Error:
An unexpected error occurred. Please click Reload to try again.
Error:
An unexpected error occurred. Please click Reload to try again.
SNMP for Monitoring Palo Alto Networks Devices - Knowledge Base - Palo Alto Networks

SNMP for Monitoring Palo Alto Networks Devices

408021
Created On 09/25/18 19:38 PM - Last Modified 08/05/20 18:42 PM


Symptom


List of useful OIDs from various MIBs for performing basic SNMP monitoring of the Palo Alto Networks device.

Environment


  • PAN-OS
  • SNMP


Resolution



Useful PAN-OS OID Examples
ItemNameOIDSource MIBDescription
CPU util on management planehrProcessorLoad.11.3.6.1.2.1.25.3.3.1.2.1HOST-RESOURCES-MIBCPU load average over last 60 seconds. This value will match the value shown on the GUI dashboard-> resource information-> % CPU in PAN-OS 3.x
Utilization of CPUs on dataplane that are used for system functionshrProcessorLoad.21.3.6.1.2.1.25.3.3.1.2.2HOST-RESOURCES-MIBCPU load average over last 60 seconds

Management plane memory and dataplane packet buffer

hrStorageTable1.3.6.1.2.1.25.2.3HOST-RESOURCES-MIB

 

Names of each interface on the deviceifDescr.11.3.6.1.2.1.2.2.1.2.1RFC1213-MIBexample: MGMT
 ifDescr.21.3.6.1.2.1.2.2.1.2.2RFC1213-MIBexample: HA
 ifDescr.31.3.6.1.2.1.2.2.1.2.3RFC1213-MIBexample: ethernet1/1
 ifDescr.41.3.6.1.2.1.2.2.1.2.4RFC1213-MIBexample: ethernet1/2
 ifDescr.51.3.6.1.2.1.2.2.1.2.5RFC1213-MIBexample: ethernet1/3
 ifDescr.61.3.6.1.2.1.2.2.1.2.6RFC1213-MIBexample: ethernet1/4
 ifDescr.71.3.6.1.2.1.2.2.1.2.7RFC1213-MIBexample: ethernet1/5
 ifDescr.81.3.6.1.2.1.2.2.1.2.8RFC1213-MIBexample: ethernet1/6
 ifDescr.91.3.6.1.2.1.2.2.1.2.9RFC1213-MIBexample: ethernet1/7
 ifDescr.101.3.6.1.2.1.2.2.1.2.10RFC1213-MIBexample: ethernet1/8
Interface up/down statusifOperStatus.11.3.6.1.2.1.2.2.1.8.1RFC1213-MIB1: UP 2: DOWN
 ifOperStatus.21.3.6.1.2.1.2.2.1.8.2RFC1213-MIB1: UP 2: DOWN
 ifOperStatus.31.3.6.1.2.1.2.2.1.8.3RFC1213-MIB1: UP 2: DOWN
 ifOperStatus.41.3.6.1.2.1.2.2.1.8.4RFC1213-MIB1: UP 2: DOWN
 ifOperStatus.51.3.6.1.2.1.2.2.1.8.5RFC1213-MIB1: UP 2: DOWN
 ifOperStatus.61.3.6.1.2.1.2.2.1.8.6RFC1213-MIB1: UP 2: DOWN
 ifOperStatus.71.3.6.1.2.1.2.2.1.8.7RFC1213-MIB1: UP 2: DOWN
 ifOperStatus.81.3.6.1.2.1.2.2.1.8.8RFC1213-MIB1: UP 2: DOWN
 ifOperStatus.91.3.6.1.2.1.2.2.1.8.9RFC1213-MIB1: UP 2: DOWN
 ifOperStatus.101.3.6.1.2.1.2.2.1.8.10RFC1213-MIB1: UP 2: DOWN
Interface in countersifInOctets.11.3.6.1.2.1.2.2.1.10.1RFC1213-MIB 
 ifInOctets.21.3.6.1.2.1.2.2.1.10.2RFC1213-MIB 
 ifInOctets.31.3.6.1.2.1.2.2.1.10.3RFC1213-MIB 
 ifInOctets.41.3.6.1.2.1.2.2.1.10.4RFC1213-MIB 
 ifInOctets.51.3.6.1.2.1.2.2.1.10.5RFC1213-MIB 
 ifInOctets.61.3.6.1.2.1.2.2.1.10.6RFC1213-MIB 
 ifInOctets.71.3.6.1.2.1.2.2.1.10.7RFC1213-MIB 
 ifInOctets.81.3.6.1.2.1.2.2.1.10.8RFC1213-MIB 
 ifInOctets.91.3.6.1.2.1.2.2.1.10.9RFC1213-MIB 
 ifInOctets.101.3.6.1.2.1.2.2.1.10.10RFC1213-MIB 
Interface in errorsifInErrors.11.3.6.1.2.1.2.2.1.14.1RFC1213-MIB 
 ifInErrors.21.3.6.1.2.1.2.2.1.14.2RFC1213-MIB 
 ifInErrors.31.3.6.1.2.1.2.2.1.14.3RFC1213-MIB 
 ifInErrors.41.3.6.1.2.1.2.2.1.14.4RFC1213-MIB 
 ifInErrors.51.3.6.1.2.1.2.2.1.14.5RFC1213-MIB 
 ifInErrors.61.3.6.1.2.1.2.2.1.14.6RFC1213-MIB 
