Checkpoint - SNMP Monitoring - OID

When you have configured SNMP and Check Point SNMP Extensions on your systems, you can start with system monitoring.

For Nagios we have some plugins available and other vendors also have pre-installed checks for Check Point equipment build into their products.

If you don’t want to use extra plugins you may use the check_snmp plugin command that is delivered with Nagios.

SVN Status
/usr/lib/nagios/plugins/check_snmp -H $HOSTADDRESS$ -C $ARG1" -o 1.3.6.1.4.1.2620.1.6.102.0 -s "\"OK\"" -l "SVN Status"

Security Gateway Policy Status
/usr/lib/nagios/plugins/check_snmp -H $HOSTADDRESS$ -C $ARG1$ -o 1.3.6.1.4.1.2620.1.1.1.0 -s "\"Installed\"" -l "Security Gateway Policy Status"

Security Gateway High Availability Status
/usr/lib/nagios/plugins/check_snmp -H $HOSTADDRESS$ -C $ARG1$ -o 1.3.6.1.4.1.2620.1.5.102.0 -s "\"OK\"" -l "Security Gateway High Availability Status"

Security Gateway High Availability Modus
/usr/lib/nagios/plugins/check_snmp -H $HOSTADDRESS$ -C $ARG1$ -o 1.3.6.1.4.1.2620.1.5.6.0 -s "\"active\"" -l "Security Gateway High Availability Modus"

Security Gateway High Availability Modus
/usr/lib/nagios/plugins/check_snmp -H $HOSTADDRESS$ -C $ARG1$ -o 1.3.6.1.4.1.2620.1.5.6.0 -s "\"passive\"" -l "Security Gateway High Availability Modus"

Security Management Status
/usr/lib/nagios/plugins/check_snmp -H $HOSTADDRESS$ -C $ARG1$ -o 1.3.6.1.4.1.2620.1.7.102.0 -s "\"OK\"" -l "Security Management Status"

Security Management Modus
/usr/lib/nagios/plugins/check_snmp -H $HOSTADDRESS$ -C $ARG1$ -o 1.3.6.1.4.1.2620.1.7.5.0 -s "\"active\"" -l "Security Management Modus"

If your monitoring system is using just simple SNMP queries, here are some OIDs to check for.

SVN Status – to be checked on every system

snmpget.exe -v 2c -c public 10.10.10.10 1.3.6.1.4.1.2620.1.6.102.0
SNMPv2-SMI::enterprises.2620.1.6.102.0 = STRING: "OK"
SNMPv2-SMI::enterprises.2620.1.6.102.0 = STRING: "Problem"

Security Gateway Policy Status

snmpget.exe -v 2c -c public 10.10.10.10 1.3.6.1.4.1.2620.1.1.1.0
SNMPv2-SMI::enterprises.2620.1.1.1.0 = STRING: "Installed"

Security Gateway HA Status

snmpget.exe -v 2c -c public 10.10.10.10 1.3.6.1.4.1.2620.1.5.102.0
SNMPv2-SMI::enterprises.2620.1.5.102.0 = STRING: "OK"

Security Gateway High Availability Mode

snmpget.exe -v 2c -c public 10.10.10.10 1.3.6.1.4.1.2620.1.5.6.0
SNMPv2-SMI::enterprises.2620.1.5.6.0 = STRING: "active"
SNMPv2-SMI::enterprises.2620.1.5.6.0 = STRING: "standby"

Security Management Status

snmpget.exe -v 2c -c public 10.10.10.10 1.3.6.1.4.1.2620.1.7.102.0
SNMPv2-SMI::enterprises.2620.1.7.102.0 = STRING: "OK"
SNMPv2-SMI::enterprises.2620.1.7.102.0 = STRING: "Problem"

Security Management Mode

snmpget.exe -v 2c -c public 10.10.10.10 1.3.6.1.4.1.2620.1.7.5.0
SNMPv2-SMI::enterprises.2620.1.7.5.0 = STRING: "active"

Tobias Lachmann