Imperva Cyber Community

communities_1.jpg
 View Only

  • 1.  Daily Checklist report sample

    Posted 20 days ago

    Dear All,

    Dear Team,

    I would like to request your support in providing a sample or recommended template for a Daily System Health Check Report for Imperva Onprem WAF V14.7. This will help me standardize and optimize our routine operational checks for MX and Gateway environments.

    If anyone has a validated or commonly used report format-including key parameters, monitoring points, or best‑practice checklists-please share it with me.

    Your guidance and inputs will be greatly appreciated.

    Thank you in advance.


    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    Saleem Khan
    Application Security Engineer
    Hewlett Packard Enterprise India Private Limited

    ------------------------------


  • 2.  RE: Daily Checklist report sample

    Posted 5 days ago
    Hi Saleem,
     
    Just thinking out loud here - based on my experience, here's a framework that might be useful.
     
     
    ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
    DAILY SYSTEM HEALTH CHECK REPORT
    ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
     
     
    ■ SECTION 1 - MX (MANAGEMENT SERVER) HEALTH
    ─────────────────────────────────────────────
     
    ☐ MX Console / GUI / SSH Accessibility
       Status: OK  / Down
     
    ☐ MX Core Services Status
       Status: Running / Partially Running / Stopped
       Command: impctl status
     
    ☐ License Status & Validity
       Expiry: [DD/MM/YYYY]   |   Valid / Expiring Soon / Expired
       (Check via GUI)
     
    ☐ CPU Utilization
       Current: _____%   |   Alert threshold: >75%
       (SNMP recommended)
     
    ☐ Memory Utilization
       Current: _____%   |   Alert threshold: >80%
       (SNMP recommended)
     
    ☐ Disk Utilization
       Current: _____%   |   Alert threshold: >80%
       (SNMP recommended)
     
    ☐ Database Health
       Status: Healthy / Degraded
       Command: impctl db status
     
    ☐ HA Database Replication
       Status: Synced / Out of Sync / N/A
       Command: impctl server ha status
     
    ☐ MX-to-Gateway Connectivity
       Status: Connected / Partially Connected / Disconnected
       (Check via GUI)
     
    ☐ Jobs Queue (GUI)
       Status: All Completed 
     
    Note: All of the above can be automated to generate alerts via email and SNMP.
     
     
    ■ SECTION 2 - GATEWAY HEALTH
    ─────────────────────────────────────────────
     
    ☐ Gateway Registration Status
       Status: Registered / Unregistered
     
    ☐ Network Interface Status
       Status: All Up / Partial / Down
       Interface(s) affected: ________
       (SNMP recommended)
     
    ☐ Inbound Traffic Throughput
       Current: _____ Mbps   |   Baseline: _____ Mbps
       (SNMP recommended)
     
    ☐ Outbound Traffic Throughput
       Current: _____ Mbps   |   Baseline: _____ Mbps
       (SNMP recommended)
     
    ☐ CPU Utilization
       Current: _____%   |   Alert threshold: >75%
       (SNMP recommended)
     
    ☐ Memory Utilization
       Current: _____%   |   Alert threshold: >95%
       (SNMP recommended)
     
    ☐ Disk Utilization
       Current: _____%   |   Alert threshold: >80%
       (SNMP recommended)
     
    ☐ Gateway Runtime Status (MX GUI)
       Status: OK / Errors Detected
     
    Note: All of the above can be automated to generate alerts via email and SNMP.
     
     
    ■ SECTION 3 - SECURITY POLICY & THREAT MONITORING
    ─────────────────────────────────────────────
     
    ☐ Active Security Policies
       Total: _____   |   Policy changes in last 24h: None / Yes
       (Review System Events on MX)
     
    ☐ Security Signature Updates
       (Check System Events on MX)
     
    ☐ High Severity Alerts (24h)
       Count: _____   |   
     
    ☐ Medium Severity Alerts (24h)
       Count: _____   | 
     
    ☐ Total Blocked Requests (24h)
       Count: _____
     
    ☐ Blocked Source IPs (24h)
       Count: _____
     
    ☐ Whitelist / Exception Changes
       Status: None / Updated
       (Review via MX System Events)
     
    Note: Keeping on top of this section is important for maintaining the security posture of the environment.
     
     
    ■ SECTION 4 - SYSTEM EVENTS, LOGGING & INTEGRATIONS
    ─────────────────────────────────────────────
     
    ☐ System Error / Warning Log Review
     
     
    ☐ Syslog Forwarding (SIEM)
       Status: Active / Failed  (Check on SIEM device)
     
    ☐ Email Alert Notifications
       Status: Working / Not Working
     
    ☐ Configuration Export / Snapshot
       Last export: [DD/MM/YYYY]   |   Done / Pending
     
    ☐ Scheduled Maintenance Tasks
       Status: All Completed / Pending / Failed
     
    ☐ NTP Time Synchronization
       Status: Synchronized / Drifted
     
    Note: All of the above can be configured and monitored through email alerts.
     
     
    ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
    Let me know if you have any questions.
    ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━


    ------------------------------
    Nikhil Nandode
    ------------------------------

    Original Message