diff --git a/agent_based/checkpoint_securexl.py b/agent_based/checkpoint_securexl.py
new file mode 100644
index 0000000000000000000000000000000000000000..fc69fa1bf58d8c96638e43b18c1ae07638b497d8
--- /dev/null
+++ b/agent_based/checkpoint_securexl.py
@@ -0,0 +1,141 @@
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
+#
+# License: GNU General Public License v2
+#
+# Author: thl-cmk[at]outlook[dot]com
+# URL : https://thl-cmk.hopto.org
+# Date : 2018-03-14
+#
+# Monitor status of Check Point SecureXL
+#
+# 2020-06-08: changed snmp-scan function
+# renamed from checkpoint_securexl_status to checkpoint_securexl
+# 2021-08-26: rewritten for CMK 2.0
+#
+# snmpwalk sample
+#
+# CHECKPOINT-MIB::fwSXLStatus.0 = INTEGER: enabled(1)
+# CHECKPOINT-MIB::fwSXLConnsExisting.0 = Wrong Type (should be INTEGER): Gauge32: 51
+# CHECKPOINT-MIB::fwSXLConnsAdded.0 = Wrong Type (should be INTEGER): Gauge32: 630
+# CHECKPOINT-MIB::fwSXLConnsDeleted.0 = Wrong Type (should be INTEGER): Gauge32: 578
+#
+# .1.3.6.1.4.1.2620.1.36.1.1.0 = INTEGER: 1
+# .1.3.6.1.4.1.2620.1.36.1.2.0 = Gauge32: 40
+# .1.3.6.1.4.1.2620.1.36.1.3.0 = Gauge32: 645
+# .1.3.6.1.4.1.2620.1.36.1.4.0 = Gauge32: 604
+#
+# sample info
+#
+# [[u'1', u'48', u'7932', u'7986']]
+#
+import time
+from dataclasses import dataclass
+from typing import Optional
+
+from cmk.base.plugins.agent_based.agent_based_api.v1 import (
+ register,
+ Service,
+ check_levels,
+ SNMPTree,
+ all_of,
+ startswith,
+ any_of,
+ equals,
+ get_rate,
+ GetRateError,
+ get_value_store,
+ Result,
+ State,
+)
+from cmk.base.plugins.agent_based.agent_based_api.v1.type_defs import (
+ DiscoveryResult,
+ CheckResult,
+ StringTable,
+)
+
+
+@dataclass
+class CheckpointSecurexl:
+ fwSXLStatus: int
+ fwSXLConnsExisting: int
+ fwSXLConnsAdded: int
+ fwSXLConnsDeleted: int
+
+
+def parse_checkpoint_securexl(string_table: StringTable) -> Optional[CheckpointSecurexl]:
+ try:
+ wSXLStatus, fwSXLConnsExisting, fwSXLConnsAdded, fwSXLConnsDeleted = string_table[0]
+ except (ValueError, IndexError):
+ return
+
+ return CheckpointSecurexl(
+ fwSXLStatus=int(wSXLStatus),
+ fwSXLConnsExisting=int(fwSXLConnsExisting),
+ fwSXLConnsDeleted=int(fwSXLConnsDeleted),
+ fwSXLConnsAdded=int(fwSXLConnsAdded),
+ )
+
+
+def discovery_checkpoint_securexl(section: CheckpointSecurexl) -> DiscoveryResult:
+ yield Service()
+
+
+def check_checkpoint_securexl(section: CheckpointSecurexl) -> CheckResult:
+ if section.fwSXLStatus == 1:
+
+ now_time = time.time()
+ value_store = get_value_store()
+
+ yield from check_levels(
+ value=section.fwSXLConnsExisting,
+ label='Connections active',
+ metric_name='checkpoint_securexl_active',
+ render_func=lambda v: f'{v:.0f}'
+ )
+
+ for label, metric, value in [
+ ('added', 'added', section.fwSXLConnsAdded),
+ ('deleted', 'deleted', section.fwSXLConnsDeleted),
+ ]:
+ try:
+ value = get_rate(value_store, f'checkpoint_securexl_{metric}', now_time, value, raise_overflow=True)
+ except GetRateError:
+ value = 0
+ yield from check_levels(
+ value=value,
+ label=label,
+ metric_name=f'checkpoint_securexl_{metric}',
+ render_func=lambda v: f'{v:0.2f}/s',
+ )
+ else:
+ yield Result(state=State.WARN, notice='SXL not enabled')
+
+
+register.snmp_section(
+ name='checkpoint_securexl',
+ parse_function=parse_checkpoint_securexl,
+ fetch=SNMPTree(
+ base='.1.3.6.1.4.1.2620.1.36.1', #
+ oids=[
+ '1', # fwSXLStatus
+ '2', # fwSXLConnsExisting
+ '3', # fwSXLConnsAdded
+ '4', # fwSXLConnsDeleted
+ ]
+ ),
+ detect=any_of(
+ startswith('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.2620'),
+ all_of(
+ equals('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.8072.3.2.10'),
+ equals('.1.3.6.1.4.1.2620.1.6.1.0', 'SVN Foundation'),
+ )
+ )
+)
+
+register.check_plugin(
+ name='checkpoint_securexl',
+ service_name='SecureXL',
+ discovery_function=discovery_checkpoint_securexl,
+ check_function=check_checkpoint_securexl,
+)
