This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Alexander_Wilke
Advisor
‎2024-09-22 12:23 PM

Skyline -Delete existing configuration completely and start with fresh paylod.json import?

Hello,

I am using skyline since a longer period with different version upgrades included. Some environments started with older versions than others. Sometimes we had issues/bugs with importing the config.

It looks like my environment is not having the same consistent config and I would like to delete all existing configuration files and start with a fresh default config.

 

How can I delete the config for

CPviewExporter

OtlpAgent

CPotelcol

or at least for CPotelcol which contains the prometheus exporter configs.

 

PS:
Is this configuration needed for Maestro / 64l environments to send traffic from the standby chassis OR is this SK only for non scalable/non-maestro environments?


https://support.checkpoint.com/results/sk/sk182222

Grafana dashboard does not report metrics for the standby cluster member

0 Kudos
8 Replies
Elad_Chomsky
Employee
Employee
‎2024-09-23 08:35 AM

Hi @Alexander_Wilke , 

This steps might help you:

1) Run /opt/CPotelcol/CPotelcolCli.sh stop

2) Run /opt/CPviewExporter/CPviewExporterCli.sh stop

3) Run /opt/CPotlpAgent/CPotlpagentCli.sh stop
3) Run /opt/CPotelcol/CPotelcolCli.sh set_dynamic_config "$(cat /opt/CPotelcol/config.json)"

4) Run the configuration again

to reset the system we usually recommend this method. In most cases the relevant configuration to delete is CPotelcol, the rest are changing more rarely. 

0 Kudos
Alexander_Wilke
Advisor
‎2024-09-24 12:56 PM
In response to Elad_Chomsky

Hello,

the "delete" is not working:

 

[Expert@xxx-ch01-01:dplane]# /opt/CPotelcol/CPotelcolCli.sh "$(cat /opt/CPotelcol/config.json)"
/opt/CPotelcol/CPotelcolCli.sh help - show this message and exit
/opt/CPotelcol/CPotelcolCli.sh start - Start the monitoring components
/opt/CPotelcol/CPotelcolCli.sh stop - Stop the monitoring components
/opt/CPotelcol/CPotelcolCli.sh show - Show the monitoring components status in json format
/opt/CPotelcol/CPotelcolCli.sh is_running - Show if the monitoring components is running
/opt/CPotelcol/CPotelcolCli.sh is_active - Show if the monitoring components is active
/opt/CPotelcol/CPotelcolCli.sh set_dynamic_config <yaml> - Set the otcol dynamic configuration using a custom yaml ( See OT collector config format), if yaml empty config is deleted.
/opt/CPotelcol/CPotelcolCli.sh reconfigure - Reconfigure the monitoring components
Invalid Arguments
[Expert@xxx-ch01-01:dplane]#

 

 

This command is not working, too:

/opt/CPotelcol/CPotelcolCli.sh set_dynamic_config empty.yml

If I reconfigure the cpotelcol, then the old config is there again with several times the same certificate.

0 Kudos
Elad_Chomsky
Employee
Employee
‎2024-09-25 01:12 AM
In response to Alexander_Wilke

Apology, I fixed the command - Notice to use the baseline template. it expects a JSON. 

Alexander_Wilke
Advisor
‎2024-09-25 05:06 AM
In response to Elad_Chomsky

Hello @Elad_Chomsky 

it did not fully delete the configuration.

1_01:
{"enabled":false,"export-targets":[]}

 

Further with "g_all" or "gexec -b all -c '' " because it looks like in the latest skyline versions the configuration is individual per SGM and works on standby chassis, too.

 

However, after I ran your steps, stoped the services on all SGMs and "set_Dynamic_config" and after that recomnfigured with my payload.json I still see all the many many certificates in the "sklnctl --show_open_telemetry" command.

 

Looks like the config was not deleted or not everywhere.

0 Kudos
Alex-
Leader Leader
Leader
‎2024-09-25 05:06 AM
In response to Elad_Chomsky

Hi Elad,

 

Thanks, it fixed an issue we had with a cluster member which stopped sending metrics and was also upgraded through multiple versions before the current version of the daemon.

I don't know if it is required but I had to additionally do a cps top;cpstart on the member to have the stats flowing in again.

0 Kudos
Alexander_Wilke
Advisor
‎2024-09-25 05:23 AM
In response to Alex-

Hey Alex,
I get metrics however the sp_security_group_id is wrong. It has the id "0" which seems to be wrong because it has at least 1 SG.
So it looks like not all config is reverted/resetted which was what I was looking for.

0 Kudos
Elad_Chomsky
Employee
Employee
‎2024-09-26 12:40 AM
In response to Alexander_Wilke

Hi @Alexander_Wilke ,

Please contact me in private at eladch@checkpoint.com.

I will try to assist you on this issue. 

0 Kudos
Elad_Chomsky
Employee
Employee
‎2024-09-26 12:42 AM
In response to Alex-

Hi @Alex- ,

Sounds like a deeper problem, I suggest to open a ticket to the official channels on CheckPoint, so we can extract debugs and directly assist you to understand what has happened. 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events
    Top