Alert Modes
The Alert Modes are:
-
Enabled - The system sends an alert for the selected events.
-
Disabled - The system does not send alerts for the selected events.
-
Monitor - The system generates a log entry instead of an alert.
Diagnostic Events
|
|
Best Practice - Run the " |
If the test fails, an alert appears. The alerts continue to appear in the Message of the Day (MOTD) until the issues are resolved.
When the issues are resolved, a Clear Alert message appears the next time the test runs.
You can manually run the "smo verifiers" command (the "show smo verifiers report" command) to confirm the issue is resolved.
Important Notes
-
By default, the tests run at 01h:00m each night.
Changing the default time
Step
Instructions
1
Connect to the command line on the Security Group
A logical group of Security Gateway Modules that provides Active/Active cluster functionality. A Security Group can contain one or more Security Gateway Modules. Security Groups work separately and independently from each other. To the production networks, a Security Group appears a single Security Gateway..2
Log in to the Expert mode.
3
Edit the
$SMODIR/conf/asgsnmp.conffile:vi $SMODIR/conf/asgsnmp.conf4
Change the value in this line:
asg_diag_alert_wrapper5
Save the changes in the file and exit the editor.
6
Copy this file to all other Security Group Members:
asg_cp2blades $SMODIR/conf/asgsnmp.conf -
By default, all tests run.
Excluding the tests
Note - When you manually run the "
show smo verifiers report" command, the complete set of tests runs, even those you excluded.Step
Instructions
1
Connect to the command line on the Security Group.
2
Log in to the Expert mode.
3
Run:
$SMODIR/conf/asg_diag_config4
Add this line to the file:
excluded_tests=[<Test1>][,<Test2>,...]5
Save the changes in the file and exit the editor.
6
Copy this file to all other Security Group Members:
asg_cp2blades $SMODIR/conf/asgsnmp.conf -
All failed tests show in the MOTD.
Excluding failed test notifications from the MOTD
Step
Instructions
1
Connect to the command line on the Security Group.
2
Log in to the Expert mode.
3
Run:
# $SMODIR/conf/asg_diag_config4
Set the
failed_tests_motdparameter tooff5
Copy this file to all other Security Group Members:
asg_cp2blades $SMODIR/conf/asg_diag_config6
Go to Gaia gClish
The name of the global command line shell in Check Point Gaia operating system for Security Gateway Modules. Commands you run in this shell apply to all Security Gateway Module in the Security Group.: enter gclishand press Enter.7
Enforce the change:
show smo verifiers reportYou can also wait for the next time the "
smo verifiers" run automatically.Disabling the MOTD feature
Step
Instructions
1
Connect to the command line on the Security Group.
2
Log in to the Expert mode.
3
Edit the
$SMODIR/conf/asg_diag_configfile:vi $SMODIR/conf/asg_diag_config4
Set the value of the
motdparameter tooff.5
Save the changes in the file and exit the editor.
6
Copy this file to all other Security Group Members:
asg_cp2blades $SMODIR/conf/asg_diag_config7
Go to Gaia
Check Point security operating system that combines the strengths of both SecurePlatform and IPSO operating systems. gClish: enter gclishand press Enter.8
Enforce the change:
show smo verifiers reportYou can also wait for the next time the "
smo verifiers" run automatically.
Known Limitations of the SMO Verifiers Test
By default, the "smo verifiers" command only shows a warning about resource mismatches between Security Group Members.
If the verification test results show Passed in the output, no more steps are necessary.
Changing the default behavior
|
Step |
Instructions |
|
|---|---|---|
|
1 |
Connect to the command line on the Security Group. |
|
|
2 |
Log in to the Expert mode. |
|
|
3 |
Edit the
|
|
|
4 |
Search for this parameter:
|
|
|
5 |
Set the value of this parameter to one of these values:
|
|
|
6 |
Save the changes in the file and exit the editor. |
|
|
7 |
Copy this file to all other Security Group Members:
|