Community discussions

MikroTik App
 
excession
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 95
Joined: Mon May 11, 2015 8:16 pm

IPSEC Dude Monitoring Script

Tue May 26, 2020 8:25 pm

Below is my first stab at getting IPSEC monitoring of a ROS device into the Dude interface. Right now I've made two versions of the script, one for status indicators on a device and the other for on a link. The script pulls from the IPSEC Policies table, filters out templates and disabled entries then uses the PH2 state to determine an UP or Down status for each policy. This is the combination of filters that works best for me but it's also possible to filter for other items by modifying this line:
/ip ipsec policy print as-value where disabled=no and template!=yes
Filter for Policies List

On the appearance lable of a device add the below:
IPSEC
[ros_command(":local peer; :local ph2; :foreach line in=[/ip ipsec policy print as-value where disabled=no and template!=yes] do={:foreach name,item in=$line do={if ($name=\"peer\") do= {:set peer $item}; if ($name=\"ph2-count\") do= {:set ph2 \"\"; if ($item=0) do={:set ph2 \"DOWN\"}; if ($item>0) do={:set ph2 \"UP\"};}; }; :put ($peer.\" \".$ph2)}")]
Image

On the appearance label of a link, add the following:
[ros_command(":local peer; :local ph2; :foreach line in=[/ip ipsec policy print as-value where disabled=no and template!=yes and peer=PEERNAME] do={:foreach name,item in=$line do={if ($name=\"peer\") do= {:set peer $item}; if ($name=\"ph2-count\") do= {:set ph2 \"\"; if ($item=0) do={:set ph2 \"DOWN\"}; if ($item>0) do={:set ph2 \"UP\"};}; }; :put $peer; :put $ph2; }")]
Update the PEERNAME value with the name of the peer you want to monitor.
Image

Who is online

Users browsing this forum: No registered users and 11 guests