This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Danilo_Lara
Contributor
Contributor
‎2017-06-13 12:14 PM
Jump to solution

Add a process to be monitored by cpwatchdog

Hi,

Does anyone know how can I add a custom process or script to be monitored by cpwatchdog?

Thanks and regards!

1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
‎2017-06-13 12:26 PM
Jump to solution

The command you use is cpwd_admin.

When you run the command with no arguments, you will get usage output that explains how to do it.

Below example is from R80.10, refer to the CLI Reference Guide for your specific version for additional information.

[Expert@R8010GW:0]# cpwd_admin

Usage:

  cpwd_admin start -name <application name> [-ctx <name>] -path <executable path> -command <command line> [-env <inherit|env_var=value>]* [-slp_timeout <timeout>] [-retry_limit <limit|u>]

  cpwd_admin stop -name <application name> [-ctx <name>] [-path <executable path> -command <command line> [-env <inherit|env_var=value>]*]

  cpwd_admin del -name <application name> [-ctx <name>]

  cpwd_admin detach -name <application name> [-ctx <name>]

  cpwd_admin getpid -name <application name> [-ctx <name>]

  cpwd_admin list [-full] [-ctx <name>]

  cpwd_admin flist [-full] [-ctx <name>]

  cpwd_admin monitor_list

  cpwd_admin kill

  cpwd_admin exist

  cpwd_admin config -p

  cpwd_admin config -a <value to add=data value=data...>

  cpwd_admin config -d <values to delete from WD configuration>

  cpwd_admin config -r

Examples:

- Start CPD

   cpwd_admin start -name CPD -path "$CPDIR/bin/cpd" -command "cpd"

- Start FWD

   cpwd_admin start -name FWD -path "$FWDIR/bin/fwd" -command "fwd"

- Start FWM

   cpwd_admin start -name FWM -path "$FWDIR/bin/fwm" -command "fwm"

- Start FG1

   cpwd_admin start -name FGD50 -path "$FGDIR/bin/fgd50" -command "fgd50"

- Start SmartView Monitor

   cpwd_admin start -name RTMD -path "$FWDIR/bin/rtmd" -command "rtmd"

- Start CPD without unlimited retries

   cpwd_admin start -name CPD -path "$CPDIR/bin/cpd" -command "cpd" -retry_limit u

- Stop CPD with command

   cpwd_admin stop -name CPD -path "$CPDIR/bin/cpd_admin" -command "cpd_admin stop"

- Stop FWD with command

   cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd"

- Delete FWD from list

   cpwd_admin del -name FWD

- Stop tracking the FWD process

   cpwd_admin detach -name FWD

- Kill FWD brutally

   cpwd_admin stop -name FWD

- Stop FWM with command

   cpwd_admin stop -name FWM -path "$FWDIR/bin/fw" -command "fw kill fwm"

- Print pid of CPD to screen

   cpwd_admin getpid -name CPD

- Print status of processes to screen

   cpwd_admin list

- Print status of processes to file

   cpwd_admin flist

- Config cpWatchDog parameters

   For config commands use the usage of parameter=value

   cpwd_admin  config -p : print cpWatchDog parameters

   cpwd_admin  config -a : add cpWatchDog parameters

   cpwd_admin  config -d : delete cpWatchDog parameters

   cpwd_admin config -r : restore default cpWatchDog parameters

- Stop cpWatchDog

   cpwd_admin kill

- Check if cpWatchDog is running

   cpwd_admin exist

- Start active monitoring on this machine

   cpwd_admin start_monitor

- Stop active monitoring on this machine

   cpwd_admin stop_monitor

View solution in original post

10 Replies
PhoneBoy
Admin
Admin
‎2017-06-13 12:26 PM
Jump to solution

The command you use is cpwd_admin.

When you run the command with no arguments, you will get usage output that explains how to do it.

Below example is from R80.10, refer to the CLI Reference Guide for your specific version for additional information.

[Expert@R8010GW:0]# cpwd_admin

Usage:

  cpwd_admin start -name <application name> [-ctx <name>] -path <executable path> -command <command line> [-env <inherit|env_var=value>]* [-slp_timeout <timeout>] [-retry_limit <limit|u>]

  cpwd_admin stop -name <application name> [-ctx <name>] [-path <executable path> -command <command line> [-env <inherit|env_var=value>]*]

  cpwd_admin del -name <application name> [-ctx <name>]

  cpwd_admin detach -name <application name> [-ctx <name>]

  cpwd_admin getpid -name <application name> [-ctx <name>]

  cpwd_admin list [-full] [-ctx <name>]

  cpwd_admin flist [-full] [-ctx <name>]

  cpwd_admin monitor_list

  cpwd_admin kill

  cpwd_admin exist

  cpwd_admin config -p

  cpwd_admin config -a <value to add=data value=data...>

  cpwd_admin config -d <values to delete from WD configuration>

  cpwd_admin config -r

Examples:

- Start CPD

   cpwd_admin start -name CPD -path "$CPDIR/bin/cpd" -command "cpd"

- Start FWD

   cpwd_admin start -name FWD -path "$FWDIR/bin/fwd" -command "fwd"

- Start FWM

   cpwd_admin start -name FWM -path "$FWDIR/bin/fwm" -command "fwm"

- Start FG1

   cpwd_admin start -name FGD50 -path "$FGDIR/bin/fgd50" -command "fgd50"

- Start SmartView Monitor

   cpwd_admin start -name RTMD -path "$FWDIR/bin/rtmd" -command "rtmd"

- Start CPD without unlimited retries

   cpwd_admin start -name CPD -path "$CPDIR/bin/cpd" -command "cpd" -retry_limit u

- Stop CPD with command

   cpwd_admin stop -name CPD -path "$CPDIR/bin/cpd_admin" -command "cpd_admin stop"

- Stop FWD with command

   cpwd_admin stop -name FWD -path "$FWDIR/bin/fw" -command "fw kill fwd"

- Delete FWD from list

   cpwd_admin del -name FWD

- Stop tracking the FWD process

   cpwd_admin detach -name FWD

- Kill FWD brutally

   cpwd_admin stop -name FWD

- Stop FWM with command

   cpwd_admin stop -name FWM -path "$FWDIR/bin/fw" -command "fw kill fwm"

- Print pid of CPD to screen

   cpwd_admin getpid -name CPD

- Print status of processes to screen

   cpwd_admin list

- Print status of processes to file

   cpwd_admin flist

- Config cpWatchDog parameters

   For config commands use the usage of parameter=value

   cpwd_admin  config -p : print cpWatchDog parameters

   cpwd_admin  config -a : add cpWatchDog parameters

   cpwd_admin  config -d : delete cpWatchDog parameters

   cpwd_admin config -r : restore default cpWatchDog parameters

- Stop cpWatchDog

   cpwd_admin kill

- Check if cpWatchDog is running

   cpwd_admin exist

- Start active monitoring on this machine

   cpwd_admin start_monitor

- Stop active monitoring on this machine

   cpwd_admin stop_monitor

Danilo_Lara
Contributor
Contributor
‎2017-06-13 12:54 PM
In response to PhoneBoy
Jump to solution

Thanks for your prompt response, phoneboy. Do you know what is the configuration file to add the commands?So it will survive a reboot?

0 Kudos
PhoneBoy
Admin
Admin
‎2017-06-13 01:27 PM
In response to Danilo_Lara
Jump to solution

As far as I know, cpwd_admin commands are persistent.

I'm not 100% sure where the configuration is stored, though.

0 Kudos
Danilo_Lara
Contributor
Contributor
‎2017-06-14 05:09 AM
In response to PhoneBoy
Jump to solution

Ok, I will test it and post here my findings.

Thanks!

0 Kudos
Danilo_Lara
Contributor
Contributor
‎2017-06-14 05:41 AM
In response to Danilo_Lara
Jump to solution

The command is not persistent. To survive a reboot I added the cpwd_admin add command to /etc/rc.local and it worked fine.

Thanks!

0 Kudos
Danilo_Lara
Contributor
Contributor
‎2017-06-14 05:56 AM
In response to PhoneBoy
Jump to solution

I noticed that the process is started, however it is not being monitored, the column "MON" is showing as "N". How can I change to "Y" the "MON" column?

Thanks!

0 Kudos
PhoneBoy
Admin
Admin
‎2017-06-17 01:56 PM
In response to Danilo_Lara
Jump to solution

Did you specify a number of retries?

For example, in the cpwd_admin help (which you can see by just typing cpwd_admin with no parameters), I see this one:

cpwd_admin start -name CPD -path "$CPDIR/bin/cpd" -command "cpd" -retry_limit u

0 Kudos
Danilo_Lara
Contributor
Contributor
‎2017-06-19 07:17 AM
In response to PhoneBoy
Jump to solution

I tried this option but it is still not being monitored. I tried killing the process and it haven't restarted it. The "MON" column is always set to "N".

0 Kudos
PhoneBoy
Admin
Admin
‎2017-06-19 10:15 AM
In response to Danilo_Lara
Jump to solution

It's possible that cpwd is not meant to monitor arbitrary processes, I'll see if I can get the relevant party from R&D to comment.

In which case, I'll offer another solution that may work with the caveat that it's not supported Smiley Happy

In Expert Mode (replace processname with binary name and /usr/bin with path binary is installed in):

dbset process:processname:path /usr/bin

dbset process:processname:runlevel 3

dbset process:processname t

dbset :save

Process Manager (pm) in the Gaia OS will monitor the relevant binary and (re)start it as needed.

PhoneBoy
Admin
Admin
‎2017-06-22 11:57 AM
In response to Danilo_Lara
Jump to solution

Just to clarify, cpwd has two different mechanisms for monitoring processes.

Only specific processes can leverage the "active" mechanism (i.e. the MON column).

Arbitrary processes like the one you're trying to monitor for won't leverage it, but cpwd should still notice if the process is killed and restart it.

Which is, by the way, similar to the Gaia workaround I provided above (except pm is monitoring it instead of cpwd).

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events