Baseline of Firewall Throughput (Performance)

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Baseline of Firewall Throughput (Performance)

L1 Bithead

Hi,

I need to be able to create a baseline of firewall throughput.  I know that I can view the throughput real time with the "show system statistics" command, but does anyone know a way of monitoring this over time to use in graphs or reports.  I would like to have this data so that I know as new projects come up, the firewall can handle the additional traffic load.  Any help here would be greatly appreciated.

Thanks,

Chris

8 REPLIES 8

L3 Networker

Have you looked at tools such as MRTG or Cacti? They are snmp based graphing tools.

L4 Transporter

cstoker wrote:

Hi,

I need to be able to create a baseline of firewall throughput.  I know that I can view the throughput real time with the "show system statistics" command, but does anyone know a way of monitoring this over time to use in graphs or reports.  I would like to have this data so that I know as new projects come up, the firewall can handle the additional traffic load.  Any help here would be greatly appreciated.

Thanks,

Chris

Chris.

I graph my PA's with Cacti. This gives me a 5 minute average of traffic on any port I choose using basic SNMP polling.

You need to enable SNMP on the device, of course, but the PA is perfectly capable of answering the SNMP requests successfully.

I have noticed that the PA will occasionally miss responding to an SNMP query for one or two polls - I can only assume this ocurs when the management module is extremely busy for oen reason or another (like an overly demanding admin [me!] requesting too many fitlers or reports from traffic monitors).

You get something which looks like the attached JPG (in this case, the 'outbound" traffic is stuff going from the PA to my "inside" network - I.E. being downloaded from the internet or DMZ)

Cheers

L1 Bithead

Apologies for the bump. I too have been using the system statistics   in the cli, but couldn't find any object in the library that corresponds   to the throughput.

The closest I have seen to give you the oid you're looking for (without polling all interfaces and adding them  together) was  oid 1.3.6.1.4.1.25461.2.1.2.3.1 (panSessionUtilization) which shows the session table utilization percentage  0-100. That along with interface bandwidth and cpu monitoring would probably give you a good picture of overall performance.

I use ipswitch's nms for monitoring, but I would also recommend cacti as other users have pointed out.

Maybe I'm  missing it, but is there an snmp object that returns the output of "Throughput" from 'show system statistics'.

Thanks

There is currently no OID for 'show system statistics'

L2 Linker

I know this is an older thread, but I recently posted Cacti templates for all the product familys.  These should help you get a very good idea how the firewall is performing over time.  https://live.paloaltonetworks.com/thread/4367

Hope this helps,

Kameron

Hi,

Using another Management SW I would really love to get your IOD `s -- Please

Thanks

Stig

Stig,

These are documented, but here is a quick listing:

Active sessions: .1.3.6.1.4.1.25461.2.1.2.3.3

Session Utilization: .1.3.6.1.4.1.25461.2.1.2.3.1 (percentage of sessions used compared to Max sessions)

TCP Sessions: .1.3.6.1.4.1.25461.2.1.3.4

UDP "Sessions": 1.3.6.1.4.1.25461.2.1.3.5

ICMP "Sessions": .1.3.6.1.4.1.25461.2.1.3.6

Max Sessions: .1.3.6.1.4.1.25461.2.1.2.3.2

MGMT Utilization: .1.3.6.1.2.1.25.3.3.1.2.1

Cavium Utilization: .1.3.6.1.2.1.25.3.3.1.2.2

Fan RPM: .1.3.6.1.2.1.99.1.1.1.4.1 (Depending on the platform, there will be multiple fans, so you will want to increment this for each fan.)

NOTE, the Temperature OIDs (listed below) may need to be different, because this number is based on the number of fans…so if there are 4 fans, the last digit will be .5, however if there are 6 fans, it will need to be .7, etc.

CPU Temp: .1.3.6.1.2.1.99.1.1.1.4.5

Board Temp: .1.3.6.1.2.1.99.1.1.1.4.6

Hope this helps,

Kameron

Smiley Happy Thanks a lot - Great value for me  !!

  • 8215 Views
  • 8 replies
  • 1 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!