I've updated the package to the version 1.6. This version contains an additional check of IPSec tunnel status of a Fortigate firewall. It works for FGT-300C and FGT-60C units. Other models can work as well, but I could not test.
You can download the new package at the known place from the Check MK Exchange repository.
Subscribe to:
Post Comments (Atom)
Hi Hermann,
I just tried to install your FortiGate plugin, but it doesn't work:
OMD[site]:~/tmp/downloads$ check_mk -vP install fortigate-1.6.mkp
Traceback (most recent call last):
File "/omd/sites/site/share/check_mk/modules/check_mk.py", line 4845, in
do_packaging(args)
File "/omd/sites/site/share/check_mk/modules/packaging.py", line 98, in do_packaging
f(args)
File "/omd/sites/site/share/check_mk/modules/packaging.py", line 334, in package_install
tar = tarfile.open(path, "r:gz")
File "/usr/lib/python2.7/tarfile.py", line 1678, in open
return func(name, filemode, fileobj, **kwargs)
File "/usr/lib/python2.7/tarfile.py", line 1729, in gzopen
raise ReadError("not a gzip file")
tarfile.ReadError: not a gzip file
Do you know this issue? I googled around and found similar problems of other users, but no answers to it.
Many thanks,
Oliver
mAv
23 September, 2013 12:01It sounds like the downloaded mkp file is corrupted. Please download it again and look at the file size. It should be 2.550 Bytes.
Unknown
27 September, 2013 23:36You were right, the install now worked! Thanks for your help :)
mAv
10 October, 2013 16:47Hello Hermann,
i'm having a problem with the fortigate_ipsec check.
I hope you can help me, I already created a new thread in the monitoring forum, there is a detailed problem description -> http://www.monitoring-portal.org/wbb/index.php?page=Thread&threadID=31314
Thanks in advance and thank you very much,
Martin
Anonymous
04 July, 2014 12:42Hey Martin,
I haven't verify this yet, BUT the easiest and surely dirtiest way to change the check's behavior to detect a down of an IPsec tunnel like a warning and not like am error status, is to change the second line:
fortigate_ipcec_status_map = { '1': 'DOWN', '2': 'UP' }
fortigate_ipsec_status2nagios_map = { 'UP': 0, 'DOWN': 2, }
to this:
fortigate_ipcec_status_map = { '1': 'DOWN', '2': 'UP' }
fortigate_ipsec_status2nagios_map = { 'UP': 0, 'DOWN': 1, }
Maybe I will implement some kind of parameter check in one of the next versions.
Let me know, if the workaround above has worked for you.
BR
Hermann Maurer
Unknown
04 July, 2014 22:26Hello Hermann,
your suggestion certainly worked, but did not solve my problem, that I only want some of the checked ipsec tunnels to give a warning if they go down and others to give a critical warning.
My idea is to prioritize the tunnels, some of them are going down every now and then caused by idle timeouts some partners won't change.
I would be very pleased if parameter support would find a way into a new version of your check.
My last thought to display this logic at this moment is to try Check_MKs Business Intelligence function.
Thanks a lot!
Kind regards,
Martin
Anonymous
07 July, 2014 08:41