[PACKAGE]: ../../raw/master/mkp/checkpoint_identity_awareness-0.3.0-20230529.mkp "checkpoint_identity_awareness-0.3.0-20230529.mkp" # Check Point Identity Awareness (IA) This is a collection of Check Point Identity Awareness blade releated checks. * *checkpoint_ia_adquery*: monitors the status of the IA blade Active directory connector * *checkpoint_identity_awareness*: monitors the overall status of the IA blade --- ### Download * [checkpoint_identity_awareness.mkp (latest version)](https://thl-cmk.hopto.org/gitlab/checkmk/check-point/gateway/checkpoint_identity_awareness/-/raw/master/checkpoint_identity_awareness.mkp "Download latest version") --- ### Installation You can install the package by uploading it to your CheckMK site and as site user run `mkp install checkpoint_identity_awareness.mkp`. In the Enterprise/Free edition of CheckMK you can use the GUI to install the package (_Setup_ -> _Extension Packages_ -> _Upload package_) --- ### Want to contribute? Nice ;-) Have a look at the [contribution guidelines](CONTRIBUTING.md "Contributing") --- ### Check Info *checkpoint_ia_adquery* * *service*: tihs check will create on service per Active directory * *state*: **critical** if there a connection error * *wato*: none * *perfdata*: * Events/s per AD Domain Controller * Events summary/s **Note**: the metrics file needs to be adjusted depending on your AD Domain Controllers --- ### Sample output ![sample output](/doc/sample-ia-ad.png?raw=true "sample [SHORT TITLE]") --- ### Check Info *checkpoint_identity_awareness* * *service*: this check will create the service *Identity Awareness status* * *state*: **warning** if *iastatus* is not *0* (ok), Error description from *iaStatusLongDesc* * *wato*: you can configure which perfdata will be collected * *perfdata*: * Successfull ADQuery user login attempts * Successfull ADQuery machine login attempts * Successfull Kerberos user login attempts * Successfull Kerberos machine login attempts * Successfull User Name And Password login attempts * Unsuccessfull Kerberos user login attempts * Unsuccessfull Kerberos machine login attempts * Unsuccessfull User Name And Password login attempts * Successful LDAP queries * Unsuccessful LDAP queries * Authenticated users to the gateway * Authenticated users by ADQuery * Authenticated machines by ADQuery * Authenticated users by Kerberos * Authenticated machines by Kerberos * Authenticated users by User name and password * Unauthenticated guests * Identities logged in with ADQuery * Identities logged in with agents * Identities logged in with Captive Portal * Identities logged in with RADIUS Accounting * Identities logged in with Identity Collector Active Directory * Identities logged in with Identity Collector Cisco ISE * Identities logged in with terminal server * Identities logged in with Remote Access * Identities logged in with Identity Web API * Users with an active Traffic Anti-Spoffing protection * How much data did gateway transmitted --- ### Sample output ![sample output](/doc/sample-ia-status.png?raw=true "sample [SHORT TITLE]")