CLI Syntax for 'sklnctl'

Description

"sklnctl" is a CLI tool for administrators to interact with the configuration of different Skyline components.

Important - On a Scalable Platform Security Group, you must run "g_all sklnctl" (except for the help commands).

Syntax for General Commands

sklnctl {-h | --help}

sklnctl {-v | --version}

sklnctl --show_open_telemetry

where:

Parameter

Description

sklnctl -h

sklnctl --help

Shows the built-in help.

sklnctl -v

sklnctl --version

Shows the "sklnctl" version.

sklnctl --show_open_telemetry

Shows the state and the exported targets.

Syntax to collect logs for Skyline troubleshooting

sklnctl collect_logs

where:

Parameter

Description

sklnctl collect_logs

Collects various log files from these directories for Skyline troubleshooting:

  • /opt/CPotelcol

  • /opt/CPviewExporter

  • /opt/CPotlpAgent

  • /var/log/nano_agent

  • /etc/cp/conf/

  • $CPDIR/log

Syntax to configure the Skyline OpenTelemetry Collector

For information about the Skyline OpenTelemetry Collector, see sk180522.

sklnctl collector

      {-h | --help}

      --update <Path to Configuration File>

where:

Parameter

Description

sklnctl collector {-h | --help}

Shows the built-in help for this command.

sklnctl collector --update <Path to Configuration File>

Loads the OpenTelemetry Collector configuration from the specified file.

Syntax to configure the Skyline OpenTelemetry Collector metric filter

sklnctl otelcol

      {-h | --help}

      metrics

            {-h | --help}

            --add <Metric-ID-1> <Metric-ID-2> ...

            --insert-cp-label

            --is-default

            --remove <Metric-ID-1> <Metric-ID-2> ...

            --remove-cp-label

            --reset

            --show

where:

Parameter

Description

sklnctl otelcol {-h | --help}

Shows the built-in help for this command.

sklnctl otelcol metrics {-h | --help}

Shows the built-in help for this command.

sklnctl otelcol metrics --add <Metric-ID-1> <Metric-ID-2> ...

Adds metrics to the allow-list.

See Skyline Metrics Repository.

sklnctl otelcol metrics --insert-cp-label

Inserts Check Point organization as an additional label for each metric.

sklnctl otelcol metrics --is-default

Shows if the default list of metrics is exported.

sklnctl otelcol metrics --remove <Metric-ID-1> <Metric-ID-2> ...

Removes metrics from the allow-list (stops exporting these metrics).

sklnctl otelcol metrics --remove-cp-label

Removes the Check Point organization additional label from each metric.

sklnctl otelcol metrics --reset

Resets the allow-list to the default (exports all metrics).

sklnctl otelcol metrics --show

Shows all metrics that are exported.

Syntax to configure the Skyline OpenTelemetry Agent

For more information about the Skyline OpenTelemetry Agent, see sk181615.

sklnctl otlp

      {-h | --help}

      add

            {-h | --help}

            --name /<Path>/<Custom Shell Script File> --path /<Path>/<JSON File> [--yes]

      change

            {-h | --help}

            --name <Name of the Collector or Script> --interval <Number> [--yes]

      disable

            {-h | --help}

            --name <Name of the Collector or Script>

      enable

            {-h | --help}

            --name <Name of the Collector or Script>

      modify

            {-h | --help}

            --name <Name of the Collector or Script> --state {enabled | disabled} [--yes]

      process

            {-h | --help}

            --add <Name of Process 1>,<Name of Process 2>,...

            --remove <Name of Process 1>,<Name of Process 2>,...

            --reset

            --show

      remove

            {-h | --help}

            --name <Name of the Custom Script> [--yes]

where:

Parameter

Description

sklnctl otlp {-h | --help}

Shows the built-in help for this command.

sklnctl otlp add {-h | --help}

Shows the built-in help for this command.

sklnctl otlp add --name /<Path>/<Custom Shell Script File> --path /<Path>/<JSON File> [--yes]

Adds a custom script to the OpenTelemetry Agent.

See Custom Metrics.

sklnctl otlp change {-h | --help}

Shows the built-in help for this command.

sklnctl otlp change --name <Name of the Collector or Script> --interval <Number> [--yes]

Changes the running time interval of the specified OpenTelemetry Agent Collector or OpenTelemetry Agent Script.

  • To see the names of the OpenTelemetry Agent Collectors and Scripts, run:

    sklnctl otlp config | jq .

    Each of these Collectors and Scripts exports specific data.

  • Add "--yes" to skip the confirmation.

sklnctl otlp disable {-h | --help}

Shows the built-in help for this command.

sklnctl otlp disable --name <Name of the Collector or Script>

Disables the specified OpenTelemetry Agent Collector or OpenTelemetry Agent Script.

  • To see the names of the OpenTelemetry Agent Collectors and Scripts, run:

    sklnctl otlp config | jq .

    Each of these Collectors and Scripts exports specific data.

sklnctl otlp enable {-h | --help}

Shows the built-in help for this command.

sklnctl otlp enable --name <Name of the Collector or Script>

Enables the specified OpenTelemetry Agent Collector or OpenTelemetry Agent Script.

  • To see the names of the OpenTelemetry Agent Collectors and Scripts, run:

    sklnctl otlp config | jq .

    Each of these Collectors and Scripts exports specific data.

sklnctl otlp modify {-h | --help}

Shows the built-in help for this command.

sklnctl otlp modify --name <Name of the Collector or Script> --state {enabled | disabled} [--yes]

Activates / deactivates the specified OpenTelemetry Agent Collector or OpenTelemetry Agent Script.

