use this one instead...
FWSM PROBE.....
the previous one had interfaces
mis-matches..
Pedro Quezada
MTV Networks
Networking
212-846-6506
From: [email protected] [mailto:[EMAIL PROTECTED] On Behalf Of Quezada, Pedro
Sent: Thursday, May 26, 2005 1:22 PM
To: 'InterMapper Discussion'
Subject: [IM-Talk] CISCO FWSM Probe
With the help of Ruth Kurniawati from dart
ware..
She was able to
pin-point issues with SNMP and the Cisco FWSM..
Whenever intermapper probed the FWSM it drove
the CPU to 99%..not good
This is
definitely a bug with Cisco...
I rely on the intemapper charts way more than
other tools we have ...
So I modified
a probe she modified and just added more interfaces...
This probe should be used if you have The Cisco
Firewall service module...
The Custom
probe made by mwillis for the pix appliance is fine for 506,515,525.
One thing about this probe:
the ants will not show up . : ( I like those
ants
The charting of interface data is not
through the clicking on the interface but from the status window.
Thank you
Ruth
<<com.ecornell.snmp.cisco.fwsm.txt>>
Pedro Quezada
MTV
Networks
Networking
212-846-6506
<!--
SNMP - Cisco Pix (com.ecornell.snmp.cisco.pix_fwsm)
Copyright (c) 2004 eCornell/TILS. All rights reserved.
created on 6/21/04 by mwillis
modified on 5/26/2005 by Pedro Quezada DUE TO HIGH UTILIZATION ON FWSM
-->
<header>
"type" = "custom-snmp"
"package" = "com.ecornell"
"probe_name" = "snmp.cisco.pix_FWSM"
"human_name" = "SNMP - Cisco Pix FWSM"
"version" = "2.0"
"address_type" = "IP"
"port_number" = "161"
"FLAGS" = "NOLINKS"
</header>
<snmp-device-properties>
nomib2="true"
pdutype="get-request"
maxvars="1"
</snmp-device-properties>
<description>
\b0\SNMP - Cisco Pix_custom\p0\
This probe monitors the CPU and Memory utilization and number of connections of
a Cisco PIX Firewall.
\i0\CPU Busy - Alarm\p0\ is the ALARM threshold for CPU utilization. If the
average percentage of CPU usage exceeds this threshold, the device will enter
the Alarm state.
\i0\CPU Busy - Warning\p0\ is the WARNING threshold for CPU utilization. If the
average percentage of CPU usage exceeds this threshold, the device will enter
the Warning state.
\i0\Low Memory - Alarm\p0\ is the ALARM threshold for the amount of free memory
remaining (in bytes). If the free memory drops below this threshold, the device
will enter the Alarm state.
\i0\Low Memory - Warning\p0\ is the WARNING threshold for the amount of free
memory remaining (in bytes). If the free memory drops below this threshold, the
device will enter the Warning state.
\i0\Connections - Alarm\p0\ is the ALARM threshold for the number of
connections. If the number of connections exceeds this threshold, the device
will enter the Alarm state.
\i0\Connections - Warning\p0\ is the WARNING threshold for the number of
connections. If the number of connections exceeds this threshold, the device
will enter the Alarm state.
</description>
<parameters>
"CPU Busy - Alarm" = "90"
"CPU Busy - Warning" = "75"
"Low Memory - Alarm" = "32000000"
"Low Memory - Warning" = "56000000"
"Connections - Alarm" = "50000"
"Connections - Warning" = "100000"
</parameters>
<snmp-device-variables>
-- MIB Variable -- -- OID --
-- TYPE -- -- LEGEND --
totalConnections, 1.3.6.1.4.1.9.9.147.1.2.2.2.1.5.40.6,
default, "number of connections currently in use"
ciscoMemoryPoolFree, 1.3.6.1.4.1.9.9.48.1.1.1.5.1,
default, "Low Memory"
cpmCPUTotal5sec, 1.3.6.1.4.1.9.9.109.1.1.1.1.3.1,
Total-Valuation, "CPU Busy % (5 sec.)"
cpmCPUTotal1min, 1.3.6.1.4.1.9.9.109.1.1.1.1.4.1,
Total-Valuation, "Avg. CPU Busy % (1 min.)"
cpmCPUTotal5min, 1.3.6.1.4.1.9.9.109.1.1.1.1.5.1,
Total-Valuation, "Avg. CPU Busy % (5 min.)"
