diff --git a/agent_based/utils/checkpoint_threat_emulation.py b/agent_based/utils/checkpoint_threat_emulation.py
deleted file mode 100644
index b48b94e3d425a5fa70fa978610fc2e08d0866f6f..0000000000000000000000000000000000000000
--- a/agent_based/utils/checkpoint_threat_emulation.py
+++ /dev/null
@@ -1,287 +0,0 @@
-#!/usr/bin/env python3
-# -*- coding: utf-8 -*-
-#
-# License: GNU General Public License v2
-#
-# Author: thl-cmk[at]outlook[dot]com
-# URL : https://thl-cmk.hopto.org
-# Date : 2018-03-14
-#
-# Monitor status of Check Point Threat Emulation
-#
-# 2018-05-02: fixed: monthly_quota_on_cloud_used = ''
-# 2018-05-30: removed 'unknown' OIDs
-# removed counters for last day, last week, last month
-# code cleanup
-# 2020-06-08: changed snmp-scan function
-# 2021-08-27: rewritten for CMK 2.0
-#
-# snmpwalk sample
-#
-# sample info
-#
-# [
-# [
-# [u'0%', u'0', u'up-to-date', u'Gateway is up to date.', u'1548979200', u'100000', u'100000', u'valid', u'ok',
-# u'Quota subscription is valid', u'990002053', u'0', u'ok', u'']
-# ],
-# [
-# [u'0', u'0', u'0', u'0', u'0', u'0', u'0', u'0']
-# ]
-# ]
-#
-# threat emulation not active
-# [[], []]
-#
-
-import time
-from dataclasses import dataclass
-from typing import List, Optional, Tuple
-
-from cmk.base.plugins.agent_based.agent_based_api.v1 import (
- register,
- Service,
- Result,
- check_levels,
- State,
- SNMPTree,
- all_of,
- startswith,
- any_of,
- equals,
- Metric,
-)
-from cmk.base.plugins.agent_based.agent_based_api.v1.type_defs import (
- DiscoveryResult,
- CheckResult,
- StringTable,
-)
-
-
-@dataclass
-class CheckpointTeStatus:
- current_files_waiting_for_emulation: int
- teUpdateStatus: str
- teUpdateDesc: str
- teSubscriptionExpDate: int
- teSubscriptionExpDateStr: str
- quota_on_cloud: int
- remaining_quota_on_cloud: int
- teSubscriptionStatus: str
- teCloudSubscriptionStatus: str
- teSubscriptionDesc: str
- build: str
- teStatusCode: int
- teStatusShortDesc: str
- teStatusLongDesc: str
- metric_count: List[Tuple[str, int]]
- monthly_quota_on_cloud_used: Optional[int] = None
-
-
-def parse_checkpoint_threat_emulation(string_table: List[StringTable]) -> Optional[CheckpointTeStatus]:
- testatus, tecounter = string_table
- try:
- monthly_quota_on_cloud_used, current_files_waiting_for_emulation, teUpdateStatus, teUpdateDesc, \
- teSubscriptionExpDate, quota_on_cloud, remaining_quota_on_cloud, teSubscriptionStatus, \
- teCloudSubscriptionStatus, teSubscriptionDesc, build, teStatusCode, teStatusShortDesc, \
- teStatusLongDesc = testatus[0]
- except(IndexError, ValueError):
- return
-
- scanned_files, malicious_files_detected, files_scanned_by_threat_cloud, malicious_files_detected_by_threat_cloud, \
- average_process_time, average_emulated_file_size, average_queue_size, peak_queue_size, = tecounter[0]
-
- metric_count = [
- ('scanned_files', int(scanned_files)),
- ('malicious_files_detected', int(malicious_files_detected)),
- ('files_scanned_by_threat_cloud', int(files_scanned_by_threat_cloud)),
- ('malicious_files_detected_by_threat_cloud', int(malicious_files_detected_by_threat_cloud)),
- ('average_process_time', int(average_process_time)),
- ('average_emulated_file_size', int(average_emulated_file_size)),
- ('average_queue_size', int(average_queue_size)),
- ('peak_queue_size', int(peak_queue_size)),
- ]
-
- monthly_quota_on_cloud_used = monthly_quota_on_cloud_used.replace('%', '')
-
- if teStatusCode != '3': # possible TE not activated
- return CheckpointTeStatus(
