Jumbo Hotfix Take mismatch across cluster members-checkpoint-gaia

discobot · November 19, 2018, 9:34pm

Jumbo Hotfix Take mismatch across cluster members-checkpoint-gaia

Vendor: checkpoint

OS: gaia

Description:
indeni will identify when two devices are part of a cluster and alert if the jumbo hot fix installed is different.

Remediation Steps:
Compare the output of “show installer package” (under CLISH) across members of the cluster.

How does this work?
Using the Check Point command “installed_jumbo_take” we retreive the currently installed jumbo hotfixes.

Why is this important?
It is very important to make sure that devices are patched with the latest versions and hotfixes, to prevent downtime and security incidents.

Without Indeni how would you find this?
An administrator could login and manually run the command.

chkp-os-installed_jumbo_take

name: chkp-os-installed_jumbo_take
description: run "installed_jumbo_take"
type: monitoring
monitoring_interval: 60 minutes
requires:
    vendor: checkpoint
    os.name: gaia
    asg:
        neq: true
    os.version.num:
        compare-type: version-compare
        op: "<"
        value: "77.30"
comments:
    hotfix-jumbo-take:
        why: |
            It is very important to make sure that devices are patched with the latest versions and hotfixes, to prevent downtime and security incidents.
        how: |
            Using the Check Point command "installed_jumbo_take" we retreive the currently installed jumbo hotfixes.
        can-with-snmp: false
        can-with-syslog: false
steps:
-   run:
        type: SSH
        command: ${nice-path} -n 15 installed_jumbo_take -n; ${nice-path} -n 15 $CPDIR/bin/cpprod_util
            CPPROD_GetValue "CPUpdates/6.0/BUNDLE_FIAT_HF_BASE_026" SU_Build_Take
            0; ${nice-path} -n 15 $CPDIR/bin/cpprod_util CPPROD_GetValue "Check Point
            Mini Suite/setup/FIAT_HF_BASE_026" Take 0; ${nice-path} -n 15 $CPDIR/bin/cpprod_util
            CPPROD_GetValue "CPUpdates/6.0/BUNDLE_GIZMO_HF_041_050" SU_Build_Take
            0; ${nice-path} -n 15 $CPDIR/bin/cpprod_util CPPROD_GetValue "Check Point
            Mini Suite/setup/GIZMO_HF_041_050" Take 0; ${nice-path} -n 15 $CPDIR/bin/cpprod_util
            CPPROD_GetValue "CPUpdates/6.0/BUNDLE_GULLI_HF_BASE_008" SU_Build_Take
            0; ${nice-path} -n 15 $CPDIR/bin/cpprod_util CPPROD_GetValue "Check Point
            Mini Suite/setup/GULLI_HF_BASE_008" Take 0; ${nice-path} -n 15 $CPDIR/bin/cpprod_util
            CPPROD_GetValue "CPUpdates/6.0/BUNDLE_GYPSY_HF_BASE_021" SU_Build_Take
            0; ${nice-path} -n 15 $CPDIR/bin/cpprod_util CPPROD_GetValue "Check Point
            Mini Suite/setup/GYPSY_HF_BASE_021" Take 0; ${nice-path} -n 15 $CPDIR/bin/cpprod_util
            CPPROD_GetValue "CPUpdates/6.0/BUNDLE_R77_20_JUMBO_HF" SU_Build_Take 0;
            ${nice-path} -n 15 $CPDIR/bin/cpprod_util CPPROD_GetValue "Check Point
            Mini Suite/setup/R77_20_jumbo_hf" Take 0
    parse:
        type: AWK
        file: installed_jumbo_take.parser.1.awk

checkpoint_compare_jumbo_hotfix

Failed to fetch the data: https://bitbucket.org/indeni/indeni-knowledge/src/master/rules/templatebased/checkpoint/checkpoint_compare_jumbo_hotfix.scala