Hello,

We have a few checkpoint firewalls and I am looking to generate email alerts when the HA status changes from OK to critical.

The Observium logs look a bit like this when it occurs:

 

2016-05-12 16:58:30

High Availability (standby)

Status Alert: cpnew02 High Availability (standby) entered ALERT state: CRITICAL (previous: OK)

2016-05-12 16:58:28

cpfw04

Features -> ClusterXL inactive or machine is down

2016-05-11 10:30:04

High Availability (standby)

Status updated: checkpoint-ha-state haStatCode.0 High Availability (standby)

2016-05-11 10:28:03

High Availability (standby)

Status Ok: cpnew02 High Availability (down) entered OK state: OK (previous: CRITICAL)

 

Does anyone have any advice on how to build the alert checker for this?  The high Availability icon looks to be a traffic lights one while the devices themselves show as the normal device icon – so I think they may be discovered as separate entities.

I am also a bit unsure on how to filter to the OS “Check Point GAiA R77.45 (standby)” so for now have just been using device type firewall.

 

Many thanks,

 

Robin



PLEASE READ:   This message is for the designated recipient(s) only and may contain privileged, proprietary, and/or confidential information.
If you have received it in error, please notify the sender immediately and delete the original. Any other use of the email by you is prohibited. Any views or opinions expressed are solely those of the author and do not necessarily represent those of MDSL..


Market Data Services Ltd is a company registered in England and Wales.
Company Number: 03031342. Registered Office: Floor 2 Building 4, Century Place, Lamberts Road, Tunbridge Wells, Kent TN2 3EH. VAT Registration Number: GB624962327