- monthly_quota_on_cloud_used=int(monthly_quota_on_cloud_used) if monthly_quota_on_cloud_used.isdigit() else None,
- current_files_waiting_for_emulation=int(current_files_waiting_for_emulation),
- teUpdateStatus=teUpdateStatus,
- teUpdateDesc=teUpdateDesc,
- teSubscriptionExpDate=int(teSubscriptionExpDate),
- teSubscriptionExpDateStr=time.strftime('%Y-%m-%d %H:%M:%S', time.localtime(teSubscriptionExpDate)),
- quota_on_cloud=int(quota_on_cloud),
- remaining_quota_on_cloud=int(remaining_quota_on_cloud),
- teSubscriptionStatus=teSubscriptionStatus,
- teCloudSubscriptionStatus=teCloudSubscriptionStatus,
- teSubscriptionDesc=teSubscriptionDesc.replace('\n', ' '),
- build=build,
- teStatusCode=int(teStatusCode),
- teStatusShortDesc=teStatusShortDesc,
- teStatusLongDesc=teStatusLongDesc,
- metric_count=metric_count
- )
-
-
-def discovery_checkpoint_threat_emulation(section: CheckpointTeStatus) -> DiscoveryResult:
- yield Service()
-
-
-def check_checkpoint_threat_emulation(params, section: CheckpointTeStatus) -> CheckResult:
- yield Result(state=State.OK, summary=f'Subscription valid until: {section.teSubscriptionExpDateStr}')
- yield Result(state=State.OK, summary=f'Build: {section.build}')
-
- if section.teUpdateStatus != 'up-to-date':
- yield Result(state=State.WARN, notice=f'Update status {section.teUpdateStatus}, {section.teUpdateDesc}')
- if not section.teStatusCode == 0:
- yield Result(state=State.WARN, notice=f'Status {section.teStatusShortDesc}, {section.teStatusLongDesc}')
- if section.teSubscriptionStatus != 'valid':
- yield Result(state=State.WARN, notice=f'Subscription status: {section.teCloudSubscriptionStatus}, {section.teSubscriptionDesc}')
- if section.teCloudSubscriptionStatus != 'ok':
- yield Result(state=State.WARN, notice=f'Cloud subscription status {section.teCloudSubscriptionStatus}')
-
- for levels, metric, label, value in [
- (params.get('used_monthly_quota_levels'), 'monthly_quota_on_cloud_used', 'Used quota on cloud', section.monthly_quota_on_cloud_used),
- (params.get('remaining_quota_levels'), 'remaining_quota_on_cloud', 'Remaining quota on cloud', section.remaining_quota_on_cloud), # max: quota_on_cloud
- (params.get('files_waiting_levels'), 'current_files_waiting_for_emulation', 'Current files waiting for emulation', section.current_files_waiting_for_emulation), # max: quota_on_cloud
- ]:
- if value:
- yield from check_levels(
- value=value,
- label=label,
- levels_upper=levels,
- metric_name=metric,
- render_func=lambda v: f'{v:.0f}'
- )
-
- for metric, value in section.metric_count:
- yield Metric(
- value=value,
- name=f'checkpoint_threat_emulation_{metric}_current'
- )
-
-
-register.snmp_section(
- name='checkpoint_threat_emulation',
- parse_function=parse_checkpoint_threat_emulation,
- fetch=[
- SNMPTree(
- base='.1.3.6.1.4.1.2620.1.49', # CHECKPOINT-MIB::te (status)
- oids=[
- '3', # monthly_quota_on_cloud_used
- '12', # current_files_waiting_for_emulation
- '16', # teUpdateStatus
- '17', # teUpdateDesc
- '20', # teSubscriptionExpDate
- '22', # quota_on_cloud
- '23', # remaining_quota_on_cloud
- '25', # teSubscriptionStatus
- '26', # teCloudSubscriptionStatus
- '27', # teSubscriptionDesc
- '30', # build
- '101', # teStatusCode
- '102', # teStatusShortDesc
- '103', # teStatusLongDesc
- ]
- ),
- SNMPTree(
- base='.1.3.6.1.4.1.2620.1.49', # CHECKPOINT-MIB::te (counter)
- oids=[
- '4.1', # scanned_files current
- '5.1', # malicious_files_detected current
- '6.1', # files_scanned_by_threat_cloud current
- '7.1', # malicious_files_detected_by_threat_cloud current
