[mrtg] Re: PIX Firewall
Keith E Johnson
kj at sunclipse.com
Tue Jan 6 23:05:54 MET 2004
Your CPU Config is fine, but you need to move the maxbytes up to atleat 64MB
depending on how much memory you have.
The current connections OID is 1.3.6.1.4.1.9.9.147.1.2.2.2.1.5.40.6
I have a script that grabs all kinds of other stats if you want it...
CPU
Conn - Current
Conn - TCP
Conn - UDP
Fixup - FTP
Fixup - HTTP
Fixup - TCP
Xlate - Current
Memory
Authenticated users
Keith Johnson
LAN Administrator
Amcor Sunclipse North America
6600 Valley View Street, Buena Park, CA 90620
Voice: 714.562.6179 Fax: 714.562.2036
Email: keith.johnson at sunclipse.com
-----Original Message-----
From: Frank Ervin [mailto:FErvin at 3dsi.com]
Sent: Tuesday, January 06, 2004 1:31 PM
To: 'mrtg at list.ee.ethz.ch'
Subject: [mrtg] PIX Firewall
Hello all,
I am trying to access CPU, memory, and connections on a Cisco PIX 515 E
running IOS 6.3(2). I am able to get all interfaces by IP, so I am assuming
(correctly??) that SNMP is enabled properly on the firewall. MRTG seems to
run properly, all of the OIDs I have tried return nothing but zeros,
although all the traffic data is accurate (I am also successfully using
getlog.pl to monitor servers)... I have 2 Questions:
1. Do OIDs vary between devices of the same type (i.e. can OIDs vary from
one PIX to another)?
2. If not-- Has anyone got any OIDs that work with a PIX 515 E running IOS
6.3(2)?
I am unable to run GetIf in order to do an SNMP walk becuase we've no
servers with SNMP installed at our production location, and would rather not
have to install it if at all possible because of security concerns... Does
anyone know of a SNMP walking utility that contains it's own SNMP code like
MRTG does?
Any other suggestions of things to look at would be greatly appreciated.
TIA!
Frank
Here is part of my cfg:
Target[PIX01-1]:
1.3.6.1.4.1.9.9.109.1.1.1.1.4.1&1.3.6.1.4.1.9.9.109.1.1.1.1.5.1:xxxstring at xx
xip
Options[PIX01-1]: gauge,nopercent,growright,nobanner,integer
WithPeak[PIX01-1]: wmy
YLegend[PIX01-1]: Util(percent)
MaxBytes[PIX01-1]: 100
LegendI[PIX01-1]: CPU Usage (5 secs)
LegendO[PIX01-1]: CPU Usage (1 min)
Title[PIX01-1]: My PIX
Unscaled[PIX01-1]: dwmy
Legend1[PIX01-1]: CPU utilisation over 1 minute
Legend2[PIX01-1]: CPU utilisation over 5 minute
Legend3[PIX01-1]: Maximal CPU utilisation over 1 minute
Legend4[PIX01-1]: Maximal CPU utilisation over 5 minute
ShortLegend[PIX01-1]: %
PageTop[PIX01-1]: <table width="100%" border="0">
<tr>
<td><h2>Cisco CPU Utilisation Report</h2></td>
</tr>
<tr>
<td><h3>PIX CPU</h3></td>
</tr>
<tr>
<td><p>PIX :10.10.20.1</p></td>
</tr>
</table>
Target[PIX01-2]:
1.3.6.1.4.1.9.9.48.1.1.1.5.1&1.3.6.1.4.1.9.9.48.1.1.1.6.1:xxxstring at xxxip
MaxBytes[PIX01-2]: 1024
Title[PIX01-2]: PIX 515E MEM
PageTop[PIX01-2]: <H1>PIX01 MEM</H1>
Options[PIX01-2]: gauge, nopercent, unknaszero
YLegend[PIX01-2]: Bytes
ShortLegend[PIX01-2]: Bytes
Legend1[PIX01-2]: Free
Legend2[PIX01-2]: Used
Legend3[PIX01-2]: Max value per interval on graph
Legend4[PIX01-2]: .
LegendI[PIX01-2]: Free
LegendO[PIX01-2]: Used
Colours[PIX01-2]: GREEN#00eb0c,BLUE#0000ff,GRAY#AAAAAA,VIOLET#ff00ff
WithPeak[PIX01-2]: ymw
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
--
Unsubscribe mailto:mrtg-request at list.ee.ethz.ch?subject=unsubscribe
Archive http://www.ee.ethz.ch/~slist/mrtg
FAQ http://faq.mrtg.org Homepage http://www.mrtg.org
WebAdmin http://www.ee.ethz.ch/~slist/lsg2.cgi
More information about the mrtg
mailing list