- Get Started
- News & Events
- Collaboration
- Education Services
- Technologies
- Next-Generation Firewall
- GlobalProtect
- Threat Prevention Services
- Endpoint Protection
- SSL Decryption
- App-ID
- Content-ID
- User-ID
- 5G
- IoT Security
- Cloud Identity Engine
Network Security
- Prisma Access
- Prisma Cloud
- Prisma SD-WAN
- CN-Series
- VM-Series:
- Alibaba
- AWS
- GCP
- Azure
Cloud Security
- Cortex XDR
- Cortex XSOAR
- Cortex Data Lake
Security Operations
- Resources
- COVID-19 Response Center
- LIVEcommunity
- Collaboration
- Discussions
- Automation/API Discussions
- Cacti - Templates
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Printer Friendly Page
Cacti - Templates
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
03-19-2012 03:52 PM
Hello Palo Alto Community,
I created a few Cacti Templates which allow you to quickly and easily monitor Palo Alto Networks firewalls with SNMP. There are 5 different templates corresponding to the 5 different Firewall families, PA-200, PA-500, PA-20xx, PA-40xx, PA-50xx.
Using these with Cacti (www.cacti.net), these Host templates will monitor the following sets variables, create historical graphs of these variables (example Graphs listed below):
- Traffic the firewall is passing through each selected interface(s)
- The number of Active Sessions (TCP, UDP and ICMP)
- The number of Concurrent Sessions (aggregate of Active Sessions)
- Session Utilization Percentage – Based on the PAN Firewall Model
- Temperature of the Firewall
- Uptime of the Firewall
If you know of other OIDs which you feel the broader community would like monitored, I would be happy to add them to the templates.
Once cacti is installed on your favorite OS, you simply connect to the Cacti web interface and import these host templates. Then you can add devices for Cacti to SNMP Poll/Monitor and you have a long term graphical representation of what the firewall is doing, how much traffic it is seeing, how many sessions it is supporting, etc.
Hope these help,
Kameron
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
03-19-2012 04:43 PM
These are great. Thanks for sharing!
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
03-20-2012 03:32 AM
Thanks.
And for those having trouble importing template, how to fix version checking in cacti with xml version hash error
http://docs.cacti.net/howto:determine_cacti_template_version
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
03-20-2012 10:52 AM
Nice work! Thanks for sharing! :-)
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
03-26-2012 08:51 AM
nick work! thanks for sharing!
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
04-29-2012 08:32 AM
I've built the equivalent of these graphs in Zabbix as well... Zabbix allows you to do some interesting things as well, such as "if the last retrieved uptime raw value is less than 600 seconds, send an alert" (i.e. if the firewall has rebooted in the last ten minutes, throw an alert), or "if the SNMP queried temperature is over X, send an alert"
Unfortunately Zabbix doesn't support SHA/AES for SNMPv3, and the Palo Altos we have don't seem to support MD5/3DES, so I ended up having to use SNMPv2
If anyone's interested I can post them here, or open a new thread
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
10-09-2012 11:55 AM
I'm interested in those Zabbix templates thanks. Would you mind posting them?
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
10-24-2012 09:41 AM
Thanks for the templates.
Have you graphed traffic utilization on sub interfaces? some reason I'm struggling with this <maybe cause i'm new to cacti> I'm running cacti 0.8.8a
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
10-24-2012 12:27 PM
Jerrold,
Currently, there isn't any SNMP support for Sub-interfaces. There are feature requests for this, so you may want to speak with your local PANW SE and have them add you and your company to the FR.
Thanks,
Kameron
- Mark as New
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report This Content
02-08-2013 11:13 AM
quinton - sorry for the late reply.
I will try to export the Zabbix hosts I've built... we're monitoring our 4020 and a pair of 5020s with Zabbix and it's working great. I'll start a new thread and post them there.
- Failed to delete Certificate due to references - but I don't want to delete those references in General Topics
- Panorama GUI wont respond after upgrading beyond 10.0.0 in General Topics
- Certificate LuxTrust Global Root in <template> expired on Mar 17 09:51:37 2021 GMT in General Topics
- automatic stack updates in Prisma Cloud Discussions
- Backup and Restore PA Panorama and Firewalls setup to new infra in Azure in General Topics
Show your appreciation!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
