Palo Alto Firewall (SNMP)

Description

This connector monitors Palo Alto Firewall. It relies on the Palo Alto Firewall SNMP Agent 11.0.

firewall hardware

Enterprise Connector

This connector requires the Enterprise edition of MetricsHub.

Target

Typical platform: Palo Alto Firewall

Operating system: Out-Of-Band

Prerequisites

Leverages: Palo Alto Firewall SNMP Agent 11.0

Technology and protocols: SNMP

Examples

CLI

metricshub HOSTNAME -t oob -c +PaloAltoFirewall --snmp v2c --community public

metricshub.yaml

resourceGroups:
  <RESOURCE_GROUP>:
    resources:
      <HOSTNAME-ID>:
        attributes:
          host.name: <HOSTNAME> # Change with actual host name
          host.type: oob
        connectors: [ +PaloAltoFirewall ] # Optional, to load only this connector
        protocols:
          snmp:
            version: v2c # Read documentation for v1, v2c and v3
            community: public # or probably something more secure

Connector Activation Criteria

The Palo Alto Firewall (SNMP) connector will be automatically activated, and its status will be reported as OK if all the below criteria are met:

An SNMP Get on the OID 1.3.6.1.4.1.25461.2.1.2.1.1.0 must return a non-empty value

Metrics

Type	Collected Metrics	Specific Attributes
enclosure	`hw.enclosure.energy` `hw.enclosure.power` `hw.status{hw.type="enclosure", state="present"}`	`id` `model` `name` `serial_number` `vendor`
fan	`hw.power{hw.type="fan"}` `hw.status{hw.type="fan", state="present"}`	`id` `name`
file_system	`system.filesystem.usage{system.filesystem.state="free"}` `system.filesystem.usage{system.filesystem.state="used"}` `system.filesystem.utilization{system.filesystem.state="free"}` `system.filesystem.utilization{system.filesystem.state="used"}`	`name` `system.device` `type`
gpg	`firewall.palo_alto.gpg.tunnels.limit` `firewall.palo_alto.gpg.tunnels.usage` `firewall.palo_alto.gpg.utilization`	`id` `name`
memory	`hw.memory.limit` `hw.status{hw.type="memory", state="present"}` `system.memory.limit`	`id` `name`
palo_alto_network	`firewall.network.connections{protocol="other_ip"}` `firewall.network.connections{protocol="tcp"}` `firewall.network.connections{protocol="udp"}`	`id` `name`
panorama	`firewall.palo_alto.panorama.status{state="connected\|not-connected"}`	`id` `name`
power_supply	`hw.power_supply.limit` `hw.status{hw.type="power_supply", state="present"}`	`id` `name`
session	`firewall.sessions.limit` `firewall.sessions.utilization` `firewall.sessions{protocol="icmp"}` `firewall.sessions{protocol="ssl"}` `firewall.sessions{protocol="tcp"}` `firewall.sessions{protocol="udp"}`	`id`
vsys	`firewall.palo_alto.vsys.connections{protocol="other"}` `firewall.palo_alto.vsys.connections{protocol="tcp"}` `firewall.palo_alto.vsys.connections{protocol="udp"}` `firewall.palo_alto.vsys.sessions` `firewall.palo_alto.vsys.sessions.limit` `firewall.palo_alto.vsys.sessions.utilization`	`id` `name`
zone	`firewall.zone.connections{protocol="other_ip"}` `firewall.zone.connections{protocol="tcp"}` `firewall.zone.connections{protocol="udp"}`	`id` `name`

Description​

Target​

Prerequisites​

Examples​

CLI​

metricshub.yaml​

Connector Activation Criteria​

Metrics​