Monitoring Performance (asg perf)
Description
Use the "asg perf
" command in Gaia gClish The name of the global command line shell in Check Point Gaia operating system for Security Appliances connected to Check Point Quantum Maestro Orchestrators. Commands you run in this shell apply to all Security Appliances in the Security Group. or the Expert mode to monitor continuously the key performance indicators and load statistics.
There are different commands for IPv4 and IPv6 traffic.
You can show the performance statistics for IPv4 traffic, IPv6 traffic, or for all traffic.
The command output automatically updates after a predefined interval (default is 10 seconds).
To stop the command and return to the command line, press the e key.
Syntax
|
|
|
|
|
Parameters
Parameter |
Description |
---|---|
|
Shows the built-in help. |
|
|
|
Applies to Virtual Systems as specified by the <VS IDs> can be:
This parameter is only applicable in a VSX Virtual System Extension. Check Point virtual networking solution, hosted on a computer or cluster with virtual abstractions of Check Point Security Gateways and other network devices. These Virtual Devices provide the same functionality as their physical counterparts. environment. |
|
Shows statistics for each Security Group Member. Adds a performance summary for each Security Group Member. |
|
Shows statistics for each Virtual System. Note - This parameter is only relevant in a VSX environment. |
|
Shows memory usage for each daemon. Use this with the " Valid values:
|
|
Shows CPU usage for a specified period of time. Use this with the " Valid values:
|
|
Shows detailed statistics and traffic distribution between these paths on the Active
|
|
If no value is specified, the combined performance information shows for both IPv4 and IPv6. |
|
Shows percentages instead of absolute values. |
|
Shows peak (maximum) system performance values. |
|
Resets the peak values and deletes all peaks files and system history files. |
|
Temporarily changes the update interval for the current " Enter a delay value in seconds. The default delay is 10 seconds. |
|
Notes:
|
Examples
Notes:
-
By default, absolute values are shown.
-
Unless otherwise specified, the combined statistics for IPv4 and IPv6 are shown.
-
When no Security Group Members are specified, performance statistics are shown for the Active Security Group Member only.
Make sure to enable the resource control monitoring on all Security Group Members.
Run in the Expert mode on the Security Group:
|
By default, absolute values are shown.
Notes:
-
Average, minimum and maximum values are calculated across all active Security Group Members.
-
The Security Group Member ID with the minimum and maximum value shows in brackets for each Security Group Member.
-
Unless otherwise specified, the combined statistics for both IPv4 and IPv6 are shown.
-
When no Security Group Members are specified, performance statistics are shown for the active Security Group Member only.
This example the output for the Virtual Systems 0 and 1.
This example shows detailed performance information for each Security Group Member and traffic distribution between different paths. It also shows VPN throughput and connections.
The "-vv mem
" parameter shows memory usage for each Virtual System across all active Security Group Members.
Notes:
-
The Security Group Member that uses the most user space memory on Virtual System 1 is Security Group Member
1_01
-
The Security Group Member that uses the least
fwk
daemon memory on Virtual System 3 is Security Group Member1_02
-
This information shows only if
vsxmstat
is enabled forperfanalyze
use -
Make sure that the
vsxmstat
feature is enabled (vsxmstat status_raw
)
Description
Use the "asg perf
" command in Gaia Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. gClish or the Expert mode to monitor continuously the key performance indicators and load statistics.
There are different commands for IPv4 and IPv6 traffic.
You can show the performance statistics for IPv4 traffic, IPv6 traffic, or for all traffic.
The command output automatically updates after a predefined interval (default is 10 seconds).
To stop the command and return to the command line, press the e key.
Syntax
|
|
|
|
|
Parameters
Parameter |
Description |
---|---|
|
Shows the built-in help. |
|
Applies to Security Group Members as specified by the
|
|
Applies to Virtual Systems as specified by the <VS IDs> can be:
This parameter is only applicable in a VSX environment. |
|
Shows statistics for each Security Group Member. Adds a performance summary for each Security Group Member. |
|
Shows statistics for each Virtual System. Note - This parameter is only relevant in a VSX environment. |
|
Shows memory usage for each daemon. Use this with the " Valid values:
|
|
Shows CPU usage for a specified period of time. Use this with the " Valid values:
|
|
Shows detailed statistics and traffic distribution between these paths on the Active
|
|
If no value is specified, the combined performance information shows for both IPv4 and IPv6. |
|
Shows percentages instead of absolute values. |
|
Shows peak (maximum) system performance values. |
|
Resets the peak values and deletes all peaks files and system history files. |
|
Temporarily changes the update interval for the current " Enter a delay value in seconds. The default delay is 10 seconds. |
|
Notes:
|
Examples
Notes:
-
By default, absolute values are shown.
-
Unless otherwise specified, the combined statistics for IPv4 and IPv6 are shown.
-
When no Security Group Members are specified, performance statistics are shown for the Active Security Group Member only.
Make sure to enable the resource control monitoring on all Security Group Members.
Run in the Expert mode on the Security Group:
|
By default, absolute values are shown.
Notes:
-
Average, minimum and maximum values are calculated across all active Security Group Members.
-
The Security Group Member ID with the minimum and maximum value shows in brackets for each Security Group Member.
-
Unless otherwise specified, the combined statistics for both IPv4 and IPv6 are shown.
-
When no Security Group Members are specified, performance statistics are shown for the active Security Group Member only.
This example shows peak values for one Virtual System.
This example shows detailed performance information for each Security Group Member and traffic distribution between different paths. It also shows VPN throughput and connections.
The "-vv mem
" parameter shows memory usage for each Virtual System across all active Security Group Members.
Notes:
-
The Security Group Member that uses the most user space memory on Virtual System 1 is Security Group Member
1_01
-
The Security Group Member that uses the least
fwk
daemon memory on Virtual System 3 is Security Group Member1_02
-
This information shows only if
vsxmstat
is enabled forperfanalyze
use -
Make sure that the
vsxmstat
feature is enabled (vsxmstat status_raw
)