Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

check_cisco_ips question

https://support.nagios.com/forum/viewtopic.php?t=33654

Page 1 of 1

check_cisco_ips question

Posted: Mon Jul 06, 2015 10:41 am
by snapon_admin
Not sure if anyone here is using this plugin (https://exchange.nagios.org/directory/P ... EM/details), but I'm having some trouble getting the CPU stats check to work. The mem one works fine, just CPU is having issues. Does anyone know what MIb(s) this plugin needs to function properly? I get the following whenever I try to run the CPU check on an ASA 5505:

Code: Select all

Argument "noSuchObject" isn't numeric in numeric gt (>) at ./check_cisco_ips.pl line 334.
Argument "noSuchObject" isn't numeric in numeric gt (>) at ./check_cisco_ips.pl line 334.
Argument "noSuchObject" isn't numeric in numeric gt (>) at ./check_cisco_ips.pl line 334.
Cisco ASA CPU : 5sec = noSuchObject %, 2min = noSuchObject %, 5min = noSuchObject % : OK

Re: check_cisco_ips question

Posted: Mon Jul 06, 2015 11:27 am
by jdalrymple

Code: Select all

#my $cisco_cpu_5m = "1.3.6.1.4.1.9.9.109.1.1.1.1.8.1"; # Cisco CPU load (5min %)
#my $cisco_cpu_1m = "1.3.6.1.4.1.9.9.109.1.1.1.1.7.1"; # Cisco CPU load (1min %)
#my $cisco_cpu_5s = "1.3.6.1.4.1.9.9.109.1.1.1.1.6.1"; # Cisco CPU load (5sec %)
my $cisco_cpu_5m = "1.3.6.1.4.1.9.9.109.1.1.1.1.5.1"; # Cisco CPU load (5min %)
my $cisco_cpu_1m = "1.3.6.1.4.1.9.9.109.1.1.1.1.4.1"; # Cisco CPU load (1min %)
my $cisco_cpu_5s = "1.3.6.1.4.1.9.9.109.1.1.1.1.3.1"; # Cisco CPU load (5sec %)
I wonder why he commented the first 3 out? Maybe they work for some and the other 3 work for others?

Try snmpgetting those OIDs and see if any of them turn up anything - certainly I expect the ones NOT commented will not produce results.

Re: check_cisco_ips question

Posted: Mon Jul 06, 2015 11:29 am
by tgriep
I tested the check on a Cisco ASA5505 without any issues. Starting on line 27 of the plugin, you have to define the OID's you need to test the 5505.
Does your check_cisco_ips.pl file look like this starting on line 27?

Code: Select all

# Cisco IPS CPU

#my $cisco_cpu_5m = "1.3.6.1.4.1.9.9.109.1.1.1.1.8.1"; # Cisco CPU load (5min %)
#my $cisco_cpu_1m = "1.3.6.1.4.1.9.9.109.1.1.1.1.7.1"; # Cisco CPU load (1min %)
#my $cisco_cpu_5s = "1.3.6.1.4.1.9.9.109.1.1.1.1.6.1"; # Cisco CPU load (5sec %)
my $cisco_cpu_5m = "1.3.6.1.4.1.9.9.109.1.1.1.1.5.1"; # Cisco CPU load (5min %)
my $cisco_cpu_1m = "1.3.6.1.4.1.9.9.109.1.1.1.1.4.1"; # Cisco CPU load (1min %)
my $cisco_cpu_5s = "1.3.6.1.4.1.9.9.109.1.1.1.1.3.1"; # Cisco CPU load (5sec %)

Re: check_cisco_ips question

Posted: Mon Jul 06, 2015 11:56 am
by snapon_admin
Yeah I'm really confused on this as well. I tried this script against an ASA 5505, software version 9.2, with my script looking like this on line 27:

