CLI Syntax for 'sklnctl'

Description

"sklnctl" is a CLI tool for administrators to interact with the configuration of different Skyline components.

Important - On a Scalable Platform Security Group, you must run "g_all sklnctl" (except for the help commands).

Syntax for General Commands

sklnctl {-h | --help}

sklnctl {-v | --version}

sklnctl --show_open_telemetry

where:

Parameter

Description

sklnctl -h

sklnctl --help

Shows the built-in help.

sklnctl -v

sklnctl --version

Shows the "sklnctl" version.

sklnctl --show_open_telemetry

Shows the state and the exported targets.

Syntax to collect logs for Skyline troubleshooting

sklnctl collect_logs

where:

Parameter

Description

sklnctl collect_logs

Collects various log files from these directories for Skyline troubleshooting:

  • /opt/CPotelcol

  • /opt/CPviewExporter

  • /opt/CPotlpAgent

  • /var/log/nano_agent

  • /etc/cp/conf/

  • $CPDIR/log

Syntax to configure the Skyline OpenTelemetry Collector

For information about the Skyline OpenTelemetry Collector, see sk180522.

sklnctl collector

      {-h | --help}

      --update <Path to Configuration File>

where:

Parameter

Description

sklnctl collector {-h | --help}

Shows the built-in help for this command.

sklnctl collector --update <Path to Configuration File>

Loads the OpenTelemetry Collector configuration from the specified file.

Syntax to configure the Skyline OpenTelemetry Collector metric filter

sklnctl otelcol

      {-h | --help}

      --metrics

            {-h | --help}

            --add <Metric-ID-1> <Metric-ID-2> ...

            --insert-cp-label

            --is-default

            --remove <Metric-ID-1> <Metric-ID-2> ...

            --remove-cp-label

            --reset

            --show

where:

Parameter

Description

sklnctl otelcol {-h | --help}

Shows the built-in help for this command.

sklnctl otelcol --metrics {-h | --help}

Shows the built-in help for this command.

sklnctl otelcol --metrics --add <Metric-ID-1> <Metric-ID-2> ...

Adds metrics to the allow-list.

sklnctl otelcol --metrics --insert-cp-label

Inserts Check Point organization as a label for each metric.

sklnctl otelcol --metrics --is-default

Shows if the default list of metrics is exported.

sklnctl otelcol --metrics --remove <Metric-ID-1> <Metric-ID-2> ...

Removes metrics from the allow-list (stops exporting these metrics).

sklnctl otelcol --metrics --remove-cp-label

Removes the organization label from each metric.

sklnctl otelcol --metrics --reset

Resets the allow-list to the default (exports all metrics).

sklnctl otelcol --metrics --show

Shows all metrics that are exported.

Syntax to configure the Skyline OpenTelemetry Agent

For more information about the Skyline OpenTelemetry Agent, see sk181615.

sklnctl otlp

      {-h | --help}

      add

            {-h | --help}

            --name /<Path>/<Shell Script File> --path /<Path>/<JSON File> [--yes]

      change

            {-h | --help}

            --name <Name of the Collector or Script> --interval <Number> [--yes]

      disable

            {-h | --help}

            --name <Name of the Collector or Script>

      enable

            {-h | --help}

            --name <Name of the Collector or Script>

      modify

            {-h | --help}

            --name <Name of the Collector or Script> --state {enabled | disabled} [--yes]

      process

            {-h | --help}

            --add <Name of Process 1>,<Name of Process 2>,...

            --remove <Name of Process 1>,<Name of Process 2>,...

            --reset

            --show

      remove

            {-h | --help}

            --name <Name of the Collector or Script> [--yes]

where:

Parameter

Description

sklnctl otlp {-h | --help}

Shows the built-in help for this command.

sklnctl otlp add {-h | --help}

Shows the built-in help for this command.

sklnctl otlp add --name /<Path>/<Shell Script File> --path /<Path>/<JSON File> [--yes]

Adds a custom script to the OpenTelemetry Agent.

See Custom Metrics.

sklnctl otlp change {-h | --help}

Shows the built-in help for this command.

sklnctl otlp change --name <Name of the Collector or Script> --interval <Number> [--yes]

Changes the running time interval of the specified OpenTelemetry Agent collector or OpenTelemetry Agent script.

Add "--yes" to skip the confirmation.

sklnctl otlp disable {-h | --help}

Shows the built-in help for this command.

sklnctl otlp disable --name <Name of the Collector or Script>

Disables the specified OpenTelemetry Agent collector or OpenTelemetry Agent script.

sklnctl otlp enable {-h | --help}

Shows the built-in help for this command.

sklnctl otlp enable --name <Name of the Collector or Script>

Enables the specified OpenTelemetry Agent collector or OpenTelemetry Agent script.

sklnctl otlp modify {-h | --help}

Shows the built-in help for this command.

sklnctl otlp modify --name <Name of the Collector or Script> --state {enabled | disabled} [--yes]

Activates / deactivates the specified OpenTelemetry Agent collector or OpenTelemetry Agent script.

sklnctl otlp process {-h | --help}

Note - This feature is available in the Skyline OpenTelemetry Collector Take 179 and higher (sk180522).

