- 11 Jan 2023
- 1 Minute to read
- Print
- DarkLight
- PDF
Check Point Max Connections Alert (Service Check)
- Updated on 11 Jan 2023
- 1 Minute to read
- Print
- DarkLight
- PDF
Object Type: Service Check
Service Check Category: Firewall Checks
Passive: No
Description: This check monitors the peak number of connections (since the last check) of a Check Point firewall and compares it against a "max connections" limit. If the current peak number of connections reaches certain percentages of max connections, as specified in the check configuration, the check enters the state appropriate for that percentage.
Do not confuse this check with the "Checkpoint Max Connections (Dont Alert on SNMP:MIB Error)" service check. They both perform the exact same check, but in the event that the firewall being checked doesn't respond to the MIB OIDs being used by the check, this check will enter a CRITICAL state. The other check won't.
Check-specific Fields:
(See the entry Service Check for details on basic configuration options.)
- WARNING %
(Optional) This field specifies what percentage of max connections the current number of connections must be to cause the check to enter the WARNING state. If left blank, the field defaults to 85%. For example, if left at the default values, the check will enter a WARNING state when the current connections reach 21,250 connections (85% of 25,000) or above. - CRITICAL %
(Optional) This field specifies what percentage of max connections the current number of connections must be to cause the check to enter the CRITICAL state. If left blank, the field defaults to 90%. For example, if left at the default values, the check will enter a CRITICAL state when the current connections reach 22,500 connections (95% of 25,000) or above. - MAX CONN OVERRIDE
(Optional) This field specifies an override value for max connections. If left blank, the field defaults to 25,000. As of writing, Check Point sets the max connections value in their firewalls at 25,000. If you haven't configured an override value in your firewall, you can probably leave this field blank. If you have configured an override value on your firewall, enter that value here. The value in this field must match the max connections value of your firewall for the check to alert properly. - DESCRIPTION
(Required) This field specifies a name for this check. The name entered must be unique among service check names on the host it is added to (the name may used again only on a different host). It is used to identify this specific check from among other service checks added to the same host.