Collection of CheckMK checks (see https://checkmk.com/). All checks and plugins are provided as is. Absolutely no warranty. Send any comments to thl-cmk[at]outlook[dot]com

Skip to content
Normal view History Permalink
README.md 2.56 KiB
Newer Older
thl-cmk's avatar
Update README.md  
thl-cmk committed
1 2 3 
# Check Point Identity Awareness (IA) [(Download the MKP package)](/../../../-/raw/master/checkpoint_identity_awareness.mkp "Download MKP package")

**Note: this package is for CheckMK version 2.x. For other versions see the corresponding branch.**
thl-cmk's avatar
cleanup
thl-cmk committed
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 

This is a collection of Check Point Identity Awareness blade releated checks.

*  *checkpoint_ia_adquery*: monitors the status of the IA blade Active directory connector
*  *checkpoint_identity_awareness*: monitors the overall status of the IA blade

## Check Info *checkpoint_ia_adquery*:

* *service*: tihs check will create on service per Active directory
* *state*: **critical** if there a connection error 
* *wato*: none
* *perfdata*: 
    * Events/s per AD Domain Controller
    * Events summary/s
thl-cmk's avatar
Update README.md  
thl-cmk committed
19 
**Note**: the metrics file needs to be adjusted depending on your AD Domain Controllers
thl-cmk's avatar
cleanup
thl-cmk committed
20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 

Sample output

![sample output](/doc/sample-ia-ad.png?raw=true "sample [SHORT TITLE]")

## Check Info *checkpoint_identity_awareness*:

* *service*: this check will create the service *Identity Awareness status*
* *state*: **warning** if *iastatus* is not *0* (ok), Error description from *iaStatusLongDesc*
* *wato*: you can configure which perfdata will be collected
* *perfdata*:
    * Successfull ADQuery user login attempts
    * Successfull ADQuery machine login attempts
    * Successfull Kerberos user login attempts
    * Successfull Kerberos machine login attempts
    * Successfull User Name And Password login attempts
    * Unsuccessfull Kerberos user login attempts
    * Unsuccessfull Kerberos machine login attempts
    * Unsuccessfull User Name And Password login attempts
    * Successful LDAP queries
    * Unsuccessful LDAP queries
    * Authenticated users to the gateway
    * Authenticated users by ADQuery
    * Authenticated machines by ADQuery
    * Authenticated users by Kerberos
    * Authenticated machines by Kerberos
    * Authenticated users by User name and password
    * Unauthenticated guests
    * Identities logged in with ADQuery
    * Identities logged in with agents
    * Identities logged in with Captive Portal
    * Identities logged in with RADIUS Accounting
    * Identities logged in with Identity Collector Active Directory
    * Identities logged in with Identity Collector Cisco ISE
    * Identities logged in with terminal server
    * Identities logged in with Remote Access
    * Identities logged in with Identity Web API
    * Users with an active Traffic Anti-Spoffing protection
    * How much data did  gateway transmitted

Sample output

![sample output](/doc/sample-ia-status.png?raw=true "sample [SHORT TITLE]")

Collection of CheckMK checks (see https://checkmk.com/). All checks and plugins are provided as is. Absolutely no warranty. Send any comments to thl-cmk[at]outlook[dot]com