- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
03-03-2011 06:02 AM
Hi,
I need to be able to create a baseline of firewall throughput. I know that I can view the throughput real time with the "show system statistics" command, but does anyone know a way of monitoring this over time to use in graphs or reports. I would like to have this data so that I know as new projects come up, the firewall can handle the additional traffic load. Any help here would be greatly appreciated.
Thanks,
Chris
03-03-2011 06:17 AM
Have you looked at tools such as MRTG or Cacti? They are snmp based graphing tools.
03-08-2011 06:57 PM
cstoker wrote:
Hi,
I need to be able to create a baseline of firewall throughput. I know that I can view the throughput real time with the "show system statistics" command, but does anyone know a way of monitoring this over time to use in graphs or reports. I would like to have this data so that I know as new projects come up, the firewall can handle the additional traffic load. Any help here would be greatly appreciated.
Thanks,
Chris
Chris.
I graph my PA's with Cacti. This gives me a 5 minute average of traffic on any port I choose using basic SNMP polling.
You need to enable SNMP on the device, of course, but the PA is perfectly capable of answering the SNMP requests successfully.
I have noticed that the PA will occasionally miss responding to an SNMP query for one or two polls - I can only assume this ocurs when the management module is extremely busy for oen reason or another (like an overly demanding admin [me!] requesting too many fitlers or reports from traffic monitors).
You get something which looks like the attached JPG (in this case, the 'outbound" traffic is stuff going from the PA to my "inside" network - I.E. being downloaded from the internet or DMZ)
Cheers
03-23-2011 01:00 PM
Apologies for the bump. I too have been using the system statistics in the cli, but couldn't find any object in the library that corresponds to the throughput.
The closest I have seen to give you the oid you're looking for (without polling all interfaces and adding them together) was oid 1.3.6.1.4.1.25461.2.1.2.3.1 (panSessionUtilization) which shows the session table utilization percentage 0-100. That along with interface bandwidth and cpu monitoring would probably give you a good picture of overall performance.
I use ipswitch's nms for monitoring, but I would also recommend cacti as other users have pointed out.
Maybe I'm missing it, but is there an snmp object that returns the output of "Throughput" from 'show system statistics'.
Thanks
03-25-2011 08:39 PM
There is currently no OID for 'show system statistics'
03-19-2012 05:52 PM
I know this is an older thread, but I recently posted Cacti templates for all the product familys. These should help you get a very good idea how the firewall is performing over time. https://live.paloaltonetworks.com/thread/4367
Hope this helps,
Kameron
09-20-2012 07:13 AM
Hi,
Using another Management SW I would really love to get your IOD `s -- Please
Thanks
Stig
09-22-2012 04:41 AM
Stig,
These are documented, but here is a quick listing:
Active sessions: .1.3.6.1.4.1.25461.2.1.2.3.3
Session Utilization: .1.3.6.1.4.1.25461.2.1.2.3.1 (percentage of sessions used compared to Max sessions)
TCP Sessions: .1.3.6.1.4.1.25461.2.1.3.4
UDP "Sessions": 1.3.6.1.4.1.25461.2.1.3.5
ICMP "Sessions": .1.3.6.1.4.1.25461.2.1.3.6
Max Sessions: .1.3.6.1.4.1.25461.2.1.2.3.2
MGMT Utilization: .1.3.6.1.2.1.25.3.3.1.2.1
Cavium Utilization: .1.3.6.1.2.1.25.3.3.1.2.2
Fan RPM: .1.3.6.1.2.1.99.1.1.1.4.1 (Depending on the platform, there will be multiple fans, so you will want to increment this for each fan.)
NOTE, the Temperature OIDs (listed below) may need to be different, because this number is based on the number of fans…so if there are 4 fans, the last digit will be .5, however if there are 6 fans, it will need to be .7, etc.
CPU Temp: .1.3.6.1.2.1.99.1.1.1.4.5
Board Temp: .1.3.6.1.2.1.99.1.1.1.4.6
Hope this helps,
Kameron
09-24-2012 07:18 AM
Thanks a lot - Great value for me !!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!