[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 6059
  • Last Modified:

How to Monitor Cyberoam and Fortigate firewall through Nagios?

I have setup Nagios 3 on Centos and added all my Windows and Linux server for monitoring.

Now i need to know how do i monitor My Firewall and Switches via Nagios?
0
aloknet21
Asked:
aloknet21
  • 6
  • 4
1 Solution
 
Sanga CollinsSystems AdminCommented:
you can create hosts just like you did for your servers using the firewall IP address as the ip to monitor. For the switches i would configure the switch to have an ip address as well so you can keep track of that.

If you really want to get complex, you can do snmp service monitoring for your switches and firewall so that you can get info like interface bandwidth in addtion to check_host_alive.
0
 
PsiCopCommented:
sangamc is correct. You simply define the router/firewall/switch as another Host. The main difference is that all you're doing is PINGing the host, rather that connecting to NRPE or testing for services (although you could, in some cases, check a router/firewall/switch to see that the web interface, SSH interface and/or the telnet interface respond).

If you have an understanding of your network environment, then you can construct dependency trees, and also parent/child relationships, that relate the routers/switches/firewalls to each other and to your servers. So if a router (or the link to it) between your Nagios host and a server (or group of servers) goes down, you get one page (for the router) rather than a page for the router and all the servers (because Nagios will understand that if it can't reach the router, then it doesn't know the state of the servers).

It's difficult to be generic -  a lot of the decisions on how you engineer your Nagios config are really highly dependent on your environment.
0
 
aloknet21Author Commented:
Thanks for your suggestion. I really want to get complex to monitor switches and Firewall for Bandwidth monitoring.

Please suggest me the steps in details for snmp with Nagios.

your help is highly appreciated!
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
Sanga CollinsSystems AdminCommented:
first thing i did was setup a pulblic snmp community on all my firewalls. Then in nagios for the firewall host, i added the following snmp services to monitor it. I listed the files containing the relevant sections.

*** commands.cfg

# 'check_snmp' command definition
define command{
        command_name    check_snmp
        command_line    $USER1$/check_snmp -H $HOSTADDRESS$ -C $ARG1$ -o $ARG2$
        }


*** services.cfg

define service{
      use                             generic-service,srv-pnp        
      host_name                       mtTrace
      service_description             Bandwidth
      is_volatile                     0
       check_period                    24x7
       max_check_attempts              4
       normal_check_interval           5
       retry_check_interval            1
       contact_groups                  Networking
       notification_options                 n
       notification_interval           0
       notification_period             24x7
       check_command                       check_snmp!netscreen!ifInOctets.3,ifOutOctets.3
      }

from the commands.cfg

-H is the hostnames
-C is the snmp community string. my string is netscreen
-o is the snmp oids to give me incoming and outgoing bandwidth. This is sometimes different depending on the firewall you are using. You will need to check your equipment docs to find it (or google.)

This is the resultant graph i get in nagios using the pnp4nagios graph plugins






 image.png
0
 
aloknet21Author Commented:
I have followed to create SNMP community on my fortigate firewall as per below link.

will work on Nagios and let you know if any issue i will face.

http://kb.fortinet.com/kb/viewAttachment.do?attachID=Fortigate%20SNMP%20Graphs%20with%20Cacti.pdf&documentID=13833
0
 
aloknet21Author Commented:
I have created SNMP community now.

added  these line in command.cfg

# 'check_snmp' command definition
define command{
        command_name    check_snmp
        command_line    $USER1$/check_snmp -H $HOSTADDRESS$ -C $ARG1$ -o $ARG2$
        }

Now created a New template named Firewall.cfg and added these line

define service{
      use                             generic-service,srv-pnp        
      host_name                       mtTrace
      service_description             Bandwidth
      is_volatile                     0
       check_period                    24x7
       max_check_attempts              4
       normal_check_interval           5
       retry_check_interval            1
       contact_groups                  Networking
       notification_options                 n
       notification_interval           0
       notification_period             24x7
       check_command                       check_snmp!netscreen!ifInOctets.3,ifOutOctets.3
      }


activated this template in nagios.cfg file but not able to restart nagios service then.

please suggest am i doing any wrong steps?

0
 
Sanga CollinsSystems AdminCommented:
you used my config word for word? if so thats where the problem is, you need to change the host_name and check_snmp command so that it takes the correct values for your firewall. ifInOctets.3 and ifOutOctets.3 is from my firewall as well. you need to find the correct values for your fortigate
0
 
aloknet21Author Commented:
please see attached screen shot of my steps:


untitled.JPG
0
 
aloknet21Author Commented:
0
 
aloknet21Author Commented:
0
 
Sanga CollinsSystems AdminCommented:
first thing id do is instead of defining cfg files individually, i would use the following cfg_dir so that you dont have to modify nagios.cfg everytime you add a new device to monitor, just put the cfg in the hosts dir and restart nagios. i leave the 'objects dir' for nagios only global configs show below.

# You can specify individual object config files as shown below:
cfg_file=/usr/local/nagios/etc/objects/commands.cfg
cfg_file=/usr/local/nagios/etc/objects/contacts.cfg
cfg_file=/usr/local/nagios/etc/objects/timeperiods.cfg
cfg_file=/usr/local/nagios/etc/objects/templates.cfg

# Cfg directory for all monitored hosts
cfg_dir=/usr/local/nagios/etc/hosts


use    generic-service,srv,pnp:
if you dont have pnp4nagios configured, you cant use the srv,pnp template.

check_snmp!Noida!ifInOctets ..... ifInOctets.3 and ifOutOctets.3 are snmp oids from netscreen firewalls port ethernet3, you need to find the correct oid for the fortinet firewall they are probably different. you can go to /usr/local/nagios/libexec and manually run the check snmp command

./check_snmp -H <ip address> -C Noida -o <snmp oids for fortinet firewall>
0

Featured Post

Hire Technology Freelancers with Gigs

Work with freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely, and get projects done right.

  • 6
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now