Coder Social home page Coder Social logo

panos2grafana's Introduction

Panos2Grafana

Steps and configurations to create a complete PaloAlto Firewall dashboard in GRAFANA. The dashboard is compatible with a standalone firewall, with one HA cluster of 2 firewalls and with multiple clusters.

At this time support for models:

  • PA-5250
  • PA-5050
  • PA-3020
  • PA-820

If you are using a different one, probably some sensor graphs (cpu_temp and fan_speed) can be inadequate, but rest of the panels should be ok.

Screenshot

screenshot

Getting Started

Prerequisites

The infraestruture needed is:

  • PanOS 8.1 or greater firewall (obviously) ;-)
  • InfluxDB
  • Telegraf
  • Grafana

Your PanOS Firewall must be configured to answer SNMP queries. Your TIG environment (Telegraf/InfluxDB/Grafana) also installed and configured property. I will not cover information about installation and basic configuration as a lot of step by step tutorials can be found.

Telegraf

Data will be collected by Telegraf SNMP plugin. Just download the appropriate configuration file for your model (5250.conf for PA5250 for example).

Modify according with your enviroment:

  • agents: ip or hostname firewalls
  • community: snmp read comunity of your firewalls
  • cluster: tag_name for your cluster. If you have only one cluster (or one firewall) default value "cluster1" is ok. Otherwise look for "[inputs.snmp.tags]" and modify it.

Copy the config file in /etc/telegraf/telegraf.d/ and reload telegraf

sudo systemctl restart telegraf

After some seconds, it's a good idea to check if everything is working

sudo systemctl status telegraf

You can config as many clusters as you needs. Each cluster needs a new config file with . Just creating a copy of the first one if hardware model is the same or repeat the proccess with other config file according to your hardware.

Grafana

Finally, import Dashboard number 11321 from grafana.com and the magic will happen.

panos2grafana's People

Contributors

vbarahona avatar

Stargazers

avatar Dawson Greeley avatar avatar avatar avatar avatar Michael Fisher avatar Omari avatar avatar avatar Eyes of Bucket avatar avatar Julian avatar Dirk Melchers avatar avatar avatar Andrea avatar Kristjan avatar Andrew Chumchal avatar Nikolay Matveev avatar Robert Hagen avatar Weyder Ferreira avatar Marcelo Vilar avatar Daniel Lundh avatar Irek Romaniuk avatar Shinosuke Nohara avatar Mike Hammonds avatar avatar tom0010 avatar David Cruz avatar Jose Manuel Agudo Cuesta avatar

Watchers

Dirk Melchers avatar avatar Andrew Chumchal avatar Mike Hammonds avatar avatar

Forkers

kevinhuy pasqua1e twivanlin danielbenshloosh magnusappelgren iammbari cmur cpajr kandao1189

panos2grafana's Issues

conf for other pan firewalls

Hi!

Really like your work here. After some work we now have beautiful graphs for our firewalls :) (if you have more than 1 fw you need to add "agent_host" = 'agent-name-in-conf)' in all grafana panels).

PA-820 entPhySensorValue.2 to 4 is fan and 5-9 is cpu
PA-3020 entPhySensorValue.2 to 5 is fan and 6-11 is cpu
PA-5050 entPhySensorValue.5 to 14 is fan and 15-18 is cpu

I also found that PA-3020 and PA-5050 has hrStorageIndex in 2 digits and 4 digits (RAM etc is 20,30 etc and Buffers etc is 1010 and so on). I fixed this by changing the query from WHERE ("hrStorageIndex" =~ /\d\d\d\d/ to WHERE ("hrStorageIndex" =~ /\d\d/

I hope this is correct!

Thanks
Magnus

Documentation

can you update the instructions to include all the PAN MIB.my files. I needed all of them in order to poll the information you specified in your .conf file. Thanks for creating this!

PAN-COMMON-MIB.my
PAN-ENTITY-EXT-MIB.my
PAN-GLOBAL-REG-MIB.my
PAN-GLOBAL-TC-MIB.my
PAN-LC-MIB.my
PAN-PRODUCT-MIB.my
PAN-TRAPS.my

Telegraf SNMP MIBs

Hello and Thank you for your work on this project.

I'm currently have a PaloAlto 820 that I'm testing with and I'm in getting

2021-06-12T15:18:00Z E! [inputs.snmp] Error in plugin: initializing table pan_buffers: getting table columns: MIB search path: /root/.snmp/mibs:/usr/share/snmp/mibs:/usr/share/snmp/mibs/iana:/usr/share/snmp/mibs/ietf:/usr/share/mibs/site:/usr/share/snmp/mibs:/usr/share/mibs/iana:/usr/share/mibs/ietf:/usr/share/mibs/netsnmp

I have loaded all of the mibs files. Any ideas what can be causing the issues?

CPS by Security Zone and by protocols and zones

Hello @vbarahona, how are you?
Fine I hope

Great dashboard.

We have the 220, 3220, and 820 PA models, we have problems with the CPS by Security Zone and by protocols and zones graphics, do you have any idea what it would be? the Zones are known.

Thanks

Unknown Object Identifier

How is the second command possibly not working?

snmpget -v2c -c public 192.168.2.55 PAN-COMMON-MIB::panSessionActiveTcp.0
PAN-COMMON-MIB::panSessionActiveTcp.0 = INTEGER: 2239

snmpget -v2c -c public 192.168.2.55 PAN-COMMON-MIB::panZoneActiveUdpCps: Unknown Object Identifier

Cannot find module (PAN-COMMON-MIB)

Hello dear,
I've followed your README to install your dashboard in our grafana but I have gotten the error below. May you help us?

Thanks

PAN-COMMON-MIB::panFlowIpfragFragErr: Unknown Object Identifier
May 24 22:21:00 STG-ZBX-FE telegraf[4622]: 2020-05-24T20:21:00Z E! [inputs.snmp] Error in plugin: initializing table pan_global_counters: initializing fiel
May 24 22:21:00 STG-ZBX-FE telegraf[4622]: Cannot find module (PAN-COMMON-MIB): At line 1 in (none)
May 24 22:21:00 STG-ZBX-FE telegraf[4622]: PAN-COMMON-MIB::panFlowIpfragFragErr: Unknown Object Identifier
May 24 22:22:00 STG-ZBX-FE telegraf[4622]: 2020-05-24T20:22:00Z E! [inputs.snmp] Error in plugin: initializing table pan_global_counters: initializing fiel
May 24 22:22:00 STG-ZBX-FE telegraf[4622]: Cannot find module (PAN-COMMON-MIB): At line 1 in (none)
May 24 22:22:00 STG-ZBX-FE telegraf[4622]: PAN-COMMON-MIB::panFlowIpfragFragErr: Unknown Object Identifier
May 24 22:23:00 STG-ZBX-FE telegraf[4622]: 2020-05-24T20:23:00Z E! [inputs.snmp] Error in plugin: initializing table pan_global_counters: initializing fiel
May 24 22:23:00 STG-ZBX-FE telegraf[4622]: Cannot find module (PAN-COMMON-MIB): At line 1 in (none)
May 24 22:23:00 STG-ZBX-FE telegraf[4622]: PAN-COMMON-MIB::panFlowIpfragFragErr: Unknown Object Identifier

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.