SNMP OID's

Reply
L4 Transporter

SNMP OID's

Folks.

Can someone point me to a more recent listing of OID's than the ones from 2011 which I've been able to download?

Or, even better, give me an indication of what the OID's are for the following on a PA2020 running 4.1?

Active Sessions

Concurrent Sessions

Session Utilisation percentage

Chassis Temperature

System Uptime

I'm trying to integrate some more detailed monitoring of my PA than the default MIB's offer, and while I've found the templates which are on here, they're not valid for the current software, and most of them don't work - I need to update the OID's so Cacti queries the right values.

Thanks

Palo Alto Networks Guru

Re: SNMP OID's

active sessions (3)1.3.6.1.4.1.25461.2.1.2.3.3.0
session table utilization percent (1)1.3.6.1.4.1.25461.2.1.2.3.1.0
sysUpTime (3).1.3.6.1.2.1.1.3.0
entPhySensorUnitsDisplay
entPhySensorUnitsDisplay (6).1.3.6.1.2.1.99.1.1.1.6.1rpm
entPhySensorUnitsDisplay (6).1.3.6.1.2.1.99.1.1.1.6.2rpm
entPhySensorUnitsDisplay (6).1.3.6.1.2.1.99.1.1.1.6.3rpm
entPhySensorUnitsDisplay (6).1.3.6.1.2.1.99.1.1.1.6.4(C)
entPhySensorUnitsDisplay (6).1.3.6.1.2.1.99.1.1.1.6.5(C)
entPhySensorUnitsDisplay (6).1.3.6.1.2.1.99.1.1.1.6.6(C)
entPhySensorUnitsDisplay (6).1.3.6.1.2.1.99.1.1.1.6.7(C)
entPhySensorUnitsDisplay (6).1.3.6.1.2.1.99.1.1.1.6.8(C)
entPhySensorUnitsDisplay (6).1.3.6.1.2.1.99.1.1.1.6.9(C)
entPhySensorUnitsDisplay

entPhySensorValue
entPhySensorValue (4).1.3.6.1.2.1.99.1.1.1.4.14520
entPhySensorValue (4).1.3.6.1.2.1.99.1.1.1.4.24602
entPhySensorValue (4).1.3.6.1.2.1.99.1.1.1.4.34644
entPhySensorValue (4).1.3.6.1.2.1.99.1.1.1.4.430
entPhySensorValue (4).1.3.6.1.2.1.99.1.1.1.4.538
entPhySensorValue (4).1.3.6.1.2.1.99.1.1.1.4.637
entPhySensorValue (4).1.3.6.1.2.1.99.1.1.1.4.734
entPhySensorValue (4).1.3.6.1.2.1.99.1.1.1.4.844
entPhySensorValue (4).1.3.6.1.2.1.99.1.1.1.4.947
entPhySensorValue
L4 Transporter

Re: SNMP OID's

Thanks - those are actually already the OID's that Cacti is trying to use, so there's got to be something else wrong here - I just don't know what. :-(

Not applicable

Re: SNMP OID's

Load up the RFC 1213 MIB-II file.  Does a basic GetRequest to the OID .1.3.6.1.2.1.1.1.0 (i.e. sysDescr.0) work correctly?  Are you running SNMP v2c or v3?  If it's v2c, do you have the community string set correctly on both the firewall and the NMS?  If it's v3, do you have the relevant security settings (e.g. user, mask) set up correctly?

- Jared Davis

L4 Transporter

Re: SNMP OID's

Jared.

I can SNMPwalk the device fine - but only on the standard MIB's.

Running an SNMPWALK, using V2c, I get the following outputs (relevant sections only - I get many more responses - but only from the SNMPv2-MIB, DISMAN-EVENT-MIB, IF-MIB, HOST-RESOURCES-MIB & SNMPv2-SMI)

SNMPv2-MIB::sysDescr.0 = STRING: Palo Alto Networks PA-2000 series firewall

DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (243963535) 28 days, 5:40:35.35

HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (243987538) 28 days, 5:44:35.38

(Same information, with numerical OID's instead of translated ones)

.1.3.6.1.2.1.1.1.0 = STRING: Palo Alto Networks PA-2000 series firewall

.1.3.6.1.2.1.1.3.0 = Timeticks: (244008859) 28 days, 5:48:08.59

.1.3.6.1.2.1.25.1.1.0 = Timeticks: (244032854) 28 days, 5:52:08.54

I should say that I can graph *some* instances out of the PAN device successfully - the interfaces themselves, the dataplane utilisation and management plane utilisation - but I can't seem to get uptime or session information out of it. The OID's appear to be correct based on the table above, but there's something wrong with the Cacti template I imported (from the devcentral site) and I'm not good enough with Cacti templates to figure out what.

Highlighted
Not applicable

Re: SNMP OID's

You may want to perform a test using a simple MIB browser.  Load the PANW Enterprise 4.1 MIB files into it.  Run a SNMP walk.  See if any of the responses are from OIDs that start with .1.3.6.1.4.1.25461, which indicates Palo Alto Networks.  The issue may indeed be with the Cacti NMS configuration if you're able to walk the MIB using a simple MIB browser but not with Cacti.  I wish you good luck in sorting out this issue!

- Jared Davis

L4 Transporter

Re: SNMP OID's

This is the source of my problem. I have, as far as I am able to tell, installed/loaded the Palo Alto enterprise MIB's into my server, and am *trying* to tell snmpwalk to use them - only I can't get it to do so - it'll only use the "standard" MIB's.

Of course, according to the table above, at least the SNMP uptime should be readable using te standard MIB's.

It's most frustrating!

L6 Presenter

Re: SNMP OID's

I guess you use the proper syntax for snmpwalk and you have put the MIBs in correct path?

http://www.net-snmp.org/wiki/index.php/TUT:Using_and_loading_MIBS

L4 Transporter

Re: SNMP OID's

Sorry for the slow reply - I've been too busy elsewhere to go back to this.

I don't know if I do or not - wasn't aware of that little gem of a tutorial - but I am not, and will work through it and see how I go!

Thanks

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!