Solved

Plugin Sonicwall - Créer un modèle pour les interfaces

  • 31 October 2023
  • 5 replies
  • 65 views
D
Badge +3

Bonjour à tous,

J’ai besoin de monitorer certaines interfaces de mon firewall sonicwall, j’ai donc effectué l’installation du plugin pack sonicwall. tout est OK pour le CPU, la RAM, par contre il n’y a pas de template pour les interfaces.

J’ai listé les modes acceptés par le plugin et ai vu qu’il était capable de checker les interfaces (mode=interfaces). J’ai lancé la commande suivante dans mon poller :

/usr/lib/centreon/plugins//centreon_sonicwall_snmp.pl --plugin=network::sonicwall::snmp::plugin --mode=interfaces --interface='2,3,4,5,6,24,25,26,27,28' --hostname=x.x.x.x --snmp-version='2c' --snmp-community='xxxxxxxxxx' --verbose

J’obtiens bien le statut de chacune de ces interfaces, par contre, je suis incapable de traduire cette commande en macros et générer un template de service…

Je me suis penché sur la doc mais je n’arrive pas à traduire cette commande, si quelqu’un pouvait m’aiguiller, je suis nouveau sur Centreon et n’ai pas encore les bons réflexes…

merci à tous.

icon

Best answer by DIAMFred 31 October 2023, 17:35

View original

5 replies

C
Rank
Userlevel 5
Badge +14

hello, 

I’ll answer in english

I checked the plugin code, it’s standard snmp interface check that is used by sonicwall 

so basically you could use any network interface snmp template for the individual interface

 

if you have autodiscover you can simply attach the sonicwall template to an existing rule that create traffic check, it should work

example with the linux snmp rule (in the services menu, you have rules in the discovery section near the bottom, then search for “interface”, you should have a list)

add your sonicwall host  template next to the OS-Linux-SNMP-Custom

next, in the Service/discover menu, input the name of your sonicwall, it should allow you to use the OS-Linux-SNMP-Traffic rule

 

if you need to do it manually (or don’t have autodiscover enabled), you can simply create a service, and select this template :

Net-Cisco-Standard-Traffic-Generic-Name-SNMP-custom (I usually take this one)

Name it “Traffic-XXX” where XXX = you nic name and link it with your Host sonic wall

put the name of the interface in the macro INTERFACENAME

(there is a check mode called “list-interfaces” in the plugin that will give you the name of the interface)

 

And finally, this all this should have been included in the Plugin Pack, if it is standard interface snmp, the autodiscover should have been included and the interface template. so maybe it was forgotten or maybe there was a real issue preventing centreon to include that.

maybe a support call, or a message on the git to ask the build team to include all that in the plugin pack

 

I noticed that the pluging pack description is not talking about interfaces, maybe there was no way to test it and you are the first one using it

 

hope that helps

Chrisotphe.

Centreon Lord Commander - https://www.centreon.com/centreon-community/
D
Badge +3

Hi Christophe,

I really appreciate you took time to reply to my message.

I’m going to check interfaces with Cisco, I did it with Aruba interfaces but didn’t find how to exclude interfaces. Sonicwall has interfaces that cannot be administratively shutdown, so I have a critical status.

I’m still learning how to work with Centreon and thanks to your screenshot, I saw I did mistakes on the definition of the service.

I’ll keep the community informed.

D
Badge +3

Hi,

There is something I do not understand, I used the plugin Aruba to check my interfaces (I think is is the same as the Cisco one), when I launch in the CLI of the poller the following command:

/usr/lib/centreon/plugins//centreon_aruba_aoscx_snmp.pl --plugin=network::aruba::aoscx::snmp::plugin --mode=interfaces --hostname='X.X.X.X' --snmp-version='2c' --snmp-community='xxxxxxxx’  --interface='2,3' --add-status --add-traffic --add-errors --warning-status='' --critical-status='%{admstatus} eq "up" and %{opstatus} !~ /up|dormant/' --warning-in-traffic='' --critical-in-traffic='' --warning-out-traffic='' --critical-out-traffic='' --warning-in-discard='' --critical-in-discard='' --warning-out-discard='' --critical-out-discard='' --warning-in-error='' --critical-in-error='' --warning-out-error='' --critical-out-error='' --oid-filter='ifname' --oid-display='ifname' --verbose --no-skipped-counters

I have the correct result for both interfaces with id 2 & 3, but when I create the service, it automatically adds the --name switch which cause the error.

How can I remove this --name switch, I’m not sure but I think it is the macro INTERFACENAME which adds this switch. I tried to delete it, create a service from scratch with no luck …

Thanks for your help

C
Rank
Userlevel 5
Badge +14

hmm, 2 things,

I think you try to do multiple interface in the same check, it is not advised

the best practice is 1 interface = 1 check,

 

For the --name problem, when you use the template, most of them use “--name” and you --interface must contain the NAME as presented by the result of “--mode=list-interfaces”

 

there are some template that uses check snmp interface by ID instead of name

(it is in the template name, either “...-Name-...” or “...-ID-...”, I strongly advice using name, some OS can have variation and the name is usually static and tells you somethin, on a switch it is for example “GE1/0/2” , or “eth3” on some firewall/linux. much more interresting than 0, 1, 7, which may not correspond to something you will see on the OS management interface.

I don’t have any sonicwall on hand so I have no idea how it works or what’s better for you)

 

and also be aware that the name is a regular expression, so if you have interface 1 and 10, if you just put “1” you well get all interface with 1 in it. (1, 21, 15, etc)

the correct syntax is “^NAME$” (without the quote, ^ = start of string, $ = end of string, replace name with 1 or whatever interface name you want)

(it probably also apply to the INTERFACEID macro if you use a ID template, not sure)

Centreon Lord Commander - https://www.centreon.com/centreon-community/
D
Badge +3

Hi,

I found the reason why, I just played with regex expression to remove the interfaces I don’t want to check.

So, for the community, if you need to monitor Sonicwall’s interfaces, you have to:

  • create a service with a network device plugin (Aruba-AOSX worked for me, but I think it will also be the case with Cisco).
  • To remove the check of the interfaces U0 and MGMT you can’t administratively shutdown, add the following regex to the INTERFACENAME macro: ^(?!(MGMT|U0)$)

and it works like a charm.

Thx.

Reply


Terms & ConditionsCookie settings