Baseline of Firewall Throughput (Performance)

Announcements
Attention: The LIVEcommunity is experiencing an interruption with videos in some areas. We apologize for any inconvenience this may cause. Thank you for your patience as we work towards a solution to restore videos.
Reply
Highlighted
L1 Bithead

Baseline of Firewall Throughput (Performance)

Hi,

I need to be able to create a baseline of firewall throughput.  I know that I can view the throughput real time with the "show system statistics" command, but does anyone know a way of monitoring this over time to use in graphs or reports.  I would like to have this data so that I know as new projects come up, the firewall can handle the additional traffic load.  Any help here would be greatly appreciated.

Thanks,

Chris

Highlighted
L3 Networker

Re: Baseline of Firewall Throughput (Performance)

Have you looked at tools such as MRTG or Cacti? They are snmp based graphing tools.

Highlighted
L4 Transporter

Re: Baseline of Firewall Throughput (Performance)

cstoker wrote:

Hi,

I need to be able to create a baseline of firewall throughput.  I know that I can view the throughput real time with the "show system statistics" command, but does anyone know a way of monitoring this over time to use in graphs or reports.  I would like to have this data so that I know as new projects come up, the firewall can handle the additional traffic load.  Any help here would be greatly appreciated.

Thanks,

Chris

Chris.

I graph my PA's with Cacti. This gives me a 5 minute average of traffic on any port I choose using basic SNMP polling.

You need to enable SNMP on the device, of course, but the PA is perfectly capable of answering the SNMP requests successfully.

I have noticed that the PA will occasionally miss responding to an SNMP query for one or two polls - I can only assume this ocurs when the management module is extremely busy for oen reason or another (like an overly demanding admin [me!] requesting too many fitlers or reports from traffic monitors).

You get something which looks like the attached JPG (in this case, the 'outbound" traffic is stuff going from the PA to my "inside" network - I.E. being downloaded from the internet or DMZ)

Cheers

Highlighted
L1 Bithead

Re: Baseline of Firewall Throughput (Performance)

Apologies for the bump. I too have been using the system statistics   in the cli, but couldn't find any object in the library that corresponds   to the throughput.

The closest I have seen to give you the oid you're looking for (without polling all interfaces and adding them  together) was  oid 1.3.6.1.4.1.25461.2.1.2.3.1 (panSessionUtilization) which shows the session table utilization percentage  0-100. That along with interface bandwidth and cpu monitoring would probably give you a good picture of overall performance.

I use ipswitch's nms for monitoring, but I would also recommend cacti as other users have pointed out.

Maybe I'm  missing it, but is there an snmp object that returns the output of "Throughput" from 'show system statistics'.

Thanks

Highlighted
L3 Networker

Re: Baseline of Firewall Throughput (Performance)

There is currently no OID for 'show system statistics'

Highlighted
L2 Linker

Re: Baseline of Firewall Throughput (Performance)

I know this is an older thread, but I recently posted Cacti templates for all the product familys.  These should help you get a very good idea how the firewall is performing over time.  https://live.paloaltonetworks.com/thread/4367

Hope this helps,

Kameron

Highlighted
L1 Bithead

Re: Baseline of Firewall Throughput (Performance)

Hi,

Using another Management SW I would really love to get your IOD `s -- Please

Thanks

Stig

Highlighted
L2 Linker

Re: Baseline of Firewall Throughput (Performance)

Stig,

These are documented, but here is a quick listing:

Active sessions: .1.3.6.1.4.1.25461.2.1.2.3.3

Session Utilization: .1.3.6.1.4.1.25461.2.1.2.3.1 (percentage of sessions used compared to Max sessions)

TCP Sessions: .1.3.6.1.4.1.25461.2.1.3.4

UDP "Sessions": 1.3.6.1.4.1.25461.2.1.3.5

ICMP "Sessions": .1.3.6.1.4.1.25461.2.1.3.6

Max Sessions: .1.3.6.1.4.1.25461.2.1.2.3.2

MGMT Utilization: .1.3.6.1.2.1.25.3.3.1.2.1

Cavium Utilization: .1.3.6.1.2.1.25.3.3.1.2.2

Fan RPM: .1.3.6.1.2.1.99.1.1.1.4.1 (Depending on the platform, there will be multiple fans, so you will want to increment this for each fan.)

NOTE, the Temperature OIDs (listed below) may need to be different, because this number is based on the number of fans…so if there are 4 fans, the last digit will be .5, however if there are 6 fans, it will need to be .7, etc.

CPU Temp: .1.3.6.1.2.1.99.1.1.1.4.5

Board Temp: .1.3.6.1.2.1.99.1.1.1.4.6

Hope this helps,

Kameron

Highlighted
L1 Bithead

Re: Baseline of Firewall Throughput (Performance)

:smileyhappy: Thanks a lot - Great value for me  !!

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!