Code: Select all

# Cisco IPS CPU

my $cisco_cpu_5m = "1.3.6.1.4.1.9.9.109.1.1.1.1.8.1"; # Cisco CPU load (5min %)
my $cisco_cpu_1m = "1.3.6.1.4.1.9.9.109.1.1.1.1.7.1"; # Cisco CPU load (1min %)
my $cisco_cpu_5s = "1.3.6.1.4.1.9.9.109.1.1.1.1.6.1"; # Cisco CPU load (5sec %)
#my $cisco_cpu_5m = "1.3.6.1.4.1.9.9.109.1.1.1.1.5.1"; # Cisco CPU load (5min %)
#my $cisco_cpu_1m = "1.3.6.1.4.1.9.9.109.1.1.1.1.4.1"; # Cisco CPU load (1min %)
#my $cisco_cpu_5s = "1.3.6.1.4.1.9.9.109.1.1.1.1.3.1"; # Cisco CPU load (5sec %)
According to Cisco those OIDs are for CPU stats on IOS devices 12.2 or later (this is an ASA so it uses a completely different number scheme for version numbers, so not sure what that means...), source here: http://www.cisco.com/c/en/us/support/do ... -snmp.html

When I run the script with those particular OIDs defined I get:

Code: Select all

[root@lisl-ngos-01-pv libexec]# ./check_cisco_ips.pl -H <IP ADDRESS> -C <COMMUNITY> -2 -T cpu -w 70,50,40 -c 90,70,50
Argument "noSuchObject" isn't numeric in numeric gt (>) at ./check_cisco_ips.pl line 334.
Cisco ASA CPU : 5sec = noSuchObject %, 2min = 17 %, 5min = 16 % : OK
So it seems to work with all but the 5 sec OID for some unknown reason. When I run this script against an ASA 5510 with software version 9.1 (literally one minor revision lower) I get the "noSuchObject" issue on all 3, but when I modify the script to look like this:

Code: Select all

#my $cisco_cpu_5m = "1.3.6.1.4.1.9.9.109.1.1.1.1.8.1"; # Cisco CPU load (5min %)
#my $cisco_cpu_1m = "1.3.6.1.4.1.9.9.109.1.1.1.1.7.1"; # Cisco CPU load (1min %)
#my $cisco_cpu_5s = "1.3.6.1.4.1.9.9.109.1.1.1.1.6.1"; # Cisco CPU load (5sec %)
my $cisco_cpu_5m = "1.3.6.1.4.1.9.9.109.1.1.1.1.5.1"; # Cisco CPU load (5min %)
my $cisco_cpu_1m = "1.3.6.1.4.1.9.9.109.1.1.1.1.4.1"; # Cisco CPU load (1min %)
my $cisco_cpu_5s = "1.3.6.1.4.1.9.9.109.1.1.1.1.3.1"; # Cisco CPU load (5sec %)
I get this:

Code: Select all

[root@lisl-ngos-01-pv libexec]# ./check_cisco_ips.pl -H <IP ADDRESS> -C <COMMUNITY> -2 -T cpu -w 70,50,40 -c 90,70,50
Cisco ASA CPU : 5sec = 3 %, 2min = 3 %, 5min = 2 % : OK
All is perfect like that. So yeah...kind of at a loss for how to proceed. Is there anyway to make this particular script (or is there a different script available) that can monitor CPU usage on ASAs using either OID? Looking at Cisco's documentation, it looks like there are only 2 OIDs for each of those data points, and the difference is only based o n the software revision on the ASA. Also, why is the 5sec OID not working for the 9.2 ASA when I'm 99% sure it's correct? Also, why does the "S" in SNMP stand for "Simple" when it's anything but simple?! Yargh!

Re: check_cisco_ips question

Posted: Mon Jul 06, 2015 3:26 pm
by jdalrymple
I'd argue in this context it isn't SNMP that is un-simple as a protocol but rather a company's desire to switch up OIDs based upon software version.

Unfortunately the SNMP query is returning *something* (noSuchObject) otherwise it would be trivial to query both and short-circuit them with an "OR". Because one or the other isn't NULL that method goes out the window.

The next best without getting to terribly hacky would be to identify what the version barrier is and add the logic to the check as needed. We'd either need documentation or a lot of annoying trial and error for that. Version *should* be easily queryable via SNMP.

The last good option would be to standardize your software versions in-house.

What route works for you? Fair warning - if we get too crazy this becomes a custom development quote since it's not an XI provided plugin.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited