This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Soren_Kristense
Contributor
‎2018-10-12 05:21 AM

Read counters from the TE appliance.

Hi

How is the best way to read the following counter from a TE appliance with an external script?

Scanned File

Malicious Files Detected

Queue Size

Greetings

Søren Kristensen

Reply
8 Replies
Marco_Valenti
Advisor
‎2018-10-12 07:27 AM

Probably you can find what you need with snmp starting from point 23

ATRG: Threat Emulation 

0 Kudos
Reply
Soren_Kristense
Contributor
‎2018-10-12 08:15 AM

Hi 

Thanks

Is there a mib file for this, they are not in the one I have found.

Greetings 

Søren

0 Kudos
Reply
Marco_Valenti
Advisor
‎2018-10-15 01:57 AM
In response to Soren_Kristense

you should be able to add a custom snmp sensor with the reported oid this will work for sure , for mib file you can look at realtive sk

Check Point SNMP MIB files 

0 Kudos
Reply
Thomas_Werner
Employee++
Employee++
‎2018-10-17 05:58 AM

Hi Søren,

I put together a document:

Using SNMP with SandBlast Network 

Regards Thomas

Reply
Soren_Kristense
Contributor
‎2018-10-25 08:12 AM
In response to Thomas_Werner

Hi Thomas

I have been testing the OID's, and they do not return the values as the CLI commands.

the CLI values are changing, the OID values do not change.

0 Kudos
Reply
Thomas_Werner
Employee++
Employee++
‎2018-10-25 08:52 AM
In response to Soren_Kristense

Hi Soren,

are the values 0 or do they not match ?


Regards Thomas

0 Kudos
Reply
Soren_Kristense
Contributor
‎2018-10-25 09:04 AM
In response to Thomas_Werner

Hi
I get something like this

[Expert@TE-box:0]# cpstat threat-emulation -f scanned_files

TE Scanned Files:            2416

TE Scanned Files Last Day:   1824

TE Scanned Files Last Week:  11526

TE Scanned Files Last Month: 60923

 

[Expert@TE-box:0]# snmpwalk -v 2c -c Public  localhost .1.3.6.1.4.1.2620.1.49.4

SNMPv2-SMI::enterprises.2620.1.49.4.1.0 = Gauge32: 2309

SNMPv2-SMI::enterprises.2620.1.49.4.2.0 = Gauge32: 1388

SNMPv2-SMI::enterprises.2620.1.49.4.3.0 = Gauge32: 11818

SNMPv2-SMI::enterprises.2620.1.49.4.4.0 = Gauge32: 61755

0 Kudos
Reply
Thomas_Werner
Employee++
Employee++
‎2018-10-25 09:26 AM
In response to Soren_Kristense

Slight mismatch 🙂

Please open a TAC ticket if you want to get a reason for it ... I am not sure if SNMP values are counters directly from "tecli s s"

Regards Thomas

Reply