Shows the built-in help for this command.

sklnctl otlp process --add <Name of Process 1>,<Name of Process 2>,... [--yes]

Note - This feature is available in the Skyline OpenTelemetry Collector Take 179 and higher (sk180522).

Configures the OpenTelemetry Agent process collector - adds the specified processes to the custom list of monitored processes (/var/log/CPotlpAgent/custom_monitored_process_list.json).

  • You must enter the process name as it appears in the output of the "ps" or "top" command.

  • To specify several processes, you must enter a comma-separated list of strings (without spaces).

    Example:

    sklnctl otlp process --add pdpd,pepd

  • When you add a process to this custom list for the first time, the command copies all the processes from the default list of monitored processes ($CPOTLPAGENT_DIR/monitored_process_list.json) to the custom list of monitored processes and then adds the specified processes.

  • The relevant metics are System > Process.

sklnctl otlp process --remove <Name of Process 1>,<Name of Process 2>,... [--yes]

Note - This feature is available in the Skyline OpenTelemetry Collector Take 179 and higher (sk180522).

Configures the OpenTelemetry Agent process collector - removes the specified processes from the custom list of monitored processes.

  • You must enter the process name as it appears in the custom list of monitored processes. Run:

    cat /var/log/CPotlpAgent/custom_monitored_process_list.json

  • To specify several processes, you must enter a comma-separated list of strings (without spaces).

    Example:

    sklnctl otlp process --remove pdpd,pepd

sklnctl otlp process --reset [--yes]

Note - This feature is available in the Skyline OpenTelemetry Collector Take 179 and higher (sk180522).

Configures the OpenTelemetry Agent process collector - removes all processes that and administrator added to the custom list of monitored processes.

  • This command does not change the default list of monitored processes.

  • This command does not remove the processes that were copied from the default list of monitored processes.

sklnctl otlp process --show

Note - This feature is available in the Skyline OpenTelemetry Collector Take 179 and higher (sk180522).

The OpenTelemetry Agent process collector - shows all monitored processes from the custom list of monitored processes (/var/log/CPotlpAgent/custom_monitored_process_list.json).

sklnctl otlp remove {-h | --help}

Shows the built-in help for this command.

sklnctl otlp remove --name <Name of the Collector or Script> [--yes]

Removes a custom script from the OpenTelemetry Agent.

See Custom Metrics.

Add "--yes" to skip the confirmation.

Syntax for advanced Skyline configuration

sklnctl export

      {-h | --help}

      --debug

      --debug-stop

      --disable-cp-context-flag <String>

      --enable-cp-context-flag <String>

      --initial-interval <Number>

      --max-elapsed-time <Number>

      --max-interval <Number>

      --off

      --on

      --record

      --record-stop

      --retry-on-failure <Name of Exporter>

      --retry-on-failure-stop <Name of Exporter>

      --set "$(cat /<Path>/<File with JSON Payload>.json)"

      --set-env

where:

Parameter

Description

sklnctl export {-h | --help}

Shows the built-in help for this command.

sklnctl export --debug

Starts the Skyline debug mode.

sklnctl export --debug-stop

Stops the Skyline debug mode.

sklnctl export --disable-cp-context-flag <String>

Disables a related Check Point context processor flag.

sklnctl export --enable-cp-context-flag <String>

Enables a related Check Point context processor flag.

sklnctl export --initial-interval <Number>

Time to wait after the first failure before retrying.

Default = 5 seconds.

sklnctl export --max-elapsed-time <Number>

The maximum amount of time (including retries) spent trying to send a request/batch.

If set to 0, the retries are never stopped.

Default = 300 seconds.

Requirements:

  • "max-elapsed-time" > "initial-interval".

  • "max-elapsed-time" > "max-interval".

sklnctl export --max-interval <Number>

The maximum amount of time between consecutive retries.

Default = 30 seconds.

sklnctl export --off

Disables Skyline.

sklnctl export --on

Enables Skyline.

sklnctl export --record

Enables the Skyline record mode.

sklnctl export --record-stop

Disables the Skyline record mode.

sklnctl export --retry-on-failure <Name of Exporter>

Starts the Skyline "retry-on-failure" mode (try to send metrics again, if failed for the first time).

sklnctl export --retry-on-failure-stop <Name of Exporter>

Starts the Skyline "retry-on-failure" mode.

sklnctl export --set "$(cat /<Path>/<File with JSON Payload>.json)"

Loads the JSON payload from the specified file.

sklnctl export --set-env

Sets the environment label for metrics exported to Prometheus (refer to sk179870).