SNMP for Monitoring Palo Alto Networks Devices
408021
Created On 09/25/18 19:38 PM - Last Modified 08/05/20 18:42 PM
Symptom
List of useful OIDs from various MIBs for performing basic SNMP monitoring of the Palo Alto Networks device.
Environment
- PAN-OS
- SNMP
Resolution
Useful PAN-OS OID Examples
Item | Name | OID | Source MIB | Description |
---|---|---|---|---|
CPU util on management plane | hrProcessorLoad.1 | 1.3.6.1.2.1.25.3.3.1.2.1 | HOST-RESOURCES-MIB | CPU load average over last 60 seconds. This value will match the value shown on the GUI dashboard-> resource information-> % CPU in PAN-OS 3.x |
Utilization of CPUs on dataplane that are used for system functions | hrProcessorLoad.2 | 1.3.6.1.2.1.25.3.3.1.2.2 | HOST-RESOURCES-MIB | CPU load average over last 60 seconds |
Management plane memory and dataplane packet buffer | hrStorageTable | 1.3.6.1.2.1.25.2.3 | HOST-RESOURCES-MIB |
|
Names of each interface on the device | ifDescr.1 | 1.3.6.1.2.1.2.2.1.2.1 | RFC1213-MIB | example: MGMT |
ifDescr.2 | 1.3.6.1.2.1.2.2.1.2.2 | RFC1213-MIB | example: HA | |
ifDescr.3 | 1.3.6.1.2.1.2.2.1.2.3 | RFC1213-MIB | example: ethernet1/1 | |
ifDescr.4 | 1.3.6.1.2.1.2.2.1.2.4 | RFC1213-MIB | example: ethernet1/2 | |
ifDescr.5 | 1.3.6.1.2.1.2.2.1.2.5 | RFC1213-MIB | example: ethernet1/3 | |
ifDescr.6 | 1.3.6.1.2.1.2.2.1.2.6 | RFC1213-MIB | example: ethernet1/4 | |
ifDescr.7 | 1.3.6.1.2.1.2.2.1.2.7 | RFC1213-MIB | example: ethernet1/5 | |
ifDescr.8 | 1.3.6.1.2.1.2.2.1.2.8 | RFC1213-MIB | example: ethernet1/6 | |
ifDescr.9 | 1.3.6.1.2.1.2.2.1.2.9 | RFC1213-MIB | example: ethernet1/7 | |
ifDescr.10 | 1.3.6.1.2.1.2.2.1.2.10 | RFC1213-MIB | example: ethernet1/8 | |
Interface up/down status | ifOperStatus.1 | 1.3.6.1.2.1.2.2.1.8.1 | RFC1213-MIB | 1: UP 2: DOWN |
ifOperStatus.2 | 1.3.6.1.2.1.2.2.1.8.2 | RFC1213-MIB | 1: UP 2: DOWN | |
ifOperStatus.3 | 1.3.6.1.2.1.2.2.1.8.3 | RFC1213-MIB | 1: UP 2: DOWN | |
ifOperStatus.4 | 1.3.6.1.2.1.2.2.1.8.4 | RFC1213-MIB | 1: UP 2: DOWN | |
ifOperStatus.5 | 1.3.6.1.2.1.2.2.1.8.5 | RFC1213-MIB | 1: UP 2: DOWN | |
ifOperStatus.6 | 1.3.6.1.2.1.2.2.1.8.6 | RFC1213-MIB | 1: UP 2: DOWN | |
ifOperStatus.7 | 1.3.6.1.2.1.2.2.1.8.7 | RFC1213-MIB | 1: UP 2: DOWN | |
ifOperStatus.8 | 1.3.6.1.2.1.2.2.1.8.8 | RFC1213-MIB | 1: UP 2: DOWN | |
