Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
MarcuzShinz
Contributor
Contributor

How to configure Skyline Monitor for Security Group in Maestro

Hi Team,

Have a nice day!

We are currently configuring Skyline for Security Group, however only MHO can push logs to Prometheus and Security Group cannot, does anyone have experience with this?

0 Kudos
10 Replies
PhoneBoy
Admin
Admin

From what I can tell, this is supported, but requires configuring each node in the security group.
Is that correct @Elad_Chomsky ?

0 Kudos
Elad_Chomsky
Employee
Employee

Hi,

As part of the latest Skyline version the correct behavior is to use the sklnctl command per member or use g_all and g_cp2blades to run it in parallel on all of the SGM's. 

0 Kudos
Tom_Kendrick
Employee
Employee

Hi,

You need to do the same on the security group - so follow https://support.checkpoint.com/results/sk/sk178566, as I'm sure you are to ensure the server is ready, the Dashboards are ready and the correct Jumbo is installed if needed.  Then check https://sc1.checkpoint.com/documents/Appliances/Skyline/Content/Topics-AG/Configuration-on-Servers-G.... (as an example).

In short, as mentioned, configuring on the MHO(s), sends info back from the MHO(s), you also need to configure on the Security Group too. Arguably, it's more important/beneficial to see the info from the group.

Tom

0 Kudos
MarcuzShinz
Contributor
Contributor

Dear Tom,

We have configured according to the guide on all devices including MHO and SGMs, however only MHO can display data on Grafana. All SGMs only display information as below.

z6014578785062_c266fd3ea181e0b5be2ca46c8ef64d46.jpg 

We tried reboot All SGMs, but this not resolve the issue.

0 Kudos
Tom_Kendrick
Employee
Employee

Check you have the correct date/time/timezone on the group, and, check in the SP view. I would also set a 5 minute view, and ensure you are looking at the correct VS if necessary.  You will see a better summary of the Maestro system in that view with per member views below it.  There is also a log (tail -f /opt/CPotelcol/otelcol.log) to confirm data is being sent (system is connected).

 
 

 

0 Kudos
MarcuzShinz
Contributor
Contributor

Configured the same all device, tried reboot, restart service, but SGMs not send data to Skyline. Has anyone had problems with this issue?

0 Kudos
Elad_Chomsky
Employee
Employee

Hi @MarcuzShinz ,

Please open a support ticket to CheckPoint, so we can assist you directly to troubleshoot the issue. 

0 Kudos
LaurentFr
Participant

I had the problem with vsx: I needed to specify a specific vs/context to see the info. What is surprising is that I need to do this specification for only one of the blades in the group

0 Kudos
Sven_Glock
Advisor

Your security group is sending some data. Otherwise you would not see it in grafana. If there is no data within the selected timeframe the device disapears from grafanas hostname selector.
Moreover you can see an uptime, which means, that minimum the system uptime is beeing reported.

To better understand your problem it could be helpful to check the "explorer" in grafana using the syntax 

{host_name="SecGroup-ch1-03"}
0 Kudos
MarcuzShinz
Contributor
Contributor

As you see the picture above, I have connect security group to Skyline about 2 weeks, but data show as picture. We're not sure how Grafana will get the data field to display correctly.

0 Kudos