Good afternoon
For the grafana monitoring system, the Checkpoint 6400 device is sending data incorrectly,
setting up skyline according to instructions https://support.checkpoint.com/results/sk/sk178566
During the process, a number of problems arose with the checkpoint settings
1. Events are sent by default
2. sklnctl otelcol metrics --add <metric-id 1> does not work
3. in the logs /otlp_cpview.log the error "rpc error" appears
tried restarting /opt/CPviewExporter/stop|start same error repeated
/opt/CPviewExporter/otlp_cpview.log
tts=2024-01-16T05:09:09.744Z caller=main.go:180 level=info msg="CPview Open Telemetry Agent is starting..."
ts=2024-01-16T05:09:09.747Z caller=signals.go:14 level=info msg="Get Refresh Value From Gaia DB"
ts=2024-01-16T05:09:09.832Z caller=main.go:49 level=info msg="Initializing Open-Telemetry components"
ts=2024-01-16T05:09:09.833Z caller=main.go:59 level=info msg="Metrics endpoint: /opt/CPotelcol/grpc_otlp.sock"
ts=2024-01-16T05:09:09.833Z caller=main.go:74 level=info msg="Creating OTLP Metrics gRPC Client"
ts=2024-01-16T05:09:09.833Z caller=main.go:82 level=info msg="Creating OTLP Metrics Exporter"
ts=2024-01-16T05:09:09.834Z caller=main.go:94 level=info msg="Creating OTLP Agent with collection period of 15s"
ts=2024-01-16T05:09:09.834Z caller=main.go:220 level=info msg="Starting main loop..."
ts=2024-01-16T05:09:09.971Z caller=main.go:306 level=error exitstatus1=(MISSING)
ts=2024-01-16T05:09:25.721Z caller=main.go:283 level=info msg="Initializing a new metric instrument for metric: system.filesystem.limit"
ts=2024-01-16T05:09:25.721Z caller=main.go:283 level=info msg="Initializing a new metric instrument for metric: system.gaia.os.role"
... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ... ...
caller=main.go:283 level=info msg="Initializing a new metric instrument for metric: system.network.dropped.transmit"
max retry time elapsed: rpc error: code = Unavailable desc = connection error: desc = "transport: Error while dialing dial unix /opt/CPotelcol/grpc_otlp.sock: connect: connection refused"
sklnctl otelcol metrics --show
system.network.connections
system.network.connections.rate
system.network.tcp_out_of_state_drops.state
system.traffic.connections
system.traffic.dropped
system.traffic.io.receive
system.traffic.io.transmit
system.traffic.packets.receive
system.traffic.packets.transmit
system.paging.limit
system.paging.usage
system.memory.limit
system.memory.usage
system.cpu.interrupts
system.cpu.utilization
system.cpu.count
system.network.blades.vpn.active_clients
system.network.blades.vpn.all_ike_errors
system.network.blades.vpn.ike_sas
system.network.blades.vpn.kernel_limit_reached_count
system.network.blades.vpn.max_ike_sas
system.network.blades.vpn.total_sas
vpn.clients
vpn.compression.bytesvpn.compression.bytes
vpn.compression.packets
vpn.errors
vpn.ike.concurrent
vpn.ike.count
vpn.ike.max
vpn.ike.negotiations.max
vpn.ike.peers
vpn.ioctls
vpn.ipsec.fragmentation.count
vpn.ipsec.fragmentation.drops
vpn.kernel_traps
vpn.packets
vpn.restarts
the data needed for monitoring is not sent
Otelcol logs
2024-01-16T11:08:51.706+0600 info service/service.go:132 Starting otelcol... {"Version": "CPotelcol_0.82.0", "NumCPU": 16}
2024-01-16T11:08:51.706+0600 info extensions/extensions.go:30 Starting extensions...
2024-01-16T11:08:51.706+0600 info extensions/extensions.go:33 Extension is starting... {"kind": "extension", "name": "health_check"}
2024-01-16T11:08:51.706+0600 info healthcheckextension@v0.82.0/healthcheckextension.go:34 Starting health_check extension {"kind": "extension", "name": "health_check", "config": {"Endpoint":"0.0.0.0:13133","TLSSetting":null,"CORS":null,"Auth":null,"MaxRequestBodySize":0,"IncludeMetadata":false,"ResponseHeaders":null,"Path":"/","ResponseBody":null,"CheckCollectorPipeline":{"Enabled":false,"Interval":"5m","ExporterFailureThreshold":5}}}
2024-01-16T11:08:51.792+0600 warn internal@v0.82.0/warning.go:40 Using the 0.0.0.0 address exposes this server to every network interface, which may facilitate Denial of Service attacks{"kind": "extension", "name": "health_check", "documentation": "https://github.com/open-telemetry/opentelemetry-collector/blob/main/docs/security-best-practices.md#..."}
2024-01-16T11:08:51.792+0600 info extensions/extensions.go:37 Extension started. {"kind": "extension", "name": "health_check"}
2024-01-16T11:08:51.793+0600 info otlpreceiver@v0.82.0/otlp.go:83 Starting GRPC server {"kind": "receiver", "name": "otlp", "data_type": "metrics", "endpoint": "/opt/CPotelcol/grpc_otlp.sock"}
2024-01-16T11:08:51.794+0600 info healthcheck/handler.go:129 Health Check state change {"kind": "extension", "name": "health_check", "status": "ready"}
2024-01-16T11:08:51.794+0600 info service/service.go:149 Everything is ready. Begin running and processing data.
docker-compose
volumes:
prometheus-skyline-data:
grafana-skyline-data:
services:
prometheus:
image: prom/prometheus:latest
volumes:
- ./prometheus:/etc/prometheus/
- prometheus-skyline-data:/prometheus
container_name: prometheus-skyline
#hostname: prometheus
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
- '--web.console.libraries=/etc/prometheus/console_libraries'
- '--web.console.templates=/etc/prometheus/consoles'
- '--enable-feature=memory-snapshot-on-shutdown'
- '--enable-feature=remote-write-receiver'
#setting to adjust the data retention, d designates days, h designates hours.
- '--storage.tsdb.retention.time=30d'
#setting to adjust the maximum disk usage.
- '--storage.tsdb.retention.size=10GB'
- '--web.enable-lifecycle'
- '--web.enable-remote-write-receiver'
#- '--log.level=debug'
# - '--web.enable-lifecycle'
#- '--web.listen-address=0.0.0.0:9090'
#- '--web.external-url='
#- '--web.enable-lifecycle'
ports:
- 9090:9090
restart: unless-stopped
environment:
TZ: "Asia/Almaty"
networks:
- default
Only available
CP Dashboard - Mashine Overview, CP Dashboard - Single Mashine & GatewayDashboard(partially)