- '8.1', # average_process_time current
- '9.1', # average_emulated_file_size current
- '10.1', # average_queue_size current
- '11.1', # peak_queue_size current
- ]
- ),
-
- ],
- detect=any_of(
- startswith('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.2620'),
- all_of(
- equals('.1.3.6.1.2.1.1.2.0', '.1.3.6.1.4.1.8072.3.2.10'),
- equals('.1.3.6.1.4.1.2620.1.6.1.0', 'SVN Foundation'),
- )
- )
-)
-
-register.check_plugin(
- name='checkpoint_threat_emulation',
- service_name='Threat Emulation status',
- discovery_function=discovery_checkpoint_threat_emulation,
- check_function=check_checkpoint_threat_emulation,
- check_ruleset_name='checkpoint_threat_emulation',
- check_default_parameters={
- 'used_monthly_quota_levels': [90, 95],
- 'remaining_quota_levels': [10000, 5000],
- 'files_waiting_levels': [5, 10],
- }
-)
-
-
-# Name Last Day Last Week Last Month
-# Scanned Files 0 0 0
-# Malicious Files Detected 0 0 0
-# Average Process Time 0 Sec 0 Sec 0 Sec
-# Average Emulated File Size 0 B 0 B 0 B
-# Average Queue Size 0 0 0
-# Peak Queue Size 0 0 0
-#
-# Scanned Files in the Last 7 Days: 0
-# Malicious Files Detected in the Last 7 Days: 0
-# Remaining Quota on Cloud: "Wait"
-# Monthly Quota on Cloud Used: NaN%
-
-# ('.1.3.6.1.4.1.2620.1.49.2.1', [
-# '1', #
-# '2', #
-# '3', #
-# '4', #
-# '5', #
-# '6', #
-# '7', #
-# '8', #
-# '9', #
-# '10', #
-# '11', #
-# ]),
-
-# if item == 'anaylsis':
-#
-# #
-# # sample te_analysis
-# #
-# # [[u'1', u'Image', u'1afbde2e-d593-45a8-a686-6cbd42f37823', u'', u'0', u'0', u'0', u'0', u'0', u'0', u'0'],
-# # [u'2', u'Image', u'1b0c5014-714d-47f3-9b10-0b7ee386e745', u'', u'0', u'0', u'0', u'0', u'0', u'0', u'0'],
-# # [u'3', u'Image', u'5e5de275-a103-4f67-b55b-47532918fa59', u'Win7,Office 2013,Adobe 11', u'0', u'0', u'0', u'0', u'0', u'0', u'0'],
-# # [u'4', u'Image', u'e50e99f3-5963-4573-af9e-e3f4750b55e2', u'WinXP,Office 2003/7,Adobe 9', u'0', u'0', u'0', u'0', u'0', u'0', u'0'],
-# # [u'5', u'Detection Rules', u'5e5de275-a103-4f67-b55b-47532918fa59', u'Win7,Office 2013,Adobe 11', u'56431', u'46960', u'Thu Mar 15 08:39:31 2018', u'0', u'0', u'0', u'0'],
-# # [u'6', u'Detection Rules', u'e50e99f3-5963-4573-af9e-e3f4750b55e2', u'WinXP,Office 2003/7,Adobe 9', u'56431', u'52602', u'Thu Mar 15 08:39:26 2018', u'0', u'0', u'0', u'0'],
-# # [u'7', u'Static Analysis Rules', u'496149D5-0689-472B-8F50-21DD409F0EC6', u'Static Analysis Detection Rules', u'53030', u'25049', u'Thu Mar 15 08:39:24 2018', u'0', u'0', u'0', u'0']]
-# #
-# # eher fuer inventory (?)
-# #
-#
-# te_analysis_1, te_analysis_2, te_analysis_3, te_analysis_4, te_analysis_5, te_analysis_6, te_analysis_7, \
-# te_analysis_8, te_analysis_9, te_analysis_10, te_analysis_11 = te_analysis[0]
-#
-# infotext = ''
-#
-# longoutput += '\nte_analysis_1 : %s (Status)' % te_analysis_1
-# longoutput += '\nte_analysis_2 : %s (Cloud or Local: Image --> local, Static Analysis Rules --> Cloud (??))' % te_analysis_2
-# longoutput += '\nte_analysis_3 : %s (UID)' % te_analysis_3
-# longoutput += '\nte_analysis_4 : %s (Name)' % te_analysis_4
-# longoutput += '\nte_analysis_5 : %s (Revision)' % te_analysis_5
-# longoutput += '\nte_analysis_6 : %s (Size in Bytes)' % te_analysis_6
-# longoutput += '\nte_analysis_7 : %s (Download Time)' % te_analysis_7
-# longoutput += '\nte_analysis_8 : %s' % te_analysis_8
-# longoutput += '\nte_analysis_9 : %s' % te_analysis_9
-# longoutput += '\nte_analysis_10: %s' % te_analysis_10
-# longoutput += '\nte_analysis_11: %s' % te_analysis_11
-#
-# state = 0