This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Blason_R
MVP Gold
MVP Gold
a week ago
Jump to solution

Identifying failed ISP in case of ISP redundancy

So, I always had this issue where customer is having a multiple ISP under their ISP redundancy but checkpoint does not have actual way to monitor ro alert if any of the ISP fails. Hence I quickly wrote a bash script and then created a custom SNMP OID whch I am monitoring and flags if any ISP fails

output=$(cpstat fw | grep -E 'Load|Active|Backup' | tr "|" " " | awk '{print $1" "$2}')
status=0
while read -r line; do
    link=$(echo "$line" | awk '{print $1}')   # Extract the link name
    status_val=$(echo "$line" | awk '{print $2}') # Extract the status

    if [[ "$status_val" != "OK" ]]; then
        echo "Down $link"
        status=1
    fi
done <<< "$output"
exit $status

 

Create a directory on firewall

# mkdir /var/log/snmpmon_script

 

Store files in those directory

Edit /etc/snmp/userDefinedSettings.conf And add below lines as appropriate 

extend .1.2.3.4.5.6.7.8.13 process_monitor /bin/sh /var/log/snmpmon_script/linkMon.sh

 

change the permission

chmod +x /var/log/snmpmon_script/linkMon.sh

 

Then restart snmp service

set snmp agent off
set snmp agent on
save config

 

 

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
(1)
1 Solution

Accepted Solutions
the_rock
MVP Gold
MVP Gold
Friday
In response to Thomas_Eichelbu
Jump to solution

Will see if I can test this properly in the lab.

Andy

View solution in original post

0 Kudos
5 Replies
the_rock
MVP Gold
MVP Gold
a week ago
Jump to solution

Amazing!

0 Kudos
Thomas_Eichelbu
Advisor
Advisor
a week ago
In response to the_rock
Jump to solution

Wow cool stuff, 
yes right, with onboard monitoring tools its pretty though to get any visibility what ISP is really doing ...
recently i started to phase our ISP redundancy setups since many customer reported "Internet slowness" what ever it means. 
but ISP redundancy sends all traffic F2F in SXL which is really not perfect ...


0 Kudos
the_rock
MVP Gold
MVP Gold
Friday
In response to Thomas_Eichelbu
Jump to solution

Will see if I can test this properly in the lab.

Andy

0 Kudos
Blason_R
MVP Gold
MVP Gold
Friday
In response to the_rock
Jump to solution

200% This will work since I have 30 clusters are now being managed and monitored smoothly for any link failure 😉

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
the_rock
MVP Gold
MVP Gold
Friday
In response to Blason_R
Jump to solution

I like the level of sureness, if thats even a word 🙂

Best,

Andy

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events