ifInOctets1PerSec, 1.3.6.1.2.1.2.2.1.10.1,
per-second, "IfInOctets (ifIndex=1)"
ifOutOctets1PerSec, 1.3.6.1.2.1.2.2.1.16.1,
per-second, "IfOutOctets (ifIndex=1)"
ifIn1bps, $ifInOctets1PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 1"
ifOut1bps, $ifOutOctets1PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 1"
ifInOctets2PerSec, 1.3.6.1.2.1.2.2.1.10.2,
per-second, "IfInOctets (ifIndex=2)"
ifOutOctets2PerSec, 1.3.6.1.2.1.2.2.1.16.2,
per-second, "IfOutOctets (ifIndex=2)"
ifIn2bps, $ifInOctets2PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 2"
ifOut2bps, $ifOutOctets2PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 2"
ifInOctets3PerSec, 1.3.6.1.2.1.2.2.1.10.3,
per-second, "IfInOctets (ifIndex=3)"
ifOutOctets3PerSec, 1.3.6.1.2.1.2.2.1.16.3,
per-second, "IfOutOctets (ifIndex=3)"
ifIn3bps, $ifInOctets2PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 3"
ifOut3bps, $ifOutOctets2PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 3"
ifInOctets4PerSec, 1.3.6.1.2.1.2.2.1.10.4,
per-second, "IfInOctets (ifIndex=4)"
ifOutOctets4PerSec, 1.3.6.1.2.1.2.2.1.16.4,
per-second, "IfOutOctets (ifIndex=4)"
ifIn4bps, $ifInOctets4PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 4"
ifOut4bps, $ifOutOctets4PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 4"
ifInOctets5PerSec, 1.3.6.1.2.1.2.2.1.10.5,
per-second, "IfInOctets (ifIndex=5)"
ifOutOctets5PerSec, 1.3.6.1.2.1.2.2.1.16.5,
per-second, "IfOutOctets (ifIndex=5)"
ifIn5bps, $ifInOctets5PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 5"
ifOut5bps, $ifOutOctets5PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 5"
ifInOctets6PerSec, 1.3.6.1.2.1.2.2.1.10.6,
per-second, "IfInOctets (ifIndex=6)"
ifOutOctets6PerSec, 1.3.6.1.2.1.2.2.1.16.6,
per-second, "IfOutOctets (ifIndex=6)"
ifIn6bps, $ifInOctets6PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 6"
ifOut6bps, $ifOutOctets6PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 6"
ifInOctets7PerSec, 1.3.6.1.2.1.2.2.1.10.7,
per-second, "IfInOctets (ifIndex=7)"
ifOutOctets7PerSec, 1.3.6.1.2.1.2.2.1.16.7,
per-second, "IfOutOctets (ifIndex=7)"
ifIn7bps, $ifInOctets7PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 7"
ifOut7bps, $ifOutOctets7PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 7"
ifInOctets8PerSec, 1.3.6.1.2.1.2.2.1.10.8,
per-second, "IfInOctets (ifIndex=8)"
ifOutOctets8PerSec, 1.3.6.1.2.1.2.2.1.16.8,
per-second, "IfOutOctets (ifIndex=8)"
ifIn8bps, $ifInOctets8PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 8"
ifOut8bps, $ifOutOctets8PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 8"
ifInOctets9PerSec, 1.3.6.1.2.1.2.2.1.10.9,
per-second, "IfInOctets (ifIndex=9)"
ifOutOctets9PerSec, 1.3.6.1.2.1.2.2.1.16.9,
per-second, "IfOutOctets (ifIndex=9)"
ifIn9bps, $ifInOctets9PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 9"
ifOut9bps, $ifOutOctets9PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 9"
ifInOctets10PerSec, 1.3.6.1.2.1.2.2.1.10.10,
per-second, "IfInOctets (ifIndex=10)"
ifOutOctets10PerSec, 1.3.6.1.2.1.2.2.1.16.10,
per-second, "IfOutOctets (ifIndex=10)"
ifIn10bps, $ifInOctets10PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 10"
ifOut10bps, $ifOutOctets10PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 10"
ifInOctets11PerSec, 1.3.6.1.2.1.2.2.1.10.11,
per-second, "IfInOctets (ifIndex=11)"
ifOutOctets11PerSec, 1.3.6.1.2.1.2.2.1.16.11,
per-second, "IfOutOctets (ifIndex=11)"
ifIn11bps, $ifInOctets11PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 11"
ifOut11bps, $ifOutOctets11PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 11"
