Hi CheckMK Community,

i developed a new SNMP Check for CheckMK.

Its used to Monitor Sophos XG / XGS Firewalls.

Feel free to test it and give me your Bug Reports.
Its only tested on some Devices until now.

Tested with CheckMK Enterprise 2.0.0p26 and 2.2.0b4

Download:
Releases · matthias1232/kpc_sophosxg · GitHub

To get the check working you need to enable and configure SNMP on your Sophos XG Firewall.
Use this check at your own risk!

Some Description:

Sophos XG/XGS Check for CheckMK

#Powered by K&P Computer - www.kpc.de

SNMP Check for Sophos XG/XGS Firewalls:

Check:

-Licenses

-Services

-Show Device Info including Firmware Version

-HA State

Screenhots:

Licenses:

HA State:

Services:

Device Infos (Firmware etc.):

Now also available on the CheckMK Exchange

https://exchange.checkmk.com/p/kpc-sophosxg

Thank you! The check works - we now have HA monitoring in CheckMK. Great!

Do you think it is possible to check the space of /tmp partition also? Even if it’s temporary stuff, when it’s full, the firewall’s database get stuck.

@Splunkler , there are some infos available in the MIB, but i’m not sure what it monitors exactly because i would need to test it.

image850×559 25.3 KB

having a support case open for it at Sophos currently
maybe they can help out. will let you know.

Sophos wrote, /tmp monitoring is currently not possible. They created a feature request SFSW-I-1561 for it. Let’s hope, they modify their SNMP implementation in a reasonable time.
Already, your monitoring script saved our as* last week with an other partition runing full.
Thank you!

Hallo,
could you post the name of this tool you are using to display the values?
Ralf

New version is now on Github and Exchange.

• Added HA current and peer Device Keys in HA Monitoring + HA Port Info and HA Mode.
• Added Firmware Check WARN (usefull for Distributed Monitoring with many firewalls when you want to check all firewalls for a specific Firmware version.

I would strongly recommend to cleanup these checks.

• Advertisement inside every check output → WHY??
• One Check Script for Services and one for License would be enough - these checks can generate items.

@andreas-doehler

I can try to improve the package and reduce the scripts to a minimal when i get some more time for this. But the check works for now.

The last request was implementing all appliance keys and i did it now. Im not sure when i have time to improve all scripts again.

The adverts… hmm yes i can understand that but i did it in my working hours and we need this check for our customers, so it‘s not my decision to remove our support Information or not. Customers with problems should contact us for support and i put the information in the detailed output.

But my company allowed me to put the check on github and exchange, so everyone can at least use it for free and also fork it to change the code as long you dont remove our company name and my name as Authors from the Source Code and create an own mkp Package.

Thats all i can offer for now

Hi Matthias, thanks A LOT for your job, this is great! Do you think it’s possible on the string for the firmware check to just warning if the firewall is not on the 20.0.x release? Cause If I put 20.0.0 on the string, the firewall with 20.0.3 version are in warning state.

Thanks again, that’s pure gold!

EDIT: Ok I’ve changed a little bit the py:
if warning_firmware_check in devicefwversion or warning_firmware_check ==“0”:

Thanks again!

Hi @simone.scrivani

thanks for your message.
tbh i just added this String for our own internal purposes on a Distributed Monitoring Solution to check our Customers for a specific version. But good to hear that you already found a Solution for it.

Best Regards.