Palo Alto Networks Knowledgebase: Session Monitoring with MRTG

Session Monitoring with MRTG

2693
Created On 02/07/19 23:59 PM - Last Updated 02/07/19 23:59 PM
Resolution

Multi Router Traffic Grapher (MRTG) is an open source tool that monitors network interface traffic and other SNMP objects.  MRTG can even be extended to non-SNMP monitoring via external scripting. When used to monitor Palo Alto Networks, MRTG can monitor any SNMP Object-IDs (OIDs) available in the standard or Palo Alto Networks MIBs. The Palo Alto Networks MIBs for each version of PAN-OS are available on the Technical Documentation page.

 

Use the following MRTG configuration file to monitor the number of TCP, UDP, and ICMP sessions in use and compare to the total number of sessions. When modified to use the appropriate MaxBytes parameter for a given hardware platform, the MRTG output displays the session utilization as a percentage of the platform's overall session capacity.

 

#

# File: /etc/mrtg/paloalto.cfg

#

# An MRTG configuration file for monitoring session tables on a Palo Alto Networks firewall

#

 

#

# Define global options

#

 

WorkDir: /var/www/mrtg

Options[_]: gauge, growright, nolegend, nobanner, integer

LegendI[_]: Total Sessions

ShortLegend[_]: sessions

 

#

# Uncomment the MaxBytes line for the appropriate PA firewall model

#

 

# PA-5060

#MaxBytes[_]: 4000000

 

# PA-4050, PA-4060 and PA-5050

#MaxBytes[_]: 2000000

 

# PA-5020

#MaxBytes[_]: 1000000

 

# PA-4020

#MaxBytes[_]: 500000

 

# PA-2050

#MaxBytes[_]: 250000

 

# PA-2020

#MaxBytes[_]: 125000

 

# PA-500

MaxBytes[_]: 64000

 

#

# Replace the SNMP community string and hostname/IP address in each of the Target lines below

#

 

#

# TCP Sessions

#

Target[tcpSessions]: 1.3.6.1.4.1.25461.2.1.2.3.3.0&1.3.6.1.4.1.25461.2.1.2.3.4.0:secret@pa500

Title[tcpSessions]: Total TCP Sessions

PageTop[tcpSessions]: <H1>Total TCP Sessions</H1>

YLegend[tcpSessions]: TCP Sessions

LegendO[tcpSessions]: TCP Sessions

 

#

# UDP Sessions

#

 

Target[udpSessions]: 1.3.6.1.4.1.25461.2.1.2.3.3.0&1.3.6.1.4.1.25461.2.1.2.3.5.0:secret@pa500

Title[udpSessions]: Total UDP Sessions

PageTop[udpSessions]: <H1>Total UDP Sessions</H1>

YLegend[udpSessions]: UDP Sessions

LegendO[udpSessions]: UDP Sessions

 

#

# ICMP Sessions

#

 

Target[icmpSessions]: 1.3.6.1.4.1.25461.2.1.2.3.3.0&1.3.6.1.4.1.25461.2.1.2.3.6.0:secret@pa500

Title[icmpSessions]: Total ICMP Sessions

PageTop[icmpSessions]: <H1>Total ICMP Sessions</H1>

YLegend[icmpSessions]: ICMP Sessions

LegendO[icmpSessions]: ICMP Sessions

 

owner: rhagen



Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClYoCAK&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language