Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Chandhrasekar_S
Collaborator

Grafana and Prometheus for monitoring Check Point firewalls

Hi Team,

Is anyone using Grafana and Prometheus tools to monitor Check Point gateways and management server? please share your experience

11 Replies
Petter_Andersso
Participant

No and yes. 

I am using Grafana togeter with influxdb, and the telegraf agent.

i have installed the telegraf agent on the gateway and managemnet server. It collects CPU, mem disk, networkdata, and some SNMP stuff and sends the metric data to a influxdb server. 

Then i visulaze the data in grafana

0 Kudos
AlJo
Contributor

Did you install the generic linux tarball or did you manage to find an RPM that would install?

0 Kudos
Aathi
Contributor

Hi ,

 

Can you share the steps to configure the telegraf.

 

Regards

Aathi

0 Kudos
AlJo
Contributor

You might want to direct that question to Petter_Andersso I am monitoring my infra with telegraf, but via the snmp plug-in... Petter appears to have installed the telegraf agent on the gateways and management servers which would have a different configuration than I am using.

0 Kudos
Henrik_Noerr1
Advisor

I think the way to go today would be using the Check Point Skyline - When it goes GA...

We also have great success using telegraf (snmp polling), influxdb and Grafana

0 Kudos
Gregory_Azratz
Employee
Employee

Hi @Chandhrasekar_S ,

We are already working on an official CheckPoint solution that will add monitoring abilities using this 2 products.
Official GA release is expected in the next few weeks.

 
for more information -

https://community.checkpoint.com/t5/General-Topics/Skyline-a-new-monitoring-solution-for-Check-Point...

or visit the official SK page - sk178566

Thanks,
Gregory

Adriansinner97
Explorer

Hi guys, we are already running the Telegraf / InfluxDB v2 + Grafana and would be great to use it for the checkpoint firewalls as well.

So, is there any of you that managed to confugure it and work?
Can you please share some steps?
Do i need some telegraf agnt on the firewalls isntalled.. InfluxDB config etc etc

Thank you

0 Kudos
Henrik_Noerr1
Advisor

We have the exact same setup. This works great - with the inherited limitations of snmp.

We are heavy VSX shop, and polling Virtual Systems works great. With the limitations on VSX support by Skyline, this is the path chosen for now (and general lack of hours in the day).

 

Throw me your email and I can share some telegraf conf files to get you started.

Building dashboards in Grafana is trivial if you are familiar with derivatives, means and so.

 

/Henrik

 

 

0 Kudos
Arik_Ovtracht
Employee
Employee

Hi @Henrik_Noerr1,

I just wanted to note that the VSX limitations that were in early versions of Skyline have been removed a few months ago. You might want to give it a try.

0 Kudos
Henrik_Noerr1
Advisor

Hey Arik,

That is great to know. Can you verify that it is completely removed?

I only head it was bumped up to a higher number - 10 to 25 

Regards,

Henrik

0 Kudos
Arik_Ovtracht
Employee
Employee

The limitation was indeed removed. Since then, we don't see any problem to run it with any number of VSs. However, we did indicate that we could only test it on a 25-VSs server, so advised caution when using more than that.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events