ifOperStatus.9 | 1.3.6.1.2.1.2.2.1.8.9 | RFC1213-MIB | 1: UP 2: DOWN | |
ifOperStatus.10 | 1.3.6.1.2.1.2.2.1.8.10 | RFC1213-MIB | 1: UP 2: DOWN | |
Interface in counters | ifInOctets.1 | 1.3.6.1.2.1.2.2.1.10.1 | RFC1213-MIB | |
ifInOctets.2 | 1.3.6.1.2.1.2.2.1.10.2 | RFC1213-MIB | ||
ifInOctets.3 | 1.3.6.1.2.1.2.2.1.10.3 | RFC1213-MIB | ||
ifInOctets.4 | 1.3.6.1.2.1.2.2.1.10.4 | RFC1213-MIB | ||
ifInOctets.5 | 1.3.6.1.2.1.2.2.1.10.5 | RFC1213-MIB | ||
ifInOctets.6 | 1.3.6.1.2.1.2.2.1.10.6 | RFC1213-MIB | ||
ifInOctets.7 | 1.3.6.1.2.1.2.2.1.10.7 | RFC1213-MIB | ||
ifInOctets.8 | 1.3.6.1.2.1.2.2.1.10.8 | RFC1213-MIB | ||
ifInOctets.9 | 1.3.6.1.2.1.2.2.1.10.9 | RFC1213-MIB | ||
ifInOctets.10 | 1.3.6.1.2.1.2.2.1.10.10 | RFC1213-MIB | ||
Interface in errors | ifInErrors.1 | 1.3.6.1.2.1.2.2.1.14.1 | RFC1213-MIB | |
ifInErrors.2 | 1.3.6.1.2.1.2.2.1.14.2 | RFC1213-MIB | ||
ifInErrors.3 | 1.3.6.1.2.1.2.2.1.14.3 | RFC1213-MIB | ||
ifInErrors.4 | 1.3.6.1.2.1.2.2.1.14.4 | RFC1213-MIB | ||
ifInErrors.5 | 1.3.6.1.2.1.2.2.1.14.5 | RFC1213-MIB | ||
ifInErrors.6 | 1.3.6.1.2.1.2.2.1.14.6 | RFC1213-MIB | ||
ifInErrors.7 | 1.3.6.1.2.1.2.2.1.14.7 | RFC1213-MIB | ||
ifInErrors.8 | 1.3.6.1.2.1.2.2.1.14.8 | RFC1213-MIB | ||
ifInErrors.9 | 1.3.6.1.2.1.2.2.1.14.9 | RFC1213-MIB | ||
ifInErrors.10 | 1.3.6.1.2.1.2.2.1.14.10 | RFC1213-MIB | ||
Interface out counters | ifOutOctets.1 | 1.3.6.1.2.1.2.2.1.16.1 | RFC1213-MIB | |
ifOutOctets.2 | 1.3.6.1.2.1.2.2.1.16.2 | RFC1213-MIB | ||
ifOutOctets.3 | 1.3.6.1.2.1.2.2.1.16.3 | RFC1213-MIB | ||
ifOutOctets.4 | 1.3.6.1.2.1.2.2.1.16.4 | RFC1213-MIB | ||
ifOutOctets.5 | 1.3.6.1.2.1.2.2.1.16.5 | RFC1213-MIB | ||
ifOutOctets.6 | 1.3.6.1.2.1.2.2.1.16.6 | RFC1213-MIB | ||
ifOutOctets.7 | 1.3.6.1.2.1.2.2.1.16.7 | RFC1213-MIB | ||
ifOutOctets.8 | 1.3.6.1.2.1.2.2.1.16.8 | RFC1213-MIB | ||
ifOutOctets.9 | 1.3.6.1.2.1.2.2.1.16.9 | RFC1213-MIB | ||
ifOutOctets.10 | 1.3.6.1.2.1.2.2.1.16.10 | RFC1213-MIB | ||
Interface out errors | ifOutErrors.1 | 1.3.6.1.2.1.2.2.1.20.1 | RFC1213-MIB | |
ifOutErrors.2 | 1.3.6.1.2.1.2.2.1.20.2 | RFC1213-MIB | ||
ifOutErrors.3 | 1.3.6.1.2.1.2.2.1.20.3 | RFC1213-MIB | ||
ifOutErrors.4 | 1.3.6.1.2.1.2.2.1.20.4 | RFC1213-MIB | ||
ifOutErrors.5 | 1.3.6.1.2.1.2.2.1.20.5 | RFC1213-MIB | ||
ifOutErrors.6 | 1.3.6.1.2.1.2.2.1.20.6 | RFC1213-MIB | ||
