Who Me Too'd this topic

Announcements

ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.

Who Me Too'd this topic

Cyber Elite

QoS Monitoring (for PRTG Network Monitor)

Hi all,

 

Because there are no useful methods to monitor the configured QoS values (at least til 7.0.3, I don't know if there will be a monitoring of QoS in the future), I have written a little script in powershell which gets all the required values over the XML API and the creates an output which could be used for the software PRTG Network Monitor (there is also a free version with limited amount of sensors).

 

The syntax looks like the following:

"script.ps1 <fwhostname> <physicalinterface> [<qosrule/tunnelinterface>] [tunnel-traffic]"

 

example for a cleartext rule named "Traffic-to-Internet" on ethernet1/3:

script.ps1 "firewall.domain.local" "ethernet1/3" "Traffic-to-Internet"

 

example for monitoring a tunnel-traffic rule for tunnel 10 on ethernet1/2:

script.ps1 "firewall.domain.local" "ethernet1/2" "tunnel.10" "tunnel-traffic"

 

If someone is interested, you can find the script here: https://github.com/inaxis/Palo_QoS_Mon/blob/master/Palo_QoS_Mon_Script.ps1

 

But you have to be carefully and do not run too many instances of the script at the same time towards a single firewall (specially not a pa-2000), or if you do it have a look at the management cpu utilization.

 

I tested the script on the following device/software combinations:

  • PA-5050 (PAN-OS 6.1.7)
  • PA-5020 (PAN-OS 7.0.3)
  • PA-3020 (PAN-OS 6.1.7)

The output of the devices is slightly different, so the channel which shows the dropped packets/second does not work on PA-5000 series.

 

Regards,

Remo

 

Example screenshots:

Actual bandwidth:

class-8-actual-traffic.PNG

Utilization in percent:

class-8-percentage.PNG

Dropped packets/second:

class-8-dropped-packets.PNG

Who Me Too'd this topic