update project

7eecce08 · thl-cmk · 761a1f0b · 7eecce08 · 7eecce08 · 7eecce08
Commit 7eecce08 authored 3 years ago by thl-cmk
--- a/agent_based/checkpoint_fw_ls.py
+++ b/agent_based/checkpoint_fw_ls.py
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+#
+# License: GNU General Public License v2
+#
+# Author: thl-cmk[at]outlook[dot]com
+# URL   : https://thl-cmk.hopto.org
+#
+# 2016-07-19 : monitor Check Point FW Log server status
+# 2016-07-24 : changed for check state
+# 2018-01-05 : fix inventory function
+# 2018-03-08 : changed snmp scan function and inventory function
+# 2018-03-15 : code cleanup
+# 2020-06-08 : changed snmp-scan function
+# 2021-06-14 : rewrite for cmk 2.0
+#
+# sample snmpwalk
+#
+# CHECKPOINT-MIB::fwLSConnOverall.0 = INTEGER: 0
+# CHECKPOINT-MIB::fwLSConnOverallDesc.0 = STRING: Security Gateway is reporting logs as defined
+# CHECKPOINT-MIB::fwLSConnIndex.1.0 = Gauge32: 1
+# CHECKPOINT-MIB::fwLSConnIndex.2.0 = Gauge32: 2
+# CHECKPOINT-MIB::fwLSConnName.1.0 = STRING: 10.140.2.203
+# CHECKPOINT-MIB::fwLSConnName.2.0 = STRING: 10.140.2.103
+# CHECKPOINT-MIB::fwLSConnState.1.0 = Gauge32: 0
+# CHECKPOINT-MIB::fwLSConnState.2.0 = Gauge32: 2
+# CHECKPOINT-MIB::fwLSConnStateDesc.1.0 = STRING: Log-Server Connected
+# CHECKPOINT-MIB::fwLSConnStateDesc.2.0 = STRING: Log-Server Disconnected
+# CHECKPOINT-MIB::fwLSConnSendRate.1.0 = Gauge32: 0
+# CHECKPOINT-MIB::fwLSConnSendRate.2.0 = Gauge32: 0
+# CHECKPOINT-MIB::fwLocalLoggingDesc.0 = STRING: Logs are written to log server
+# CHECKPOINT-MIB::fwLocalLoggingStat.0 = INTEGER: 0
+# CHECKPOINT-MIB::fwLocalLoggingWriteRate.0 = Gauge32: 0
+# CHECKPOINT-MIB::fwLoggingHandlingRate.0 = Gauge32: 0
+#
+# .1.3.6.1.4.1.2620.1.1.30.1.0 = INTEGER: 0
+# .1.3.6.1.4.1.2620.1.1.30.2.0 = STRING: "Security Gateway is reporting logs as defined"
+# .1.3.6.1.4.1.2620.1.1.30.3.1.1.1.0 = Gauge32: 1
+# .1.3.6.1.4.1.2620.1.1.30.3.1.1.2.0 = Gauge32: 2
+# .1.3.6.1.4.1.2620.1.1.30.3.1.2.1.0 = STRING: "10.140.2.203"
+# .1.3.6.1.4.1.2620.1.1.30.3.1.2.2.0 = STRING: "10.140.2.103"
+# .1.3.6.1.4.1.2620.1.1.30.3.1.3.1.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.1.30.3.1.3.2.0 = Gauge32: 2
+# .1.3.6.1.4.1.2620.1.1.30.3.1.4.1.0 = STRING: "Log-Server Connected"
+# .1.3.6.1.4.1.2620.1.1.30.3.1.4.2.0 = STRING: "Log-Server Disconnected"
+# .1.3.6.1.4.1.2620.1.1.30.3.1.5.1.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.1.30.3.1.5.2.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.1.30.4.0 = STRING: "Logs are written to log server"
+# .1.3.6.1.4.1.2620.1.1.30.5.0 = INTEGER: 0
+# .1.3.6.1.4.1.2620.1.1.30.6.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.1.30.7.0 = Gauge32: 0
+#
+#
+# sample info
+# log server running
+# [[[u'0', u'Security Gateway is reporting logs as defined', u'Logs are written to log server', u'0']],
+#  [[u'1', u'192.168.10.10', u'0', u'Log-Server Connected'],
+#   [u'2', u'192.168.10.11', u'2', u'Backup Log-Server Not Active']]]
+#
+# no log server
+# [[], []]
+#
+
+from typing import NamedTuple, List, Dict, Optional
+
+from cmk.base.plugins.agent_based.agent_based_api.v1.type_defs import (
+    DiscoveryResult,
+    CheckResult,
+    StringTable,
+)
+
+from cmk.base.plugins.agent_based.agent_based_api.v1 import (
+    register,
+    Service,
+    equals,
+    Result,
+    State,
+    Metric,
+    SNMPTree,
+    startswith,
+    all_of,
+    any_of,
+)
+
+
+class CheckPointFwLsOverAll(NamedTuple):
+    fwlsconnoverall: int
+    fwlsconnoveralldesc: str
+    fwlocalloggingdesc: str
+    fwlocalloggingstat: int
+    fwLocalLoggingWriteRate: Optional[int]
+    fwLoggingHandlingRate: Optional[int]
+
+
+class CheckPointFwLs(NamedTuple):
+    fwLSConnIndex: int
+    fwLSConnName: str
+    fwLSConnState: int
+    fwLSConnStateDesc: str
+    fwLSConnSendRate: Optional[int]
+
+
+def parse_checkpoint_fw_ls(string_table: List[StringTable]) -> Dict:
+    over_all, log_servers = string_table
+
+    fwlsconnoverall, fwlsconnoveralldesc, fwlocalloggingdesc, fwlocalloggingstat, fwLocalLoggingWriteRate, fwLoggingHandlingRate = \
+    over_all[0]
+    parsed = {}
+    parsed.update({'over all': CheckPointFwLsOverAll(
+        fwlsconnoverall=int(fwlsconnoverall),
+        fwlsconnoveralldesc=fwlsconnoveralldesc,
+        fwlocalloggingdesc=fwlocalloggingdesc,
+        fwlocalloggingstat=int(fwlocalloggingstat),
+        fwLocalLoggingWriteRate=int(fwLocalLoggingWriteRate) if fwLocalLoggingWriteRate.isdigit() else None,
+        fwLoggingHandlingRate=int(fwLoggingHandlingRate) if fwLoggingHandlingRate.isdigit() else None,
+    )})
+
+    for fwLSConnIndex, fwLSConnName, fwLSConnState, fwLSConnStateDesc, fwLSConnSendRate in log_servers:
+        parsed.update({fwLSConnName: CheckPointFwLs(
+            fwLSConnIndex=int(fwLSConnIndex),
+            fwLSConnName=fwLSConnName,
+            fwLSConnState=int(fwLSConnState),
+            fwLSConnStateDesc=fwLSConnStateDesc,
+            fwLSConnSendRate=int(fwLSConnSendRate) if fwLSConnSendRate.isdigit() else None,
+        )})
+
+    return parsed
+
+
+def discovery_checkpoint_fw_ls(section: Dict) -> DiscoveryResult:
+    for key in section.keys():
+        yield Service(item=key)
+
+
+def check_checkpoint_fw_ls(item, params, section: Dict) -> CheckResult:
+    fwLSConnState_des = {
+        0: 'Ok',
+        1: 'Error',
+        2: 'Not Active',
+    }
+
+    fwLocalLoggingStat = {
+        0: 'Logging to log servers',
+        1: 'Logging local configured',
+        2: 'Logging local due to connectivity',
+        3: 'Logging local due to high rate',
+    }
+
+    over_all = section['over all']
+
+    if item == 'over all':
+        if over_all.fwLocalLoggingWriteRate is not None and over_all.fwLoggingHandlingRate is not None:  # R80.10 and up
+            yield Metric(name='checkpoint_fw_ls_fwlocalloggingwriterate', value=over_all.fwLocalLoggingWriteRate)
+            yield Metric(name='checkpoint_fw_ls_fwlogginghandlingrate', value=over_all.fwLoggingHandlingRate)
+
+        yield Result(state=State(over_all.fwlsconnoverall), summary=over_all.fwlsconnoveralldesc)
+        if over_all.fwlocalloggingdesc != '':
+            if over_all.fwlocalloggingstat in [1, 3]:
+                yield Result(state=State.WARN, summary=over_all.fwlocalloggingdesc)
+            elif over_all.fwlocalloggingstat == 2:
+                yield Result(state=State.CRIT, summary=over_all.fwlocalloggingdesc)
+            else:
+                yield Result(state=State.OK, summary=over_all.fwlocalloggingdesc)
+    else:
+        try:
+            log_server = section[item]
+        except IndexError:
+            return
+
+        if log_server.fwLSConnSendRate is not None:  # R80.10 and up
+            yield Metric(name='checkpoint_fw_ls_fwlsconnsendrate', value=log_server.fwLSConnSendRate)
+
+        if log_server.fwLSConnState == 1:
+            yield Result(state=State.CRIT, summary='State: Connection error')
+        else:
+            yield Result(state=State.OK, summary=f'State: {log_server.fwLSConnStateDesc}')
+
+        exp_connection_state = params.get('exp_connection_status', 0)
+        mon_connection_state = params.get('mon_connection_state', 1)
+
+        if log_server.fwLSConnStateDesc.lower() != exp_connection_state.lower():
+            #print(log_server.fwLSConnStateDesc.lower())
+            #print(exp_connection_state.lower())
+            yield Result(state=State(mon_connection_state),
+                         summary=f'Expected connection state: {exp_connection_state}')
+
+
+register.snmp_section(
+    name='checkpoint_fw_ls',
+    parse_function=parse_checkpoint_fw_ls,
+    fetch=[
+        SNMPTree(
+            base='.1.3.6.1.4.1.2620.1.1.30',  # CHECKPOINT-MIB:fwLSConn
+            oids=[
+                '1',  # fwLSConnOverall
+                '2',  # fwLSConnOverallDesc
+                '4',  # fwLocalLoggingDesc
+                '5',  # fwLocalLoggingStat
+                '6',  # fwLocalLoggingWriteRate
+                '7',  # fwLoggingHandlingRate
+            ]
+        ),
+        SNMPTree(
+            base='.1.3.6.1.4.1.2620.1.1.30.3.1',  # CHECKPOINT-MIB::fwLSConnEntry
+            oids=[
+                '1',  # fwLSConnIndex
+                '2',  # fwLSConnName
+                '3',  # fwLSConnState
+                '4',  # fwLSConnStateDesc
+                '5',  # fwLSConnSendRate
+            ]
+        )
+
+    ],
+    detect=any_of(
+        startswith('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.2620'),
+        all_of(
+            equals('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.8072.3.2.10'),
+            equals('.1.3.6.1.4.1.2620.1.6.1.0', 'SVN Foundation'),
+        )
+    )
+)
+
+register.check_plugin(
+    name='checkpoint_fw_ls',
+    service_name='FW Log server %s',
+    discovery_function=discovery_checkpoint_fw_ls,
+    check_function=check_checkpoint_fw_ls,
+    check_default_parameters={},
+    check_ruleset_name='checkpoint_fw_ls',
+)
--- a/agent_based/checkpoint_fwm_ls.py
+++ b/agent_based/checkpoint_fwm_ls.py
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+#
+# License: GNU General Public License v2
+#
+# Author: thl-cmk[at]outlook[dot]com
+# URL   : https://thl-cmk.hopto.org
+#
+# 2016-07-29 :  monitor Check Point FWM log server status
+# 2018-05-08 :  changed snmp scan and inventory function
+# 2018-03-16 :  added R80.10 MIBs
+# 2018-05-30 :  removed empty OIDs CHECKPOINT-MIB::lsConnectedClientsEntry,
+#                                  CHECKPOINT-MIB::lsConnectedGatewaysEntry
+#                                  CHECKPOINT-MIB::lsLoggingInfo
+# 2020-06-08 : changed snmp-scan function
+# 2021-06-14 : rewrite for cmk 2.0
+#
+
+#
+# sample snmpwalk (R77.30)
+#
+# .1.3.6.1.4.1.2620.1.11.1.0 = STRING: "Check Point Log Server"
+# .1.3.6.1.4.1.2620.1.11.2.0 = INTEGER: 6
+# .1.3.6.1.4.1.2620.1.11.3.0 = INTEGER: 0
+# .1.3.6.1.4.1.2620.1.11.4.0 = INTEGER: 4663
+# .1.3.6.1.4.1.2620.1.11.5.0 = INTEGER: 1
+# .1.3.6.1.4.1.2620.1.11.101.0 = INTEGER: 0
+# .1.3.6.1.4.1.2620.1.11.102.0 = STRING: "OK"
+# .1.3.6.1.4.1.2620.1.11.103.0 = STRING: "OK"
+#
+# CHECKPOINT-MIB::lsProdName.0 = STRING: Check Point Log Server
+# CHECKPOINT-MIB::lsVerMajor.0 = INTEGER: 6
+# CHECKPOINT-MIB::lsVerMinor.0 = INTEGER: 0
+# CHECKPOINT-MIB::lsBuildNumber.0 = INTEGER: 4663
+# CHECKPOINT-MIB::lsFwmIsAlive.0 = INTEGER: 1
+# CHECKPOINT-MIB::lsStatCode.0 = INTEGER: 0
+# CHECKPOINT-MIB::lsStatShortDescr.0 = STRING: OK
+# CHECKPOINT-MIB::lsStatLongDescr.0 = STRING: OK
+#
+# sample snmpwalk (R80.10, SmartEvent Server)
+#
+# .1.3.6.1.4.1.2620.1.11.1.0 = STRING: "Check Point Log Server"
+# .1.3.6.1.4.1.2620.1.11.2.0 = INTEGER: 6
+# .1.3.6.1.4.1.2620.1.11.3.0 = INTEGER: 0
+# .1.3.6.1.4.1.2620.1.11.4.0 = INTEGER: 39081
+# .1.3.6.1.4.1.2620.1.11.5.0 = INTEGER: 1
+# .1.3.6.1.4.1.2620.1.11.14.1.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.2.0 = Gauge32: 1
+# .1.3.6.1.4.1.2620.1.11.14.3.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.4.1.1.1.0 = Gauge32: 1
+# .1.3.6.1.4.1.2620.1.11.14.4.1.2.1.0 = STRING: "Local Clients"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.3.1.0 = STRING: "Connected"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.4.1.0 = STRING: "N/A"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.5.1.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.5.1.0 = STRING: "20171"
+# .1.3.6.1.4.1.2620.1.11.14.5.2.0 = STRING: "2607010"
+# .1.3.6.1.4.1.2620.1.11.14.5.3.0 = STRING: "0"
+# .1.3.6.1.4.1.2620.1.11.14.5.4.0 = STRING: "9021"
+# .1.3.6.1.4.1.2620.1.11.14.5.5.0 = Gauge32: 4
+# .1.3.6.1.4.1.2620.1.11.14.5.6.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.5.7.0 = Gauge32: 10
+# .1.3.6.1.4.1.2620.1.11.14.5.8.0 = Gauge32: 1
+# .1.3.6.1.4.1.2620.1.11.14.5.9.0 = Gauge32: 10
+# .1.3.6.1.4.1.2620.1.11.14.5.10.0 = Gauge32: 1
+# .1.3.6.1.4.1.2620.1.11.14.5.11.0 = Gauge32: 27275
+# .1.3.6.1.4.1.2620.1.11.14.5.12.0 = Gauge32: 1001
+# .1.3.6.1.4.1.2620.1.11.14.5.13.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.6.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.101.0 = INTEGER: 0
+# .1.3.6.1.4.1.2620.1.11.102.0 = STRING: "OK"
+# .1.3.6.1.4.1.2620.1.11.103.0 = STRING: "OK"
+#
+# CHECKPOINT-MIB::lsProdName.0 = STRING: Check Point Log Server
+# CHECKPOINT-MIB::lsVerMajor.0 = INTEGER: 6
+# CHECKPOINT-MIB::lsVerMinor.0 = INTEGER: 0
+# CHECKPOINT-MIB::lsBuildNumber.0 = INTEGER: 39081
+# CHECKPOINT-MIB::lsFwmIsAlive.0 = INTEGER: 1
+# CHECKPOINT-MIB::lsLogReceiveRate.0 = Gauge32: 0
+# CHECKPOINT-MIB::lsLogReceiveRatePeak.0 = Gauge32: 1
+# CHECKPOINT-MIB::lsLogReceiveRate10Min.0 = Gauge32: 0
+# CHECKPOINT-MIB::lsGWIndex.1.0 = Gauge32: 1
+# CHECKPOINT-MIB::lsGWIP.1.0 = STRING: Local Clients
+# CHECKPOINT-MIB::lsGWState.1.0 = STRING: Connected
+# CHECKPOINT-MIB::lsGWLastLoginTime.1.0 = STRING: N/A
+# CHECKPOINT-MIB::lsGWLogReceiveRate.1.0 = Gauge32: 0
+# CHECKPOINT-MIB::lsIndexerInfoTotalReadLogs.0 = Wrong Type (should be Gauge32 or Unsigned32): STRING: "20171"
+# CHECKPOINT-MIB::lsIndexerInfoTotalUpdatesAndLogsIndexed.0 = Wrong Type (should be Gauge32 or Unsigned32): STRING: "2607010"
+# CHECKPOINT-MIB::lsIndexerInfoTotalReadLogsErrors.0 = Wrong Type (should be Gauge32 or Unsigned32): STRING: "0"
+# CHECKPOINT-MIB::lsIndexerInfoTotalUpdatesAndLogsIndexedErrors.0 = Wrong Type (should be Gauge32 or Unsigned32): STRING: "9021"
+# CHECKPOINT-MIB::lsIndexerInfoUpdatesAndLogsIndexedRate.0 = Gauge32: 4
+# CHECKPOINT-MIB::lsIndexerInfoReadLogsRate.0 = Gauge32: 0
+# CHECKPOINT-MIB::lsIndexerInfoUpdatesAndLogsIndexedRatePeak.0 = Gauge32: 10
+# CHECKPOINT-MIB::lsIndexerInfoReadLogsRatePeak.0 = Gauge32: 1
+# CHECKPOINT-MIB::lsIndexerInfo.9.0 = Gauge32: 10
+# CHECKPOINT-MIB::lsIndexerInfo.10.0 = Gauge32: 1
+# CHECKPOINT-MIB::lsIndexerInfo.11.0 = Gauge32: 27275
+# CHECKPOINT-MIB::lsIndexerInfo.12.0 = Gauge32: 1001
+# CHECKPOINT-MIB::lsIndexerInfo.13.0 = Gauge32: 0
+# CHECKPOINT-MIB::lsLogReceiveRate1Hour.0 = Gauge32: 0
+# CHECKPOINT-MIB::lsStatCode.0 = INTEGER: 0
+# CHECKPOINT-MIB::lsStatShortDescr.0 = STRING: OK
+# CHECKPOINT-MIB::lsStatLongDescr.0 = STRING: OK
+#
+# R80.10 MD Logserver
+# .1.3.6.1.4.1.2620.1.11.1.0 = STRING: "Check Point Log Server"
+# .1.3.6.1.4.1.2620.1.11.2.0 = INTEGER: 6
+# .1.3.6.1.4.1.2620.1.11.3.0 = INTEGER: 0
+# .1.3.6.1.4.1.2620.1.11.4.0 = INTEGER: 39081
+# .1.3.6.1.4.1.2620.1.11.5.0 = INTEGER: 0
+# .1.3.6.1.4.1.2620.1.11.14.1.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.2.0 = Gauge32: 1
+# .1.3.6.1.4.1.2620.1.11.14.3.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.4.1.1.1.0 = Gauge32: 1
+# .1.3.6.1.4.1.2620.1.11.14.4.1.2.1.0 = STRING: "Local Clients"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.3.1.0 = STRING: "Connected"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.4.1.0 = STRING: "N/A"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.5.1.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.5.1.0 = STRING: "94"
+# .1.3.6.1.4.1.2620.1.11.14.5.2.0 = STRING: "94"
+# .1.3.6.1.4.1.2620.1.11.14.5.3.0 = STRING: "0"
+# .1.3.6.1.4.1.2620.1.11.14.5.4.0 = STRING: "53"
+# .1.3.6.1.4.1.2620.1.11.14.5.5.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.5.6.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.5.7.0 = Gauge32: 1
+# .1.3.6.1.4.1.2620.1.11.14.5.8.0 = Gauge32: 1
+# .1.3.6.1.4.1.2620.1.11.14.5.9.0 = Gauge32: 1
+# .1.3.6.1.4.1.2620.1.11.14.5.10.0 = Gauge32: 1
+# .1.3.6.1.4.1.2620.1.11.14.5.11.0 = Gauge32: 2
+# .1.3.6.1.4.1.2620.1.11.14.5.12.0 = Gauge32: 2
+# .1.3.6.1.4.1.2620.1.11.14.5.13.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.6.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.101.0 = INTEGER: 2
+# .1.3.6.1.4.1.2620.1.11.102.0 = STRING: "Problem"
+# .1.3.6.1.4.1.2620.1.11.103.0 = STRING: "Log Server is not running"
+#
+# sample info
+# [[[u'Check Point Log Server', u'6', u'0', u'4663', u'1', u'0', u'OK', u'OK']], []]
+#
+# no logserver active
+# [[], []]
+#
+
+from typing import NamedTuple, List, Optional
+
+from cmk.base.plugins.agent_based.agent_based_api.v1.type_defs import (
+    DiscoveryResult,
+    CheckResult,
+    StringTable,
+)
+
+from cmk.base.plugins.agent_based.agent_based_api.v1 import (
+    register,
+    Service,
+    equals,
+    Result,
+    State,
+    Metric,
+    SNMPTree,
+    startswith,
+    all_of,
+    any_of,
+)
+
+
+class CheckPointFwmR77(NamedTuple):
+    lsprodname: int
+    lsvermajor: str
+    lsverminor: str
+    lsbuildnumber: int
+    lsfwmisalive: int
+    lsstatcode: int
