It is very important to keep your Checkpoint environment monitored. Given that it offers a wide variety of SNMP data, I have collected some of the (in my opinion) most useful OIDs MIBs. Altough I use Icinga and Grafana (as you can see the related outputs in this post), almost any monitoring system can be used to get and show SNMP monitoring data.
About SNMP and Checkpoint
Enable SNMP
Before being able to run examples like the ones below, SNMP must be enabled in VS mode.
In the examples:
– vsx1 = <gateway IP or hostname>
– -n ctxname vsid2 = <VS virtual system 2>
Get MIB files
If you want to download the MIB files: Check Point SNMP MIB files
OIDs – Hardware status
Hardware sensors (fans, power supplies, temperatures and raid state)
[table id=12 /]
snmpwalk -v 3 -l authNoPriv -u user -A pass vsx1 CHECKPOINT-MIB::fanSpeedSensorStatus
CHECKPOINT-MIB::fanSpeedSensorStatus.1.0 = INTEGER: 0
CHECKPOINT-MIB::fanSpeedSensorStatus.2.0 = INTEGER: 0
CHECKPOINT-MIB::fanSpeedSensorStatus.3.0 = INTEGER: 0
CHECKPOINT-MIB::fanSpeedSensorStatus.4.0 = INTEGER: 0
snmpwalk -v 3 -l authNoPriv -u user -A pass vsx1 CHECKPOINT-MIB::powerSupplyStatus
CHECKPOINT-MIB::powerSupplyStatus.1.0 = STRING: Up
CHECKPOINT-MIB::powerSupplyStatus.2.0 = STRING: Up
snmpwalk -v 3 -l authNoPriv -u user -A pass vsx1 CHECKPOINT-MIB::tempertureSensorTable
CHECKPOINT-MIB::tempertureSensorIndex.1.0 = INTEGER: 1
CHECKPOINT-MIB::tempertureSensorIndex.2.0 = INTEGER: 2
CHECKPOINT-MIB::tempertureSensorIndex.3.0 = INTEGER: 3
CHECKPOINT-MIB::tempertureSensorIndex.4.0 = INTEGER: 4
CHECKPOINT-MIB::tempertureSensorName.1.0 = STRING: CPU0 Temp
CHECKPOINT-MIB::tempertureSensorName.2.0 = STRING: CPU1 Temp
CHECKPOINT-MIB::tempertureSensorName.3.0 = STRING: Intake Temp
CHECKPOINT-MIB::tempertureSensorName.4.0 = STRING: Outlet Temp
CHECKPOINT-MIB::tempertureSensorValue.1.0 = STRING: 65.50
CHECKPOINT-MIB::tempertureSensorValue.2.0 = STRING: 65.00
CHECKPOINT-MIB::tempertureSensorValue.3.0 = STRING: 30.38
CHECKPOINT-MIB::tempertureSensorValue.4.0 = STRING: 31.50
CHECKPOINT-MIB::tempertureSensorUnit.1.0 = STRING: Celsius
CHECKPOINT-MIB::tempertureSensorUnit.2.0 = STRING: Celsius
CHECKPOINT-MIB::tempertureSensorUnit.3.0 = STRING: Celsius
CHECKPOINT-MIB::tempertureSensorUnit.4.0 = STRING: Celsius
CHECKPOINT-MIB::tempertureSensorType.1.0 = STRING: Temperature
CHECKPOINT-MIB::tempertureSensorType.2.0 = STRING: Temperature
CHECKPOINT-MIB::tempertureSensorType.3.0 = STRING: Temperature
CHECKPOINT-MIB::tempertureSensorType.4.0 = STRING: Temperature
CHECKPOINT-MIB::tempertureSensorStatus.1.0 = INTEGER: 0
CHECKPOINT-MIB::tempertureSensorStatus.2.0 = INTEGER: 0
CHECKPOINT-MIB::tempertureSensorStatus.3.0 = INTEGER: 0
CHECKPOINT-MIB::tempertureSensorStatus.4.0 = INTEGER: 0
snmpwalk -v 3 -l authNoPriv -u user -A pass vsx1 CHECKPOINT-MIB::raidDiskState
CHECKPOINT-MIB::raidDiskState.1.0 = INTEGER: 0
CHECKPOINT-MIB::raidDiskState.2.0 = INTEGER: 0OIDs – Connections
Current connections in certain virtual system and the configured limit.
This limit is configured in the virtual system properties, Optimization section (Capacity Optimization)
[table id=13 /]
snmpwalk -v 3 -l authNoPriv -u user -A pass -n ctxname_vsid2 vsx1 CHECKPOINT-MIB::fwNumConn.0
CHECKPOINT-MIB::fwNumConn.0 = Gauge32: 64121
snmpwalk -v 3 -l authNoPriv -u user -A pass -n ctxname_vsid2 vsx1 CHECKPOINT-MIB::fwConnTableLimit.0
CHECKPOINT-MIB::fwConnTableLimit.0 = Gauge32: 199900OIDs – ClusterXL state
If you manage a Checkpoint ClusterXL, I suppose you use quite a lot the “cphaprob state” command.
[table id=14 /]
snmpwalk -v 3 -l authNoPriv -u user -A pass -n ctxname_vsid2 vsx1 CHECKPOINT-MIB::haState.0
CHECKPOINT-MIB::haState.0 = STRING: standbyOIDs – CPU
Yes, I monitor each of the 48 CPU cores each of the 2 Checkpoint gateways have XD
[table id=15 /]
/usr/bin/snmpwalk -v 3 -l authNoPriv -u user -A pass vsx1 CHECKPOINT-MIB::multiProcUsage
CHECKPOINT-MIB::multiProcUsage.1.0 = Gauge32: 7
CHECKPOINT-MIB::multiProcUsage.2.0 = Gauge32: 2
CHECKPOINT-MIB::multiProcUsage.3.0 = Gauge32: 8
CHECKPOINT-MIB::multiProcUsage.4.0 = Gauge32: 8
CHECKPOINT-MIB::multiProcUsage.5.0 = Gauge32: 7
CHECKPOINT-MIB::multiProcUsage.6.0 = Gauge32: 7
CHECKPOINT-MIB::multiProcUsage.7.0 = Gauge32: 6
CHECKPOINT-MIB::multiProcUsage.8.0 = Gauge32: 6
CHECKPOINT-MIB::multiProcUsage.9.0 = Gauge32: 6
CHECKPOINT-MIB::multiProcUsage.10.0 = Gauge32: 6
CHECKPOINT-MIB::multiProcUsage.11.0 = Gauge32: 6
CHECKPOINT-MIB::multiProcUsage.12.0 = Gauge32: 6
CHECKPOINT-MIB::multiProcUsage.13.0 = Gauge32: 5
CHECKPOINT-MIB::multiProcUsage.14.0 = Gauge32: 5
CHECKPOINT-MIB::multiProcUsage.15.0 = Gauge32: 5
...
...
Example of Icinga outputs
By accesing this SNMP data, you can generate the related monitors and graphs using your favourite monitoring system like Icinga (+ Grafana)
Hardware status
ClusterXL status
Connections
CPU
This is the graph generated by Grafana for 48 cores XD
Maybe you think its not useful at all. Then you can check: Checkpoint – Unexpected high cpu usage and SecureXL
