Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Tiago_Cerqueira
Contributor

Monitoring Data Center objects

Hi,

I'm looking into monitoring the data center objects update status; if they are able to update, when was the last update and status of the last update, etc.

Is this feasible? Can I check this via command line?

0 Kudos
4 Replies
Tal_Paz-Fridman
Employee
Employee

Not sure if this is what you mean but there are Management API commands that might help:

https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/show-data-center-objects~v1.8%20

 

show data-center-objects.jpg

0 Kudos
Tiago_Cerqueira
Contributor

It's definitely a good start. Querying the API and checking for each object when it was the last update of said object is a good start (more than 10m without update, for example, and it would trigger an alert)

 

Would it also be possible to use PDP and PEP to achieve this on the gateway itself? If so, it might also be possible to do something with SNMP. 

0 Kudos
Pauli
Participant

You can monitor the state of the connected DCs via SNMP on the primary SMS (sk124532):

 

1.3.6.1.4.1.2620.1.52.101.0 Disconnected Datacenters

1.3.6.1.4.1.2620.1.52.3.0 Connected Datacenters

Also you can check other states of the Cloudguard Controller via snmp - Imported objects, Controller updates, ....

0 Kudos
Tiago_Cerqueira
Contributor

Just something I found along the way, it's also possible to check the status of these objects and the connected gateways using cpstat vsec on the proper CMA. It will provide the following ouput:

# cpstat vsec

vSEC Controller Status: on
Number of disconnected Data Centers: 0
Number of Data Centers: 1
Number of imported Data Center objects: 1
Number of gateways enforcing Data Center objects: 1


Data Centers
---------------------------------------------------------------------
|Controller |Type|Status |Imported Objects|Controller updates|
---------------------------------------------------------------------
|DataCenterName|AWS |Connected| 1| 1953|
---------------------------------------------------------------------

 

Gateways Enforcing Data Center Objects
---------------------------------------------------
|Name |IP |Version|Update status|
---------------------------------------------------
|A_GATEWAY|10.x.x.x|R80.40 |Succeeded |
---------------------------------------------------

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events