This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Help

Who rated this post

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Blason_R
MVP Gold
MVP Gold
3 weeks ago

Identifying failed ISP in case of ISP redundancy

So, I always had this issue where customer is having a multiple ISP under their ISP redundancy but checkpoint does not have actual way to monitor ro alert if any of the ISP fails. Hence I quickly wrote a bash script and then created a custom SNMP OID whch I am monitoring and flags if any ISP fails

output=$(cpstat fw | grep -E 'Load|Active|Backup' | tr "|" " " | awk '{print $1" "$2}')
status=0
while read -r line; do
    link=$(echo "$line" | awk '{print $1}')   # Extract the link name
    status_val=$(echo "$line" | awk '{print $2}') # Extract the status

    if [[ "$status_val" != "OK" ]]; then
        echo "Down $link"
        status=1
    fi
done <<< "$output"
exit $status

 

Create a directory on firewall

# mkdir /var/log/snmpmon_script

 

Store files in those directory

Edit /etc/snmp/userDefinedSettings.conf And add below lines as appropriate 

extend .1.2.3.4.5.6.7.8.13 process_monitor /bin/sh /var/log/snmpmon_script/linkMon.sh

 

change the permission

chmod +x /var/log/snmpmon_script/linkMon.sh

 

Then restart snmp service

set snmp agent off
set snmp agent on
save config

 

 

Thanks and Regards,
Blason R
CCSA,CCSE,CCCS
(1)
Who rated this post