Check Point released v7.15 of it's Gaia Health Check Script
Also available as SmartConsole Extension!
Script author: @Nathan_Davieau (LinkedIn profile)
QA Director: @Barak_Ran (LinkedIn profile)
What's new:
- RAID check for all Check Point Appliance types
- Updated ClusterXL failover check
- Detailed API status description on HA Managements
- Improved SecureXL Accept templates check
What's missing:
- Endpoint Security and VPN Client versions check on Log Servers to warn if unsupported clients still connect (Plea)
- Many checks listed in Check Points Professional Service health check (sample report)
- USFW best practices checks as described in sk167052
- Checks from Check Points performance investigation procedure (sk167553)
Download
Package |
Link |
Date |
healthcheck.sh script v7.15 |
|
11January2021 |
Installation
nc -z -w 3 supportcenter.checkpoint.com 443; if [[ $? -eq 0 ]]; then curl_cli -o healthcheck.tmp -f -s -k "https://supportcenter.checkpoint.com/supportcenter/portal/role/supportcenterUser/page/default.psml/media-type/html?action=portlets.DCFileAction&eventSubmit_doGetdcdetails=&fileid=59369"; l=`grep "HashKey" healthcheck.tmp | head -n1 | awk '{print $3}' | sed 's/href="//' | sed 's/">//'`; s=`echo $l | awk -F/ '{print $6}'`; curl_cli -o healthcheck.sh -f -s -k $l; if [[ `md5sum healthcheck.sh | cut -d " " -f1` == $s ]]; then chmod +x healthcheck.sh; ls -la healthcheck.sh; else echo "MD5 hash mismatch of Gaia healthcheck script. Aborting."; rm healthcheck.sh; fi; rm -f healthcheck.tmp; else echo "No HTTPS access to supportcenter.checkpoint.com for script download -> see sk83520"; fi
Sample Output - Security Management
Physical System Checks |
Category |
Title |
Result |
System |
Uptime |
OK |
OS Edition |
OK |
NTP |
NTP Daemon |
OK |
Disk Space |
Free Disk Space |
INFO |
Memory |
Physical Memory |
OK |
Swap Memory |
OK |
CPU |
CPU idle% |
OK |
CPU user% |
OK |
CPU system% |
OK |
CPU wait% |
OK |
CPU interrupt% |
OK |
Interface Statistics
|
RX Errors |
OK |
RX Drops |
OK |
RX Missed Errors |
OK |
RX Overruns |
OK |
TX Errors |
OK |
TX Drops |
OK |
TX Carrier Errors |
OK |
TX Overruns |
OK |
Known Issues |
Issues found in logs |
WARN |
FTW After Jumbo |
OK |
Processes |
Zombie Processes |
OK |
Process Restarts |
OK |
Core Files |
Usermode Cores Present |
OK |
Kernel Cores Present |
OK |
Check Point |
CPInfo Build Number |
OK |
CPUSE Build Number |
OK |
Jumbo Version |
WARN |
CP Version |
OK |
Licensing |
Licenses |
OK |
Contracts |
WARN |
Debugs |
Active tcpdump |
OK |
Active Debug Processes |
OK |
CPM Debugs |
OK |
TDERROR Configured |
OK |
Security Management Checks |
Category |
Title |
Result |
Mgmt Status |
API |
OK |
CPM |
OK |
Configuration |
GUI Clients |
OK |