- Products
- Learn
- Local User Groups
- Partners
- More
The State of Ransomware Q1 2026
Key Trends and Their Impact
Good, Better, Best:
Prioritizing Defenses Against Credential Abuse
AI Security Masters E7:
How CPR Broke ChatGPT's Isolation and What It Means for You
Blueprint Architecture for Securing
The AI Factory & AI Data Center
Call For Papers
Your Expertise. Our Stage
CheckMates Go:
CheckMates Fest
So, I always had this issue where customer is having a multiple ISP under their ISP redundancy but checkpoint does not have actual way to monitor ro alert if any of the ISP fails. Hence I quickly wrote a bash script and then created a custom SNMP OID whch I am monitoring and flags if any ISP fails
output=$(cpstat fw | grep -E 'Load|Active|Backup' | tr "|" " " | awk '{print $1" "$2}')
status=0
while read -r line; do
link=$(echo "$line" | awk '{print $1}') # Extract the link name
status_val=$(echo "$line" | awk '{print $2}') # Extract the status
if [[ "$status_val" != "OK" ]]; then
echo "Down $link"
status=1
fi
done <<< "$output"
exit $status
Create a directory on firewall
# mkdir /var/log/snmpmon_script
Store files in those directory
Edit /etc/snmp/userDefinedSettings.conf And add below lines as appropriate
extend .1.2.3.4.5.6.7.8.13 process_monitor /bin/sh /var/log/snmpmon_script/linkMon.sh
change the permission
chmod +x /var/log/snmpmon_script/linkMon.sh
Then restart snmp service
set snmp agent off
set snmp agent on
save config
About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY
