Secure Your AI Transformation
9 April @ 12pm SGT / 3pm CET / 2PM EDT
Check Point WAF TechTalk:
Introduction and New Features
AI Security Masters E6: When AI Goes Wrong -
Hallucinations, Jailbreaks, and the Curious Behavior of AI Agents
Ink Dragon: A Major Nation-State Campaign
Watch HereAI Security Masters E5:
Powering Prevention: The AI Driving Check Point’s ThreatCloud
CheckMates Go:
CheckMates Fest
Hi CheckMates,
This one-liner script converts the output of cpview -m (monitoring metrics) into standardized Prometheus format.
Use Case: When integrating Skyline with SIEM systems like Prometheus, troubleshooting may require comparing the data that Skyline receives from cpview with what's actually queryable in Prometheus using PromQL. This script transforms the cpview JSON output into Prometheus metrics with labels and values.
How it works:
metric_name{label1="value1",label2="value2"} valueUsage:
cpview -m | jq -r '.metrics[] | .["metric-id"] as $metric | ($metric | split(".") | join("_")) as $metric_name | if (.data | length) > 0 then .data[] | (to_entries | map(select(.key != "value")) | map("\(.key)=\"\(.value)\"") | join(",")) as $labels | if $labels != "" then "\($metric_name){\($labels)} \(.value)" else "\($metric_name) \(.value)" end else empty end'
Examples:
cpview -m | jq -r '.metrics[] | .["metric-id"] as $metric | ($metric | split(".") | join("_")) as $metric_name | if (.data | length) > 0 then .data[] | (to_entries | map(select(.key != "value")) | map("\(.key)=\"\(.value)\"") | join(",")) as $labels | if $labels != "" then "\($metric_name){\($labels)} \(.value)" else "\($metric_name) \(.value)" end else empty end' | grep system_cpu_count
system_cpu_count 42
cpview -m | jq -r '.metrics[] | .["metric-id"] as $metric | ($metric | split(".") | join("_")) as $metric_name | if (.data | length) > 0 then .data[] | (to_entries | map(select(.key != "value")) | map("\(.key)=\"\(.value)\"") | join(",")) as $labels | if $labels != "" then "\($metric_name){\($labels)} \(.value)" else "\($metric_name) \(.value)" end else empty end' | grep system_cpu_utilization
system_cpu_utilization{cpu="0",state="idle",type="OTHER"} 69
system_cpu_utilization{cpu="1",state="idle",type="OTHER"} 70
system_cpu_utilization{cpu="2",state="idle",type="OTHER"} 72
system_cpu_utilization{cpu="3",state="idle",type="OTHER"} 67
system_cpu_utilization{cpu="4",state="idle",type="OTHER"} 69
system_cpu_utilization{cpu="5",state="idle",type="OTHER"} 68
system_cpu_utilization{cpu="6",state="idle",type="OTHER"} 68
system_cpu_utilization{cpu="7",state="idle",type="OTHER"} 73
system_cpu_utilization{cpu="8",state="idle",type="OTHER"} 70
system_cpu_utilization{cpu="9",state="idle",type="OTHER"} 70
Hi CheckMates,
This one-liner script converts the output of cpview -m (monitoring metrics) into standardized Prometheus format.
Use Case: When integrating Skyline with SIEM systems like Prometheus, troubleshooting may require comparing the data that Skyline receives from cpview with what's actually queryable in Prometheus using PromQL. This script transforms the cpview JSON output into Prometheus metrics with labels and values.
How it works:
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY