PRTG is using to monitor our network devices and it works great with SNMPv3. My previous post has described how to monitor SRX's CPU, Memory, Flow Sessions etc. Alarm status and Temperature is another sensor I am looking for to monitor. There are couple of ways to do it. You can use NSM to send alarm email, firewall itself to send snmp traps to your SNMP server, or Network Monitoring Tools to pull SNMP OID values then send email. In my case, PRTG is preferred way to monitor system status and send alarming email based on the requirement.
Step 1: SNMPv3 on SRX
set snmp v3 usm local-engine user SRXAES authentication-md5 authentication-password Test1234
set snmp v3 usm local-engine user SRXAES privacy-aes128 privacy-password Test12345
set snmp engine-id local 4716
set snmp view view_all oid 1 include
set snmp filter-duplicates
set snmp health-monitor
set snmp location "<location>"
set snmp contact "<contact name>"
set snmp community <community-name> authorization read-only
set snmp community <community-name> clients <snmp-host>
set snmp community <community-name> clients 0.0.0.0/0 restrict
Note: A generic local engine-id must be configured. Otherwise (e.g. when the MAC is used) SNMPv3 will not work in cluster configurations. After configuring the engine-id, committing the configuration might be required because the engine-id is involved in the key generation below.
To make NSM work with SRX, location and contact should not be set. Else, after the configuration imported into NSM, when you push policy from NSM to SRX, snmpv3 anthentication password and privacy password will be changed.
In my working configuration for NSM and SRX 240H / 1400 Cluster, the configuration looks like below:
root@fw-srx-1> show configuration snmp
v3 {
usm {
local-engine {
user SRXAES {
authentication-md5 {
authentication-key "$9$cOJSKMWLxNbs8LUjq.zF9ApuIEM8Xx-VvM4aJGq.Tz390BhSrlM836evW8dVP5TCuO1EhrOB-VYgJZ69CApBlKM-bsKv4aZUHkBIRcevdbsY4aSr8boa/CAtu1SyKW87vMX-bs4oJGDk5Q9ApREyk.hSreXxk5Qn/9pOBE3nA0O1hcYg4oDi"; ## SECRET-DATA
}
privacy-aes128 {
privacy-key "$9$4yaZjq.53/CmPF/CtIRNdVsoJDik.mTZGp01IcSM8XNds4oGDHqvWUjqmTQevM8dbYgojk.4oz369OBX7N-s2JZjPfz.muOBIrlLxNdVYgoDkY2QF6/tpM8Lx7VY2aGjHaJUH.PQzEcSl8XVwYaGDsYoGiH5T369pIErev7dbuONdbYoan/9AtO"; ## SECRET-DATA
}
}
}
}
vacm {
security-to-group {
security-model usm {
security-name SRXAES {
group readonly;
}
}
}
access {
group readonly {
default-context-prefix {
security-model usm {
security-level privacy {
read-view view_all;
}
}
}
}
}
}
}
engine-id {
local 109849;
}
view view_all {
oid 1 include;
}
client-list snmpclient {
10.1.1.11/31;
0.0.0.0/0 {
restrict;
}
}
Step 2: PRTG Configuration
PRTG can be easily integrated into your network monitoring system and execute comprehensive monitoring tasks. Also , alerting feature is quite flexible to meet your organization needs. Even one normal windows server can monitoring thousands of sensors without problem.
For SNMPv3 configuration in the PRTG, right click edit pop up menu at root properties of Device tab, enter the snmpv3 information:
Step 3: Add SNMP Custom Sensor
Following instruction on the screen to add sensor for your network devices, you will need to pick SNMP category's SNMP Custom type sensor.
In the basic sensor settings, the most important thing is OID values. You will need to know exact OID number to make your own monitoring sensor in the PRTG.
Lets go back to our SRX firewall to find out what the temperature SNMP mib oid is:
Show snmp mib walk 1.3.6.1.4.1 | match temp
we are able to find out a couple of values for temperature:
jnxOperatingTemp.9.1.0.0 = 50From Show Chassis Routing-Engine, there are different type of temperature for cpu and chassis , also for different node if it is cluster configuration.
jnxOperatingTemp.9.2.0.0 = 49
jnxFruTemp.9.1.0.0 = 50
jnxFruTemp.9.1.1.0 = 50
jnxFruTemp.9.2.0.0 = 48
jnxFruTemp.9.2.1.0 = 48
root@fw-srx-1> show chassis routing-engineNext step is to find out OID from online website OID database , such as http://oid-info.com/ or Solarwinds SNMP Center:
node0:
--------------------------------------------------------------------------
Routing Engine status:
Temperature 50 degrees C / 122 degrees F
CPU temperature 49 degrees C / 120 degrees F
Total memory 1024 MB Max 850 MB used ( 83 percent)
Control plane memory 560 MB Max 493 MB used ( 88 percent)
Data plane memory 464 MB Max 362 MB used ( 78 percent)
CPU utilization:
User 7 percent
Background 0 percent
Kernel 5 percent
Interrupt 0 percent
Idle 87 percent
Model RE-SRX240H
Serial ID AAEP4868
Start time 2015-01-18 13:24:42 UTC
Uptime 38 days, 8 hours, 29 minutes, 47 seconds
Last reboot reason 0x200:normal shutdown
Load averages: 1 minute 5 minute 15 minute
0.16 0.44 0.46
node1:
--------------------------------------------------------------------------
Routing Engine status:
Temperature 48 degrees C / 118 degrees F
CPU temperature 50 degrees C / 122 degrees F
Total memory 1024 MB Max 696 MB used ( 68 percent)
Control plane memory 560 MB Max 336 MB used ( 60 percent)
Data plane memory 464 MB Max 357 MB used ( 77 percent)
CPU utilization:
User 5 percent
Background 0 percent
Kernel 3 percent
Interrupt 0 percent
Idle 92 percent
Model RE-SRX240H
Serial ID AAEK3334
Start time 2015-02-15 16:05:14 UTC
Uptime 10 days, 5 hours, 49 minutes, 24 seconds
Last reboot reason 0x200:normal shutdown
Load averages: 1 minute 5 minute 15 minute
0.06 0.08 0.08
From the database search result, it shows jnxOperatingTemp = 1.3.6.1.4.1.2636.3.1.13.1.7
In this case, jnxOperatingTemp.9.2.0.0 is 1.3.6.1.4.1.2636.3.1.13.1.7.9.2.0.0. That is exactly OID we need for this monitoring.
Step 4. Create email alarm
After checked the thresholds for temperature as shown in below, we will build an alarm email.root@fw-srx-1> show chassis temperature-thresholds
node0:
--------------------------------------------------------------------------
Fan speed Yellow alarm Red alarm Fire Shutdown
(degrees C) (degrees C) (degrees C) (degrees C)
Item Normal High Normal Bad fan Normal Bad fan Normal
Chassis default 35 45 50 40 75 65 100
Routing Engine 35 45 50 40 75 65 100
node1:
--------------------------------------------------------------------------
Fan speed Yellow alarm Red alarm Fire Shutdown
(degrees C) (degrees C) (degrees C) (degrees C)
Item Normal High Normal Bad fan Normal Bad fan Normal
Chassis default 35 45 50 40 75 65 100
Routing Engine 35 45 50 40 75 65 100
Reference:
- Junos temperature thresholds in SRX devices and the actions taken when it exceeds the threshold
- Monitoring Juniper SRX Firewall CPU, Memory and Flow Session Information from PRTG
- How can I use a trusted SSL certificate with the PRTG web interface?
No comments:
Post a Comment