+    lsstatshortdescr: str
+    lsstatlongdescr: str
+
+
+class CheckPointFwmR80(NamedTuple):
+    TotalReadLogs: int
+    TotalUpdatesAndLogsIndexed: int
+    TotalReadLogsErrors: int
+    TotalUpdatesAndLogsIndexedErrors: int
+    UpdatesAndLogsIndexedRate: int
+    ReadLogsRate: int
+    UpdatesAndLogsIndexedRatePeak: int
+    ReadLogsRatePeak: int
+
+
+class CheckPointFwm(NamedTuple):
+    R77: CheckPointFwmR77
+    R80: Optional[CheckPointFwmR80]
+
+
+def parse_checkpoint_fwm_ls(string_table: List[StringTable]) -> CheckPointFwm:
+    r77, r80_indexer = string_table
+    lsprodname, lsvermajor, lsverminor, lsbuildnumber, lsfwmisalive, lsstatcode, lsstatshortdescr, lsstatlongdescr = \
+        r77[0]
+
+    checkpointfwmr77 = CheckPointFwmR77(
+        lsprodname=lsprodname,
+        lsvermajor=lsvermajor,
+        lsverminor=lsverminor,
+        lsbuildnumber=lsbuildnumber,
+        lsfwmisalive=int(lsfwmisalive),
+        lsstatcode=int(lsstatcode),
+        lsstatshortdescr=lsstatshortdescr,
+        lsstatlongdescr=lsstatlongdescr,
+    )
+
+    checkpointfwmr80 = None
+
+    try:
+        r80_indexer = r80_indexer[0]
+    except IndexError:
+        return CheckPointFwm(
+            R77=checkpointfwmr77,
+            R80=checkpointfwmr80,
+        )
+
+    if len(r80_indexer) == 8:
+        TotalReadLogs, TotalUpdatesAndLogsIndexed, TotalReadLogsErrors, TotalUpdatesAndLogsIndexedErrors, \
+        UpdatesAndLogsIndexedRate, ReadLogsRate, UpdatesAndLogsIndexedRatePeak, ReadLogsRatePeak = r80_indexer
+
+        checkpointfwmr80 = CheckPointFwmR80(
+            TotalReadLogs=int(TotalReadLogs),
+            TotalUpdatesAndLogsIndexed=int(TotalUpdatesAndLogsIndexed),
+            TotalReadLogsErrors=int(TotalReadLogsErrors),
+            TotalUpdatesAndLogsIndexedErrors=int(TotalUpdatesAndLogsIndexedErrors),
+            UpdatesAndLogsIndexedRate=int(UpdatesAndLogsIndexedRate),
+            ReadLogsRate=int(ReadLogsRate),
+            UpdatesAndLogsIndexedRatePeak=int(UpdatesAndLogsIndexedRatePeak),
+            ReadLogsRatePeak=int(ReadLogsRatePeak),
+        )
+
+    return CheckPointFwm(
+        R77=checkpointfwmr77,
+        R80=checkpointfwmr80,
+    )
+
+
+def discovery_checkpoint_fwm_ls(section: CheckPointFwm) -> DiscoveryResult:
+    yield Service()
+
+
+def check_checkpoint_fwm_ls(params, section: CheckPointFwm) -> CheckResult:
+    yield Result(state=State.OK,
+                 summary=f'{section.R77.lsprodname}, version: {section.R77.lsvermajor}.{section.R77.lsverminor}, Build: {section.R77.lsbuildnumber}')
+
+    if not params.get('ignore_status_on_r80_10'):
+        if section.R77.lsfwmisalive != 1:
+            yield Result(state=State.CRIT, summary='Is not alive')
+        if section.R77.lsstatcode != 0:
+            yield Result(state=State.CRIT,
+                         summary=f'Status: {section.R77.lsstatshortdescr}, {section.R77.lsstatlongdescr}')
+    if section.R80 is not None:
+        yield Metric(name='checkpoint_fwm_ls_totalreadlogs', value=section.R80.TotalReadLogs)
+        yield Metric(name='checkpoint_fwm_ls_totalupdatesandlogsindexed', value=section.R80.TotalUpdatesAndLogsIndexed)
+        yield Metric(name='checkpoint_fwm_ls_totalreadlogserrors', value=section.R80.TotalReadLogsErrors)
+        yield Metric(name='checkpoint_fwm_ls_totalupdatesandlogsindexederrors', value=section.R80.TotalUpdatesAndLogsIndexedErrors)
+        yield Metric(name='checkpoint_fwm_ls_updatesandlogsindexedrate', value=section.R80.UpdatesAndLogsIndexedRate)
+        yield Metric(name='checkpoint_fwm_ls_updatesandlogsindexedratepeak', value=section.R80.UpdatesAndLogsIndexedRatePeak)
+        yield Metric(name='checkpoint_fwm_ls_readlogsrate', value=section.R80.ReadLogsRate)
+        yield Metric(name='checkpoint_fwm_ls_readlogsratepeak', value=section.R80.ReadLogsRatePeak)
+
+
+register.snmp_section(
+    name='checkpoint_fwm_ls',
+    parse_function=parse_checkpoint_fwm_ls,
+    fetch=[
+        SNMPTree(
+            base='.1.3.6.1.4.1.2620.1.11',  # CHECKPOINT-MIB::ls
+            oids=[
+                '1',  # lsProdName
+                '2',  # lsVerMajor
+                '3',  # lsVerMinor
+                '4',  # lsBuildNumber
+                '5',  # lsFwmIsAlive
+                '101',  # lsStatCode
+                '102',  # lsStatShortDescr
+                '103',  # lsStatLongDescr
+            ]
+        ),
+        SNMPTree(
+            base='.1.3.6.1.4.1.2620.1.11.14.5',  # CHECKPOINT-MIB::lsIndexerInfo
+            oids=[
+                '1',  # lsIndexerInfoTotalReadLogs
+                '2',  # lsIndexerInfoTotalUpdatesAndLogsIndexed
+                '3',  # lsIndexerInfoTotalReadLogsErrors
+                '4',  # lsIndexerInfoTotalUpdatesAndLogsIndexedErrors
+                '5',  # lsIndexerInfoUpdatesAndLogsIndexedRate
+                '6',  # lsIndexerInfoReadLogsRate
+                '7',  # lsIndexerInfoUpdatesAndLogsIndexedRatePeak
+                '8',  # lsIndexerInfoReadLogsRatePeak
+                # '9',   # lsIndexerInfo_9
+                # '10',  # lsIndexerInfo_10
+                # '11',  # lsIndexerInfo_11
+                # '12',  # lsIndexerInfo_12
+                # '13',  # lsIndexerInfo_13
+            ]
+        )
+
+    ],
+    detect=any_of(
+        startswith('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.2620'),
+        all_of(
+            equals('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.8072.3.2.10'),
+            equals('.1.3.6.1.4.1.2620.1.6.1.0', 'SVN Foundation'),
+        )
+    )
+)
+
+register.check_plugin(
+    name='checkpoint_fwm_ls',
+    service_name='FWM Log Server',
+    discovery_function=discovery_checkpoint_fwm_ls,
+    check_function=check_checkpoint_fwm_ls,
+    check_default_parameters={'ignore_status_on_r80_10': False, },
+    check_ruleset_name='checkpoint_fwm_ls',
+)
+
+# ('.1.3.6.1.4.1.2620.1.11.14', [  # CHECKPOINT-MIB::lsLoggingInfo
+#     '1',  # lsLogReceiveRate
+#     '2',  # lsLogReceiveRatePeak
+#     '3',  # lsLogReceiveRate10Min
+#     '6',  # lsLogReceiveRate1Hour
+# ]),
+
+# OMD[build]:~$ snmpwalk -v2c -c komsa/alf-r81 -ObentU simulant .1.3.6.1.4.1.2620.1.11.14.4.1
+# .1.3.6.1.4.1.2620.1.11.14.4.1.1.1.0 = Gauge32: 1
+# .1.3.6.1.4.1.2620.1.11.14.4.1.1.2.0 = Gauge32: 2
+# .1.3.6.1.4.1.2620.1.11.14.4.1.1.3.0 = Gauge32: 3
+# .1.3.6.1.4.1.2620.1.11.14.4.1.1.4.0 = Gauge32: 4
+# .1.3.6.1.4.1.2620.1.11.14.4.1.1.5.0 = Gauge32: 5
+# .1.3.6.1.4.1.2620.1.11.14.4.1.1.6.0 = Gauge32: 6
+# .1.3.6.1.4.1.2620.1.11.14.4.1.1.7.0 = Gauge32: 7
+# .1.3.6.1.4.1.2620.1.11.14.4.1.2.1.0 = STRING: "Local Clients"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.2.2.0 = STRING: "bill01"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.2.3.0 = STRING: "bill02"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.2.4.0 = STRING: "donald01"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.2.5.0 = STRING: "donald02"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.2.6.0 = STRING: "charlie02"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.2.7.0 = STRING: "charlie01"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.3.1.0 = STRING: "Connected"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.3.2.0 = STRING: "Connected"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.3.3.0 = STRING: "Connected"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.3.4.0 = STRING: "Connected"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.3.5.0 = STRING: "Connected"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.3.6.0 = STRING: "Connected"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.3.7.0 = STRING: "Connected"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.4.1.0 = STRING: "N/A"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.4.2.0 = STRING: "Tue Feb  9 13:51:34 2021"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.4.3.0 = STRING: "Tue Feb  9 13:51:34 2021"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.4.4.0 = STRING: "Tue Feb  9 13:51:34 2021"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.4.5.0 = STRING: "Tue Feb  9 13:51:34 2021"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.4.6.0 = STRING: "Tue Feb  9 13:51:34 2021"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.4.7.0 = STRING: "Tue Feb  9 13:51:34 2021"
+# .1.3.6.1.4.1.2620.1.11.14.4.1.5.1.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.4.1.5.2.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.4.1.5.3.0 = Gauge32: 837
+# .1.3.6.1.4.1.2620.1.11.14.4.1.5.4.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.4.1.5.5.0 = Gauge32: 1
+# .1.3.6.1.4.1.2620.1.11.14.4.1.5.6.0 = Gauge32: 0
+# .1.3.6.1.4.1.2620.1.11.14.4.1.5.7.0 = Gauge32: 5
+
+# ('.1.3.6.1.4.1.2620.1.11.14.4.1', [  # CHECKPOINT-MIB::lsConnectedGatewaysEntry
+#     '1',  # lsGWIndex
+#     '2',  # lsGWIP
+#     '3',  # lsGWState
+#     '4',  # lsGWLastLoginTime
+#     '5',  # lsGWLogReceiveRate
+#      ]),
+# ('.1.3.6.1.4.1.2620.1.11.14.7.1', [  # CHECKPOINT-MIB::lsConnectedClientsEntry
+#     '1',   # lsIndex
+#     '2',   # lsClientName
+#     '3',   # lsClientHost
+#     '4',   # lsClientDbLock
+#     '5',   # lsClientDbLock
+#     ]),
--- a/checkpoint_log_server.mkp
+++ b/checkpoint_log_server.mkp
--- a/packages/checkpoint_log_server
+++ b/packages/checkpoint_log_server
-{'author': u'Th.L. (thl-cmk[at]outlook[dot]com)',
- 'description': u'Monitors Check Point Log service status. \nCreates one check on the management server and one check for each log server on the gateway.\n',
+{'author': 'Th.L. (thl-cmk[at]outlook[dot]com)',
+ 'description': 'Monitors Check Point Log service status. \n'
+                'Creates one check on the management server and one check for '
+                'each log server on the gateway.\n',
 'download_url': 'https://thl-cmk.hopto.org',
- 'files': {'checkman': ['checkpoint_fw_ls', 'checkpoint_fwm_ls'],
-           'checks': ['checkpoint_fw_ls', 'checkpoint_fwm_ls'],
+ 'files': {'agent_based': ['checkpoint_fw_ls.py', 'checkpoint_fwm_ls.py'],
+           'checkman': ['checkpoint_fw_ls', 'checkpoint_fwm_ls'],
           'web': ['plugins/metrics/checkpoint_fw_log.py',
                   'plugins/wato/checkpoint_fwm_ls.py']},
 'name': 'checkpoint_log_server',
 'num_files': 6,
- 'title': u'Check Point Log service status',
- 'version': '20200608.v0.1.2d',
- 'version.min_required': '1.2.8b8',
- 'version.packaged': '1.4.0p38'}
\ No newline at end of file
+ 'title': 'Check Point Log service status',
+ 'version': '20210614.v0.2',
+ 'version.min_required': '2.0.0',
+ 'version.packaged': '2021.04.10',
+ 'version.usable_until': None}
\ No newline at end of file
--- a/web/plugins/metrics/checkpoint_fw_log.py
+++ b/web/plugins/metrics/checkpoint_fw_log.py
-#!/usr/bin/python
-# -*- encoding: utf-8; py-indent-offset: 4 -*-
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
 #
 # License: GNU General Public License v2
 #
@@ -10,12 +10,13 @@
 # Check Point Logserver metrics plugins
 # checkpoint_fw_ls / checkpoint_fwm_ls
 #
+from cmk.gui.i18n import _

-##############################################################################
-#
-# define units for perfdata
-#
-##############################################################################
+from cmk.gui.plugins.metrics import (
+    metric_info,
+    graph_info,
+    perfometer_info
+)

 ##############################################################################
 #
@@ -82,74 +83,50 @@ metric_info['checkpoint_fwm_ls_readlogsratepeak'] = {
    'color': '22/a',
 }

-##############################################################################
-#
-# map perfdata to metric
-#
-##############################################################################
-
-
-check_metrics['check_mk-checkpoint_fw_ls'] = {
-    'fwlocalloggingwriterate': {'name': 'checkpoint_fw_ls_localloggingwriterate', },
-    'fwlogginghandlingrate': {'name': 'checkpoint_fw_ls_logginghandlingrate', },
-    'fwlsconnsendrate': {'name': 'checkpoint_fw_ls_lsconnsendrate', },
-}
-check_metrics['check_mk-checkpoint_fwm_ls'] = {
-    'totalreadlogs': {'name': 'checkpoint_fwm_ls_totalreadlogs', },
-    'totalupdatesandlogsindexed': {'name': 'checkpoint_fwm_ls_totalupdatesandlogsindexed', },
-    'totalreadlogserrors': {'name': 'checkpoint_fwm_ls_totalreadlogserrors', },
-    'totalupdatesandlogsindexederrors': {'name': 'checkpoint_fwm_ls_totalupdatesandlogsindexederrors', },
-    'updatesandlogsindexedrate': {'name': 'checkpoint_fwm_ls_updatesandlogsindexedrate', },
-    'updatesandlogsindexedratepeak': {'name': 'checkpoint_fwm_ls_updatesandlogsindexedratepeak', },
-    'readlogsrate': {'name': 'checkpoint_fwm_ls_readlogsrate', },
-    'readlogsratepeak': {'name': 'checkpoint_fwm_ls_readlogsratepeak', }
-
-}
-
 ##############################################################################
 #
 # how to graph perdata
 #
 ##############################################################################

-graph_info.append({
+graph_info['checkpoint_fw_ls.over_all'] = {
    'title': _('Check Point Firewall Logserver: over all'),
    'metrics': [
        ('checkpoint_fw_ls_localloggingwriterate', 'line'),
        ('checkpoint_fw_ls_logginghandlingrate', 'line'),
    ],
-})
+}

-graph_info.append({
+graph_info['checkpoint_fw_ls.gateway'] = {
    'title': _('Check Point Firewall Log server'),
    'metrics': [
        ('checkpoint_fw_ls_lsconnsendrate', 'line'),
    ],
-})
+}

-graph_info.append({
+graph_info['checkpoint_fwm_ls.management'] = {
    'title': _('Check Point Management Firewall Log server'),
    'metrics': [
        ('checkpoint_fwm_ls_updatesandlogsindexedratepeak', 'line'),
        ('checkpoint_fwm_ls_updatesandlogsindexedrate', 'line'),
    ],
-})
+}

-graph_info.append({
+graph_info['checkpoint_fwm_ls.read_logs'] = {
    'title': _('Check Point Management Firewall Log server read logs'),
    'metrics': [
        ('checkpoint_fwm_ls_totalreadlogserrors', 'line'),
        ('checkpoint_fwm_ls_totalreadlogs', 'line'),
    ],
-})
+}

-graph_info.append({
+graph_info['checkpoint_fwm_ls.updates'] = {
    'title': _('Check Point Management Firewall Log server updates and logs indexed'),
    'metrics': [
        ('checkpoint_fwm_ls_totalupdatesandlogsindexederrors', 'line'),
        ('checkpoint_fwm_ls_totalupdatesandlogsindexed', 'line'),
    ],
-})
+}

 ##############################################################################
 #
@@ -170,4 +147,4 @@ perfometer_info.append(('stacked', [
        'half_value': 1000.0,
        'exponent': 2,
    },
-]))
\ No newline at end of file
+]))
--- a/web/plugins/wato/checkpoint_fwm_ls.py
+++ b/web/plugins/wato/checkpoint_fwm_ls.py
-#!/usr/bin/python
-# -*- encoding: utf-8; py-indent-offset: 4 -*-
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
 #
 # License: GNU General Public License v2
 #
 # Author: thl-cmk[at]outlook[dot]com
 # URL   : https://thl-cmk.hopto.org
 #
-register_check_parameters(
-    subgroup_applications,
-    'checkpoint_fwm_ls',
-    _('Check Point Firewall Mangement Log Server'),
-    Dictionary(
-        elements=[
-            ('ignore_status_on_r80_10',
-             FixedValue(
-                 True,
-                 help=_('Ignore status and alive on Check Point R80.10'),
-                 title=_('Ignore status and alive on Check Point R80.10'),
-             )),
-        ],
-    ),
-    None,
-    match_type='dict',
+from cmk.gui.i18n import _
+from cmk.gui.valuespec import (
+    Dictionary,
+    TextAscii,
+    FixedValue,
 )
+
+from cmk.gui.plugins.wato import (
+    CheckParameterRulespecWithItem,
+    rulespec_registry,
+    RulespecGroupCheckParametersNetworking,
+)
+
+
+def _parameter_valuespec_checkpoint_fwm_ls():
+    return Dictionary(elements=[
+        ('ignore_status_on_r80_10',
+         FixedValue(
+             True,
+             title=_('Ignore status and alive on Check Point R80.10'),
+             totext=_('enabled'),
+             default_value=False,
+         )),
+    ])
+
+
+rulespec_registry.register(
+    CheckParameterRulespecWithItem(
+        check_group_name='checkpoint_fwm_ls',
+        group=RulespecGroupCheckParametersNetworking,
+        item_spec=lambda: TextAscii(title=_('Check Point Firewall management log server'), ),
+        match_type='dict',
+        parameter_valuespec=_parameter_valuespec_checkpoint_fwm_ls,
+        title=lambda: _('Check Point Firewall management log server'),
+    ))