Collection of CheckMK checks (see https://checkmk.com/). All checks and plugins are provided as is. Absolutely no warranty. Send any comments to thl-cmk[at]outlook[dot]com

Skip to content
README.md 2.64 KiB
Newer Older
thl-cmk's avatar
thl-cmk committed
# SmartEvent

Colection of Check Point Eventia anylzer (Smartevent) checks
*  *checkpoint_eva*: monitors Check Point Eventia analyzer
*  *checkpoint_eva_cu*: monitors Check Point Eventia analyzer correlation unit
*  *checkpoint_eva_db*: monitors Check Point Eventia analyzer database
*  *checkpoint_eva_jobs*: monitors Check Point Eventia analyzer job status

# Check Info *checkpoint_eva*:

* *service*: this check creates the two services '*Eventia analyzer status*' and '*Correlation unit status*'
* *state*:\
    **critical** 
    * if *Eventia analyzer status* **procalive** is not '1' -> Eventia Analyzer process is not running
    * if *Eventia analyzer status* **statcode** is not '0' -> error description from *statshortdescr*
    * if *Correlation unit status* **nofreediskspace** is not '0' -> No free disk space
    * if *Correlation unit status* **procalive** is not '1' -> Correlation unit process is not running
    * if *Correlation unit status* **connectedtosem** is not '1' -> Correlation unit not connected to server
    * if *Correlation unit status* **statcode** is not '0' -> error description from *statshortdescr*

* *wato*: none
* *perfdata*:
    * New events (/s)
    * Updates (/s)
    * Processed logs (/s)

Sample output

![sample output](/doc/sample.png?raw=true "sample [SHORT TITLE]")


# Check Info *checkpoint_eva_cu*:

* *service*: this check creates one service per correlation unit '*Correlation unit %IP-address*'
* *state*: this service is always **ok**
* *wato*: none
* *perfdata*:
    * Events (/s)
    * Uptime (s)

Sample output

![sample output](/doc/sample_cu.png?raw=true "sample [SHORT TITLE]")


# Check Info *checkpoint_eva_db*:

* *service*: this check creates the *Eventia DB* service on the SmartEvent server
* *state*:\
  **critical**
    * if dbisfull is not '0' -> database is full
    * if dbdiskspace less then critdbcapacity

  **warning**
    * if dbdiskspace less then warndbcapacity

* *wato*: you can configure warn/crit levels for database disk space (dbdiskspace)
* *perfdata*: 
    * Database disc space (bytes)
    * Database capacity (bytes)
    * Database size (bytes)
    * Disk Size (bytes)
    * Events in Database (count)

Sample output

![sample output](/doc/sample_db.png?raw=true "sample [SHORT TITLE]")


# Check Info *checkpoint_eva_jobs*:

* *service*: this check creates one service '*Eventia job %id*' per Eventia log file analyzer queue 
* *state*:\
    **critical**
    *  if *jobisonline* is not '1'
    *  if *connectedtologserver* is not '1'
* *wato*: none
* *perfdata*:
    * Analyzed logs (/s)
    * Position in file (count)

Sample output

![sample output](/doc/sample_jobs.png?raw=true "sample [SHORT TITLE]")