Zabbix 监控 Cisco ASA5525 流量
简介:
Zabbix 监控 Cisco ASA5525 网络接口流量
一、Zabbix 支持 SNMP、Cisco 开启 SNMP
二、测试
shell > snmpwalk -v 2c -c public 192.168.2.254 system # 查看系统信息 SNMPv2-MIB::sysDescr.0 = STRING: Cisco Adaptive Security Appliance Version 8.6(1)2 SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.9.1.1408 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (3248815000) 376 days, 0:29:10.00 SNMPv2-MIB::sysContact.0 = STRING: SNMPv2-MIB::sysName.0 = STRING: ciscoasa SNMPv2-MIB::sysLocation.0 = STRING: SNMPv2-MIB::sysServices.0 = INTEGER: 4
# -v 指定版本,-c 指定共同体名,IP,指令
shell > snmpwalk -v 2c -c public 192.168.2.254 interface # 查看接口信息
# IF-MIB::ifDescr 接口名称
# IF-MIB::ifType 类型
# IF-MIB::ifSpeed 速率
# IF-MIB::ifMtu MTU
# IF-MIB::ifPhysAddress MAC
# IF-MIB::ifAdminStatus 状态
# IF-MIB::ifInOctets 传输字节数
# 等
三、确认需要监控网络接口
ciscoasa > show running-config interface ! interface GigabitEthernet0/0 duplex full nameif outside-1 security-level 0 ip address xx.xx.xx.xx 255.255.255.224
# Cisco ASA 查看发现,GigabitEthernet0/0 为 outside-1 即外网接口,且配置着公网IP
shell > snmpwalk -v 2c -c public 192.168.2.254 ifDescr IF-MIB::ifDescr.2 = STRING: Adaptive Security Appliance 'asa_mgmt_plane' interface IF-MIB::ifDescr.3 = STRING: Adaptive Security Appliance 'outside-1' interface IF-MIB::ifDescr.4 = STRING: Adaptive Security Appliance 'GigabitEthernet0/1' interface IF-MIB::ifDescr.5 = STRING: Adaptive Security Appliance 'inside' interface IF-MIB::ifDescr.6 = STRING: Adaptive Security Appliance 'GigabitEthernet0/3' interface IF-MIB::ifDescr.7 = STRING: Adaptive Security Appliance 'GigabitEthernet0/4' interface IF-MIB::ifDescr.8 = STRING: Adaptive Security Appliance 'GigabitEthernet0/5' interface IF-MIB::ifDescr.9 = STRING: Adaptive Security Appliance 'GigabitEthernet0/6' interface IF-MIB::ifDescr.10 = STRING: Adaptive Security Appliance 'GigabitEthernet0/7' interface IF-MIB::ifDescr.11 = STRING: Adaptive Security Appliance 'Internal-Data0/1' interface IF-MIB::ifDescr.12 = STRING: Adaptive Security Appliance 'cplane' interface IF-MIB::ifDescr.13 = STRING: Adaptive Security Appliance 'mgmt_plane_int_tap' interface IF-MIB::ifDescr.14 = STRING: Adaptive Security Appliance 'Management0/0' interface IF-MIB::ifDescr.15 = STRING: Adaptive Security Appliance 'Virtual254' interface
# 服务器上查找,返现 outside-1 对应的设备 ID 为 IF-MIB::ifDescr.3
shell > snmpwalk -v 2c -c public 192.168.2.254 IF-MIB::ifInOctets.3 # 外网口进方向 IF-MIB::ifInOctets.3 = Counter32: 2965376258 shell > snmpwalk -v 2c -c public 192.168.2.254 IF-MIB::ifOutOctets.3 # 外网口出方向 IF-MIB::ifOutOctets.3 = Counter32: 3522107956
四、创建主机、模板
1、主机
创建主机 -> SNMP 192.168.2.254 161 -> 创建
2、模板
创建模板 -> 模板名称 Cisco -> 群组 Templates -> 创建 创建应用 -> network interface 创建监控项 -> 名称 GigabitEthernet0/0 - In -> 类型 SNMPv2 端点代理模式 -> 键值 ifHCInOctets.3 -> SNMP OID IF-MIB::ifHCInOctets.3 -> SNMP community public -> 单位 bps -> 使用自定倍数 8 -> 存储值 差量(每秒速率) -> 应用集 network interface -> 创建
# 拿到的是 byte 要转换成 bit 即 bps,1 byte = 8 bit,所以要设置倍数为 8
# 照这样设置 GigabitEthernet0/0 - Out 即可,注意键值为 ifHCOutOctets.3,OID 为 OID IF-MIB::ifHCOutOctets.3
3、图形
创建图形 -> 名称 GigabitEthernet0/0 -> 加入监控项 -> 绘图风格 梯度线 -> 设置颜色 -> 创建
五、为主机添加模板
主机 -> 模板 -> 选择模板 -> Cisco -> 添加 -> 更新
# 收工 !