How to create a watch to monitor Checkpoint HA State
search cancel

How to create a watch to monitor Checkpoint HA State

book

Article ID: 244512

calendar_today

Updated On:

Products

DX NetOps

Issue/Introduction

We have an attribute "haState" for our checkpoint devices. This can either have "active" or "standby" as value.  How can we create a watch that triggers if the attribute "haState" changes? Just a change to either one of the states.

It seems a simple question but I don't see how I can put this into a watch in Spectrum.  I have found a similar question on the communities, https://community.broadcom.com/communities/community-home/digestviewer/viewthread?MID=728350 but to me this is a very cumbersome procedure for having an alert on a simple value change.

 

 

Environment

Release : 21.2.x, 10.x

Component : Spectrum Core / SpectroSERVER  SpectroWatch

Cause

How To /  Best Practice

Resolution

Converted the expression from attribute names to attribute numbers as we have duplicate attribute names now in Spectrum.

Boolean Watch Expression

( ( ( ( ( ATTR(0xc41530) == "standby" ) & ( ATTR(0xc41532) == 1 ) ) | ( ( ATTR(0xc41530) == "active" ) & ( ATTR(0xc41532) == 2 ) ) ) | ( ATTR(0xc41530) == "initializing" ) ) | ( ATTR(0xc41530) == "Ready" ) )

Additional Information

All credit for this solution goes to Eleuthera Lewis from the Broadcom Communities from this post here

 

 

From his solution he has further explained it as

 

Here is my documentation on why and how this works. We have a large firewall environment and its been 100% accurate.

"checks active for nodes configured as primary and standby for nodes configured as secondary"
 
Primary reason this works: haIdentifier is hardcoded per FW
 
Why is this coded assembly style?
watch expressions do not allow string conversion. using boolean of a text compare is a way around this
 
Checks OIDS:
SNMPv2-SMI::enterprises.2620.1.5.6.0 haState (text-string of standby state)
SNMPv2-SMI::enterprises.2620.1.5.8.0 haIdentifier (integer of what firewall is configured to be, 1 for primary, 2 for secondary)
 
all possible combinations:
node-01 active 0*1+1*0+0+0 Result: 0
node-01 standby 0*1+1*0+0+0 Result: 1
node-01 ready 0*1+1*0+0+0 Result: 1
node-01 init 0*1+1*0+0+0 Result: 1
node-02 active 1*0+0*1+0+0 Result: 1
node-02 standby 0*0+1*1+0+0 Result: 0
node-02 ready 0*0+0*1+1+0 Result: 1
node-02 init 0*0+0*1+0+1 Result: 1

Powered by Wolken Software