Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Danny
Champion Champion
Champion

Gaia HealthCheck Script v4.13 released

Check Point just released v4.13 of it's Gaia HealthCheck Script.

Whats new:

  • improved VS handling
  • improved user interface (show help info, script version & build number)
  • new: flag parsing
  • new outputs (aggressive aging status, warnings)
  • new error checks (fw ctl pstat, fwaccel, NAT, connections table, fragmented packets, RX missed & drop checks)
  • improved script code (/dev/null pipes, temp file removal, fwaccel dependencies)
  • better script code documentation

Download

PackageLinkDate 
healthcheck.sh script v4.132 July 2018
3 Replies
G_W_Albrecht
Legend
Legend

I just have tried it on R80.20 EA, but i see two strange errors:

1.

# Misc. Messages Checks:
#########################
"Global param: operation failed: Unknown parameter" message detected:
Defined kernel parameters or their values are not valid.
For more information, refer to sk87006.

sk87006 refers to $FWDIR/boot/modules/fwkern.conf and $FWDIR/boot/modules/vpnkern.conf that both do not exist on this GW, so it could not be a kernel Parameter set wrongly; but in /var/log/messages i find details:

Jul  3 08:44:28 2018 GW_80 kernel: [fw4_0];Global param: operation failed: Unknown parameter (param name curr_expension_dev_id)
Jul  3 08:44:28 2018 GW_80 kernel: [fw4_0];Global param: operation failed: Unknown parameter (param name cphwd_expension_slot_num)
Jul  3 08:44:28 2018 GW_80 kernel: [fw4_0];Global param: operation failed: Unknown parameter (param name cphwd_curr_expension_card_type)

2.

# SecureXL Checks:
##########################
SecureXL Information:
Unable to determine accelerator status.
        Please run "fwaccel stat" for further details.

So i do:


[Expert@GW_80.10:0]# fwaccel stat
+-----------------------------------------------------------------------------+
|Id|Name |Status     |Interfaces               |Features                      |
+-----------------------------------------------------------------------------+
|0 |SND  |enabled    |eth0,eth1                |Acceleration,Cryptography     |
|  |     |           |                         |Crypto: Tunnel,UDPEncap,MD5,  |
|  |     |           |                         |SHA1,NULL,3DES,DES,CAST,      |
|  |     |           |                         |CAST-40,AES-128,AES-256,ESP,  |
|  |     |           |                         |LinkSelection,DynamicVPN,     |
|  |     |           |                         |NatTraversal,AES-XCBC,SHA256  |
+-----------------------------------------------------------------------------+

Accept Templates : enabled
Drop Templates   : enabled
NAT Templates    : enabled

CCSE CCTE CCSM SMB Specialist
0 Kudos
JozkoMrkvicka
Mentor
Mentor

What performance says about it ? I run early versions on some very (like VERY) utilized active cluster member and script was not able to handle some of checks. Wouldnt it be benefit to add something like delay between each checks ? for example:

./script.sh 10

means each check will be performed after 10 seconds of doing nothing.

Kind regards,
Jozko Mrkvicka
0 Kudos
JozkoMrkvicka
Mentor
Mentor

Gaia HealthCheck Script v 5.0 is out with support of R80 API calls to remotely execute a health check on a specified Gateway.

I am surprised that there is still no check for RAID status and PSU status ?!

Why there is no thread about this topic ? I am sure that Check Point users have many suggestions how to improve this briliant tool... just an idea...

Kind regards,
Jozko Mrkvicka
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events