  • To see the names of the OpenTelemetry Agent Collectors and Scripts, run:

    sklnctl otlp config | jq .

    Each of these Collectors and Scripts exports specific data.

  • Add "--yes" to skip the confirmation.

sklnctl otlp process {-h | --help}

Note - This feature is available in the Skyline OpenTelemetry Collector Take 179 and higher (sk180522).

Shows the built-in help for this command.

sklnctl otlp process --add <Name of Process 1>,<Name of Process 2>,... [--yes]

Note - This feature is available in the Skyline OpenTelemetry Collector Take 179 and higher (sk180522).

Configures the OpenTelemetry Agent process collector - adds the specified processes to the custom list of monitored processes (/var/log/CPotlpAgent/custom_monitored_process_list.json).

Procedure:

  1. Create the required directory /var/log/CPotlpAgent:

    mkdir /var/log/CPotlpAgent

  2. Run the required command:

    sklnctl otlp process --add ...

Notes:

  • You must enter the process name as it appears in the output of the "ps" or "top" command.

  • To specify several processes, you must enter a comma-separated list of strings (without spaces).

    Example:

    sklnctl otlp process --add pdpd,pepd

  • When you add a process to this custom list for the first time, the command copies all the processes from the default list of monitored processes ($CPOTLPAGENT_DIR/monitored_process_list.json) to the custom list of monitored processes and then adds the specified processes.

  • The relevant metrics are System > Process.

sklnctl otlp process --remove <Name of Process 1>,<Name of Process 2>,... [--yes]

Note - This feature is available in the Skyline OpenTelemetry Collector Take 179 and higher (sk180522).

Configures the OpenTelemetry Agent process collector - removes the specified processes from the custom list of monitored processes.

  • You must enter the process name as it appears in the custom list of monitored processes. Run:

    cat /var/log/CPotlpAgent/custom_monitored_process_list.json

  • To specify several processes, you must enter a comma-separated list of strings (without spaces).

    Example:

    sklnctl otlp process --remove pdpd,pepd

sklnctl otlp process --reset [--yes]

Note - This feature is available in the Skyline OpenTelemetry Collector Take 179 and higher (sk180522).

Configures the OpenTelemetry Agent process collector - removes all processes that and administrator added to the custom list of monitored processes.

  • This command does not change the default list of monitored processes.

  • This command does not remove the processes that were copied from the default list of monitored processes.

sklnctl otlp process --show

Note - This feature is available in the Skyline OpenTelemetry Collector Take 179 and higher (sk180522).

For the OpenTelemetry Agent process collector, shows all monitored processes from the custom list of monitored processes (/var/log/CPotlpAgent/custom_monitored_process_list.json).

sklnctl otlp remove {-h | --help}

Shows the built-in help for this command.

sklnctl otlp remove --name <Name of the Custom Script> [--yes]

Removes a custom script from the OpenTelemetry Agent.

See Custom Metrics.

  • You must specify the script name as appears in the output of this command (in the section "scripts" > sub-section "metrics"):

    sklnctl otlp config | jq .

  • Add "--yes" to skip the confirmation.

Syntax for advanced Skyline configuration

sklnctl export

      {-h | --help}

      --debug

      --debug-stop

      --disable-cp-context-flag <String>

      --enable-cp-context-flag <String>

      --initial-interval <Number>

      --max-elapsed-time <Number>

      --max-interval <Number>

      --off

      --on

      --record

      --record-stop

      --retry-on-failure <Name of Exporter>

      --retry-on-failure-stop <Name of Exporter>

      --set "$(cat /<Path>/<File with JSON Payload>.json)"

      --set-env

where:

Parameter

Description

sklnctl export {-h | --help}

Shows the built-in help for this command.

sklnctl export --debug

Starts the Skyline debug mode.

sklnctl export --debug-stop

Stops the Skyline debug mode.

sklnctl export --disable-cp-context-flag <String>

Disables a related Check Point context processor flag.

Note - This command is for Check Point internal use.

sklnctl export --enable-cp-context-flag <String>

Enables a related Check Point context processor flag.

Note - This command is for Check Point internal use.

sklnctl export --initial-interval <Number>

Time to wait after the first failure before retrying.

Default = 5 seconds.

sklnctl export --max-elapsed-time <Number>

The maximum amount of time (including retries) spent trying to send a request/batch.

If set to 0, the retries are never stopped.

Default = 300 seconds.

Requirements:

  • "max-elapsed-time" > "initial-interval".

  • "max-elapsed-time" > "max-interval".

sklnctl export --max-interval <Number>

The maximum amount of time between consecutive retries.

Default = 30 seconds.

sklnctl export --off

Disables Skyline.

sklnctl export --on

Enables Skyline.

sklnctl export --record

Enables the Skyline record mode.

Note - This command is for Check Point internal use.

sklnctl export --record-stop

Disables the Skyline record mode.

Note - This command is for Check Point internal use.

sklnctl export --retry-on-failure <Name of Exporter>

Starts the Skyline "retry-on-failure" mode (try to send metrics again, if failed for the first time).

sklnctl export --retry-on-failure-stop <Name of Exporter>

Starts the Skyline "retry-on-failure" mode.

sklnctl export --set "$(cat /<Path>/<File with JSON Payload>.json)"

Loads the JSON payload from the specified file.

sklnctl export --set-env <Name of Environment>

Sets the environment label for metrics exported to Prometheus. Refer to sk179870.

An "environment" allows you to group machines under a common name.

For example, you can set the environment "Cluster1" to "GW-A" and "GW-B", and these machines appear under the environment "Cluster1" in the dashboard.