Solved: Skyline - prometheus grafana

Plum · ‎2023-03-06

Hello all,

I try to use skyline with prometheus to monitor several firewall frontend and backend (checkpoint software version: R81.10)

It seems to work correctly when I activate the configuration on one of my checkpoint nodes.

The metrics come correctly in prometheus.

On the other hand, as soon as I start the telemetry on several nodes, i receive their metrics for a few seconds then nothing more and after a while I end up receiving the metrics of one of the random nodes again and only from only one.

I can't explain this behavior.

Plum · ‎2023-03-08

I am not sure to undestand , we just follow skyline guide and configure on all host the config file without prometheus receiver url and cert/credential needed.

View solution in original post

Arik_Ovtracht · ‎2023-03-09

Hi @Plum,

It looks like you have a synchronization issue between the reporting devices and the monitoring (Prometheus) server. You can see this example in our FAQ (go to the question about "Out of bound" errors).

If this does not help, feel free to contact me at ariko@checkpoint.com and we can schedule a session to investigate the issue with you.

View solution in original post

PhoneBoy · ‎2023-03-07

It may be that you need to allocate more resources to the Prometheus server (RAM/CPU).
You may just want to confirm the gateway side is working by checking: https://support.checkpoint.com/results/sk/sk179870

Plum · ‎2023-03-08

Hello,

Thx for your reply

We had check but we do not notice any particular charge on prometheus side

Vincent_Bacher · ‎2023-03-08

In our environment it works fine. We just configured Skyline on 10 CP devices (8 R81.10 and 2 R81.20) and on prometheus and Grafana everything is fine.

and now to something completely different - CCVS, CCAS, CCTE, CCCS, CCSM elite

Blason_R · ‎2023-03-08

Has anyone succeeded with Alert Rules? I am still struggling with it.

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS

Sucream · ‎2023-03-15

Hi,

Have you been able to solve Alert Rules problem?
Because I'm also struggling with it..

Arik_Ovtracht · ‎2023-03-15

Hi @Sucream and @Blason_R , did you see the guide we published on how to create alerts in Skyline?

https://supportcenter.us.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&so...

Sucream · ‎2023-03-16

Hi,

No, I didn't 😀 Thanks

Blason_R · ‎2023-03-16

Been eagerly waiting for it. Thanks for sharing though

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS

Plum · ‎2023-03-08

Hello,

In prometheus log, i saw some error for all node without metric:

ts=2023-03-09T01:40:04.589Z caller=write_handler.go:109 level=error component=web msg="Out of order sample from remote write" err="out of bounds" series="{__name__=\"vpn_packets\", environment=\"Default\", host_name=\"XXXXXXXX\", job=\"vs_id_0/CPviewExporter\", service_name=\"CPviewExporter\", service_namespace=\"vs_id_0\", service_version=\"CPviewExporter-0.1.0\", type=\"Decrypted\"}" timestamp=1678326290434

But never for node with metric

Arik_Ovtracht · ‎2023-03-09

Hi @Plum,

It looks like you have a synchronization issue between the reporting devices and the monitoring (Prometheus) server. You can see this example in our FAQ (go to the question about "Out of bound" errors).

If this does not help, feel free to contact me at ariko@checkpoint.com and we can schedule a session to investigate the issue with you.

Plum · ‎2023-03-09

ty very much

i will check in our side. i be back if needed

Plum · ‎2023-03-10

Hello,
ty you so much it was about ntp issu on our side , all host were not sync.
Now all working well

Ty again

Simon_Macpherso · ‎2023-03-08

What is the location of the OpenTelemetry collector logs?

PhoneBoy · ‎2023-03-08

@Arik_Ovtracht

fmartensson · ‎2023-04-06

Also wondering this, thanks

Plum · ‎2023-03-08

I am not sure to undestand , we just follow skyline guide and configure on all host the config file without prometheus receiver url and cert/credential needed.

Elad_Chomsky · ‎2023-04-09

Hi @Simon_Macpherso,

The OpenTelemetry related logs are:

OpenTelemetry Collector logs - /opt/CPotelcol/otelcol.log
CPView OpenTelemetry Exporter - /opt/CPviewExporter/otlp_cpview.log
CPView Producer/Consumer Service - $CPDIR/log/cpview_api_service.elg

Are you a member of CheckMates?

Skyline - prometheus grafana