 ifInErrors.71.3.6.1.2.1.2.2.1.14.7RFC1213-MIB 
 ifInErrors.81.3.6.1.2.1.2.2.1.14.8RFC1213-MIB 
 ifInErrors.91.3.6.1.2.1.2.2.1.14.9RFC1213-MIB 
 ifInErrors.101.3.6.1.2.1.2.2.1.14.10RFC1213-MIB 
Interface out countersifOutOctets.11.3.6.1.2.1.2.2.1.16.1RFC1213-MIB 
 ifOutOctets.21.3.6.1.2.1.2.2.1.16.2RFC1213-MIB 
 ifOutOctets.31.3.6.1.2.1.2.2.1.16.3RFC1213-MIB 
 ifOutOctets.41.3.6.1.2.1.2.2.1.16.4RFC1213-MIB 
 ifOutOctets.51.3.6.1.2.1.2.2.1.16.5RFC1213-MIB 
 ifOutOctets.61.3.6.1.2.1.2.2.1.16.6RFC1213-MIB 
 ifOutOctets.71.3.6.1.2.1.2.2.1.16.7RFC1213-MIB 
 ifOutOctets.81.3.6.1.2.1.2.2.1.16.8RFC1213-MIB 
 ifOutOctets.91.3.6.1.2.1.2.2.1.16.9RFC1213-MIB 
 ifOutOctets.101.3.6.1.2.1.2.2.1.16.10RFC1213-MIB 
Interface out errorsifOutErrors.11.3.6.1.2.1.2.2.1.20.1RFC1213-MIB 
 ifOutErrors.21.3.6.1.2.1.2.2.1.20.2RFC1213-MIB 
 ifOutErrors.31.3.6.1.2.1.2.2.1.20.3RFC1213-MIB 
 ifOutErrors.41.3.6.1.2.1.2.2.1.20.4RFC1213-MIB 
 ifOutErrors.51.3.6.1.2.1.2.2.1.20.5RFC1213-MIB 
 ifOutErrors.61.3.6.1.2.1.2.2.1.20.6RFC1213-MIB 
 ifOutErrors.71.3.6.1.2.1.2.2.1.20.7RFC1213-MIB 
 ifOutErrors.81.3.6.1.2.1.2.2.1.20.8RFC1213-MIB 
 ifOutErrors.91.3.6.1.2.1.2.2.1.20.9RFC1213-MIB 
 ifOutErrors.101.3.6.1.2.1.2.2.1.20.10RFC1213-MIB 
System uptimehrSystemUptime.01.3.6.1.2.1.25.1.1.0RFC1514-MIB 
GlobalProtect gateway utilizationpanGPGatewayUtilization1.3.6.1.4.1.25461.2.1.2.5.1PAN-COMMON-MIB 
GlobalProtect gateway % utilizationpanGPGWUtilizationPct.01.3.6.1.4.1.25461.2.1.2.5.1.1PAN-COMMON-MIB 
GlobalProtect gateway max tunnelspanGPGWUtilizationMaxTunnels.01.3.6.1.4.1.25461.2.1.2.5.1.2PAN-COMMON-MIB 
GlobalProtect gateway active tunnelspanGPGWUtilizationActiveTunnels.01.3.6.1.4.1.25461.2.1.2.5.1.3PAN-COMMON-MIB 
% session utilizationpanSessionUtilization.01.3.6.1.4.1.25461.2.1.2.3.1.0PAN-COMMON-MIB 
Max Sessions for the devicepanSessionMax.01.3.6.1.4.1.25461.2.1.2.3.2.0PAN-COMMON-MIB 
Per VSYS session utilizationpanVsysTable1.3.6.1.4.1.25461.2.1.2.3.9PAN-COMMON-MIB 
VSYS IDpanVsysId.11.3.6.1.4.1.25461.2.1.2.3.9.1.1.1PAN-COMMON-MIB 
VSYS NamepanVsysName.11.3.6.1.4.1.25461.2.1.2.3.9.1.2.1PAN-COMMON-MIB 
VSYS session % utilizationpanVsysSessionUtilizationPct.11.3.6.1.4.1.25461.2.1.2.3.9.1.3.1PAN-COMMON-MIB 
VSYS active sessionspanVsysActiveSessions.11.3.6.1.4.1.25461.2.1.2.3.9.1.4.1PAN-COMMON-MIB 
VSYS max sessionspanVsysMaxSessions.11.3.6.1.4.1.25461.2.1.2.3.9.1.5.1PAN-COMMON-MIB 
Total Active SessionspanSessionActive.01.3.6.1.4.1.25461.2.1.2.3.3.0PAN-COMMON-MIB 
Active TCP SessionspanSessionActiveTcp.01.3.6.1.4.1.25461.2.1.2.3.4.0PAN-COMMON-MIB 
Active UDP SessionspanSessionActiveUdp.01.3.6.1.4.1.25461.2.1.2.3.5.0PAN-COMMON-MIB 
Active ICMP SessionspanSessionActiveICMP.01.3.6.1.4.1.25461.2.1.2.3.6.0PAN-COMMON-MIB 
 
TRAPS
PAN-OS supports the well-known traps, as defined in RFC-1907.
Additional traps are sent as configured in the PAN-OS GUI.
For example, you can configure the system log messages to be sent via SNMP traps
Same is true of the traffic log, threat log, and config log-- each log message can be sent as a trap


Additional Information




Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClaSCAS&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language