            The SNMP location is important, since it gives the administrator a fast and easy way to determine where it is located.
        how: |
            Parse the GAiA configuration database in /config/active and retrieve the current configuration for SNMP.
        without-indeni: |
            An administrator could login and manually run the command.
        can-with-snmp: false
        can-with-syslog: false
        vendor-provided-management: |
            Listing SNMP information is only available from the command line interface and WebUI.
    snmp-communities:
        why: |
            If the default SNMP communities are configured, like "public" or "private" it could allow unauthorized clients to poll the device.
        how: |
            Parse the GAiA configuration database in /config/active and retrieve the current configuration for SNMP.
        without-indeni: |
            An administrator could login and manually run the command.
        can-with-snmp: false
        can-with-syslog: false
        vendor-provided-management: |
            Listing SNMP information is only available from the command line interface and WebUI.
    snmp-traps-status:
        why: |
            SNMP configuration should be the same across cluster members. indeni retrieves SNMP configuration to compare between them.
        how: |
            Parse the GAiA configuration database in /config/active and retrieve the current configuration for SNMP.
        without-indeni: |
            An administrator could login and manually run the command.
        can-with-snmp: false
        can-with-syslog: false
        vendor-provided-management: |
            Listing SNMP information is only available from the command line interface and WebUI.
    snmp-traps-receiver:
        why: |
            SNMP configuration should be the same across cluster members. indeni retrieves SNMP configuration to compare between them.
        how: |
            Parse the GAiA configuration database in /config/active and retrieve the current configuration for SNMP.
        without-indeni: |
            An administrator could login and manually run the command.
        can-with-snmp: false
        can-with-syslog: false
        vendor-provided-management: |
            Listing SNMP information is only available from the command line interface and WebUI.
    snmp-users:
        why: |
            SNMP configuration should be the same across cluster members. indeni retrieves SNMP configuration to compare between them.
        how: |
            Parse the GAiA configuration database in /config/active and retrieve the current configuration for SNMP.
        without-indeni: |
            An administrator could login and manually run the command.
        can-with-snmp: false
        can-with-syslog: false
        vendor-provided-management: |
            Listing SNMP information is only available from the command line interface and WebUI.
    unencrypted-snmp-configured:
        why: |
            If SNMP is not using version 3 only, this means that SNMP communication is not encrypted.
        how: |
            Parse the GAiA configuration database in /config/active and retrieve the current configuration for SNMP.
        without-indeni: |
            An administrator could login and manually run the command.
        can-with-snmp: false
        can-with-syslog: false
        vendor-provided-management: Listing SNMP information is only available from
            the command line interface and WebUI.
steps:
-   run:
        type: SSH
        command: ${nice-path} -n 15 grep "snmp" /config/active
    parse:
        type: AWK
        file: show-snmp-agent.parser.1.awk

cross_vendor_snmp_location_comparison

// Deprecation warning : Scala template-based rules are deprecated. Please use YAML format rules instead.

package com.indeni.server.rules.library.templatebased.crossvendor

import com.indeni.server.rules.RuleContext
import com.indeni.server.rules.library.templates.SnapshotComparisonTemplateRule
import com.indeni.server.rules.RemediationStepCondition

/**
  *
  */
case class cross_vendor_snmp_location_comparison() extends SnapshotComparisonTemplateRule(
  ruleName = "cross_vendor_snmp_location_comparison",
  ruleFriendlyName = "Clustered Devices: SNMP location information does not match across cluster members",
  ruleDescription = "Indeni will identify when two devices are part of a cluster and alert if the SNMP settings do not match.",
  metricName = "snmp-location",
  isArray = false,
  alertDescription = "Devices that are part of a cluster should have the same SNMP configuration. Review the differences below.",
  baseRemediationText = "Ensure all of the SNMP settings are configured correctly on all cluster members.")(
  RemediationStepCondition.VENDOR_CISCO ->
    """|
      |1. Check with the "show snmp" NX-OS command that SNMP location is the same across the vPC peers.
      |2. Run the "snmp location" command to set the snmp location.
      |3. For more information please review the next configuration guide:
      |https://www.cisco.com/c/en/us/td/docs/switches/datacenter/sw/5_x/nx-os/system_management/configuration/guide/sm_nx_os_cg/sm_9snmp.html
    """.stripMargin
)