ifInOctets12PerSec, 1.3.6.1.2.1.2.2.1.10.12,
per-second, "IfInOctets (ifIndex=12)"
ifOutOctets12PerSec, 1.3.6.1.2.1.2.2.1.16.12,
per-second, "IfOutOctets (ifIndex=12)"
ifIn12bps, $ifInOctets12PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 12"
ifOut12bps, $ifOutOctets12PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 12"
ifInOctets13PerSec, 1.3.6.1.2.1.2.2.1.10.13,
per-second, "IfInOctets (ifIndex=13)"
ifOutOctets13PerSec, 1.3.6.1.2.1.2.2.1.16.13,
per-second, "IfOutOctets (ifIndex=13)"
ifIn13bps, $ifInOctets13PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 13"
ifOut13bps, $ifOutOctets13PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 13"
ifInOctets14PerSec, 1.3.6.1.2.1.2.2.1.10.14,
per-second, "IfInOctets (ifIndex=14)"
ifOutOctets14PerSec, 1.3.6.1.2.1.2.2.1.16.14,
per-second, "IfOutOctets (ifIndex=14)"
ifIn14bps, $ifInOctets14PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 14"
ifOut14bps, $ifOutOctets14PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 14"
ifInOctets15PerSec, 1.3.6.1.2.1.2.2.1.10.15,
per-second, "IfInOctets (ifIndex=15)"
ifOutOctets15PerSec, 1.3.6.1.2.1.2.2.1.16.15,
per-second, "IfOutOctets (ifIndex=15)"
ifIn15bps, $ifInOctets15PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 15"
ifOut15bps, $ifOutOctets15PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 15"
ifInOctets16PerSec, 1.3.6.1.2.1.2.2.1.10.16,
per-second, "IfInOctets (ifIndex=16)"
ifOutOctets16PerSec, 1.3.6.1.2.1.2.2.1.16.16,
per-second, "IfOutOctets (ifIndex=16)"
ifIn16bps, $ifInOctets16PerSec*8,
calculation, "Incoming traffic (bps) for ifIndex 16"
ifOut16bps, $ifOutOctets16PerSec*8,
calculation, "Outgoing traffic (bps) for ifIndex 16"
</snmp-device-variables>
<snmp-device-thresholds>
alarm: ${cpmCPUTotal5sec} > ${CPU Busy -
Alarm} "Critically high CPU utilization"
alarm: ${totalConnections} > ${Connections -
Alarm} "Critically high # of connections"
alarm: ${ciscoMemoryPoolFree} < ${Low Memory - Alarm}
"Critically low Memory Free"
warning: ${cpmCPUTotal5sec} > ${CPU Busy -
Warning} "High CPU utilization"
warning: ${totalConnections} > ${Connections -
Warning} "High # of connections"
warning: ${ciscoMemoryPoolFree} < ${Low Memory - Warning}
"Low Memory Free"
</snmp-device-thresholds>
<snmp-device-display>
\b5\Cisco Pix Status\0p\
\4\CPU Percent Busy:\0\ ${cpmCPUTotal5sec} % \3ig\(of last 5 seconds)\p0m\
\4\Avg. CPU % Busy:\0\ ${cpmCPUTotal1min} % \3ig\(1 min.)\p0m\,
${cpmCPUTotal5min} % \3ig\(5 min.)\p0m\
\4\Available Memory:\0\ ${ciscoMemoryPoolFree} bytes
\4\Connections:\0\ ${totalConnections} connections
\b5\Interface traffic\0p\
\4\interface 1: \0\in $ifIn1bps bps, out $ifOut1bps bps
\4\interface 2: \0\in $ifIn2bps bps, out $ifOut2bps bps
\4\interface 3: \0\in $ifIn3bps bps, out $ifOut3bps bps
\4\interface 4: \0\in $ifIn4bps bps, out $ifOut4bps bps
\4\interface 5: \0\in $ifIn5bps bps, out $ifOut5bps bps
\4\interface 6: \0\in $ifIn6bps bps, out $ifOut6bps bps
\4\interface 7: \0\in $ifIn7bps bps, out $ifOut7bps bps
\4\interface 8: \0\in $ifIn8bps bps, out $ifOut8bps bps
\4\interface 9: \0\in $ifIn9bps bps, out $ifOut9bps bps
\4\interface 10: \0\in $ifIn10Bps bps, out $ifOut10bps bps
\4\interface 11: \0\in $ifIn11bps bps, out $ifOut11bps bps
\4\interface 12: \0\in $ifIn12bps bps, out $ifOut12bps bps
\4\interface 13: \0\in $ifIn13bps bps, out $ifOut13bps bps
\4\interface 14: \0\in $ifIn14bps bps, out $ifOut14bps bps
\4\interface 15: \0\in $ifIn15bps bps, out $ifOut15bps bps
\4\interface 15: \0\in $ifIn16bps bps, out $ifOut16bps bps
</snmp-device-display>
