Can someone point me to a more recent listing of OID's than the ones from 2011 which I've been able to download?
Or, even better, give me an indication of what the OID's are for the following on a PA2020 running 4.1?
Session Utilisation percentage
I'm trying to integrate some more detailed monitoring of my PA than the default MIB's offer, and while I've found the templates which are on here, they're not valid for the current software, and most of them don't work - I need to update the OID's so Cacti queries the right values.
|active sessions (3)||220.127.116.11.4.1.25418.104.22.168.3.3.0|
|session table utilization percent (1)||22.214.171.124.4.1.254126.96.36.199.3.1.0|
Load up the RFC 1213 MIB-II file. Does a basic GetRequest to the OID .188.8.131.52.184.108.40.206.0 (i.e. sysDescr.0) work correctly? Are you running SNMP v2c or v3? If it's v2c, do you have the community string set correctly on both the firewall and the NMS? If it's v3, do you have the relevant security settings (e.g. user, mask) set up correctly?
- Jared Davis
I can SNMPwalk the device fine - but only on the standard MIB's.
Running an SNMPWALK, using V2c, I get the following outputs (relevant sections only - I get many more responses - but only from the SNMPv2-MIB, DISMAN-EVENT-MIB, IF-MIB, HOST-RESOURCES-MIB & SNMPv2-SMI)
SNMPv2-MIB::sysDescr.0 = STRING: Palo Alto Networks PA-2000 series firewall
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (243963535) 28 days, 5:40:35.35
HOST-RESOURCES-MIB::hrSystemUptime.0 = Timeticks: (243987538) 28 days, 5:44:35.38
(Same information, with numerical OID's instead of translated ones)
.220.127.116.11.18.104.22.168.0 = STRING: Palo Alto Networks PA-2000 series firewall
.22.214.171.124.126.96.36.199.0 = Timeticks: (244008859) 28 days, 5:48:08.59
.188.8.131.52.184.108.40.206.1.0 = Timeticks: (244032854) 28 days, 5:52:08.54
I should say that I can graph *some* instances out of the PAN device successfully - the interfaces themselves, the dataplane utilisation and management plane utilisation - but I can't seem to get uptime or session information out of it. The OID's appear to be correct based on the table above, but there's something wrong with the Cacti template I imported (from the devcentral site) and I'm not good enough with Cacti templates to figure out what.
You may want to perform a test using a simple MIB browser. Load the PANW Enterprise 4.1 MIB files into it. Run a SNMP walk. See if any of the responses are from OIDs that start with .220.127.116.11.4.1.25461, which indicates Palo Alto Networks. The issue may indeed be with the Cacti NMS configuration if you're able to walk the MIB using a simple MIB browser but not with Cacti. I wish you good luck in sorting out this issue!
- Jared Davis
This is the source of my problem. I have, as far as I am able to tell, installed/loaded the Palo Alto enterprise MIB's into my server, and am *trying* to tell snmpwalk to use them - only I can't get it to do so - it'll only use the "standard" MIB's.
Of course, according to the table above, at least the SNMP uptime should be readable using te standard MIB's.
It's most frustrating!
Sorry for the slow reply - I've been too busy elsewhere to go back to this.
I don't know if I do or not - wasn't aware of that little gem of a tutorial - but I am not, and will work through it and see how I go!
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!