Dead Packets

12/03/2013

Monitorando Check Point com Zabbix – Parte 2

Filed under: checkpoint,monitoring — drak @ 4:24 PM

Neste artigo iremos importar um template para monitorar firewalls Check Point no Zabbix e validar que a coleta está funcionando.

Não é escopo desse post a instalação do Zabbix mas sim a configuração do SNMP no CheckPoint e a configuração da coleta de dados e exibição de gráficos no Zabbix já instalado, porém é importante lembrar de habilitar o SNMP durante a instalação/compilação do Zabbix.

Este artigo está separado em duas partes, na primeira etapa ativamos o SNMP e agora configuraremos a coleta no Zabbix, caso seu firewall ainda não esteja preparado para fornecer informações via SNMP configure-o.

A princípio vamos definir o que é importante monitorar em um firewall:

  • CPU
  • Memória
  • Tráfego nas interfaces
  • Número de conexões simultâneas

Em específico para um firewall Check Point com SO Secure Platform também é importante monitorar os discos.

Cada um desses itens pode ser esmiuçado para obter mais detalhes, e.g., Memória Real, Swap usada, etc. A proposta aqui é criar um template para coletar todas as informações relevantes para um relatório de tendência de uso do ambiente (capacity) e troubleshooting.

Template Zabbix – CheckPoint SNMP:

<?xml version="1.0" encoding="UTF-8"?>
<zabbix_export>
    <version>2.0</version>
    <date>2013-03-08T17:09:31Z</date>
    <groups>
        <group>
            <name>Templates</name>
        </group>
    </groups>    
	<templates>
        <template>
            <template>Template CheckPoint SNMP</template>
            <name>Template CheckPoint SNMP</name>
            <groups>
                <group>
                    <name>Templates</name>
                </group>
            </groups>
            <applications>
                <application>
                    <name>Check Point General Stats</name>
                </application>
                <application>
                    <name>Connections</name>
                </application>
                <application>
                    <name>CPU</name>
                </application>
                <application>
                    <name>High Availability</name>
                </application>
                <application>
                    <name>Memory</name>
                </application>
                <application>
                    <name>Services</name>
                </application>
                <application>
                    <name>Interfaces</name>
                </application>
                <application>
                    <name>General</name>
                </application>
                <application>
                    <name>Disk partitions</name>
                </application>			
			</applications>
            <items>
                <item>
                    <name>Active real memory</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.6.7.4.4.0</snmp_oid>
                    <key>memActiveReal64</key>
                    <delay>10</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units>B</units>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Memory</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Active total memory</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.6.7.4.2.0</snmp_oid>
                    <key>memActiveVirtual64</key>
                    <delay>10</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units>B</units>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Memory</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Available real memory</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>1</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2021.4.6.0</snmp_oid>
                    <key>memAvailReal</key>
                    <delay>10</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units>B</units>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1024</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Memory</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Current connections</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.1.25.3.0</snmp_oid>
                    <key>fwNumConn</key>
                    <delay>10</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Connections</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Firewall Module State</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.1.1.0</snmp_oid>
                    <key>fwModuleState</key>
                    <delay>900</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>4</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Check Point General Stats</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Firewall Policy Install Time</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.1.25.2.0</snmp_oid>
                    <key>fwInstallTime</key>
                    <delay>900</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>4</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase>{$SNMP_AUTH}</snmpv3_authpassphrase>
                    <snmpv3_privpassphrase>{$SNMP_PRIV}</snmpv3_privpassphrase>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Check Point General Stats</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Hardware Uptime</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>1</multiplier>
                    <snmp_oid>1.3.6.1.2.1.25.1.1.0</snmp_oid>
                    <key>hrSystemUptime</key>
                    <delay>60</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units>uptime</units>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>0.01</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Check Point General Stats</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>High Availability Mode</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.5.11.0</snmp_oid>
                    <key>haWorkMode</key>
                    <delay>900</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>4</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>High Availability</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>High Availability State</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.5.6.0</snmp_oid>
                    <key>haState</key>
                    <delay>900</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>4</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>High Availability</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>ICMP ping response time</name>
                    <type>3</type>
                    <snmp_community/>
                    <multiplier>0</multiplier>
                    <snmp_oid/>
                    <key>icmppingsec</key>
                    <delay>60</delay>
                    <history>7</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>0</value_type>
                    <allowed_hosts/>
                    <units>s</units>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Services</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>OS Name</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.6.5.1.0</snmp_oid>
                    <key>osName</key>
                    <delay>3600</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>4</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>5</inventory_link>
                    <applications>
                        <application>
                            <name>Check Point General Stats</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Peak number of connections</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.1.25.4.0</snmp_oid>
                    <key>fwPeakNumConn</key>
                    <delay>10</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Connections</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Processor system time</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.6.7.2.2.0</snmp_oid>
                    <key>procSysTime</key>
                    <delay>10</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units>%</units>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>CPU</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Processor usage</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.6.7.2.4.0</snmp_oid>
                    <key>procUsage</key>
                    <delay>10</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units>%</units>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>CPU</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Processor user time</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.6.7.2.1.0</snmp_oid>
                    <key>procUsrTime</key>
                    <delay>10</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units>%</units>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>CPU</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Product Name</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.1.10.0</snmp_oid>
                    <key>fwProduct</key>
                    <delay>3600</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>4</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>1</inventory_link>
                    <applications>
                        <application>
                            <name>Check Point General Stats</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Product Version</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.6.4.1.0</snmp_oid>
                    <key>svnVersion</key>
                    <delay>3600</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>4</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>6</inventory_link>
                    <applications>
                        <application>
                            <name>Check Point General Stats</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Real used memory</name>
                    <type>15</type>
                    <snmp_community/>
                    <multiplier>0</multiplier>
                    <snmp_oid/>
                    <key>memUsedReal64</key>
                    <delay>30</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units>bytes</units>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params>memTotalReal64-memFreeReal64</params>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Memory</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>SSH service is running</name>
                    <type>3</type>
                    <snmp_community/>
                    <multiplier>0</multiplier>
                    <snmp_oid/>
                    <key>net.tcp.service[ssh]</key>
                    <delay>60</delay>
                    <history>7</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Services</name>
                        </application>
                    </applications>
                    <valuemap>
                        <name>Service state</name>
                    </valuemap>
                </item>
                <item>
                    <name>Total memory (real + swap)</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2620.1.6.7.4.1.0</snmp_oid>
                    <key>memTotalVirtual64</key>
                    <delay>3600</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units>B</units>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Memory</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Total real memory</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>1</multiplier>
                    <snmp_oid>1.3.6.1.4.1.2021.4.5.0</snmp_oid>
                    <key>memTotalReal</key>
                    <delay>3600</delay>
                    <history>90</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units>B</units>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1024</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description/>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Memory</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Number of network interfaces</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>IF-MIB::ifNumber.0</snmp_oid>
                    <key>ifNumber</key>
                    <delay>3600</delay>
                    <history>7</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description>The number of network interfaces (regardless of their current state) present on this system.</description>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>Interfaces</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>            
                <item>
                    <name>Device contact details</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>SNMPv2-MIB::sysContact.0</snmp_oid>
                    <key>sysContact</key>
                    <delay>3600</delay>
                    <history>7</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>1</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description>The textual identification of the contact person for this managed node, together with information on how to contact this person.  If no contact information is known, the value is the zero-length string.</description>
                    <inventory_link>23</inventory_link>
                    <applications>
                        <application>
                            <name>General</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Device description</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>SNMPv2-MIB::sysDescr.0</snmp_oid>
                    <key>sysDescr</key>
                    <delay>3600</delay>
                    <history>7</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>1</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description>A textual description of the entity.  This value should include the full name and version identification of the system's hardware type, software operating-system, and networking software.</description>
                    <inventory_link>14</inventory_link>
                    <applications>
                        <application>
                            <name>General</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Device location</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>SNMPv2-MIB::sysLocation.0</snmp_oid>
                    <key>sysLocation</key>
                    <delay>3600</delay>
                    <history>7</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>1</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description>The physical location of this node (e.g., `telephone closet, 3rd floor').  If the location is unknown, the value is the zero-length string.</description>
                    <inventory_link>24</inventory_link>
                    <applications>
                        <application>
                            <name>General</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Device name</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>0</multiplier>
                    <snmp_oid>SNMPv2-MIB::sysName.0</snmp_oid>
                    <key>sysName</key>
                    <delay>3600</delay>
                    <history>7</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>1</value_type>
                    <allowed_hosts/>
                    <units/>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>1</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description>An administratively-assigned name for this managed node. By convention, this is the node's fully-qualified domain name.  If the name is unknown, the value is the zero-length string.</description>
                    <inventory_link>3</inventory_link>
                    <applications>
                        <application>
                            <name>General</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>
                <item>
                    <name>Device uptime</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <multiplier>1</multiplier>
                    <snmp_oid>SNMPv2-MIB::sysUpTime.0</snmp_oid>
                    <key>sysUpTime</key>
                    <delay>60</delay>
                    <history>7</history>
                    <trends>365</trends>
                    <status>0</status>
                    <value_type>3</value_type>
                    <allowed_hosts/>
                    <units>uptime</units>
                    <delta>0</delta>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <formula>0.01</formula>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <data_type>0</data_type>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <description>The time since the network management portion of the system was last re-initialized.</description>
                    <inventory_link>0</inventory_link>
                    <applications>
                        <application>
                            <name>General</name>
                        </application>
                    </applications>
                    <valuemap/>
                </item>			
			</items>
            <discovery_rules>
                <discovery_rule>
                    <name>HA Status</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <snmp_oid>CHECKPOINT-MIB::haProblemName</snmp_oid>
                    <key>haProblemName</key>
                    <delay>240</delay>
                    <status>0</status>
                    <allowed_hosts/>
                    <snmpv3_securityname>{$SNMP_SECNAME}</snmpv3_securityname>
                    <snmpv3_securitylevel>2</snmpv3_securitylevel>
                    <snmpv3_authpassphrase>{$SNMP_AUTH}</snmpv3_authpassphrase>
                    <snmpv3_privpassphrase>{$SNMP_PRIV}</snmpv3_privpassphrase>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <filter>:</filter>
                    <lifetime>30</lifetime>
                    <description/>
                    <item_prototypes>
                        <item_prototype>
                            <name>HA Problem Status [{#SNMPVALUE}]</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>CHECKPOINT-MIB::haProblemStatus.{#SNMPINDEX}</snmp_oid>
                            <key>haProblemStatus[{#SNMPVALUE}]</key>
                            <delay>120</delay>
                            <history>90</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>4</value_type>
                            <allowed_hosts/>
                            <units/>
                            <delta>0</delta>
                            <snmpv3_securityname>{$SNMP_SECNAME}</snmpv3_securityname>
                            <snmpv3_securitylevel>2</snmpv3_securitylevel>
                            <snmpv3_authpassphrase>{$SNMP_AUTH}</snmpv3_authpassphrase>
                            <snmpv3_privpassphrase>{$SNMP_PRIV}</snmpv3_privpassphrase>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description/>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Check Point General Stats</name>
                                </application>
                            </applications>
                            <valuemap/>
                        </item_prototype>
                    </item_prototypes>
                    <trigger_prototypes>
                        <trigger_prototype>
                            <expression>{Template CheckPoint SNMP:haProblemStatus[{#SNMPVALUE}].str(OK)}=0</expression>
                            <name>HA Status [{#SNMPVALUE}]</name>
                            <url/>
                            <status>0</status>
                            <priority>3</priority>
                            <description/>
                            <type>0</type>
                        </trigger_prototype>
                    </trigger_prototypes>
                    <graph_prototypes/>
                </discovery_rule>
				<discovery_rule>
                    <name>Network interfaces</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <snmp_oid>IF-MIB::ifDescr</snmp_oid>
                    <key>ifDescr</key>
                    <delay>3600</delay>
                    <status>0</status>
                    <allowed_hosts/>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <filter>:</filter>
                    <lifetime>30</lifetime>
                    <description>You may also consider using IF-MIB::ifType or IF-MIB::ifAlias for discovery depending on your filtering needs.