diff --git a/checkpoint_securexl.mkp b/checkpoint_securexl.mkp
index 7e7251bf3e12ecfbb3731529633b84ac046d57f2..1753e24eb19995802998ab032a43ef5b8493a5eb 100644
Binary files a/checkpoint_securexl.mkp and b/checkpoint_securexl.mkp differ
diff --git a/packages/checkpoint_securexl b/packages/checkpoint_securexl
index 7741455ca2f6034117bcdb26f3a6cc91c66f5b4d..266afe9c3cdf73162af30df2b7bde38ae1a12ead 100644
--- a/packages/checkpoint_securexl
+++ b/packages/checkpoint_securexl
@@ -1,11 +1,14 @@
-{'author': u'Th.L. (thl-cmk[at]outlook[dot]com)',
- 'description': u'Monitors Check Point SecureXL status\nhas Perfdata for: active, added and deleted connections\nWarning if status not enabled\n',
+{'author': 'Th.L. (thl-cmk[at]outlook[dot]com)',
+ 'description': 'Monitors Check Point SecureXL status\n'
+ 'has Perfdata for: active, added and deleted connections\n'
+ 'Warning if status not enabled\n',
'download_url': 'https://thl-cmk.hopto.org',
- 'files': {'checks': ['checkpoint_securexl'],
+ 'files': {'agent_based': ['checkpoint_securexl.py'],
'web': ['plugins/metrics/checkpoint_securexl.py']},
'name': 'checkpoint_securexl',
'num_files': 2,
- 'title': u'Check Point SecureXL status',
- 'version': '20200608.v.0.0.2',
- 'version.min_required': '1.2.8b8',
- 'version.packaged': '1.4.0p38'}
\ No newline at end of file
+ 'title': 'Check Point SecureXL status',
+ 'version': '20210826.v.0.0.3',
+ 'version.min_required': '2.0.0',
+ 'version.packaged': '2021.07.14',
+ 'version.usable_until': None}
\ No newline at end of file
diff --git a/web/plugins/metrics/checkpoint_securexl.py b/web/plugins/metrics/checkpoint_securexl.py
index 8b6e2ed07302387adef4404481eda26737b5b4af..86345973aab8e357cb5fd4bd1ca1eb4b03d3e7e1 100644
--- a/web/plugins/metrics/checkpoint_securexl.py
+++ b/web/plugins/metrics/checkpoint_securexl.py
@@ -1,5 +1,5 @@
-#!/usr/bin/python
-# -*- encoding: utf-8; py-indent-offset: 4 -*-
+#!/usr/bin/env python3
+# -*- coding: utf-8 -*-
#
# License: GNU General Public License v2
#
@@ -10,48 +10,49 @@
# Check Point SecureXL staus metrics plugin
# checkpoint_securexl
#
-metric_info['checkpoint_securexl_connections_active'] = {
+from cmk.gui.i18n import _
+
+from cmk.gui.plugins.metrics import (
+ metric_info,
+ graph_info,
+ perfometer_info,
+)
+
+metric_info['checkpoint_securexl_active'] = {
'title': _('Connections active'),
'unit': 'count',
'color': '26/a',
}
-metric_info['checkpoint_securexl_connections_added'] = {
+metric_info['checkpoint_securexl_added'] = {
'title': _('Connections added'),
'unit': '1/s',
'color': '21/a',
}
-metric_info['checkpoint_securexl_connections_deleted'] = {
+metric_info['checkpoint_securexl_deleted'] = {
'title': _('Connections deleted'),
'unit': '1/s',
'color': '31/a',
}
-check_metrics['check_mk-checkpoint_securexl'] = {
- 'connections_active': {'name': 'checkpoint_securexl_connections_active', },
- 'connections_added': {'name': 'checkpoint_securexl_connections_added', },
- 'connections_deleted': {'name': 'checkpoint_securexl_connections_deleted', },
-}
-
-graph_info.append({
+graph_info['checkpoint_securexl_connections_active'] = {
'title': _('Check Point SecureXL Connections active'),
'metrics': [
- ('checkpoint_securexl_connections_active', 'area'),
+ ('checkpoint_securexl_active', 'area'),
],
-})
+}
-graph_info.append({
+graph_info['checkpoint_securexl_connections_rate'] = {
'title': _('Check Point SecureXL Connections added/deleted'),
'metrics': [
- ('checkpoint_securexl_connections_deleted', '-area'),
- ('checkpoint_securexl_connections_added', 'area'),
+ ('checkpoint_securexl_deleted', '-area'),
+ ('checkpoint_securexl_added', 'area'),
],
-})
-
+}
perfometer_info.append({
- 'type': 'logarithmic',
- 'metric': 'checkpoint_securexl_connections_active',
- 'half_value': 2000.0,
- 'exponent': 2,
- },)
\ No newline at end of file
+ 'type': 'logarithmic',
+ 'metric': 'checkpoint_securexl_active',
+ 'half_value': 2000.0,
+ 'exponent': 2,
+}, )