Newer
Older
[PACKAGE]: ../../raw/master/mkp/checkpoint_identity_awareness-0.3.1-20240828.mkp "checkpoint_identity_awareness-0.3.1-20240828.mkp"
This is a collection of Check Point Identity Awareness blade releated checks.
* *checkpoint_ia_adquery*: monitors the status of the IA blade Active directory connector
* *checkpoint_identity_awareness*: monitors the overall status of the IA blade
* [Download latest mkp file][PACKAGE]
**Note**: before you update to a newer version, always check the [CHANGELOG](CHANGELOG). There might be incompatible changes.
You can install the package by uploading it to your CheckMK site and as site user run
```
mkp install PACKAGENAME-VERSION.mkp
```
or beginning with CMK2.2.x
```
mkp add PACKAGENAME-VERSION.mkp
mkp enable PACKAGENAME VERSION
```
In the non RAW editions of CheckMK you can use the GUI to install the package (_Setup_ -> _Extension Packages_ -> _Upload package_)
---
### Want to contribute?
Nice ;-) Have a look at the [contribution guidelines](CONTRIBUTING.md "Contributing")
---
### Check Info *checkpoint_ia_adquery*
* *service*: tihs check will create on service per Active directory
* *state*: **critical** if there a connection error
* *wato*: none
* *perfdata*:
* Events/s per AD Domain Controller
* Events summary/s
**Note**: the metrics file needs to be adjusted depending on your AD Domain Controllers
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
* *service*: this check will create the service *Identity Awareness status*
* *state*: **warning** if *iastatus* is not *0* (ok), Error description from *iaStatusLongDesc*
* *wato*: you can configure which perfdata will be collected
* *perfdata*:
* Successfull ADQuery user login attempts
* Successfull ADQuery machine login attempts
* Successfull Kerberos user login attempts
* Successfull Kerberos machine login attempts
* Successfull User Name And Password login attempts
* Unsuccessfull Kerberos user login attempts
* Unsuccessfull Kerberos machine login attempts
* Unsuccessfull User Name And Password login attempts
* Successful LDAP queries
* Unsuccessful LDAP queries
* Authenticated users to the gateway
* Authenticated users by ADQuery
* Authenticated machines by ADQuery
* Authenticated users by Kerberos
* Authenticated machines by Kerberos
* Authenticated users by User name and password
* Unauthenticated guests
* Identities logged in with ADQuery
* Identities logged in with agents
* Identities logged in with Captive Portal
* Identities logged in with RADIUS Accounting
* Identities logged in with Identity Collector Active Directory
* Identities logged in with Identity Collector Cisco ISE
* Identities logged in with terminal server
* Identities logged in with Remote Access
* Identities logged in with Identity Web API
* Users with an active Traffic Anti-Spoffing protection
* How much data did gateway transmitted