{$SNMP_COMMUNITY} is a global macro.</description>
                    <item_prototypes>
                        <item_prototype>
                            <name>Admin status of interface $1</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>IF-MIB::ifAdminStatus.{#SNMPINDEX}</snmp_oid>
                            <key>ifAdminStatus[{#SNMPVALUE}]</key>
                            <delay>60</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units/>
                            <delta>0</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description>The desired state of the interface.</description>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Interfaces</name>
                                </application>
                            </applications>
                            <valuemap>
                                <name>SNMP interface status (ifAdminStatus)</name>
                            </valuemap>
                        </item_prototype>
                        <item_prototype>
                            <name>Alias of interface $1</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>IF-MIB::ifAlias.{#SNMPINDEX}</snmp_oid>
                            <key>ifAlias[{#SNMPVALUE}]</key>
                            <delay>3600</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>1</value_type>
                            <allowed_hosts/>
                            <units/>
                            <delta>0</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description/>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Interfaces</name>
                                </application>
                            </applications>
                            <valuemap/>
                        </item_prototype>
                        <item_prototype>
                            <name>Description of interface $1</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>IF-MIB::ifDescr.{#SNMPINDEX}</snmp_oid>
                            <key>ifDescr[{#SNMPVALUE}]</key>
                            <delay>3600</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>1</value_type>
                            <allowed_hosts/>
                            <units/>
                            <delta>0</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description>A textual string containing information about the interface.  This string should include the name of the manufacturer, the product name and the version of the interface hardware/software.</description>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Interfaces</name>
                                </application>
                            </applications>
                            <valuemap/>
                        </item_prototype>
                        <item_prototype>
                            <name>Inbound errors on interface $1</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>IF-MIB::ifInErrors.{#SNMPINDEX}</snmp_oid>
                            <key>ifInErrors[{#SNMPVALUE}]</key>
                            <delay>60</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units/>
                            <delta>1</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description>For packet-oriented interfaces, the number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol.  For character-oriented or fixed-length interfaces, the number of inbound transmission units that contained errors preventing them from being deliverable to a higher-layer protocol.</description>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Interfaces</name>
                                </application>
                            </applications>
                            <valuemap/>
                        </item_prototype>
                        <item_prototype>
                            <name>Incoming traffic on interface $1</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>1</multiplier>
                            <snmp_oid>IF-MIB::ifInOctets.{#SNMPINDEX}</snmp_oid>
                            <key>ifInOctets[{#SNMPVALUE}]</key>
                            <delay>60</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units>bps</units>
                            <delta>1</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>8</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description>The number of octets in valid MAC frames received on this interface, including the MAC header and FCS.</description>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Interfaces</name>
                                </application>
                            </applications>
                            <valuemap/>
                        </item_prototype>
                        <item_prototype>
                            <name>Operational status of interface $1</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>IF-MIB::ifOperStatus.{#SNMPINDEX}</snmp_oid>
                            <key>ifOperStatus[{#SNMPVALUE}]</key>
                            <delay>60</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units/>
                            <delta>0</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description>The current operational state of the interface.</description>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Interfaces</name>
                                </application>
                            </applications>
                            <valuemap>
                                <name>SNMP interface status (ifOperStatus)</name>
                            </valuemap>
                        </item_prototype>
                        <item_prototype>
                            <name>Outbound errors on interface $1</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>IF-MIB::ifOutErrors.{#SNMPINDEX}</snmp_oid>
                            <key>ifOutErrors[{#SNMPVALUE}]</key>
                            <delay>60</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units/>
                            <delta>1</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description>For packet-oriented interfaces, the number of outbound packets that could not be transmitted because of errors. For character-oriented or fixed-length interfaces, the number of outbound transmission units that could not be transmitted because of errors.</description>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Interfaces</name>
                                </application>
                            </applications>
                            <valuemap/>
                        </item_prototype>
                        <item_prototype>
                            <name>Outgoing traffic on interface $1</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>1</multiplier>
                            <snmp_oid>IF-MIB::ifOutOctets.{#SNMPINDEX}</snmp_oid>
                            <key>ifOutOctets[{#SNMPVALUE}]</key>
                            <delay>60</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units>bps</units>
                            <delta>1</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>8</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description>The number of octets transmitted in MAC frames on this interface, including the MAC header and FCS.</description>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Interfaces</name>
                                </application>
                            </applications>
                            <valuemap/>
                        </item_prototype>
                    </item_prototypes>
                    <trigger_prototypes>
                        <trigger_prototype>
                            <expression>{Template CheckPoint SNMP:ifOperStatus[{#SNMPVALUE}].diff(0)}=1</expression>
                            <name>Operational status was changed on {HOST.NAME} interface {#SNMPVALUE}</name>
                            <url/>
                            <status>0</status>
                            <priority>1</priority>
                            <description/>
                            <type>0</type>
                        </trigger_prototype>
                    </trigger_prototypes>
                    <graph_prototypes>
                        <graph_prototype>
                            <name>Traffic on interface {#SNMPVALUE}</name>
                            <width>900</width>
                            <height>200</height>
                            <yaxismin>0.0000</yaxismin>
                            <yaxismax>100.0000</yaxismax>
                            <show_work_period>1</show_work_period>
                            <show_triggers>1</show_triggers>
                            <type>0</type>
                            <show_legend>1</show_legend>
                            <show_3d>0</show_3d>
                            <percent_left>0.0000</percent_left>
                            <percent_right>0.0000</percent_right>
                            <ymin_type_1>0</ymin_type_1>
                            <ymax_type_1>0</ymax_type_1>
                            <ymin_item_1>0</ymin_item_1>
                            <ymax_item_1>0</ymax_item_1>
                            <graph_items>
                                <graph_item>
                                    <sortorder>0</sortorder>
                                    <drawtype>5</drawtype>
                                    <color>00AA00</color>
                                    <yaxisside>0</yaxisside>
                                    <calc_fnc>2</calc_fnc>
                                    <type>0</type>
                                    <item>
                                        <host>Template CheckPoint SNMP</host>
                                        <key>ifInOctets[{#SNMPVALUE}]</key>
                                    </item>
                                </graph_item>
                                <graph_item>
                                    <sortorder>1</sortorder>
                                    <drawtype>5</drawtype>
                                    <color>3333FF</color>
                                    <yaxisside>0</yaxisside>
                                    <calc_fnc>2</calc_fnc>
                                    <type>0</type>
                                    <item>
                                        <host>Template CheckPoint SNMP</host>
                                        <key>ifOutOctets[{#SNMPVALUE}]</key>
                                    </item>
                                </graph_item>
                            </graph_items>
                        </graph_prototype>
                    </graph_prototypes>
                </discovery_rule>
				<discovery_rule>
                    <name>Processor Discovery</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <snmp_oid>CHECKPOINT-MIB::multiProcIndex</snmp_oid>
                    <key>multiProc</key>
                    <delay>240</delay>
                    <status>0</status>
                    <allowed_hosts/>
                    <snmpv3_securityname>{$SNMP_SECNAME}</snmpv3_securityname>
                    <snmpv3_securitylevel>2</snmpv3_securitylevel>
                    <snmpv3_authpassphrase>{$SNMP_AUTH}</snmpv3_authpassphrase>
                    <snmpv3_privpassphrase>{$SNMP_PRIV}</snmpv3_privpassphrase>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <filter>:</filter>
                    <lifetime>30</lifetime>
                    <description/>
                    <item_prototypes>
                        <item_prototype>
                            <name>Processor [{#SNMPVALUE}] Idle Time</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>CHECKPOINT-MIB::multiProcIdleTime.{#SNMPINDEX}</snmp_oid>
                            <key>multiProcIdleTime[{#SNMPVALUE}]</key>
                            <delay>90</delay>
                            <history>90</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units/>
                            <delta>0</delta>
                            <snmpv3_securityname>{$SNMP_SECNAME}</snmpv3_securityname>
                            <snmpv3_securitylevel>2</snmpv3_securitylevel>
                            <snmpv3_authpassphrase>{$SNMP_AUTH}</snmpv3_authpassphrase>
                            <snmpv3_privpassphrase>{$SNMP_PRIV}</snmpv3_privpassphrase>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description/>
                            <inventory_link>0</inventory_link>
                            <applications/>
                            <valuemap/>
                        </item_prototype>
                        <item_prototype>
                            <name>Processor [{#SNMPVALUE}] System Time</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>CHECKPOINT-MIB::multiProcSystemTime.{#SNMPINDEX}</snmp_oid>
                            <key>multiProcSystemTime[{#SNMPVALUE}]</key>
                            <delay>90</delay>
                            <history>90</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units/>
                            <delta>0</delta>
                            <snmpv3_securityname>{$SNMP_SECNAME}</snmpv3_securityname>
                            <snmpv3_securitylevel>2</snmpv3_securitylevel>
                            <snmpv3_authpassphrase>{$SNMP_AUTH}</snmpv3_authpassphrase>
                            <snmpv3_privpassphrase>{$SNMP_PRIV}</snmpv3_privpassphrase>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description/>
                            <inventory_link>0</inventory_link>
                            <applications/>
                            <valuemap/>
                        </item_prototype>
                        <item_prototype>
                            <name>Processor [{#SNMPVALUE}] User Time</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>CHECKPOINT-MIB::multiProcUserTime.{#SNMPINDEX}</snmp_oid>
                            <key>multiProcUserTime[{#SNMPVALUE}]</key>
                            <delay>90</delay>
                            <history>90</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units/>
                            <delta>0</delta>
                            <snmpv3_securityname>{$SNMP_SECNAME}</snmpv3_securityname>
                            <snmpv3_securitylevel>2</snmpv3_securitylevel>
                            <snmpv3_authpassphrase>{$SNMP_AUTH}</snmpv3_authpassphrase>
                            <snmpv3_privpassphrase>{$SNMP_PRIV}</snmpv3_privpassphrase>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description/>
                            <inventory_link>0</inventory_link>
                            <applications/>
                            <valuemap/>
                        </item_prototype>
                    </item_prototypes>
                    <trigger_prototypes>
                        <trigger_prototype>
                            <expression>{Template CheckPoint SNMP:multiProcIdleTime[{#SNMPVALUE}].avg(300)}&lt;25</expression>
                            <name>{HOSTNAME} Processor usage high on CPU {#SNMPVALUE}</name>
                            <url/>
                            <status>0</status>
                            <priority>3</priority>
                            <description/>
                            <type>0</type>
                        </trigger_prototype>
                    </trigger_prototypes>
                    <graph_prototypes>
                        <graph_prototype>
                            <name>Processor usage CPU {#SNMPVALUE}</name>
                            <width>900</width>
                            <height>200</height>
                            <yaxismin>0.0000</yaxismin>
                            <yaxismax>100.0000</yaxismax>
                            <show_work_period>1</show_work_period>
                            <show_triggers>0</show_triggers>
                            <type>1</type>
                            <show_legend>1</show_legend>
                            <show_3d>0</show_3d>
                            <percent_left>0.0000</percent_left>
                            <percent_right>0.0000</percent_right>
                            <ymin_type_1>0</ymin_type_1>
                            <ymax_type_1>0</ymax_type_1>
                            <ymin_item_1>0</ymin_item_1>
                            <ymax_item_1>0</ymax_item_1>
                            <graph_items>
                                <graph_item>
                                    <sortorder>0</sortorder>
                                    <drawtype>1</drawtype>
                                    <color>CC0000</color>
                                    <yaxisside>0</yaxisside>
                                    <calc_fnc>2</calc_fnc>
                                    <type>0</type>
                                    <item>
                                        <host>Template CheckPoint SNMP</host>
                                        <key>multiProcSystemTime[{#SNMPVALUE}]</key>
                                    </item>
                                </graph_item>
                                <graph_item>
                                    <sortorder>1</sortorder>
                                    <drawtype>1</drawtype>
                                    <color>0000C8</color>
                                    <yaxisside>0</yaxisside>
                                    <calc_fnc>2</calc_fnc>
                                    <type>0</type>
                                    <item>
                                        <host>Template CheckPoint SNMP</host>
                                        <key>multiProcUserTime[{#SNMPVALUE}]</key>
                                    </item>
                                </graph_item>
                                <graph_item>
                                    <sortorder>2</sortorder>
                                    <drawtype>1</drawtype>
                                    <color>00C800</color>
                                    <yaxisside>0</yaxisside>
                                    <calc_fnc>2</calc_fnc>
                                    <type>0</type>
                                    <item>
                                        <host>Template CheckPoint SNMP</host>
                                        <key>multiProcIdleTime[{#SNMPVALUE}]</key>
                                    </item>
                                </graph_item>
                            </graph_items>
                        </graph_prototype>
                    </graph_prototypes>
                </discovery_rule>
                <discovery_rule>
                    <name>Disk partitions</name>
                    <type>4</type>
                    <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                    <snmp_oid>HOST-RESOURCES-MIB::hrStorageDescr</snmp_oid>
                    <key>hrStorageDescr</key>
                    <delay>3600</delay>
                    <status>0</status>
                    <allowed_hosts/>
                    <snmpv3_securityname/>
                    <snmpv3_securitylevel>0</snmpv3_securitylevel>
                    <snmpv3_authpassphrase/>
                    <snmpv3_privpassphrase/>
                    <delay_flex/>
                    <params/>
                    <ipmi_sensor/>
                    <authtype>0</authtype>
                    <username/>
                    <password/>
                    <publickey/>
                    <privatekey/>
                    <port/>
                    <filter>{#SNMPVALUE}:@Storage devices for SNMP discovery</filter>
                    <lifetime>30</lifetime>
                    <description>The rule will discover all dis partitions matching the global regexp &quot;Storage devices for SNMP discovery&quot;.

