Collection of CheckMK checks (see https://checkmk.com/). All checks and plugins are provided as is. Absolutely no warranty. Send any comments to thl-cmk[at]outlook[dot]com

Skip to content
Normal view History Permalink
README.md 2.64 KiB
Newer Older
thl-cmk's avatar
cleanup
thl-cmk committed
1 2 3 4 5 6 7 8 
# SmartEvent

Colection of Check Point Eventia anylzer (Smartevent) checks
*  *checkpoint_eva*: monitors Check Point Eventia analyzer
*  *checkpoint_eva_cu*: monitors Check Point Eventia analyzer correlation unit
*  *checkpoint_eva_db*: monitors Check Point Eventia analyzer database
*  *checkpoint_eva_jobs*: monitors Check Point Eventia analyzer job status
thl-cmk's avatar
Update README.md  
thl-cmk committed
9 
## Check Info *checkpoint_eva*:
thl-cmk's avatar
cleanup
thl-cmk committed
10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 

* *service*: this check creates the two services '*Eventia analyzer status*' and '*Correlation unit status*'
* *state*:\
    **critical** 
    * if *Eventia analyzer status* **procalive** is not '1' -> Eventia Analyzer process is not running
    * if *Eventia analyzer status* **statcode** is not '0' -> error description from *statshortdescr*
    * if *Correlation unit status* **nofreediskspace** is not '0' -> No free disk space
    * if *Correlation unit status* **procalive** is not '1' -> Correlation unit process is not running
    * if *Correlation unit status* **connectedtosem** is not '1' -> Correlation unit not connected to server
    * if *Correlation unit status* **statcode** is not '0' -> error description from *statshortdescr*

* *wato*: none
* *perfdata*:
    * New events (/s)
    * Updates (/s)
    * Processed logs (/s)

Sample output

![sample output](/doc/sample.png?raw=true "sample [SHORT TITLE]")
thl-cmk's avatar
Update README.md  
thl-cmk committed
31 
## Check Info *checkpoint_eva_cu*:
thl-cmk's avatar
cleanup
thl-cmk committed
32 33 34 35 36 37 38 39 40 41 42 43 

* *service*: this check creates one service per correlation unit '*Correlation unit %IP-address*'
* *state*: this service is always **ok**
* *wato*: none
* *perfdata*:
    * Events (/s)
    * Uptime (s)

Sample output

![sample output](/doc/sample_cu.png?raw=true "sample [SHORT TITLE]")
thl-cmk's avatar
Update README.md  
thl-cmk committed
44 
## Check Info *checkpoint_eva_db*:
thl-cmk's avatar
cleanup
thl-cmk committed
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 

* *service*: this check creates the *Eventia DB* service on the SmartEvent server
* *state*:\
  **critical**
    * if dbisfull is not '0' -> database is full
    * if dbdiskspace less then critdbcapacity

  **warning**
    * if dbdiskspace less then warndbcapacity

* *wato*: you can configure warn/crit levels for database disk space (dbdiskspace)
* *perfdata*: 
    * Database disc space (bytes)
    * Database capacity (bytes)
    * Database size (bytes)
    * Disk Size (bytes)
    * Events in Database (count)

Sample output

![sample output](/doc/sample_db.png?raw=true "sample [SHORT TITLE]")
thl-cmk's avatar
Update README.md  
thl-cmk committed
67 
## Check Info *checkpoint_eva_jobs*:
thl-cmk's avatar
cleanup
thl-cmk committed
68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 

* *service*: this check creates one service '*Eventia job %id*' per Eventia log file analyzer queue 
* *state*:\
    **critical**
    *  if *jobisonline* is not '1'
    *  if *connectedtologserver* is not '1'
* *wato*: none
* *perfdata*:
    * Analyzed logs (/s)
    * Position in file (count)

Sample output

![sample output](/doc/sample_jobs.png?raw=true "sample [SHORT TITLE]")

Collection of CheckMK checks (see https://checkmk.com/). All checks and plugins are provided as is. Absolutely no warranty. Send any comments to thl-cmk[at]outlook[dot]com