claudio/VSC
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
VSC/Icinga2/Monitoring/003 - IPMI/ReadMe.md
T
claudio 368d6fafea Issue 
Code backup
2026-05-10 16:59:01 +02:00

3.6 KiB
Raw Permalink Blame History

Check WatchGuard

Dev Bash MIT License

The following script is used to monitor the basic functions of the WatchGuard firewall via snmpwalk scripts and are processed to provide easy-to-read data. It can be run separately or integrated into Icinga2 as a monitoring plugin.

Important: snmpwalk command is required for script to run correctly

Update Note

0.5 - Release

+Release

Installation

  1. Download the script and give it privilages for run
curl -LJO https://raw.githubusercontent.com/Kalarumeth/...
  1. Move to Icinga Plugin Dir
Default location: /usr/lib/nagios/plugins
  1. Add command to Icinga
object CheckCommand "check_watchguard" {
    import "plugin-check-command"
    command = [ PluginDir + "/check_watchguard.sh" ]
    arguments += {
        "-ac" = {
            order = 4
            value = "$watchguard_ac$"
        }
        "-c" = {
            order = 0
            required = true
            value = "$snmp_community$"
        }
        "-cr" = {
            order = 3
            value = "$crit$"
        }
        "-h" = {
            order = 1
            required = true
            value = "$address$"
        }
        "-t" = {
            order = 5
            required = true
            value = "$watchguard_type$"
        }
        "-wa" = {
            order = 2
            value = "$warn$"
        }
    }
    vars.snmp_community = "public"
}

Functions

The Script is designed to monitor the following firewall functions:

  • [ac] ActiveConns: Active connections in use and total number of active connections;
OK! Active Connections used: 0.16%
Current Active Connections: 5.412 of 3.300.000
  • [cpu] Cpu: Cpu load;
OK! CPU used: 2%
  • [data] Transfer: Information of file size send and recive.
Send 1479 GB / Recive 1982 GB
WatchGuard transfer info:
Total Data Send:        1479 GB 1855886728 Pkg
Total Data Recive:      1982 GB 2466423320 Pkg
  • [info] Info: Information of Active VPN, Intrusion Prevention Service and Gateway Antivirus Service
VPN active:     7
Gateway Antivirus Service: gav_version:2022020
 Last Update: Fri, Feb 04 2022 11:54:03 AM
Intrusion Prevention Service: ips_version:18.196
 Last Update: Thu, Feb 03 2022 06:53:47 PM
  • [ram] Memory: Ram load;
OK! RAM used: 2,67 / 3,77 GB (71,00 %)
RAM free: 1,10 GB (29,13 %)

How it work

Method to compose the execution string:

./check_watchguard.sh -c <SNMP community> -h <host> [-wa <value> -cr <value> -ac <value>] -t <object>

OPTIONS:

-c  --community     SNMP v2 community string with Read access.
                     Default is: public.
-h  --host          [REQUIRED OPTION] Host name or IP address to check.
                     Default is: localhost.
-wa --allert-wa     Defines the threshold for Warning.
                     Default is: 80.
-cr --allert-cr     Defines the threshold for Critical.
                     Default is: 90.
-ac --activeconns   Defines the threshold for Max ActiveConnection.
                     Default is: 3300000
-t  --type          [REQUIRED OPTION] Field for select element to check on WatchGuard Device.
                     { ac | cpu | data | info | ram }.
-H  --help          Show script help.
-V  --version       Show script version.

Credits

Author

Kalarumeth - https://github.com/Kalarumeth

License

MIT License - Copyright 2022 Kalarumeth
Reference in New Issue View Git Blame Copy Permalink