Recently, network equipment has been monitored, including traffic and performance monitoring for switches, firewall, NetScaler, and other network devices. All monitoring software (Nagios, zenoss, zabbix, and so on) monitor network devices through the SNMP protocol. When introducing the SNMP protocol, you must first understand the SNMP concept:
1) Simple Network Management Protocol (SNMP. Consists of a set of network management standards, network administrators can collect and view network device operation information through the SNMP protocol. Currently, SNMP versions include SNMPv1, SNMPv2, and SNMPv3.
2) SNMP community: the SNMP group name, used for authentication and management before accessing the device. The SNMP community permission can be set to read-only or read/write.
RO (read-only) indicates read-only: it can only read device information, such as device interface and interface traffic.
RW (read/write) indicates read and write. In addition to reading device information, you can also change the configuration information of the device.
Router (config) # SNMP-server community sfzhang Ro // read permission
Router (config) # SNMP-server community sfzhang RW // write permission
3) MIB (Management Information Base): Management Information Base. MiB is a collection of managed objects. It defines a series of attributes of the managed object: Object Name, object access permission, and object data type.
4) oId (objectidentifier): object identifier. The managed object is represented by OID.
The monitoring of network devices mainly involves two aspects:
1) port traffic of network devices: for example, to monitor the traffic of switches with 48 ports, first use a getif tool to scan the oId of each port of the switch, and then add 48 incoming traffic, add 48 outgoing traffic. Zabbix supports automatic discovery of network device interfaces from 2.0. With low-level discovery, You can automatically create items, trigger, and graphs, and automatically delete unnecessary items.
The following uses the netscreen firewall as an example to explain:
First, create a template: configuration-> templates-> Create template to create a monitoring template, and then click discovery rules to create the discovery rule.
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/37/8B/wKioL1OtHIajfeO1AAMM5QqAlbI787.jpg "Title =" 01.jpg" alt = "wkiol1othiajfeo1aamm5qqalbi787.jpg"/>
For the definition of SNMP group names, you can directly write group names or define them using the Marco method. The advantage of this definition is that it is convenient for others to reference their own templates.
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/37/8C/wKiom1OtHnKg4bIYAAIF1yEA8MA275.jpg "Title =" 0.jpg" alt = "wkiom1othnkg4biyaaif1yea8ma275.jpg"/>
When monitoring network devices through low-level dislevel, two macro instances are referenced, one is snmpvalue and the other is snmpindex. You can use the snmpwalk command to view the values represented by these two variables. The first 1, 2, 3, and 4 are snmpindex, and the following MGT and ethernet1/1 are snmpvalue, that is, the interface of the network device. 650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M02/37/8C/wKiom1OtIhmRtvwDAAFC_hRC9yA059.jpg "Title =" 11.jpg" alt = "wkiom1otihmrtvwdaafc_hrc9ya059.jpg"/>
Run the snmpwalk command to view the inbound and outbound traffic of all network device ports.
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M01/37/8B/wKioL1OtJBSiJRlPAAJ2PIns4qo954.jpg "Title =" 1111.jpg" alt = "wkiol1otjbsijrlpaaj2pins4qo954.jpg"/>
After knowing the meaning of snmpvalu and snmpindex and how to view the incoming and outgoing traffic of a device through the snmpwalk command, it is easy to define the incoming traffic of a network device:
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/37/8B/wKioL1OtHv-xYUjNAANQb6vxnBM170.jpg "Title =" 02.jpg" alt = "wKioL1OtHv-xYUjNAANQb6vxnBM170.jpg"/>
Define the outbound traffic of the network device:
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/37/8B/wKioL1OtIw7QPb77AAM92fr3szg539.jpg "Title =" 3.jpg" alt = "wkiol1otiw7qpb77aam92fr3szg539.jpg"/>
Create graph prototypes to display the port traffic diagram.
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/37/94/wKioL1OtMz6xKvWVAAJo7FxGQh4612.jpg "Title =" 00.jpg" alt = "wkiol1otmz6xkvwvaajo7fxgqh4612.jpg"/>
2) network equipment performance monitoring: common network equipment performance monitoring mainly includes memory and CPU monitoring. Below are common netscreen oid.
Memory:
Remaining memory: 1.3.6.1.4.1.3224.16.2.2.0
Memory usage: 1.3.6.1.4.1.3224.16.2.1.0
CPU:
Average CPU usage: 1.3.6.1.4.1.3224.16.1.1.0
CPU usage in the past 1 minute: 1.3.6.1.4.1.3224.16.1.2.0
CPU usage in the past 5 minutes: 1.3.6.1.4.1.3224.16.1.3.0
CPU usage in the past 15 minutes: 1.3.6.1.4.1.3224.16.1.4.0
Session:
Nsressessallocate: 1.3.6.1.4.1.3224.16.3.2.0
Nsressessmaxium: 1.3.6.1.4.1.3224.16.3.3.0
Nsressessfailed: 1.3.6.1.4.1.3224.16.3.4.0
Other monitoring:
Sysuptime: 1.3.6.1.2.1.1.3.0
3) alarm threshold settings:
Traffic alarm: the number of M alarms generated during the recent period.
Memory alarm: alarms are generated when the memory usage exceeds 80% or when the remaining memory is less.
CPU alarm: an alarm is triggered when the CPU usage exceeds 80%.
Conclusion: zabbix monitors the port traffic of network devices, including firewalls, switches, routers, storage devices, and Server Load balancer devices, for other monitoring functions, you can view the device's OID and add items by yourself.
Finally, we will show you the traffic diagram of one of the interfaces. If you need a template, please leave a message asking for the template.
650) This. width = 650; "src =" http://s3.51cto.com/wyfs02/M00/37/92/wKiom1OtLq3j7aJVAAMg9oEc4cA710.jpg "Title =" 11111.jpg" alt = "wkiom1otlq3j7ajvaamg9oec4ca710.jpg"/>
This article from the "simple dream catcher" blog, please be sure to keep this source http://sfzhang88.blog.51cto.com/4995876/1431623