Below is a bash/sh script to log the resouces of a R55/R65 Check Point firewall. The following resources are recorded,
- Free Memory
- CPU Usage
- Concurrent Connections
- Peak Connections
- Time
- Date
The script will build a .csv file which can then be opened using excel, and the required data (columns) can be selected and converted into graphs. The scripts can be found below,
IPSO
# Checkpoint IPSO R55/R65 Resource Monitoring Tool v3 - Felix
# output is stored in a csv file using the $log variable
#
#!/bin/sh
## Import Environment Variables
. /var/etc/pm_profile &&
. /opt/CPsuite-R??/svn/tmp/.CPprofile.csh
## If required create a directory
if [ -d != /var/log/resource_report ]
then
mkdir /var/log/resource_report 2>/dev/null
fi
## if required create a README
if [ -e != /var/log/resource_report/README.txt ]
then
head -5 $0 > /var/log/resource_report/README.txt
fi
## Assign Variables
tmp=/tmp/cp_resource.$$
log=/var/log/resource_report/rreport-`date +"%Y%m%d"`.csv
## Log rotate reports older then 31 days
find /var/log/resource_report/rreport* -mtime +31 -exec rm -f {} \; 2>/dev/null
## Gather stats
fw ctl pstat >> $tmp 2>/dev/null
if [ $? != 0 ]
then
logger -t cp_resource_report -p daemon.err "Unable to run \"fw ctl pstat\""
exit 1
else
vmstat 1 5 >> $tmp 2>/dev/null
RC=$?
fi
if [ $RC != 0 ]
then
logger -t cp_resource_report -p daemon.err "Unable to run \"vmstat\""
exit 1
else
peakconn=`grep "peak concurrent" $tmp | awk ' { print $1 } '`
cpuidle=`tail -1 $tmp | awk ' { print $NF } '`
cpu=`expr 100 - $cpuidle`
conn=`grep recovered $tmp | awk ' { print $7 } '`
free=`tail -1 $tmp | awk ' { print $4 } '`
freemb=`expr $free / 1024`
fi
## Write stats to a file. If not find is present add a header
if [ ! -r ${log} ] ;
then
echo date,time,connections,peak connections,cpu \%,free mem \(MB\) >> ${log}
echo `date +"%d/%m/%y"`,`date "+%H:%M:%S"`,$conn,$peakconn,${cpu},${freemb} >> ${log}
else
echo `date +"%d/%m/%y"`,`date "+%H:%M:%S"`,$conn,$peakconn,${cpu},${freemb} >> ${log}
fi
rm -f $tmp
exit 0
SPLAT / SOLARIS
# Checkpoint Solaris / SPLAT R55/R65 Resource Monitoring Tool v3 - Felix
# output is stored in a csv file using the $log variable
#
#!/bin/bash
## Import Environment Variables
. /opt/CPshrd-R??/tmp/.CPprofile.sh
## If required create a directory
if [ -d != /var/log/resource_report ]
then
mkdir /var/log/resource_report 2>/dev/null
fi
## if required create a README
if [ -e != /var/log/resource_report/README.txt ]
then
head -5 $0 > /var/log/resource_report/README.txt
fi
## Assign Variables
tmp=/tmp/cp_resource.$$
log=/var/log/resource_report/rreport-`date +"%Y%m%d"`.csv
## Log rotate reports older then 31 days
find /var/log/resource_report/rreport* -mtime +31 -exec rm -f {} \; 2>/dev/null
## Gather stats
fw ctl pstat >> $tmp 2>/dev/null
if [ $? != 0 ]
then
logger -t cp_resource_report -p daemon.err "Unable to run \"fw ctl pstat\""
exit 1
else
vmstat 1 5 >> $tmp 2>/dev/null
RC=$?
fi
if [ $RC != 0 ]
then
logger -t cp_resource_report -p daemon.err "Unable to run \"vmstat\""
exit 1
else
peakconn=`grep "peak concurrent" $tmp | awk ' { print $1 } '`
cpuidle=`tail -1 $tmp | awk ' { print $NF } '`
cpu=`expr 100 - $cpuidle`
conn=`grep recovered $tmp | awk ' { print $7 } '`
free=`tail -1 $tmp | awk ' { print $4 } '`
freemb=`expr $free / 1024`
fi
## Write stats to a file. If not find is present add a header
if [ ! -r ${log} ] ;
then
echo date,time,connections,peak connections,cpu \%,free mem \(MB\) >> ${log}
echo `date +"%d/%m/%y"`,`date "+%H:%M:%S"`,$conn,$peakconn,${cpu},${freemb} >> ${log}
else
echo `date +"%d/%m/%y"`,`date "+%H:%M:%S"`,$conn,$peakconn,${cpu},${freemb} >> ${log}
fi
rm -f $tmp
exit 0
Rick Donato is a Network Automation Architect/Evangelist and the founder of Packet Coders.
Latest posts by Rick Donato (see all)
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018