Using: Nagios XI 2012R2.4
I am trying to monitor the interfaces of Cisco ASA firewalls using the check_snmp_int command, this works from the command line and fails from the Nagios GUI. When I compare the command line with the Nagios "Test Command" utility, the only difference I see is that Nagios is inserting the backslashes before the single quotes.
Any Ideas?
Check result from the command line:
/usr/local/nagios/libexec/check_snmp_int.pl -H fw-houston-1 -C ***** -2 -r -n "Adaptive Security Appliance 'outside' interface" -f Y -w 0,0 -c 0,0 M
Adaptive Security Appliance 'outside' interface:UP:1 UP: OK | 'Adaptive Security Appliance 'outside' interface_in_octet'=3949717394c 'Adaptive Security Appliance 'outside' interface_out_octet'=1851980936c
Check from Nagios:
COMMAND: /usr/local/nagios/libexec/check_snmp_int.pl -H fw-houston-1 -C ***** -2 -r -n "Adaptive Security Appliance \'outside\' interface" -f Y -w 0,0 -c 0,0 M
OUTPUT: ERROR : Unknown interface Adaptive Security Appliance \'outside\' interface
Thanks
Sal
Monitor Cisco ASA interface check_snmp_int
-
sreinhardt
- -fno-stack-protector
- Posts: 4366
- Joined: Mon Nov 19, 2012 12:10 pm
Re: Monitor Cisco ASA interface check_snmp_int
I have a couple of solutions for you. One, if you wish to stay with the current manually configured route, I would highly suggest saving that service, and running it via the normal nagios scheduler. When using the test command button it executes via a php script that may not have rights and will definitely escape certain characters improperly. Most likely the check you have would work just fine under normal nagios core execution.
Alternatively, we offer this exact feature already with the network switch and router wizard. It does not use the particular check you picked out, however it will allow you to do some more reporting and get more advanced information out of it. If you choose to list the interfaces by description instead of number it should list vlans, outside\inside\dmz interfaces and individual ports all in the wizard.
Alternatively, we offer this exact feature already with the network switch and router wizard. It does not use the particular check you picked out, however it will allow you to do some more reporting and get more advanced information out of it. If you choose to list the interfaces by description instead of number it should list vlans, outside\inside\dmz interfaces and individual ports all in the wizard.
Nagios-Plugins maintainer exclusively, unless you have other C language bugs with open-source nagios projects, then I am happy to help! Please pm or use other communication to alert me to issues as I no longer track the forum.
Re: Monitor Cisco ASA interface check_snmp_int
Actually using the network wizard was my first choice, but the wizard will not create the rrd files. The Check_snmp_int command creates the rrd files with no problems.
-
scottwilkerson
- DevOps Engineer
- Posts: 19396
- Joined: Tue Nov 15, 2011 3:11 pm
- Location: Nagios Enterprises
- Contact:
Re: Monitor Cisco ASA interface check_snmp_int
Running the Network switch /router wizard should create the rrd's just fine. it does however take about 10 minutes for them to start populating.