PRTG is using to monitor our network devices and it works great with SNMPv3. My previous post has described how to monitor SRX's CPU, Memory, Flow Sessions etc. Alarm status and Temperature is another sensor I am looking for to monitor. There are couple of ways to do it. You can use NSM to send alarm email, firewall itself to send snmp traps to your SNMP server, or Network Monitoring Tools to pull SNMP OID values then send email. In my case, PRTG is preferred way to monitor system status and send alarming email based on the requirement.
 Step 1: SNMPv3 on SRX
set snmp v3 usm local-engine user SRXAES authentication-md5 authentication-password Test1234
set snmp v3 usm local-engine user SRXAES privacy-aes128 privacy-password Test12345
set snmp engine-id local 4716
set snmp view view_all oid 1 include
set snmp filter-duplicates
set snmp health-monitor
set snmp location "<location>"
set snmp contact "<contact name>"
set snmp community <community-name> authorization read-only
set snmp community <community-name> clients <snmp-host>
set snmp community <community-name> clients 0.0.0.0/0 restrict
Note: A generic local engine-id must be configured. Otherwise (e.g. when the MAC is used) SNMPv3 will not work in cluster configurations. After configuring the engine-id, committing the configuration might be required because the engine-id is involved in the key generation below.
To make NSM work with SRX, location and contact should not be set. Else, after the configuration imported into NSM, when you push policy from NSM to SRX, snmpv3 anthentication password and privacy password will be changed.
In my working configuration for NSM and SRX 240H / 1400 Cluster, the configuration looks like below:
root@fw-srx-1> show configuration snmp
v3 {
  usm {
    local-engine {
      user SRXAES {
        authentication-md5 {
          authentication-key "$9$cOJSKMWLxNbs8LUjq.zF9ApuIEM8Xx-VvM4aJGq.Tz390BhSrlM836evW8dVP5TCuO1EhrOB-VYgJZ69CApBlKM-bsKv4aZUHkBIRcevdbsY4aSr8boa/CAtu1SyKW87vMX-bs4oJGDk5Q9ApREyk.hSreXxk5Qn/9pOBE3nA0O1hcYg4oDi"; ## SECRET-DATA
        }
        privacy-aes128 {
          privacy-key "$9$4yaZjq.53/CmPF/CtIRNdVsoJDik.mTZGp01IcSM8XNds4oGDHqvWUjqmTQevM8dbYgojk.4oz369OBX7N-s2JZjPfz.muOBIrlLxNdVYgoDkY2QF6/tpM8Lx7VY2aGjHaJUH.PQzEcSl8XVwYaGDsYoGiH5T369pIErev7dbuONdbYoan/9AtO"; ## SECRET-DATA
        }
      }
    }
  }
  vacm {
    security-to-group {
      security-model usm {
        security-name SRXAES {
          group readonly;
        }
      }
    }
    access {
      group readonly {
        default-context-prefix {
          security-model usm {
            security-level privacy {
              read-view view_all;
            }
          }
        }
      }
    }
  }
}
engine-id {
  local 109849;
}
view view_all {
  oid 1 include;
}
client-list snmpclient {
  10.1.1.11/31;
  0.0.0.0/0 {
    restrict;
  }
}
Step 2: PRTG Configuration
PRTG can be easily integrated into your network monitoring system and execute comprehensive monitoring tasks. Also , alerting feature is quite flexible to meet your organization needs. Even one normal windows server can monitoring thousands of sensors without problem.
For SNMPv3 configuration in the PRTG, right click edit pop up menu at  root properties of Device tab, enter the snmpv3 information:
Step 3: Add SNMP Custom Sensor
Following instruction on the screen to add sensor for your network devices, you will need to pick SNMP category's SNMP Custom type sensor.
In the basic sensor settings, the most important thing is OID values. You will need to know exact OID number to make your own monitoring sensor in the PRTG.
Lets go back to our SRX firewall to find out what the temperature SNMP mib oid is:
Show snmp mib walk 1.3.6.1.4.1 | match temp
we are able to find out a couple of values for temperature:
jnxOperatingTemp.9.1.0.0 = 50From Show Chassis Routing-Engine, there are different type of temperature for cpu and chassis , also for different node if it is cluster configuration.
jnxOperatingTemp.9.2.0.0 = 49
jnxFruTemp.9.1.0.0 = 50
jnxFruTemp.9.1.1.0 = 50
jnxFruTemp.9.2.0.0 = 48
jnxFruTemp.9.2.1.0 = 48
root@fw-srx-1> show chassis routing-engineNext step is to find out OID from online website OID database , such as http://oid-info.com/ or Solarwinds SNMP Center:
node0:
--------------------------------------------------------------------------
Routing Engine status:
  Temperature         50 degrees C / 122 degrees F
  CPU temperature       49 degrees C / 120 degrees F
  Total memory        1024 MB Max  850 MB used ( 83 percent)
   Control plane memory   560 MB Max  493 MB used ( 88 percent)
   Data plane memory     464 MB Max  362 MB used ( 78 percent)
  CPU utilization:
   User            7 percent
   Background         0 percent
   Kernel           5 percent
   Interrupt          0 percent
   Idle            87 percent
  Model              RE-SRX240H
  Serial ID            AAEP4868
  Start time           2015-01-18 13:24:42 UTC
  Uptime             38 days, 8 hours, 29 minutes, 47 seconds
  Last reboot reason       0x200:normal shutdown
  Load averages:         1 minute  5 minute  15 minute
                    0.16    0.44    0.46
node1:
--------------------------------------------------------------------------
Routing Engine status:
  Temperature         48 degrees C / 118 degrees F
  CPU temperature       50 degrees C / 122 degrees F
  Total memory        1024 MB Max  696 MB used ( 68 percent)
   Control plane memory   560 MB Max  336 MB used ( 60 percent)
   Data plane memory     464 MB Max  357 MB used ( 77 percent)
  CPU utilization:
   User            5 percent
   Background         0 percent
   Kernel           3 percent
   Interrupt          0 percent
   Idle            92 percent
  Model              RE-SRX240H
  Serial ID            AAEK3334
  Start time           2015-02-15 16:05:14 UTC
  Uptime             10 days, 5 hours, 49 minutes, 24 seconds
  Last reboot reason       0x200:normal shutdown
  Load averages:         1 minute  5 minute  15 minute
                    0.06    0.08    0.08
From the database search result, it shows jnxOperatingTemp = 1.3.6.1.4.1.2636.3.1.13.1.7
In this case, jnxOperatingTemp.9.2.0.0 is 1.3.6.1.4.1.2636.3.1.13.1.7.9.2.0.0. That is exactly OID we need for this monitoring.Â
Step 4. Create email alarm
After checked the thresholds for temperature as shown in below, we will build an alarm email.root@fw-srx-1> show chassis temperature-thresholds
node0:
--------------------------------------------------------------------------
              Fan speed    Yellow alarm    Red alarm    Fire Shutdown
             (degrees C)    (degrees C)   (degrees C)    (degrees C)
Item           Normal  High  Normal  Bad fan  Normal  Bad fan   Normal
Chassis default        35   45    50    40    75    65    100
Routing Engine        35   45    50    40    75    65    100
node1:
--------------------------------------------------------------------------
              Fan speed    Yellow alarm    Red alarm    Fire Shutdown
             (degrees C)    (degrees C)   (degrees C)    (degrees C)
Item           Normal  High  Normal  Bad fan  Normal  Bad fan   Normal
Chassis default        35   45    50    40    75    65    100
Routing Engine        35   45    50    40    75    65    100
Reference:
- Junos temperature thresholds in SRX devices and the actions taken when it exceeds the threshold
- Monitoring Juniper SRX Firewall CPU, Memory and Flow Session Information from PRTG
- How can I use a trusted SSL certificate with the PRTG web interface?
![[5 Mins Docker] Deploy FreshRSS Using Docker Run Command and Deploy To Fly.io](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vaI8k2ZwZZ5dP7tXN0BO6CTMc0BMGSDqkAzJA0bPWktbEeDLOjR-eVTKaAivw_fK3zawh91TvQxW23EcVHxUxKf8s3i1bs4IVFCtBFcqvMNA)
In fact no matter if someone doesn't know after that its up to other users that they
ReplyDeletewill assist, so here it occurs.
as
ReplyDelete