README.md

# SmartEvent

Colection of Check Point Eventia anylzer (Smartevent) checks
*  *checkpoint_eva_status*: monitors Check Point Eventia analyzer
*  *checkpoint_eva_cu*: monitors Check Point Eventia analyzer correlation unit
*  *checkpoint_eva_cu_status*: monitors Check Point Eventia analyzer correlation overall
*  *checkpoint_eva_db*: monitors Check Point Eventia analyzer database
*  *checkpoint_eva_jobs*: monitors Check Point Eventia analyzer job status

---
### Download

* [checkpoint_smart_event.mkp (latest version)](https://thl-cmk.hopto.org/gitlab/checkmk/check-point/management/checkpoint_smart_event/-/raw/master/checkpoint_smart_event.mkp "Download latest version")

---                   
### Installation

You can install the package by uploading it to your CheckMK site and as site user run `mkp install checkpoint_smart_event.mkp`.


In the Enterprise/Free edition of CheckMK you can use the GUI to install the package (_Setup_ -> _Extension Packages_ -> _Upload package_)

---
### Want to contribute?

Nice ;-) Have a look at the [contribution guidelines](CONTRIBUTING.md "Contributing")

---
### Check Info *checkpoint_eva_status*

* *service*: this check creates the two services '*Eventia analyzer status*' and '*Correlation unit status*'
* *state*:\
    **critical** 
    * if *Eventia analyzer status* **procalive** is not '1' -> Eventia Analyzer process is not running
    * if *Eventia analyzer status* **statcode** is not '0' -> error description from *statshortdescr*
    * if *Correlation unit status* **nofreediskspace** is not '0' -> No free disk space
    * if *Correlation unit status* **procalive** is not '1' -> Correlation unit process is not running
    * if *Correlation unit status* **connectedtosem** is not '1' -> Correlation unit not connected to server
    * if *Correlation unit status* **statcode** is not '0' -> error description from *statshortdescr*

* *wato*: none
* *perfdata*:
    * New events (/s)
    * Updates (/s)
    * Processed logs (/s)

---
### Sample output

![sample output](/doc/sample.png?raw=true "sample [SHORT TITLE]")

---
### Check Info *checkpoint_eva_cu*

* *service*: this check creates one service per correlation unit '*Correlation unit %IP-address*'
* *state*: this service is always **ok**
* *wato*: none
* *perfdata*:
    * Events (/s)
    * Uptime (s)

Sample output

![sample output](/doc/sample_cu.png?raw=true "sample [SHORT TITLE]")

---
### Check Info *checkpoint_eva_db*

* *service*: this check creates the *Eventia DB* service on the SmartEvent server
* *state*:\
  **critical**
    * if dbisfull is not '0' -> database is full
    * if dbdiskspace less then critdbcapacity

  **warning**
    * if dbdiskspace less then warndbcapacity

* *wato*: you can configure warn/crit levels for database disk space (dbdiskspace)
* *perfdata*: 
    * Database disc space (bytes)
    * Database capacity (bytes)
    * Database size (bytes)
    * Disk Size (bytes)
    * Events in Database (count)

---
### Sample output

![sample output](/doc/sample_db.png?raw=true "sample [SHORT TITLE]")

---
### Check Info *checkpoint_eva_jobs*

* *service*: this check creates one service '*Eventia job %id*' per Eventia log file analyzer queue 
* *state*:\
    **critical**
    *  if *jobisonline* is not '1'
    *  if *connectedtologserver* is not '1'
* *wato*: none
* *perfdata*:
    * Analyzed logs (/s)
    * Position in file (count)

---
### Sample output

![sample output](/doc/sample_jobs.png?raw=true "sample [SHORT TITLE]")