This article presents information on how XOS application monitoring determines if an application is UP or DOWN and provides commands to obtain additional information.N/A

To describe some aspects of XOS application monitoring and provide commands to obtain additional information about the state of the application.

Application Monitoring for Check Point VSX R65/R67/R68/R75.40VS/R76/R77

Check Point VSX R65/R67/R68 application is reported as UP if

• cpd and fwd processes are running
• VSX is ready
• HA is either ready or disabled

Check Point VSX R75.40VS/ R76/R77 adds check for fwk  process.

The HA state is calculated by running the Check Point programs cpprod_util and cphaprob as follows:
cpprod_util FwIsHighAvail -- returns "1" if HA is enabled
cphaprob syncnewver --  returns "sync new ver working" if HA is ready

The VSX state is determined by presence of file /var/lock/subsys/vsx.
This file is created by $FWDIR/bin/syncready after FULL sync is done.

If the application is not declared as UP, you can run the app_status tool from the VSX VAP root user level to obtain more information.

To access the VSX VAP root user level

From the Crossbeam CLI, open a Unix prompt and rsh to the VAP.

# unix su
# rsh <vap_name>

Run the following command:

# /crossbeam/apps/app_status -v

Example Output

If the application is fully UP:

#
cpd is RUNNING
fwd is RUNNING
vsx is READY
HA is READY
#
Reporting application state: UP

or for VSX R75.40VS/R76/R77:


If one or more modules is not ready or running:

#
cpd is RUNNING
fwd is RUNNING
vsx is NOT READY
HA is NOT READY

Reporting application state: DOWN
#

identify the aspects that are not running, and investigate further, depending on the failing module. A good place to start might be in Checkpoint daemon's log files on the VAP member, focusing on time when the application down alarm was generated:

Workaround

N/A