Command

Description

cpconfig

change SIC, licenses and more

cpview -t

show top style performance counters

cphaprob stat

list the state of the high availability cluster members. Should show active and standby devices.

cphaprob -a if

display status of monitored interfaces in a cluster

cphaprob -l list

display registered cluster devices and status

cphaprob syncstat

display sync transport layer statistics

cphaprob ldstat

display sync serialization statistics

cphastop

stop a cluster member from passing traffic. Stops synchronization. (emergency only)

clusterXL_admin down –p

disable this node from cluster membership

cphaconf cluster_id get

get cluster Global ID membership

cplic print

license information

cpstart

start all checkpoint services

cpstat fw

show policy name, policy install time and interface table

cpstat ha

high availability state

cpstat blades

top rule hits and amount of connections

cpstat os -f all

checkpoint interface table, routing table, version, memory status, cpu load, disk space

cpstat os -f cpu

checkpoint cpu status

cpstat os -f multi_cpu

checkpoint cpu load distribution

cpstat os -f sensors

hardware environment (temperature/fan/voltage)

cpstat os -f routing

checkpoint routing table

cpstop

stop all checkpoint services

cpwd_admin monitor_list

list processes actively monitored. Firewall should contain cpd and vpnd.

show asset all

show serial numbers and hardware info

show route destination xx.xx.xx.xx

show routing for specific host

ip route get xx.xx.xx.xx

show routing for specific host

iclid / show cluster state

show cluster fail over history