{$SNMP_COMMUNITY} is a global macro.</description>
                    <item_prototypes>
                        <item_prototype>
                            <name>Allocation units for storage $1</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>HOST-RESOURCES-MIB::hrStorageAllocationUnits.{#SNMPINDEX}</snmp_oid>
                            <key>hrStorageAllocationUnits[{#SNMPVALUE}]</key>
                            <delay>3600</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units>B</units>
                            <delta>0</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description>The size, in bytes, of the data objects allocated from this pool.  If this entry is monitoring sectors, blocks, buffers, or packets, for example, this number will commonly be greater than one.  Otherwise this number will typically be one.</description>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Disk partitions</name>
                                </application>
                            </applications>
                            <valuemap/>
                        </item_prototype>
                        <item_prototype>
                            <name>Description of storage $1</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>HOST-RESOURCES-MIB::hrStorageDescr.{#SNMPINDEX}</snmp_oid>
                            <key>hrStorageDescr[{#SNMPVALUE}]</key>
                            <delay>3600</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>1</value_type>
                            <allowed_hosts/>
                            <units/>
                            <delta>0</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description>A description of the type and instance of the storage described by this entry.</description>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Disk partitions</name>
                                </application>
                            </applications>
                            <valuemap/>
                        </item_prototype>
                        <item_prototype>
                            <name>Total disk space on $1</name>
                            <type>15</type>
                            <snmp_community/>
                            <multiplier>0</multiplier>
                            <snmp_oid/>
                            <key>hrStorageSizeInBytes[{#SNMPVALUE}]</key>
                            <delay>3600</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units>B</units>
                            <delta>0</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>1</formula>
                            <delay_flex/>
                            <params>last(&quot;hrStorageSize[{#SNMPVALUE}]&quot;) * last(&quot;hrStorageAllocationUnits[{#SNMPVALUE}]&quot;)</params>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description>This is a calculated item, we need it to get total disk space in bytes.</description>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Disk partitions</name>
                                </application>
                            </applications>
                            <valuemap/>
                        </item_prototype>
                        <item_prototype>
                            <name>Total disk space on $1 in units</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>HOST-RESOURCES-MIB::hrStorageSize.{#SNMPINDEX}</snmp_oid>
                            <key>hrStorageSize[{#SNMPVALUE}]</key>
                            <delay>3600</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units>units</units>
                            <delta>0</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description>The size of the storage represented by this entry, in units of hrStorageAllocationUnits. This object is writable to allow remote configuration of the size of the storage area in those cases where such an operation makes sense and is possible on the underlying system. For example, the amount of main memory allocated to a buffer pool might be modified or the amount of disk space allocated to virtual memory might be modified.</description>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Disk partitions</name>
                                </application>
                            </applications>
                            <valuemap/>
                        </item_prototype>
                        <item_prototype>
                            <name>Used disk space on $1</name>
                            <type>15</type>
                            <snmp_community/>
                            <multiplier>0</multiplier>
                            <snmp_oid/>
                            <key>hrStorageUsedInBytes[{#SNMPVALUE}]</key>
                            <delay>60</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units>B</units>
                            <delta>0</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>1</formula>
                            <delay_flex/>
                            <params>last(&quot;hrStorageUsed[{#SNMPVALUE}]&quot;) * last(&quot;hrStorageAllocationUnits[{#SNMPVALUE}]&quot;)</params>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description>This is a calculated item, we need it to get used disk space in bytes.</description>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Disk partitions</name>
                                </application>
                            </applications>
                            <valuemap/>
                        </item_prototype>
                        <item_prototype>
                            <name>Used disk space on $1 in units</name>
                            <type>4</type>
                            <snmp_community>{$SNMP_COMMUNITY}</snmp_community>
                            <multiplier>0</multiplier>
                            <snmp_oid>HOST-RESOURCES-MIB::hrStorageUsed.{#SNMPINDEX}</snmp_oid>
                            <key>hrStorageUsed[{#SNMPVALUE}]</key>
                            <delay>60</delay>
                            <history>7</history>
                            <trends>365</trends>
                            <status>0</status>
                            <value_type>3</value_type>
                            <allowed_hosts/>
                            <units>units</units>
                            <delta>0</delta>
                            <snmpv3_securityname/>
                            <snmpv3_securitylevel>0</snmpv3_securitylevel>
                            <snmpv3_authpassphrase/>
                            <snmpv3_privpassphrase/>
                            <formula>1</formula>
                            <delay_flex/>
                            <params/>
                            <ipmi_sensor/>
                            <data_type>0</data_type>
                            <authtype>0</authtype>
                            <username/>
                            <password/>
                            <publickey/>
                            <privatekey/>
                            <port/>
                            <description>The amount of the storage represented by this entry that is allocated, in units of hrStorageAllocationUnits.</description>
                            <inventory_link>0</inventory_link>
                            <applications>
                                <application>
                                    <name>Disk partitions</name>
                                </application>
                            </applications>
                            <valuemap/>
                        </item_prototype>
                    </item_prototypes>
                    <trigger_prototypes>
                        <trigger_prototype>
                            <expression>{Template CheckPoint SNMP:hrStorageUsed[{#SNMPVALUE}].last(0)} / {Template CheckPoint SNMP:hrStorageSize[{#SNMPVALUE}].last(0)} &gt; 0.8</expression>
                            <name>Free disk space is less than 20% on volume {#SNMPVALUE}</name>
                            <url/>
                            <status>0</status>
                            <priority>2</priority>
                            <description/>
                            <type>0</type>
                        </trigger_prototype>
