What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

palo alto bgp monitoring

Votes:

0

i'm trying to monitor PAN OS bgp peer status , in PAN OS you have a limited SNMP MIB's that does not have any OID for bgp protocol or bgp peering status .

and my goal is to create a monitor through the custom REST sensor because PAN OS have access to bgp protocol or bgp peering status through the API on the appliance .

the problem is that i cant manage to figure out what and which arguments should be in the "*.template" and were to do the lookup's .

REST query :

"/api/?type=op&cmd=<show><routing><protocol><bgp><peer><peer-name>Peer-name</peer-name></peer></bgp></protocol></routing></show>"

output example for the API XML answer :

<response status="success">
	<result>
		<entry peer="Peer-name" vr="XXXXXX">
			<peer-group>peer-group-name</peer-group>
			<peer-router-id>xx.xx.xx.xx</peer-router-id>
			<remote-as>xxxxx</remote-as>
			<status>Established</status>
			<status-duration>0</status-duration>
			<password-set>yes</password-set>
			<passive>no</passive>
			<multi-hop-ttl>0</multi-hop-ttl>
			<peer-address>x.x.x.x:0</peer-address>
			<local-address>x.x.x.x:0</local-address>
			<reflector-client>not-client</reflector-client>
			<same-confederation>no</same-confederation>
			<aggregate-confed-as>yes</aggregate-confed-as>
			<peering-type>Unspecified</peering-type>
			<connect-retry-interval>0</connect-retry-interval>
			<open-delay>0</open-delay>
			<idle-hold>0</idle-hold>
			<prefix-limit>0</prefix-limit>
			<holdtime>0</holdtime>
			<holdtime-config>0</holdtime-config>
			<keepalive>0</keepalive>
			<keepalive-config>0</keepalive-config>
			<msg-update-in>0</msg-update-in>
			<msg-update-out>0</msg-update-out>
			<msg-total-in>0</msg-total-in>
			<msg-total-out>0</msg-total-out>
			<last-update-age>0</last-update-age>
			<last-error>Cease (6) : connection rejected (5)</last-error>
			<status-flap-counts>0</status-flap-counts>
			<established-counts>0</established-counts>
			<ORF-entry-received>0</ORF-entry-received>
			<nexthop-self>no</nexthop-self>
			<nexthop-thirdparty>yes</nexthop-thirdparty>
			<nexthop-peer>no</nexthop-peer>
			<config>
				<remove-private-as>yes</remove-private-as>
			</config>
			<peer-capability>
				<list>
					<capability>Multiprotocol Extensions(1)</capability>
					<value>xxxxxx</value>
				</list>
				<list>
					<capability>Route Refresh(2)</capability>
					<value>yes</value>
				</list>
				<list>
					<capability>Graceful Restart(64)</capability>
					<value>xxxxx</value>
				</list>
				<list>
					<capability>4-Byte AS Number(65)</capability>
					<value>xxxxx</value>
				</list>
				<list>
					<capability>Route Refresh (Cisco)(128)</capability>
					<value>yes</value>
				</list>
			</peer-capability>
			<prefix-counter>
				<entry afi-safi="xxxxxxxxxx">
					<incoming-total>xxxx</incoming-total>
					<incoming-accepted>xxxx</incoming-accepted>
					<incoming-rejected>0</incoming-rejected>
					<outgoing-total>0</outgoing-total>
					<outgoing-advertised>0</outgoing-advertised>
				</entry>
			</prefix-counter>
		</entry>
	</result>
</response>

i want to get the peer name ,peer group name ,bgp status and bgp peer adreess from that output .

  • bgp-peer-name -
    • <entry peer="peer-name" vr="XXXXXX">
  • bgp-peer-group-name -
    • <peer-group>peer-group-name</peer-group>
  • bgp-status -
    • <status>Established</status>
  • bgp-peer-address -
    • <peer-address>X.X.X.X:XXX</peer-address>

i understand that i need to do some lookup's for "translating" the text arguments to numerical like the peer and peer group names and the bgp status .

i appreciate any help regarding that issue.

thx Dor.

api bgp paloalto

Created on Jun 20, 2018 12:56:56 PM

Last change on Jun 21, 2018 7:20:25 AM by Luciano Lingnau [Paessler]



3 Replies

Accepted Answer

Votes:

0

Hello Dor,
thank you for your inquiry.

Nice find in the Palo Alto API. As for translating (converting the text to a value), the process is essentially:

  1. The XML contains the string, for instance: Established
  2. In the Rest Custom sensor a function lookup(string, string, string, ...) converts the string to a numerical value.
  3. In PRTG, you associated a regular lookup to the channel, to once more transform the numerical value to a string/state.

This function (as well as other supported functions) are described in the sensor's manual page:

The reason why this is needed, is that channels cannot contain strings, only numerical values are accepted. Depending on the amount of peers that you have (If less than 50) you could create one channel per peer, with the corresponding lookup state.

Please keep in mind however, that properties like <peer-address>, <peer-group> or <entry peer>(name) must either be a channel name, or a message. These are not numerical values (I would also not advise converting them using the lookup function.

If you need some inspiration, please refer to these examples:

You can also check the standard templates included with PRTG, which are available in the following folder on the PRTG Server:

C:\Program Files (x86)\PRTG Network Monitor\Custom Sensors\rest\

Best Regards,
Luciano Lingnau [Paessler Support]

Created on Jun 21, 2018 7:38:01 AM by Luciano Lingnau [Paessler]



Votes:

0

Dor,

Were you ever able to get this working? Attempting to do the same and running into roadblocks.

Created on Dec 18, 2018 8:45:21 PM



Votes:

0

Hi Jonny,

Have you checked Luciano's answer?
Please share some more details into what issues you exactly run, what is not working and what you have tried so far so we can figure this out.

Best regards.

Created on Dec 19, 2018 5:57:26 AM by Dariusz Gorka [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.