ifOutErrors.7 | 1.3.6.1.2.1.2.2.1.20.7 | RFC1213-MIB | ||
ifOutErrors.8 | 1.3.6.1.2.1.2.2.1.20.8 | RFC1213-MIB | ||
ifOutErrors.9 | 1.3.6.1.2.1.2.2.1.20.9 | RFC1213-MIB | ||
ifOutErrors.10 | 1.3.6.1.2.1.2.2.1.20.10 | RFC1213-MIB | ||
System uptime | hrSystemUptime.0 | 1.3.6.1.2.1.25.1.1.0 | RFC1514-MIB | |
GlobalProtect gateway utilization | panGPGatewayUtilization | 1.3.6.1.4.1.25461.2.1.2.5.1 | PAN-COMMON-MIB | |
GlobalProtect gateway % utilization | panGPGWUtilizationPct.0 | 1.3.6.1.4.1.25461.2.1.2.5.1.1 | PAN-COMMON-MIB | |
GlobalProtect gateway max tunnels | panGPGWUtilizationMaxTunnels.0 | 1.3.6.1.4.1.25461.2.1.2.5.1.2 | PAN-COMMON-MIB | |
GlobalProtect gateway active tunnels | panGPGWUtilizationActiveTunnels.0 | 1.3.6.1.4.1.25461.2.1.2.5.1.3 | PAN-COMMON-MIB | |
% session utilization | panSessionUtilization.0 | 1.3.6.1.4.1.25461.2.1.2.3.1.0 | PAN-COMMON-MIB | |
Max Sessions for the device | panSessionMax.0 | 1.3.6.1.4.1.25461.2.1.2.3.2.0 | PAN-COMMON-MIB | |
Per VSYS session utilization | panVsysTable | 1.3.6.1.4.1.25461.2.1.2.3.9 | PAN-COMMON-MIB | |
VSYS ID | panVsysId.1 | 1.3.6.1.4.1.25461.2.1.2.3.9.1.1.1 | PAN-COMMON-MIB | |
VSYS Name | panVsysName.1 | 1.3.6.1.4.1.25461.2.1.2.3.9.1.2.1 | PAN-COMMON-MIB | |
VSYS session % utilization | panVsysSessionUtilizationPct.1 | 1.3.6.1.4.1.25461.2.1.2.3.9.1.3.1 | PAN-COMMON-MIB | |
VSYS active sessions | panVsysActiveSessions.1 | 1.3.6.1.4.1.25461.2.1.2.3.9.1.4.1 | PAN-COMMON-MIB | |
VSYS max sessions | panVsysMaxSessions.1 | 1.3.6.1.4.1.25461.2.1.2.3.9.1.5.1 | PAN-COMMON-MIB | |
Total Active Sessions | panSessionActive.0 | 1.3.6.1.4.1.25461.2.1.2.3.3.0 | PAN-COMMON-MIB | |
Active TCP Sessions | panSessionActiveTcp.0 | 1.3.6.1.4.1.25461.2.1.2.3.4.0 | PAN-COMMON-MIB | |
Active UDP Sessions | panSessionActiveUdp.0 | 1.3.6.1.4.1.25461.2.1.2.3.5.0 | PAN-COMMON-MIB | |
Active ICMP Sessions | panSessionActiveICMP.0 | 1.3.6.1.4.1.25461.2.1.2.3.6.0 | PAN-COMMON-MIB | |
TRAPS | ||||
PAN-OS supports the well-known traps, as defined in RFC-1907. Additional traps are sent as configured in the PAN-OS GUI. For example, you can configure the system log messages to be sent via SNMP traps Same is true of the traffic log, threat log, and config log-- each log message can be sent as a trap |