                    </trigger_prototypes>
                    <graph_prototypes>
                        <graph_prototype>
                            <name>Disk space usage {#SNMPVALUE}</name>
                            <width>600</width>
                            <height>340</height>
                            <yaxismin>0.0000</yaxismin>
                            <yaxismax>0.0000</yaxismax>
                            <show_work_period>0</show_work_period>
                            <show_triggers>0</show_triggers>
                            <type>2</type>
                            <show_legend>1</show_legend>
                            <show_3d>1</show_3d>
                            <percent_left>0.0000</percent_left>
                            <percent_right>0.0000</percent_right>
                            <ymin_type_1>0</ymin_type_1>
                            <ymax_type_1>0</ymax_type_1>
                            <ymin_item_1>0</ymin_item_1>
                            <ymax_item_1>0</ymax_item_1>
                            <graph_items>
                                <graph_item>
                                    <sortorder>0</sortorder>
                                    <drawtype>0</drawtype>
                                    <color>00C800</color>
                                    <yaxisside>0</yaxisside>
                                    <calc_fnc>2</calc_fnc>
                                    <type>2</type>
                                    <item>
                                        <host>Template CheckPoint SNMP</host>
                                        <key>hrStorageSizeInBytes[{#SNMPVALUE}]</key>
                                    </item>
                                </graph_item>
                                <graph_item>
                                    <sortorder>1</sortorder>
                                    <drawtype>0</drawtype>
                                    <color>C80000</color>
                                    <yaxisside>0</yaxisside>
                                    <calc_fnc>2</calc_fnc>
                                    <type>0</type>
                                    <item>
                                        <host>Template CheckPoint SNMP</host>
                                        <key>hrStorageUsedInBytes[{#SNMPVALUE}]</key>
                                    </item>
                                </graph_item>
                            </graph_items>
                        </graph_prototype>
                    </graph_prototypes>
                </discovery_rule>            
			</discovery_rules>
            <macros/>
			<templates/>
            <screens>
                <screen>
                    <name>Check Point Screen</name>
                    <hsize>2</hsize>
                    <vsize>3</vsize>
                    <screen_items>
                        <screen_item>
                            <resourcetype>0</resourcetype>
                            <width>500</width>
                            <height>100</height>
                            <x>0</x>
                            <y>0</y>
                            <colspan>1</colspan>
                            <rowspan>1</rowspan>
                            <elements>0</elements>
                            <valign>0</valign>
                            <halign>0</halign>
                            <style>0</style>
                            <url/>
                            <dynamic>0</dynamic>
                            <sort_triggers>0</sort_triggers>
                            <resource>
                                <name>Processor usage</name>
                                <host>Template CheckPoint SNMP</host>
                            </resource>
                        </screen_item>
                        <screen_item>
                            <resourcetype>0</resourcetype>
                            <width>500</width>
                            <height>100</height>
                            <x>1</x>
                            <y>0</y>
                            <colspan>1</colspan>
                            <rowspan>1</rowspan>
                            <elements>0</elements>
                            <valign>0</valign>
                            <halign>0</halign>
                            <style>0</style>
                            <url/>
                            <dynamic>0</dynamic>
                            <sort_triggers>0</sort_triggers>
                            <resource>
                                <name>Connections</name>
                                <host>Template CheckPoint SNMP</host>
                            </resource>
                        </screen_item>
                        <screen_item>
                            <resourcetype>0</resourcetype>
                            <width>500</width>
                            <height>100</height>
                            <x>1</x>
                            <y>1</y>
                            <colspan>1</colspan>
                            <rowspan>1</rowspan>
                            <elements>0</elements>
                            <valign>0</valign>
                            <halign>0</halign>
                            <style>0</style>
                            <url/>
                            <dynamic>0</dynamic>
                            <sort_triggers>0</sort_triggers>
                            <resource>
                                <name>Response time</name>
                                <host>Template CheckPoint SNMP</host>
                            </resource>
                        </screen_item>
                        <screen_item>
                            <resourcetype>0</resourcetype>
                            <width>500</width>
                            <height>100</height>
                            <x>0</x>
                            <y>2</y>
                            <colspan>1</colspan>
                            <rowspan>1</rowspan>
                            <elements>0</elements>
                            <valign>0</valign>
                            <halign>0</halign>
                            <style>0</style>
                            <url/>
                            <dynamic>0</dynamic>
                            <sort_triggers>0</sort_triggers>
                            <resource>
                                <name>Memory usage</name>
                                <host>Template CheckPoint SNMP</host>
                            </resource>
                        </screen_item>
                    </screen_items>
                </screen>
            </screens>
        </template>
    </templates>
    <triggers>
        <trigger>
            <expression>{Template CheckPoint SNMP:icmppingsec.last(0)}&gt;1</expression>
            <name>ICMP ping response too slow from {HOST.NAME}</name>
            <url/>
            <status>0</status>
            <priority>2</priority>
            <description>Host reponses to ICMP ping but too slowly. Might be CPU load on host or network traffic causing this.</description>
            <type>0</type>
            <dependencies/>
        </trigger>
        <trigger>
            <expression>({Template CheckPoint SNMP:procSysTime.last(20)}+{Template CheckPoint SNMP:procUsrTime.last(20)}) &gt; 50 &amp; ({Template CheckPoint SNMP:procSysTime.last(20)}+{Template CheckPoint SNMP:procUsrTime.last(20)}) &lt; 70</expression>
            <name>Processor usage above 50%</name>
            <url/>
            <status>0</status>
            <priority>1</priority>
            <description/>
            <type>0</type>
            <dependencies/>
        </trigger>
        <trigger>
            <expression>({Template CheckPoint SNMP:procSysTime.last(20)}+{Template CheckPoint SNMP:procUsrTime.last(20)}) &gt; 70 &amp; ({Template CheckPoint SNMP:procSysTime.last(20)}+{Template CheckPoint SNMP:procUsrTime.last(20)}) &lt; 90</expression>
            <name>Processor usage above 70%</name>
            <url/>
            <status>0</status>
            <priority>2</priority>
            <description/>
            <type>0</type>
            <dependencies/>
        </trigger>
        <trigger>
