The following script is used to monitor the basic functions of the WatchGuard firewall via snmpwalk scripts and are processed to provide easy-to-read data. It can be run separately or integrated into Icinga2 as a monitoring plugin.
Important: snmpwalk command is required for script to run correctly
+Improved the code
+Add check host alive before snmp
+Merge InfoIps, InfoGav and IpsecTunnelNum to one check
1.2 - Fix
+Fix Warning and Critical state
+Add ability to set limits for waring and critical on percentage
+Add ability to set maximum Active Connections for ActiveConns
+Set default variable warning(80)
+Set default variable critical(90)
+Set default variable maximum active connections(3300000)
1.1 - Code improvements
+Improved the code
+Add Check Memory
+Add Check Info Ips Service
+Removed unnecessary code
1.0 - Release
+Release Script
- Download the script and give it privilages for run
curl -LJO https://raw.githubusercontent.com/Kalarumeth/Monitoring-WatchGuard/main/check_watchguard.sh
- Move to Icinga Plugin Dir
Default location: /usr/lib/nagios/plugins
- Add command to Icinga
object CheckCommand "check_watchguard" {
import "plugin-check-command"
command = [ PluginDir + "/check_watchguard.sh" ]
arguments += {
"-ac" = {
order = 4
value = "$watchguard_ac$"
}
"-c" = {
order = 0
required = true
value = "$snmp_community$"
}
"-cr" = {
order = 3
value = "$crit$"
}
"-h" = {
order = 1
required = true
value = "$address$"
}
"-t" = {
order = 5
required = true
value = "$watchguard_type$"
}
"-wa" = {
order = 2
value = "$warn$"
}
}
vars.snmp_community = "public"
}
The Script is designed to monitor the following firewall functions:
- [ac] ActiveConns: Active connections in use and total number of active connections;
OK! Active Connections used: 0.16%
Current Active Connections: 5.412 of 3.300.000
- [cpu] Cpu: Cpu load;
OK! CPU used: 2%
- [data] Transfer: Information of file size send and recive.
Send 1479 GB / Recive 1982 GB
WatchGuard transfer info:
Total Data Send: 1479 GB 1855886728 Pkg
Total Data Recive: 1982 GB 2466423320 Pkg
- [info] Info: Information of Active VPN, Intrusion Prevention Service and Gateway Antivirus Service
VPN active: 7
Gateway Antivirus Service: gav_version:2022020
Last Update: Fri, Feb 04 2022 11:54:03 AM
Intrusion Prevention Service: ips_version:18.196
Last Update: Thu, Feb 03 2022 06:53:47 PM
- [ram] Memory: Ram load;
OK! RAM used: 2,67 / 3,77 GB (71,00 %)
RAM free: 1,10 GB (29,13 %)
Method to compose the execution string:
./check_watchguard.sh -c <SNMP community> -h <host> [-wa <value> -cr <value> -ac <value>] -t <object>
-c --community SNMP v2 community string with Read access.
Default is: public.
-h --host [REQUIRED OPTION] Host name or IP address to check.
Default is: localhost.
-wa --allert-wa Defines the threshold for Warning.
Default is: 80.
-cr --allert-cr Defines the threshold for Critical.
Default is: 90.
-ac --activeconns Defines the threshold for Max ActiveConnection.
Default is: 3300000
-t --type [REQUIRED OPTION] Field for select element to check on WatchGuard Device.
{ ac | cpu | data | info | ram }.
-H --help Show script help.
-V --version Show script version.
Kalarumeth - https://github.com/Kalarumeth
kelups
MIT License - Copyright 2022 Kalarumeth