- Products
- Learn
- Local User Groups
- Partners
- More
Check Point Jump-Start Online Training
Now Available on CheckMates for Beginners!
Why do Hackers Love IoT Devices so Much?
Join our TechTalk on Aug 17, at 5PM CET | 11AM EST
Welcome to Maestro Masters!
Talk to Masters, Engage with Masters, Be a Maestro Master!
ZTNA Buyer’s Guide
Zero Trust essentials for your most valuable assets
The SMB Cyber Master
Boost your knowledge on Quantum Spark SMB gateways!
As YOU DESERVE THE BEST SECURITY
Upgrade to our latest GA Jumbo
CheckFlix!
All Videos In One Space
Hi Guys,
Last week, one of our customers presented an overflow in his table mac "Neighbor table overflow".
Tue 22 12:06:10 2019 GW1 last message repeated 9 times
Mar 22 12:06:15 2019 GW1 kernel: printk: 36 messages suppressed.
Mar 22 12:06:15 2019 GW1 kernel: Neighbor table overflow.
Mar 22 12:06:20 2019 GW1 kernel: printk: 121 messages suppressed.
Mar 22 12:06:20 2019 GW1 kernel: Neighbor table overflow.
Mar 22 12:06:25 2019 GW1 kernel: printk: 109 messages suppressed.
Mar 22 12:06:25 2019 GW1 kernel: Neighbor table overflow.
I would like to know if someone has had the experience of monitoring this ARP table in VSX with snmp.
In other forums I found the following script:
#!/bin/bash
. /etc/profile.d/vsenv.sh
vsenv 1 > /dev/null
ARP1=`arp -n -a | wc -l`
vsenv 2 > /dev/null
ARP2=`arp -n -a | wc -l`
vsenv 5 > /dev/null
ARP3=`arp -n -a | wc -l`
ARPTOTAL=`expr $ARP1 + $ARP2 + $ARP3`
echo "$ARP1"
echo "$ARP2"
echo "$ARP3"
echo "$ARPTOTAL"
[Expert@vsx1:0]# /home/admin/SCRIPTS/arptable.sh
471
1
12
484
Develop an script to be used as a Nagios plugin.
HOST=$1
WARNING=$2
CRITICAL=$3
ping -c 1 $HOST &> /dev/null
if [ $? -ne 0 ]
then
echo "UNKNOWN: No response from $HOST"
exit 3
fi
RESULT=`ssh -l admin $HOST "/home/admin/SCRIPTS/arptable.sh" 2> /dev/null`
ARP1=`echo $RESULT | cut -d" " -f1`
ARP2=`echo $RESULT | cut -d" " -f2`
ARP3=`echo $RESULT | cut -d" " -f3`
ARPTOTAL=`echo $RESULT | cut -d" " -f4`
if [ $ARPTOTAL -gt $CRITICAL ]
then
echo "CRITICAL: $ARPTOTAL arp entries|total=$ARPTOTAL;ext=$ARP1;int=$ARP2;wifi=$ARP3;"
exit 2
elif [ $ARPTOTAL -gt $WARNING ]
then
echo "WARNING: $ARPTOTAL arp entries|total=$ARPTOTAL;ext=$ARP1;int=$ARP2;wifi=$ARP3;"
exit 1
else
echo "OK: $ARPTOTAL arp entries|total=$ARPTOTAL;ext=$ARP1;int=$ARP2;wifi=$ARP3;"
exit 0
fi
However, I would like to make a snmp query, which gives me the value.
If someone has experience in this, I would greatly appreciate it if you shared it.
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY