Collection of CheckMK checks (see https://checkmk.com/). All checks and plugins are provided as is. Absolutely no warranty. Send any comments to thl-cmk[at]outlook[dot]com

Skip to content
Snippets Groups Projects
Commit 9bf281d0 authored by thl-cmk's avatar thl-cmk :flag_na:
Browse files

Delete checkpoint_remoteaccess

parent 34c18591
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
checks/checkpoint_remoteaccess deleted 100644 → 0
+ 0
317
View file @ 34c18591
#!/usr/bin/python
# -*- encoding: utf-8; py-indent-offset: 4 -*-
#
# License: GNU General Public License v2
#
# Author: thl-cmk[at]outlook[dot]com
# URL : https://thl-cmk.hopto.org
# Date : 2019-08-19
#
# monitor check point remote access vpn connections
#
# CHECKPOINT-MIB::dtpsProdName.0 = STRING:
# CHECKPOINT-MIB::dtpsVerMajor.0 = INTEGER: 0
# CHECKPOINT-MIB::dtpsVerMinor.0 = INTEGER: 0
# CHECKPOINT-MIB::dtpsLicensedUsers.0 = Counter32: 0
# CHECKPOINT-MIB::dtpsConnectedUsers.0 = Counter32: 0
# CHECKPOINT-MIB::dtpsStatCode.0 = INTEGER: 2
# CHECKPOINT-MIB::dtpsStatShortDescr.0 = STRING: Down
# CHECKPOINT-MIB::dtpsStatLongDescr.0 = STRING: Policy Server is down
#
# .1.3.6.1.4.1.2620.1.9.1.0 = ""
# .1.3.6.1.4.1.2620.1.9.2.0 = INTEGER: 0
# .1.3.6.1.4.1.2620.1.9.3.0 = INTEGER: 0
# .1.3.6.1.4.1.2620.1.9.4.0 = Counter32: 0
# .1.3.6.1.4.1.2620.1.9.5.0 = Counter32: 0
# .1.3.6.1.4.1.2620.1.9.101.0 = INTEGER: 2
# .1.3.6.1.4.1.2620.1.9.102.0 = STRING: "Down"
# .1.3.6.1.4.1.2620.1.9.103.0 = STRING: "Policy Server is down"
#
# info with no policy server down and no remote access connections
# [[], [[u'', u'0', u'0', u'0', u'0', u'2', u'Down', u'Policy Server is down']]]
#
# policy server activated/up no RA users
# [[], [[u'Policy Server', u'6', u'0', u'4294967294', u'0', u'0', u'OK', u'Policy Server is up']]]
#
# raUserState OBJECT-TYPE
# SYNTAX INTEGER {
# active(3),
# destroy(4),
# idle(129),
# phase1(130),
# down(131),
# init(132)
# }
#
# raTunnelEncAlgorithm OBJECT-TYPE
# SYNTAX INTEGER {
# espDES(1),
# esp3DES(2),
# espCAST(5),
# esp3IDEA(7),
# espNULL(9),
# espAES128(129),
# espAES256(130)
# }
#
# raTunnelAuthMethod OBJECT-TYPE
# SYNTAX INTEGER {
# preshared-key(1),
# dss-signature(2),
# rsa-signature(3),
# rsa-encryption(4),
# rev-rsa-encryption(5),
# xauth(129),
# crack(130)
# }
#
# CHECKPOINT-MIB::raUsersEntry.2.172.16.1.1.0 = STRING: "tabu"
# CHECKPOINT-MIB::raUsersEntry.2.172.16.1.2.0 = STRING: "dhai"
# CHECKPOINT-MIB::raUsersEntry.2.172.16.1.5.0 = STRING: "PhiS"
# CHECKPOINT-MIB::raUsersEntry.4.172.16.1.1.0 = Gauge32: 3
# CHECKPOINT-MIB::raUsersEntry.4.172.16.1.2.0 = Gauge32: 3
# CHECKPOINT-MIB::raUsersEntry.4.172.16.1.5.0 = Gauge32: 3
# CHECKPOINT-MIB::raExternalIpAddr.172.16.1.1.0 = IpAddress: 217.119.219.184
# CHECKPOINT-MIB::raExternalIpAddr.172.16.1.2.0 = IpAddress: 217.119.215.31
# CHECKPOINT-MIB::raExternalIpAddr.172.16.1.5.0 = IpAddress: 217.119.215.12
# CHECKPOINT-MIB::raUserState.172.16.1.1.0 = Wrong Type (should be INTEGER): Gauge32: 3
# CHECKPOINT-MIB::raUserState.172.16.1.2.0 = Wrong Type (should be INTEGER): Gauge32: 3
# CHECKPOINT-MIB::raUserState.172.16.1.5.0 = Wrong Type (should be INTEGER): Gauge32: 3
# CHECKPOINT-MIB::raOfficeMode.172.16.1.1.0 = Wrong Type (should be INTEGER): Gauge32: 1
# CHECKPOINT-MIB::raOfficeMode.172.16.1.2.0 = Wrong Type (should be INTEGER): Gauge32: 1
# CHECKPOINT-MIB::raOfficeMode.172.16.1.5.0 = Wrong Type (should be INTEGER): Gauge32: 1
# CHECKPOINT-MIB::raUseUDPEncap.172.16.1.1.0 = Wrong Type (should be INTEGER): Gauge32: 2
# CHECKPOINT-MIB::raUseUDPEncap.172.16.1.2.0 = Wrong Type (should be INTEGER): Gauge32: 2
# CHECKPOINT-MIB::raUseUDPEncap.172.16.1.5.0 = Wrong Type (should be INTEGER): Gauge32: 2
# CHECKPOINT-MIB::raVisitorMode.172.16.1.1.0 = Wrong Type (should be INTEGER): Gauge32: 0
# CHECKPOINT-MIB::raVisitorMode.172.16.1.2.0 = Wrong Type (should be INTEGER): Gauge32: 0
# CHECKPOINT-MIB::raVisitorMode.172.16.1.5.0 = Wrong Type (should be INTEGER): Gauge32: 0
# CHECKPOINT-MIB::raRouteTraffic.172.16.1.1.0 = Wrong Type (should be INTEGER): Gauge32: 1
# CHECKPOINT-MIB::raRouteTraffic.172.16.1.2.0 = Wrong Type (should be INTEGER): Gauge32: 1
# CHECKPOINT-MIB::raRouteTraffic.172.16.1.5.0 = Wrong Type (should be INTEGER): Gauge32: 1
# CHECKPOINT-MIB::raCommunity.172.16.1.1.0 = STRING: RemoteAccess
# CHECKPOINT-MIB::raCommunity.172.16.1.2.0 = STRING: RemoteAccess
# CHECKPOINT-MIB::raCommunity.172.16.1.5.0 = STRING: RemoteAccess
# CHECKPOINT-MIB::raTunnelEncAlgorithm.172.16.1.1.0 = Wrong Type (should be INTEGER): Gauge32: 130
# CHECKPOINT-MIB::raTunnelEncAlgorithm.172.16.1.2.0 = Wrong Type (should be INTEGER): Gauge32: 130
# CHECKPOINT-MIB::raTunnelEncAlgorithm.172.16.1.5.0 = Wrong Type (should be INTEGER): Gauge32: 130
# CHECKPOINT-MIB::raTunnelAuthMethod.172.16.1.1.0 = Wrong Type (should be INTEGER): Gauge32: 129
# CHECKPOINT-MIB::raTunnelAuthMethod.172.16.1.2.0 = Wrong Type (should be INTEGER): Gauge32: 129
# CHECKPOINT-MIB::raTunnelAuthMethod.172.16.1.5.0 = Wrong Type (should be INTEGER): Gauge32: 129
# CHECKPOINT-MIB::raLogonTime.172.16.1.1.0 = Wrong Type (should be INTEGER): Gauge32: 1565942591
# CHECKPOINT-MIB::raLogonTime.172.16.1.2.0 = Wrong Type (should be INTEGER): Gauge32: 1565935409
# CHECKPOINT-MIB::raLogonTime.172.16.1.5.0 = Wrong Type (should be INTEGER): Gauge32: 1565947344
# CHECKPOINT-MIB::raUsersEntry.30.172.16.1.1.0 = Gauge32: 8
# CHECKPOINT-MIB::raUsersEntry.30.172.16.1.2.0 = Gauge32: 8
# CHECKPOINT-MIB::raUsersEntry.30.172.16.1.5.0 = Gauge32: 8
#
# .1.3.6.1.4.1.2620.500.9000.1.2.172.16.1.1.0 = STRING: "tabu"
# .1.3.6.1.4.1.2620.500.9000.1.2.172.16.1.2.0 = STRING: "dhai"
# .1.3.6.1.4.1.2620.500.9000.1.2.172.16.1.5.0 = STRING: "PhiS"
# .1.3.6.1.4.1.2620.500.9000.1.4.172.16.1.1.0 = Gauge32: 3
# .1.3.6.1.4.1.2620.500.9000.1.4.172.16.1.2.0 = Gauge32: 3
# .1.3.6.1.4.1.2620.500.9000.1.4.172.16.1.5.0 = Gauge32: 3
# .1.3.6.1.4.1.2620.500.9000.1.19.172.16.1.1.0 = IpAddress: 217.119.219.184
# .1.3.6.1.4.1.2620.500.9000.1.19.172.16.1.2.0 = IpAddress: 217.119.215.31
# .1.3.6.1.4.1.2620.500.9000.1.19.172.16.1.5.0 = IpAddress: 217.119.215.12
# .1.3.6.1.4.1.2620.500.9000.1.20.172.16.1.1.0 = Gauge32: 3
# .1.3.6.1.4.1.2620.500.9000.1.20.172.16.1.2.0 = Gauge32: 3
# .1.3.6.1.4.1.2620.500.9000.1.20.172.16.1.5.0 = Gauge32: 3
# .1.3.6.1.4.1.2620.500.9000.1.21.172.16.1.1.0 = Gauge32: 1
# .1.3.6.1.4.1.2620.500.9000.1.21.172.16.1.2.0 = Gauge32: 1
# .1.3.6.1.4.1.2620.500.9000.1.21.172.16.1.5.0 = Gauge32: 1
# .1.3.6.1.4.1.2620.500.9000.1.23.172.16.1.1.0 = Gauge32: 2
# .1.3.6.1.4.1.2620.500.9000.1.23.172.16.1.2.0 = Gauge32: 2
# .1.3.6.1.4.1.2620.500.9000.1.23.172.16.1.5.0 = Gauge32: 2
# .1.3.6.1.4.1.2620.500.9000.1.24.172.16.1.1.0 = Gauge32: 0
# .1.3.6.1.4.1.2620.500.9000.1.24.172.16.1.2.0 = Gauge32: 0
# .1.3.6.1.4.1.2620.500.9000.1.24.172.16.1.5.0 = Gauge32: 0
# .1.3.6.1.4.1.2620.500.9000.1.25.172.16.1.1.0 = Gauge32: 1
# .1.3.6.1.4.1.2620.500.9000.1.25.172.16.1.2.0 = Gauge32: 1
# .1.3.6.1.4.1.2620.500.9000.1.25.172.16.1.5.0 = Gauge32: 1
# .1.3.6.1.4.1.2620.500.9000.1.26.172.16.1.1.0 = STRING: "RemoteAccess"
# .1.3.6.1.4.1.2620.500.9000.1.26.172.16.1.2.0 = STRING: "RemoteAccess"
# .1.3.6.1.4.1.2620.500.9000.1.26.172.16.1.5.0 = STRING: "RemoteAccess"
# .1.3.6.1.4.1.2620.500.9000.1.27.172.16.1.1.0 = Gauge32: 130
# .1.3.6.1.4.1.2620.500.9000.1.27.172.16.1.2.0 = Gauge32: 130
# .1.3.6.1.4.1.2620.500.9000.1.27.172.16.1.5.0 = Gauge32: 130
# .1.3.6.1.4.1.2620.500.9000.1.28.172.16.1.1.0 = Gauge32: 129
# .1.3.6.1.4.1.2620.500.9000.1.28.172.16.1.2.0 = Gauge32: 129
# .1.3.6.1.4.1.2620.500.9000.1.28.172.16.1.5.0 = Gauge32: 129
# .1.3.6.1.4.1.2620.500.9000.1.29.172.16.1.1.0 = Gauge32: 1565942591
# .1.3.6.1.4.1.2620.500.9000.1.29.172.16.1.2.0 = Gauge32: 1565935409
# .1.3.6.1.4.1.2620.500.9000.1.29.172.16.1.5.0 = Gauge32: 1565947344
# .1.3.6.1.4.1.2620.500.9000.1.30.172.16.1.1.0 = Gauge32: 8
# .1.3.6.1.4.1.2620.500.9000.1.30.172.16.1.2.0 = Gauge32: 8
# .1.3.6.1.4.1.2620.500.9000.1.30.172.16.1.5.0 = Gauge32: 8
#
# raUsersTable = [
# [u'172.16.1.1.0', u'tabu', u'3', u'217.119.219.184', u'3', u'1', u'', u'2', u'0', u'1', u'RemoteAccess', u'130', u'129', u'1565942591'],
# [u'172.16.1.2.0', u'dhai', u'3', u'217.119.215.31', u'3', u'1', u'', u'2', u'0', u'1', u'RemoteAccess', u'130', u'129', u'1565935409'],
# [u'172.16.1.5.0', u'PhiS', u'3', u'217.119.215.12', u'3', u'1', u'', u'2', u'0', u'1', u'RemoteAccess', u'130', u'129', u'1565947344']
# ]
#
checkpoint_remoteaccess_default_levels = (40, 100)
def inventory_checkpoint_remoteaccess(info):
try:
if info[1][0][0] == 'Policy Server':
return [(None, 'checkpoint_remoteaccess_default_levels')]
except IndexError:
pass
def check_checkpoint_remoteaccess(_no_item, params, info):
raUsersTable, dtps = info
# print dtps[0]
dtpsProdName, dtpsVerMajor, dtpsVerMinor, dtpsLicensedUsers, dtpsConnectedUsers, dtpsStatCode, dtpsStatShortDescr, dtpsStatLongDescr = dtps[0]
if dtpsProdName in [None, '']:
dtpsProdName = 'Policy Server'
dtpsVerMajor = int(dtpsVerMajor)
dtpsVerMinor = int(dtpsVerMinor)
dtpsLicensedUsers = int(dtpsLicensedUsers)
dtpsConnectedUsers = int(dtpsConnectedUsers)
dtpsStatCode = int(dtpsStatCode)
raUsers = len(raUsersTable)
raUsersActive = 0
raUsersDestroy = 0
raUsersIdle = 0
raUsersPhase1 = 0
raUsersDown = 0
raUsersInit = 0
raUsersOfficeMode = 0
raUsersIkeOverTcp = 0
raUsersUDPEncap = 0
raUsersVisitorMode = 0
raUsersRouteTraffic = 0
raBadEncryption = 0
if raUsers > 0:
for raUser in raUsersTable:
raOidEnd, raUserName, raUnknown, raExternalIpAddr, raUserState, raOfficeMode, raIkeOverTCP, raUseUDPEncap, raVisitorMode, raRouteTraffic, raCommunity, raTunnelEncAlgorithm, raTunnelAuthMethod, raLogonTime = raUser
raUserState = int(raUserState)
if raUserState == 3:
raUsersActive += 1
elif raUserState == 4:
raUsersDestroy +=1
elif raUserState == 129:
raUsersIdle += 1
elif raUserState == 130:
raUsersPhase1 += 1
elif raUserState == 131:
raUsersDown += 1
elif raUserState == 132:
raUsersInit += 1
if raOfficeMode == '1':
raUsersOfficeMode += 1
if raIkeOverTCP == '1':
raUsersIkeOverTcp += 1
if raUseUDPEncap == '2':
raUsersUDPEncap += 1
if raVisitorMode == '1':
raUsersVisitorMode += 1
if raRouteTraffic == '1':
raUsersRouteTraffic += 1
if raTunnelEncAlgorithm in [1, 2, 5, 7, 9]:
raBadEncryption += 1
# now_time = time.time()
# fwConnectionsTcp = get_rate('checkpoint_remoteaccess.%s.%s' % ('fwConnectionsTcp', item), now_time, int(fwConnectionsTcp), onwrap=SKIP)
warn, crit = params
perfdata = [('dtpsConnectedUsers', dtpsConnectedUsers, warn, crit, 0, dtpsLicensedUsers),
('raUsers', raUsers, warn, crit, 0, raUsers),
('raUsersActive', raUsersActive),
('raUsersDestroy', raUsersDestroy),
('raUsersIdle', raUsersIdle),
('raUsersPhase1', raUsersPhase1),
('raUsersDown', raUsersDown),
('raUsersInit', raUsersInit),
('raBadEncryption', raBadEncryption),
('raUsersOfficeMode', raUsersOfficeMode),
('raUsersIkeOverTcp', raUsersIkeOverTcp),
('raUsersUDPEncap', raUsersUDPEncap),
('raUsersVisitorMode', raUsersVisitorMode),
('raUsersRouteTraffic', raUsersRouteTraffic),
]
longoutput = ''
infotext = ''
if dtpsVerMajor == 0:
infotext += 'Policy Server not activated'
else:
infotext += '%s version: %d.%d' % (dtpsProdName, dtpsVerMajor, dtpsVerMinor)
if dtpsLicensedUsers == dtpsLicensedUsers:
infotext += ', not licensed'
else:
infotext += ', licensed users: %d' % dtpsLicensedUsers
infotext += ', connected users: %d ' % dtpsConnectedUsers
longoutput += '\nStatus: %s' % dtpsStatLongDescr
if 0 <= dtpsStatCode <= 3:
yield dtpsStatCode, 'status %s' % dtpsStatShortDescr
else:
infotext += ', status %s' % dtpsStatShortDescr
if raUsers > 0:
infotext += ', RA Users: %d' % raUsers
if raBadEncryption > 0:
yield 1, 'User with bad encryption (DES, 3DES, CAST, 3IDEA, NULL)'
yield 0, infotext + longoutput, perfdata
check_info['checkpoint_remoteaccess'] = {
'check_function' : check_checkpoint_remoteaccess,
'inventory_function' : inventory_checkpoint_remoteaccess,
'service_description': 'Remote Access',
'has_perfdata' : True,
# 'group' : 'checkpoint_remoteaccess',
'snmp_scan_function': lambda oid: (oid('.1.3.6.1.2.1.1.2.0').startswith('.1.3.6.1.4.1.2620.1.6.123.1') or
oid('.1.3.6.1.2.1.1.2.0').startswith('.1.3.6.1.4.1.8072.3.2.10')) and
oid('.1.3.6.1.4.1.2620.1.6.1.0', '').lower().startswith('svn foundation'),
'snmp_info' : [('.1.3.6.1.4.1.2620.500.9000', [
OID_END,
'1.2', # UserName
'1.4', #
'1.19', # raExternalIpAddr
'1.20', # raUserState
'1.21', # raOfficeMode
'1.22', # raIkeOverTCP
'1.23', # raUseUDPEncap
'1.24', # raVisitorMode
'1.25', # raRouteTraffic
'1.26', # raCommunity
'1.27', # raTunnelEncAlgorithm
'1.28', # raTunnelAuthMethod
'1.29', # raLogonTime
]),
('.1.3.6.1.4.1.2620.1.9', [ # CHECKPOINT-MIB::fwPolicyServer
'1.0', # dtpsProdName
'2.0', # dtpsVerMajor
'3.0', # dtpsVerMinor
'4.0', # dtpsLicensedUsers
'5.0', # dtpsConnectedUsers
'101.0', # dtpsStatCode
'102.0', # dtpsStatShortDescr
'103.0', # dtpsStatLongDescr
])
]
}
\ No newline at end of file
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Collection of CheckMK checks (see https://checkmk.com/). All checks and plugins are provided as is. Absolutely no warranty. Send any comments to thl-cmk[at]outlook[dot]com