            <expression>({Template CheckPoint SNMP:procSysTime.last(20)}+{Template CheckPoint SNMP:procUsrTime.last(20)}) &gt; 90 &amp; ({Template CheckPoint SNMP:procSysTime.last(20)}+{Template CheckPoint SNMP:procUsrTime.last(20)}) &lt; 100</expression>
            <name>Processor usage above 90%</name>
            <url/>
            <status>0</status>
            <priority>3</priority>
            <description/>
            <type>0</type>
            <dependencies/>
        </trigger>
        <trigger>
            <expression>({Template CheckPoint SNMP:procSysTime.last(20)}+{Template CheckPoint SNMP:procUsrTime.last(20)}) = 100</expression>
            <name>Processor usage on 100%</name>
            <url/>
            <status>0</status>
            <priority>4</priority>
            <description/>
            <type>0</type>
            <dependencies/>
        </trigger>
        <trigger>
            <expression>{Template CheckPoint SNMP:net.tcp.service[ssh].last(0)}=0</expression>
            <name>SSH service is down on {HOST.NAME}</name>
            <url/>
            <status>0</status>
            <priority>3</priority>
            <description/>
            <type>0</type>
            <dependencies/>
        </trigger>
        <trigger>
            <expression>{Template CheckPoint SNMP:haWorkMode.diff(0)}=1 | {Template CheckPoint SNMP:haState.diff(0)}=1</expression>
            <name>{HOSTNAME} HA State Change</name>
            <url/>
            <status>0</status>
            <priority>2</priority>
            <description/>
            <type>0</type>
            <dependencies/>
        </trigger>
        <trigger>
            <expression>{Template CheckPoint SNMP:haState.str(active)}=0 &amp; {Template CheckPoint SNMP:haState.str(standby)}=0</expression>
            <name>{HOSTNAME} HA State not Active/Standby</name>
            <url/>
            <status>0</status>
            <priority>3</priority>
            <description/>
            <type>0</type>
            <dependencies/>
        </trigger>
        <trigger>
            <expression>{Template CheckPoint SNMP:fwInstallTime.diff(0)}=1</expression>
            <name>{HOSTNAME} Policy installed</name>
            <url/>
            <status>0</status>
            <priority>1</priority>
            <description/>
            <type>0</type>
            <dependencies/>
        </trigger>
    </triggers>
    <graphs>
        <graph>
            <name>Connections</name>
            <width>900</width>
            <height>200</height>
            <yaxismin>0.0000</yaxismin>
            <yaxismax>100.0000</yaxismax>
            <show_work_period>1</show_work_period>
            <show_triggers>1</show_triggers>
            <type>0</type>
            <show_legend>1</show_legend>
            <show_3d>0</show_3d>
            <percent_left>0.0000</percent_left>
            <percent_right>0.0000</percent_right>
            <ymin_type_1>0</ymin_type_1>
            <ymax_type_1>0</ymax_type_1>
            <ymin_item_1>0</ymin_item_1>
            <ymax_item_1>0</ymax_item_1>
            <graph_items>
                <graph_item>
                    <sortorder>0</sortorder>
                    <drawtype>0</drawtype>
                    <color>00C800</color>
                    <yaxisside>0</yaxisside>
                    <calc_fnc>2</calc_fnc>
                    <type>0</type>
                    <item>
                        <host>Template CheckPoint SNMP</host>
                        <key>fwNumConn</key>
                    </item>
                </graph_item>
            </graph_items>
        </graph>
        <graph>
            <name>Memory usage</name>
            <width>900</width>
            <height>200</height>
            <yaxismin>0.0000</yaxismin>
            <yaxismax>100.0000</yaxismax>
            <show_work_period>1</show_work_period>
            <show_triggers>1</show_triggers>
            <type>0</type>
            <show_legend>1</show_legend>
            <show_3d>0</show_3d>
            <percent_left>0.0000</percent_left>
            <percent_right>0.0000</percent_right>
            <ymin_type_1>0</ymin_type_1>
            <ymax_type_1>0</ymax_type_1>
            <ymin_item_1>0</ymin_item_1>
            <ymax_item_1>
                <host>Template CheckPoint SNMP</host>
                <key>memTotalVirtual64</key>
            </ymax_item_1>
            <graph_items>
                <graph_item>
                    <sortorder>1</sortorder>
                    <drawtype>1</drawtype>
                    <color>C80000</color>
                    <yaxisside>0</yaxisside>
                    <calc_fnc>2</calc_fnc>
                    <type>0</type>
                    <item>
                        <host>Template CheckPoint SNMP</host>
                        <key>memActiveReal64</key>
                    </item>
                </graph_item>
                <graph_item>
                    <sortorder>0</sortorder>
                    <drawtype>1</drawtype>
                    <color>00C800</color>
                    <yaxisside>0</yaxisside>
                    <calc_fnc>2</calc_fnc>
                    <type>0</type>
                    <item>
                        <host>Template CheckPoint SNMP</host>
                        <key>memActiveVirtual64</key>
                    </item>
                </graph_item>
            </graph_items>
        </graph>
        <graph>
            <name>Processor usage</name>
            <width>900</width>
            <height>200</height>
            <yaxismin>0.0000</yaxismin>
            <yaxismax>100.0000</yaxismax>
            <show_work_period>1</show_work_period>
            <show_triggers>1</show_triggers>
            <type>1</type>
            <show_legend>1</show_legend>
            <show_3d>0</show_3d>
            <percent_left>0.0000</percent_left>
            <percent_right>0.0000</percent_right>
            <ymin_type_1>0</ymin_type_1>
            <ymax_type_1>0</ymax_type_1>
            <ymin_item_1>0</ymin_item_1>
            <ymax_item_1>0</ymax_item_1>
            <graph_items>
                <graph_item>
                    <sortorder>1</sortorder>
                    <drawtype>0</drawtype>
                    <color>C80000</color>
                    <yaxisside>0</yaxisside>
                    <calc_fnc>2</calc_fnc>
                    <type>0</type>
                    <item>
                        <host>Template CheckPoint SNMP</host>
                        <key>procSysTime</key>
                    </item>
                </graph_item>
                <graph_item>
                    <sortorder>0</sortorder>
                    <drawtype>0</drawtype>
                    <color>00C800</color>
                    <yaxisside>0</yaxisside>
                    <calc_fnc>2</calc_fnc>
                    <type>0</type>
                    <item>
                        <host>Template CheckPoint SNMP</host>
                        <key>procUsrTime</key>
                    </item>
                </graph_item>
            </graph_items>
        </graph>
        <graph>
            <name>Response time</name>
            <width>900</width>
            <height>200</height>
            <yaxismin>0.0000</yaxismin>
            <yaxismax>100.0000</yaxismax>
            <show_work_period>1</show_work_period>
            <show_triggers>1</show_triggers>
            <type>0</type>
            <show_legend>1</show_legend>
            <show_3d>0</show_3d>
            <percent_left>0.0000</percent_left>
            <percent_right>0.0000</percent_right>
            <ymin_type_1>0</ymin_type_1>
            <ymax_type_1>0</ymax_type_1>
            <ymin_item_1>0</ymin_item_1>
            <ymax_item_1>0</ymax_item_1>
            <graph_items>
                <graph_item>
                    <sortorder>0</sortorder>
                    <drawtype>0</drawtype>
                    <color>C80000</color>
                    <yaxisside>0</yaxisside>
                    <calc_fnc>2</calc_fnc>
                    <type>0</type>
                    <item>
                        <host>Template CheckPoint SNMP</host>
                        <key>icmppingsec</key>
                    </item>
                </graph_item>
            </graph_items>
        </graph>
    </graphs>
</zabbix_export>

