How to Guides: The SNMP Toolkit

Transcription

Haf Saba – Attachmate | NetIQ
How to Guides: The SNMP Toolkit
Prepared by
Haf Saba
Senior Technical Consultant
Asia Pacific
[email protected]
th
October 13 , 2009
1
Table of Contents
Introduction .......................................................................................................................................................................... 2
Pre-Requisites ....................................................................................................................................................................... 2
Server Requirements ................................................................................................................................................... 2
Installation ............................................................................................................................................................................ 3
SNMP Script Configuration ............................................................................................................................................... 9
Other SNMP Scripts .................................................................................................................................................... 22
Introduction
The following is a monitoring guide for NetIQ SNMP Toolkit monitoring. This document will go through the steps
involved in implementing SNMP for Cisco VPN concentrator monitoring as an example.
Please read the guide before beginning with the monitoring as there are many steps involved. It is important to
understand how to follow MIBs and general SNMP functionality.
Pre-Requisites
To begin with, a list of requirements must be met before the installation can begin.
Server Requirements
o An existing AppManager (AM) environment
o Windows 2000 SP4 or Windows 2003 Server with the AM agent already installed
o The Windows SNMP Service installed and running as LocalSystem
o SNMP Security Tab entered with appropriate Read Community String and set to accept from any host
o Network Device set with a defined SNMP READ community string
This document shows screenshots of various MIBs using the MIB Browser tool from MG Soft (www.mg-soft.si). This
tool is invaluable to SNMP monitoring as it has the ability to poll a device and inform you of what MIBs it is using and
more importantly, return a value for everything that it can report on. This saves several hours in MIB browsing walking
MIBs that don’t return any data. You can download an evaluation of the product from the website.
SNMP monitoring requires much patience. It will take time browsing MIBs to determine what values you can even poll
let alone what you want to monitor. There are hundreds of MIBs available for various devices and with the beauty of
the toolkit you can monitor any SNMP-related device provided you have the MIB for it.
A good location to check for the MIB is the manufacturer’s website or online MIBs at websites such as
www.snmplink.org and http://www.oidview.com/mibs/detail.html.
2
Once you have your MIB you can then walk it against your SNMP object and determine what values you are getting
back and how you will need to interpret them. This takes the most time as each device will have many MIBs. Engaging
the support of the manufacturer may help in determining what you need to monitor.
Installation
We are now ready to begin the installation of the module. Run the SNMP .msi on the server configured to do the
polling and also run the .msi on the server hosting the AppManager QDB so that the scripts are loaded into the
database.
Simply clicking next through the setup will suffice to install the SNMP components. Upon completion, when returning
to the AM Console, open the script in the Discovery tab called “SNMP”.
3
You can list the SNMP devices comma-separated by IP address and then enter the community string. Drag and drop
this script on the agent where you installed the Toolkit.
Once discovery has complete, you will then see the SNMP tab appear as a view or under the Master tab, you will see as
displayed below, the SNMP tab with the SNMP scripts. For a reference on what you can do with each of these scripts,
please refer to the PDF document packaged with the SNMP toolkit installer.
The scripts that we will use are DeviceReboot, InterfaceState, SyncGet, and SyncGetTable. But before we can monitor
via those scripts, we’ll need to add the MIBs to the agent using the AddMIB script.
Your tree view will have the following objects listed after the Discovery is complete. Below is an example of some
discovered SNMP objects:
4
As the SNMP scripts do have a generic name, it is good practice to copy them to their own folder (by right clicking each
script, choosing “copy knowledge script” and naming it “<folder_name>_Script Name” so that the script goes in the
folder of your choice). Below is an example of the scripts copied to use for the purpose of this document. Notice the
tab below is called “Wipro”.
It is recommended at this time that you enter the community string information on the agent in NetIQ Security
Manager. In the Operator Console, click on Extensions > Security Manager. Click the server listed under “computers”
that will be the server that polls the network devices and then click the SNMP tab. Enter the string and click apply.
5
Here is a list of all the MIBs used by a Cisco VPN 3000 Concentrator.
While you do not need to use all of these MIBs to monitor the VPN, many of them will be useful and it is recommended
that you add each of these MIBs labeled “Altiga” and “Cisco” to our agent. The MIBs at the top of this list with no
manufacturer definition are already included in the base agent for SNMP.
The screenshot above comes from the MG-SOFT MIB Browser “Agent Snapshot”
6
The first step will be to add the MIBs to the agent. This is performed using the Snmp_AddMIBs script. Make sure each
MIB name is comma-separated in the values.
The agent will accept .MIB, .txt, and .my files.
Note: Some of the MIBs may reference other MIBs and so will generate a yellow event upon completion of the job.
This event will say that the referenced MIB didn’t exist. It will still add the MIB and all you will need to do is make sure
you add the MIB that has been referenced in the detailed event message.
7
The ALTIGA-SESSION-STATS-MIB is what will generate much of the session info for us from the following locations listed
in the diagram below. These being the alStatsSessionGlobal and alActiveSessionEntry sub fields.
Again, this image is a screenshot from the MG Soft MIB browser showing the tree structure of the Cisco MIBs.
8
SNMP Script Configuration
We will go through each of the SNMP scripts that are being used to determine how to collect data and/or event on the
appropriate information. There are two types of scripts being used: Snmp_SyncGet and Snmp_SyncGetTable.
By default each of the scripts is designed with the following values.

Raise event if SNMP timeout exceeded? Yes
o

Severity 25
Raise event if SNMP Response error occurred? Yes
o
Severity 40
These settings are on a lower severity so as not to be considered “severe” events in the environment but rather
problems with AppManager’s scripts or inherent network issues.
SNMP_SyncGet Scripts.
These scripts perform a simple poll for one value of data. You can make a copy of this script and use it to monitor any
additional value you can poll on. Note: It is important to emphasize the leading “.” in an OID address if using this script
otherwise the OID will not be read correctly. (See examples below)
Note: Each script has been copied from the original SNMP_SyncGet script and given a new name.
9
ActiveSessionCount
This KS monitors the count of active sessions at any given time on any VPN. The OID value for session counts is:
.1.3.6.1.4.1.3076.2.1.2.17.1.1.0
The script will label the units as “Active Sessions” with a threshold of 200.
10
ActiveSessionCountRAS
This script is designed to count the number of active remote access sessions via VPN to a RAS VPN server. The OID for
remote access session counts is:
.1.3.6.1.4.1.3076.2.1.2.17.1.9.0
Units are labeled as “Active Remote Access Sessions” with a threshold of 200.
11
TotalActiveTunnelCountPhase1
This script is designed to count the Phase 1 IPSec Tunnels that have been created. The OID for Phase 1 counts is:
.1.3.6.1.4.1.9.9.171.1.2.1.1.0
Units are labeled “Phase 1 Active Tunnels” with a threshold of 200
12
TotalActiveTunnelCountPhase2
This script is designed to count the Phase 2 IPSec Tunnels that have been created. The OID for Phase 2 counts is:
.1.3.6.1.4.1.9.9.171.1.3.1.1.0
Units are labeled “Phase 2 Active Tunnels” with a threshold of 200
13
VPN_CPU_Load
This script measures the CPU Utilization of the Concentrator. The OID for this value is:
.1.3.6.1.4.1.3076.2.1.2.25.1.2.0
Units are labeled as “%” with a threshold of 60.
Note: So as not to event on a “spike” in utilization, this script is using the advanced properties set as follows:
“Raise event if condition exists 3 times within 3 job iterations”. Since this script runs every 5 minutes, it will require a
CPU load above the threshold for 15 minutes before generating an event.
14
VPN_CPU_Temp
This script measures the CPU Temperature of the Concentrator. The OID for this value is:
.1.3.6.1.4.1.3076.2.1.2.22.1.29.0
Units are labeled as “Centigrade” with a threshold of 40.
15
VPN_CPU_Voltage
This script measures the CPU Voltage of the Concentrator. The OID for this value is:
.1.3.6.1.4.1.3076.2.1.2.22.1.1.0
Units are labeled as “Centivolts” with a threshold of 160 minimum and 200 maximum.
16
VPN_FanSpeed1
This script measures the fan speed of Fan 1 of the Concentrator. The OID for this value is:
.1.3.6.1.4.1.3076.2.1.2.22.1.37.0
Units are labeled as “rpm” with a threshold of 1 minimum and no maximum.
17
VPN_FanSpeed2
This script measures the fan speed of Fan 2 of the Concentrator. The OID for this value is:
.1.3.6.1.4.1.3076.2.1.2.22.1.41.0
Units are labeled as “rpm” with a threshold of 1 minimum and no maximum.
SNMP_SyncGetTable Scripts.
These scripts perform a poll for values of data on multiple rows of a table. You can make a copy of this script and use it
to monitor any additional table values you can poll on. This script uses a combination of “descriptive” and “data” OIDs
to poll accordingly. Using this method, you can then get a value for a line of a table along with the index name for that
18
entry. The merging of these values returns data that gives more meaning to the report or chart data. (See examples
below)
ActiveSessionConnectTime
This script takes values from the Active Session Table and uses them against an IP address for that value to match to a
connection time. The value returned is in seconds and it converted to minutes by using the “divisor” option with a
value of “60”.
There is no threshold for this script as it is used purely for reporting purposes.
Descriptive ODE: alActiveSessionIndex,alActiveSessionPublicIpAddress
Data ODE: alActiveSessionConnectTime
19
ThroughputRecdPerSession
throughput for octets received. The value returned is in octets and it converted to MB by using the “divisor” option
with a value of “1048576”. (1024*1024)
Descriptive ODE: alActiveSessionIndex,al,ActiveSessionPublicIpAddress
Data ODE: alActiveSessionOctetsRcvd
20
ThroughputSentPerSession
throughput for octets sent. The value returned is in octets and it converted to MB by using the “divisor” option with a
value of “1048576”. (1024*1024)
Descriptive ODE: alActiveSessionIndex,alActiveSessionPublicIpAddress
Data ODE: alActiveSessionOctetsSent
21
Other SNMP Scripts
Snmp_DeviceReboot
This script checks for a device reboot by measuring the SysUptime.0 counter between iterations. It also collects data
for the uptime of a concentrator
22

How to Guides: The SNMP Toolkit

Transcription

Similar documents

LRTrek - ActFX Algorithmic Trading

NetIQ How to guides: AppManager v7.04 – Initial

Antenne Bayern Chooses 2wcom

Audition material Euphonium - Wind Studies | College of Music

Cub-rs Stags Herlﬂ - Res. EHTIBIi 44. ACT THREE

Hack 57 "Turning a Command-Line Script into an

QStart - Autocue

NTS100 - Tekron

Constructing Software For Service Oriented Architecture Jean-Jacques Dubray, Ph.D.