How to monitor network switches using snmp with Nagios or Icinga

Overview

Monitoring of network devices like switches, routers and hardware firewalls can be performed easily using monitoring tools like Nagios or Icinga. The prerequisites require basic knowledge of snmp protocol and an existing setup of Nagios or Icinga. This post assumes that you already have Icinga or Nagios installed and running. If not then follow these posts to install Icinga or Nagios.

Also I assume that snmp is enabled and working on network switches, get in touch with your network administrator and ask him to enable snmp on the switches. Every major managed switch can be setup to send snmp information, to add additional security you can apply ACL’s for snmp to only send it to a specific ip that is the nagios server. The network administrator would probably give you the ip address of the switch and the snmp community string. The community string kinda act as a password and is required by us to fetch information from the switch. The only other thing that is required now is the OID’s of all the parameters that we would be monitoring. To find the OID’s we would be using a tool called MIB Browser. Lets start then.

How to monitor network switches using snmp with Nagios or Icinga

First and foremost we would like nagios to start reading switch config file.


# vi /usr/local/nagios/etc/nagios.cfg

Uncomment line 45 for nagios to start reading the switch.cfg file


cfg_file=/usr/local/nagios/etc/objects/switch.cfg

Open switch.cfg in an editor of choice and define our switch


# vi /usr/local/nagios/etc/objects/switch.cfg

Append the following definition, replace the address with the ip address of your switch.


define host{
use generic-switch
host_name Network Core Switch-Active
alias Juniper EX8208 Switch
address 192.168.104.1
hostgroups switches
}

Next we would be adding some basic parameters to monitoring like the uptime, CPU and Memory Utilization, Temperature. Be sure you change the string abc@123 in the definitions below with the community string provided by your network administrator.


define service{
use generic-service ; Inherit values from a template
host_name Network Core Switch-Active
service_description Uptime
check_command check_snmp!abc@123!sysUpTime.0
}

define service{
use generic-service
host_name Network Core Switch-Active
service_description CPU Utilization
check_command check_snmp!abc@123!1.3.6.1.4.1.2636.3.1.13.1.8.9.1.0.0 -w 0:60 -c 0:80
}

define service{
use generic-service
host_name Network Core Switch-Active
service_description Memory Utilization
check_command check_snmp!abc@123!1.3.6.1.4.1.2636.3.1.13.1.11.9.1.0.0 -w 0:60 -c 0:80
}

define service{
use generic-service
host_name Network Core Switch-Active
service_description Temperature
check_command check_snmp!abc@123!1.3.6.1.4.1.2636.3.1.13.1.7.9.1.0.0 -c 0:40
}

Now the basic parameters out of the way lets concentrate on the main part. The other things that we would want to monitor are the ports, vlans, taps etc. To monitor these we need to know the OIDs, lets use a tool know as MIB Browser. It is a paid tool but you can download 30 days evaluation version here. Install it and find the OIDs.

switch01 How to monitor network switches using snmp with Nagios or Icinga

switch02 How to monitor network switches using snmp with Nagios or Icinga

switch04 How to monitor network switches using snmp with Nagios or Icinga

switch05 How to monitor network switches using snmp with Nagios or Icinga

The next thing we would be doing is compiling check_multi plugin. To find out what check_multi is and how to compile it click here.

Once the check_multi plugin is installed and compiled, create a new command file for check_multi.


# vi /usr/local/nagios/etc/objects/switches/coreswitchactive.cmd

Append the following to the file. You need to define the commands for all the ports need to be monitored. Let me explain one command here.

command[ge-0-0-4]=/usr/lib/nagios/plugins/check_snmp -H 192.168.104.1 -C abc@123 -o ifOperStatus.570 -c 1

The command is to monitor gigabyte Ethernet port 4 of enclosure 0. It is using check_snmp plugin, -H is followed by the ip address of the switch, -C followed by the community string, -o followed by the OID we extracted using MIB Browser, -c 1 means to make it critical if the output is other than 1 since 1 is for OK any-other value should alert us.

Sample commands for my switch.


command[vlan.1]=/usr/lib/nagios/plugins/check_snmp -H 192.168.104.1 -C abc@123 -o ifOperStatus.710 -c 1
command[tap]=/usr/lib/nagios/plugins/check_snmp -H 192.168.104.1 -C abc@123 -o ifOperStatus.7 -c 1
command[ge-0-0-4]=/usr/lib/nagios/plugins/check_snmp -H 192.168.104.1 -C abc@123 -o ifOperStatus.570 -c 1
command[bme3]=/usr/lib/nagios/plugins/check_snmp -H 192.168.104.1 -C abc@123 -o ifOperStatus.169 -c 1

Create a new command for check_multi, open command.cfg file in an editor of choice.


# vi /usr/local/nagios/etc/objects/commands.cfg

Append the following to the file. This command calls check_multi -f flag will be followed by the command file we just created, -r is reporting type, -T is the time out values in seconds.


define command{
command_name check_multi_snmp
command_line /usr/local/nagios/libexec/check_multi -f $ARG1$ -r $ARG2$ -T 180
}

Open switch.cfg in an editor of choice


# vi /usr/local/nagios/etc/objects/switch.cfg

Create a service definition for the ports


define service{
use generic-service
host_name Network Core Switch-Active
service_description SwitchPorts
check_command check_multi_snmp!/usr/local/nagios/etc/objects/coreswitchactive.cmd!15
}

switch072 300x176 How to monitor network switches using snmp with Nagios or Icinga