Abaixo irei detalhar os OIDs mais interessantes, não necessariamente coletei todos no template, mas caso surja alguma necessidade especial podemos facilmente consultar os principais itens abaixo e estender o template disponível para download quando necessário.

# UC Davis MIB - UCD-SNMP-MIB
# Os itens comentados são apenas para entender o caminho utilizado, facilitando
# caso esteja buscando algum outro item próximo
# ucdavis		1.3.6.1.4.1.2021
# memory		1.3.6.1.4.1.2021.4
# dskTable	    1.3.6.1.4.1.2021.9
# systemStats	1.3.6.1.4.1.2021.11

# CPU [%] - UCD-SNMP-MIB
ssCpuUser		1.3.6.1.4.1.2021.11.9		! Processor user time
ssCpuSystem		1.3.6.1.4.1.2021.11.10		! Processor system time
ssCpuIdle		1.3.6.1.4.1.2021.11.11		! Processor idle time

# Memoria [kbytes] - UCD-SNMP-MIB
memTotalSwap	1.3.6.1.4.1.2021.4.3		! Total swap space
memAvailSwap	1.3.6.1.4.1.2021.4.4		! Free swap space
memTotalReal	1.3.6.1.4.1.2021.4.5		! Total real memory
memAvailReal	1.3.6.1.4.1.2021.4.6		! Available real memory

# Interfaces - IF-MIB
# Para as interfaces vamos utilizar o template já definido no Zabbix
# pois há a necessidade do discovery devido ao número de interfaces ser variável
ifIndex				1.3.6.1.2.1.2.2.1.1
ifDescr				1.3.6.1.2.1.2.2.1.2
ifType				1.3.6.1.2.1.2.2.1.3
ifMtu				1.3.6.1.2.1.2.2.1.4
ifSpeed				1.3.6.1.2.1.2.2.1.5
ifPhysAddress		1.3.6.1.2.1.2.2.1.6
ifAdminStatus		1.3.6.1.2.1.2.2.1.7
ifOperStatus		1.3.6.1.2.1.2.2.1.8
ifLastChange		1.3.6.1.2.1.2.2.1.9
ifInOctets			1.3.6.1.2.1.2.2.1.10
ifInUcastPkts		1.3.6.1.2.1.2.2.1.11
ifInNUcastPkts		1.3.6.1.2.1.2.2.1.12
ifInDiscards		1.3.6.1.2.1.2.2.1.13
ifInErrors			1.3.6.1.2.1.2.2.1.14
ifInUnknownProtos	1.3.6.1.2.1.2.2.1.15
ifOutOctets			1.3.6.1.2.1.2.2.1.16
ifOutDiscards		1.3.6.1.2.1.2.2.1.19
ifOutErrors			1.3.6.1.2.1.2.2.1.20

