Feature Request - Palo Alto firewall - BGP Status

Would it be possible to develop a new mode for the “Palo Alto Firewall SSH” Monitoring Connector?
This mode would be to obtain BGP information which unfortunately is not accessible via standard MIBs (feature request open at Palo Alto for years).

We would like to collect information on the BGP status of a Palo Alto firewall, but this mode does not exist under Centreon.
In order to have a better understanding of what we would like, the idea would be to add a mode (for example named “bgp” in the list of SSH modes:
https://github.com/centreon/centreon-plugins/tree/develop/src/network/paloalto/ssh/mode

Please find attached the total output of the order in XML format. The check could a priori return information similar to the standard BGP check by extracting status and status duration information. For example by putting warning/critical alerts on status types:

<status>Established</status>
<status-duration>12798</status-duration>

Thanks !

Page 1 / 1

As I can’t join file, there is the output below :

almond@PALOALTO(active)> show routing protocol bgp peer

<response status="success"><result>
<entry peer="Peer - VLAN 1" vr="VR-1">
<peer-group>Peer - VLAN 1 - PA4</peer-group>
<peer-router-id>1.1.1.1</peer-router-id>
<remote-as>12000</remote-as>
<status>Established</status>
<status-duration>12798</status-duration>
<password-set>no</password-set>
<passive>no</passive>
<multi-hop-ttl>1</multi-hop-ttl>
<peer-address>1.1.1.2:179</peer-address>
<local-address>1.1.1.3:34987</local-address>
<reflector-client>not-client</reflector-client>
<same-confederation>no</same-confederation>
<aggregate-confed-as>yes</aggregate-confed-as>
<peering-type>Unspecified</peering-type>
<connect-retry-interval>15</connect-retry-interval>
<open-delay>0</open-delay>
<idle-hold>15</idle-hold>
<prefix-limit>5000</prefix-limit>
<holdtime>60</holdtime>
<holdtime-config>90</holdtime-config>
<keepalive>20</keepalive>
<keepalive-config>30</keepalive-config>
<msg-update-in>2</msg-update-in>
<msg-update-out>2</msg-update-out>
<msg-total-in>700</msg-total-in>
<msg-total-out>739</msg-total-out>
<last-update-age>7</last-update-age>
<last-error></last-error>
<status-flap-counts>1</status-flap-counts>
<established-counts>1</established-counts>
<ORF-entry-received>0</ORF-entry-received>
<nexthop-self>no</nexthop-self>
<nexthop-thirdparty>yes</nexthop-thirdparty>
<nexthop-peer>no</nexthop-peer>
<config>
<remove-private-as>yes</remove-private-as></config>
<peer-capability>
<list>
<capability>Multiprotocol Extensions(1)</capability>
<value>IPv4 Unicast</value></list>
<list>
<capability>Route Refresh(2)</capability>
<value>yes</value></list>
<list>
<capability>Graceful Restart(64)</capability>
<value>4078</value></list>
<list>
<capability>4-Byte AS Number(65)</capability>
<value>15830</value></list>
<list>
<capability>unknown(71)</capability>
<value>yes</value></list>
<list>
<capability>Route Refresh (Cisco)(128)</capability>
<value>yes</value></list></peer-capability>
<prefix-counter>
<entry afi-safi="bgpAfiIpv4-unicast">
<incoming-total>1</incoming-total>
<incoming-accepted>1</incoming-accepted>
<incoming-rejected>0</incoming-rejected>
<policy-rejected>0</policy-rejected>
<outgoing-total>2</outgoing-total>
<outgoing-advertised>2</outgoing-advertised></entry></prefix-counter></entry>
<entry peer="Peer - VLAN 2" vr="VR-1">
<peer-group>Peer - VLAN 2 - PA4</peer-group>
<peer-router-id>2.2.2.2</peer-router-id>
<remote-as>12000</remote-as>
<status>Established</status>
<status-duration>12798</status-duration>
<password-set>no</password-set>
<passive>no</passive>
<multi-hop-ttl>1</multi-hop-ttl>
<peer-address>2.2.2.3:179</peer-address>
<local-address>2.2.2.4:43717</local-address>
<reflector-client>not-client</reflector-client>
<same-confederation>no</same-confederation>
<aggregate-confed-as>yes</aggregate-confed-as>
<peering-type>Unspecified</peering-type>
<connect-retry-interval>15</connect-retry-interval>
<open-delay>0</open-delay>
<idle-hold>15</idle-hold>
<prefix-limit>5000</prefix-limit>
<holdtime>60</holdtime>
<holdtime-config>90</holdtime-config>
<keepalive>20</keepalive>
<keepalive-config>30</keepalive-config>
<msg-update-in>2</msg-update-in>
<msg-update-out>2</msg-update-out>
<msg-total-in>701</msg-total-in>
<msg-total-out>738</msg-total-out>
<last-update-age>4</last-update-age>
<last-error></last-error>
<status-flap-counts>1</status-flap-counts>
<established-counts>1</established-counts>
<ORF-entry-received>0</ORF-entry-received>
<nexthop-self>no</nexthop-self>
<nexthop-thirdparty>yes</nexthop-thirdparty>
<nexthop-peer>no</nexthop-peer>
<config>
<remove-private-as>yes</remove-private-as></config>
<peer-capability>
<list>
<capability>Multiprotocol Extensions(1)</capability>
<value>IPv4 Unicast</value></list>
<list>
<capability>Route Refresh(2)</capability>
<value>yes</value></list>
<list>
<capability>Graceful Restart(64)</capability>
<value>4078</value></list>
<list>
<capability>4-Byte AS Number(65)</capability>
<value>15830</value></list>
<list>
<capability>unknown(71)</capability>
<value>yes</value></list>
<list>
<capability>Route Refresh (Cisco)(128)</capability>
<value>yes</value></list></peer-capability>
<prefix-counter>
<entry afi-safi="bgpAfiIpv4-unicast">
<incoming-total>1</incoming-total>
<incoming-accepted>1</incoming-accepted>
<incoming-rejected>0</incoming-rejected>
<policy-rejected>0</policy-rejected>
<outgoing-total>2</outgoing-total>
<outgoing-advertised>2</outgoing-advertised></entry></prefix-counter></entry>
<entry peer="Peer - VLAN 3" vr="VR-1">
<peer-group>Peer - VLAN 3 - PA5</peer-group>
<peer-router-id>3.3.3.3</peer-router-id>
<remote-as>12000</remote-as>
<status>Established</status>
<status-duration>12798</status-duration>
<password-set>no</password-set>
<passive>no</passive>
<multi-hop-ttl>1</multi-hop-ttl>
<peer-address>3.3.3.4:179</peer-address>
<local-address>4.4.4.5:42849</local-address>
<reflector-client>not-client</reflector-client>
<same-confederation>no</same-confederation>
<aggregate-confed-as>yes</aggregate-confed-as>
<peering-type>Unspecified</peering-type>
<connect-retry-interval>15</connect-retry-interval>
<open-delay>0</open-delay>
<idle-hold>15</idle-hold>
<prefix-limit>5000</prefix-limit>
<holdtime>60</holdtime>
<holdtime-config>90</holdtime-config>
<keepalive>20</keepalive>
<keepalive-config>30</keepalive-config>
<msg-update-in>2</msg-update-in>
<msg-update-out>2</msg-update-out>
<msg-total-in>705</msg-total-in>
<msg-total-out>741</msg-total-out>
<last-update-age>17</last-update-age>
<last-error></last-error>
<status-flap-counts>1</status-flap-counts>
<established-counts>1</established-counts>
<ORF-entry-received>0</ORF-entry-received>
<nexthop-self>no</nexthop-self>
<nexthop-thirdparty>yes</nexthop-thirdparty>
<nexthop-peer>no</nexthop-peer>
<config>
<remove-private-as>yes</remove-private-as></config>
<peer-capability>
<list>
<capability>Multiprotocol Extensions(1)</capability>
<value>IPv4 Unicast</value></list>
<list>
<capability>Route Refresh(2)</capability>
<value>yes</value></list>
<list>
<capability>Graceful Restart(64)</capability>
<value>4078</value></list>
<list>
<capability>4-Byte AS Number(65)</capability>
<value>15830</value></list>
<list>
<capability>unknown(71)</capability>
<value>yes</value></list>
<list>
<capability>Route Refresh (Cisco)(128)</capability>
<value>yes</value></list></peer-capability>
<prefix-counter>
<entry afi-safi="bgpAfiIpv4-unicast">
<incoming-total>1</incoming-total>
<incoming-accepted>1</incoming-accepted>
<incoming-rejected>0</incoming-rejected>
<policy-rejected>0</policy-rejected>
<outgoing-total>2</outgoing-total>
<outgoing-advertised>2</outgoing-advertised></entry></prefix-counter></entry>
<entry peer="Peer - VLAN 4" vr="VR-1">
<peer-group>Peer - VLAN 4 - PA5</peer-group>
<peer-router-id>5.5.5.5</peer-router-id>
<remote-as>12000</remote-as>
<status>Established</status>
<status-duration>12798</status-duration>
<password-set>no</password-set>
<passive>no</passive>
<multi-hop-ttl>1</multi-hop-ttl>
<peer-address>5.5.5.6:179</peer-address>
<local-address>5.5.5.7:46065</local-address>
<reflector-client>not-client</reflector-client>
<same-confederation>no</same-confederation>
<aggregate-confed-as>yes</aggregate-confed-as>
<peering-type>Unspecified</peering-type>
<connect-retry-interval>15</connect-retry-interval>
<open-delay>0</open-delay>
<idle-hold>15</idle-hold>
<prefix-limit>5000</prefix-limit>
<holdtime>60</holdtime>
<holdtime-config>90</holdtime-config>
<keepalive>20</keepalive>
<keepalive-config>30</keepalive-config>
<msg-update-in>2</msg-update-in>
<msg-update-out>2</msg-update-out>
<msg-total-in>707</msg-total-in>
<msg-total-out>738</msg-total-out>
<last-update-age>12</last-update-age>
<last-error></last-error>
<status-flap-counts>1</status-flap-counts>
<established-counts>1</established-counts>
<ORF-entry-received>0</ORF-entry-received>
<nexthop-self>no</nexthop-self>
<nexthop-thirdparty>yes</nexthop-thirdparty>
<nexthop-peer>no</nexthop-peer>
<config>
<remove-private-as>yes</remove-private-as></config>
<peer-capability>
<list>
<capability>Multiprotocol Extensions(1)</capability>
<value>IPv4 Unicast</value></list>
<list>
<capability>Route Refresh(2)</capability>
<value>yes</value></list>
<list>
<capability>Graceful Restart(64)</capability>
<value>4078</value></list>
<list>
<capability>4-Byte AS Number(65)</capability>
<value>15830</value></list>
<list>
<capability>unknown(71)</capability>
<value>yes</value></list>
<list>
<capability>Route Refresh (Cisco)(128)</capability>
<value>yes</value></list></peer-capability>
<prefix-counter>
<entry afi-safi="bgpAfiIpv4-unicast">
<incoming-total>1</incoming-total>
<incoming-accepted>1</incoming-accepted>
<incoming-rejected>0</incoming-rejected>
<policy-rejected>0</policy-rejected>
<outgoing-total>2</outgoing-total>
<outgoing-advertised>2</outgoing-advertised></entry></prefix-counter></entry></result></response>
almond@PALOALTO(active)>

New→Needs Votes

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded