We are using OPManager to monitor our internal network and we are experiencing some issues with PA-VM 200 when trying to get the traffic of certain interfaces. For all the tunnel interfaces and sub-interfaces, we can see the traffic on the monitor but can't see the traffic for the ethernet interfaces. Using PAN-OS 8.0.2
1) Downloaded Enterprise SNMP 8.0 MIBs from PaloAlto website and uploaded it to the OPManager. OPManager already uses the Standard RFC MIBs.
2) OPManager is only collecting stats with GET messages and we don't use SET messages.
3) SNMP v2 port 161 is configured in both ends.
4) SNMP traffic is enabled in the MGT interface.
5) SNMP traffic is enabled in all other Layer 3 ethernet interfaces.
6) Firewall is configured to respond to statistics from the SNMP manager.
How to get traffic on Ethernet interfaces via SNMP to OPManager?
@OtakarKlier , Hi
We are looking for Rx and Tx traffic (Bps) for interfaces, not NetFlow.
Ethernet 1/1 is put primary interfaces where all the internet traffic is routed and surely there is traffic in that interface.
Tested the Palo MIBs with a MIB browser and getting the ifindex OID from it to see if I can see the traffic. But couldn't get that to work either.
This should be possible since I am monitoring those stats with a different tool. Have you looked at https://live.paloaltonetworks.com/t5/Management-Articles/SNMP-for-Monitoring-Palo-Alto-Networks-Devi...
perhaps it can help?
Here is what I have for snmpv3
I've checked the OIDs for the interfaces as per the article and I can get the in/out octets, Ucast and etc.
Also, the MIB browser doesn't display stats for ethernet interfaces.
But I need to get the traffic for the interface. Looks like something is not enabled for the ethernet interfaces whereas for tunnel or subinterfaces it is enabled?
Might be worth a case to TAC. All I recall doing was setting up the SNMP. However I also do netflow so wonder if you have a netflow policy on the tunnel interfaces?
Which hypervisor is it?
I know there is a lack of bandwidth monitoring on the interfaces in Hyper-V. This is apparently a Microsoft issue according to PAN.
This is the reply we got some while ago (still on 7.1):
"The reason why the interface statistics is 0 is that the Linux ethernet driver for Hyper-V in the LIS doesn't support device statistics like other platforms do."
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!