# Disco - UCD-SNMP-MIB
dskIndex	    1.3.6.1.4.1.2021.9.1.1
dskPath	        1.3.6.1.4.1.2021.9.1.2
dskDevice	    1.3.6.1.4.1.2021.9.1.3
dskMinimum	    1.3.6.1.4.1.2021.9.1.4
dskMinPercent	1.3.6.1.4.1.2021.9.1.5
dskTotal	    1.3.6.1.4.1.2021.9.1.6
dskAvail	    1.3.6.1.4.1.2021.9.1.7
dskUsed	        1.3.6.1.4.1.2021.9.1.8
dskPercent	    1.3.6.1.4.1.2021.9.1.9
dskPercentNode	1.3.6.1.4.1.2021.9.1.10
dskErrorFlag	1.3.6.1.4.1.2021.9.1.100
dskErrorMsg	    1.3.6.1.4.1.2021.9.1.101

# HOST-RESOURCES-MIB
# Não use o sysUpTimeInstance (1.3.6.1.2.1.1.3.0) pois esse é o uptime do
# daemon SNMP, não necessariamente do hardware
# Uptime [timeticks, 0.01s]
hrSystemUptime	1.3.6.1.2.1.25.1.1

Algumas métricas você também pode coletar diretamente da MIB da Check Point, como CPU. Existem algumas métricas exclusivas nessa MIB como o número de conexões estabelecidas.

# Check Point MIB
# checkpoint	    1.3.6.1.4.1.2620
# products 		    1.3.6.1.4.1.2620.1
# fw			    1.3.6.1.4.1.2620.1.1
# fwPolicyStat	    1.3.6.1.4.1.2620.1.1.25
# fwIfTable		    1.3.6.1.4.1.2620.1.1.25.5		! Interfaces
# fwIfEntry		    1.3.6.1.4.1.2620.1.1.25.5.1		! Interfaces
# svn			    1.3.6.1.4.1.2620.1.6
# svnPerf		    1.3.6.1.4.1.2620.1.6.7
# svnProc		    1.3.6.1.4.1.2620.1.6.7.2		! CPU
# svnMem64		    1.3.6.1.4.1.2620.1.6.7.4		! Memória

# CPU [%]
procUsrTime		    1.3.6.1.4.1.2620.1.6.7.2.1		! Processor user time
procSysTime		    1.3.6.1.4.1.2620.1.6.7.2.2		! Processor system time
procIdleTime		1.3.6.1.4.1.2620.1.6.7.2.3		! Processor idle time
procUsage		    1.3.6.1.4.1.2620.1.6.7.2.4		! Processor usage

# Memória [bytes]
memTotalVirtual64	1.3.6.1.4.1.2620.1.6.7.4.1		! Total memory (real + swap)
memActiveVirtual64	1.3.6.1.4.1.2620.1.6.7.4.2		! Active total memory
memTotalReal64		1.3.6.1.4.1.2620.1.6.7.4.3		! Total real memory
memActiveReal64		1.3.6.1.4.1.2620.1.6.7.4.4		! Active real memory
memFreeReal64		1.3.6.1.4.1.2620.1.6.7.4.5		! Available real memory

# Interfaces
fwIfIndex	        1.3.6.1.4.1.2620.1.1.25.5.1.1
fwIfName	        1.3.6.1.4.1.2620.1.1.25.5.1.2
fwAcceptPcktsIn	    1.3.6.1.4.1.2620.1.1.25.5.1.5
fwAcceptPcktsOut	1.3.6.1.4.1.2620.1.1.25.5.1.6
fwAcceptBytesIn	    1.3.6.1.4.1.2620.1.1.25.5.1.7
fwAcceptBytesOut	1.3.6.1.4.1.2620.1.1.25.5.1.8
fwDropPcktsIn	    1.3.6.1.4.1.2620.1.1.25.5.1.9
fwDropPcktsOut	    1.3.6.1.4.1.2620.1.1.25.5.1.10
fwRejectPcktsIn	    1.3.6.1.4.1.2620.1.1.25.5.1.11
fwRejectPcktsOut    1.3.6.1.4.1.2620.1.1.25.5.1.12
fwLogIn	            1.3.6.1.4.1.2620.1.1.25.5.1.13
fwLogOut	        1.3.6.1.4.1.2620.1.1.25.5.1.14

# Connections
fwNumConn		    1.3.6.1.4.1.2620.1.1.25.3		! Current connections
fwPeakNumConn	    1.3.6.1.4.1.2620.1.1.25.4		! Peak number of connections

# VPN
# É possivel validar o valor do OID cpvCurrEspSAsIn com
# o comando "fw tab -t userc_users -s"
cpvCurrEspSAsIn	    1.3.6.1.4.1.2620.1.2.5.2.1      ! Remote Access User Count

# High Availability
haState				1.3.6.1.4.1.2620.1.5.6			! High Availability State
haWorkMode			1.3.6.1.4.1.2620.1.5.11			! High Availability Mode

# Check Point General Stats
svnVersion			1.3.6.1.4.1.2620.1.6.4.1		! Product Version
fwModuleState		1.3.6.1.4.1.2620.1.1.1			! Firewall Module State
fwProduct			1.3.6.1.4.1.2620.1.1.10			! Product name
fwInstallTime		1.3.6.1.4.1.2620.1.1.25.2		! Firewall Policy Install Time
osName				1.3.6.1.4.1.2620.1.6.5.1		! OS name

Após definir as OIDs mais importantes para coleta, criei um template para Check Point (com SO Secure Platform), usei trechos das SNMPs já existentes no Zabbix mas elas estão incorporadas no template, de forma que o mesmo é totalmente independente (não tem link com os outros templates).

Referências
UCD-SNMP-MIB
IF-MIB
HOST-RESOURCES-MIB
CHECKPOINT-MIB
Check Point Products SNMP MIB
SecurePlatform OS SNMP MIB
SNMP OID for the number Remote Access users (SR/SC/EPC/SNX) currently connected to a VPN-1 gateway
Linux OID’s for CPU,Memory and Disk Statistics
Zabbix 2 CheckPoint SNMP template
Monitoring Checkpoint Firewalls with SNMP
Check Point Firewall Metrics
Oracle® Enterprise Manager System Monitoring Plug-in Metric Reference Manual for Network Management
In search of Firewalls KPIs

Anúncios

Deixe um comentário »

Nenhum comentário ainda.

RSS feed for comments on this post. TrackBack URI

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s

Crie um website ou blog gratuito no WordPress.com.

%d blogueiros gostam disto: