Monitor Network Switch and Ports Using Nagios


1. Enable switch.cfg in nagios.cfg

Uncomment the switch.cfg line in /usr/local/nagios/etc/nagios.cfg as shown below.

cfg_file=/usr/local/nagios/etc/objects/switch.cfg

2. Add new hostgroup for switches in switch.cfg

Add the following switches hostgroup to the /usr/local/nagios/etc/objects/switch.cfg file.

define hostgroup
{
hostgroup_name  switches
alias           Network Switches
}

3. Add a new host for the switch to be monitered

In this example, I’ve defined a host to monitor the core switch in the /usr/local/nagios/etc/objects/switch.cfg file. Change the address directive to your switch ip-address accordingly.

define host
{
use             generic-switch
host_name       core-switch
alias           Cisco Core Switch
address         192.168.1.50
hostgroups      switches
}

4. Add common services for all switches

Displaying the uptime of the switch and verifying whether switch is alive are common services for all switches. So, define these services under the switches hostgroup_name as shown below.

# Service definition to ping the switch using check_ping

define service
{
use                     generic-service
hostgroup_name          switches
service_description     PING
check_command           check_ping!200.0,20%!600.0,60%
normal_check_interval   5
retry_check_interval    1
}

# Service definition to monitor switch uptime using check_snmp

define service
{
use                     generic-service
hostgroup_name          switches
service_description     Uptime
check_command           check_snmp!-C public -o sysUpTime.0
}

5. Add service to monitor port bandwidth usage

check_local_mrtgtraf uses the Multil Router Traffic Grapher – MRTG. So, you need to install MRTG for this to work properly. The *.log file mentioned below should point to the MRTG log file on your system.

define service
{
use        generic-service
host_name core-switch
service_description Port 1 Bandwidth Usage
check_command check_local_mrtgtraf!/var/lib/mrtg/192.168.1.11_1.log!AVG!1000000,2000000!5000000,5000000!10
}

6. Add service to monitor an active switch port

Use check_snmp to monitor the specific port as shown below. The following two services monitors port#1 and port#5. To add additional ports, change the value ifOperStatus.n accordingly. i.e n defines the port#.

# Monitor status of port number 1 on the Cisco core switch

define service
{
use                  generic-service
host_name            core-switch
service_description  Port 1 Link Status
check_command        check_snmp!-C public -o ifOperStatus.1 -r 1 -m RFC1213-MIB
}

# Monitor status of port number 5 on the Cisco core switch

define service
{
use                  generic-service
host_name            core-switch
service_description  Port 5 Link Status
check_command       check_snmp!-C public -o ifOperStatus.5 -r 1 -m RFC1213-MIB
}


7. Add services to monitor multiple switch ports together

Sometimes you may need to monitor the status of multiple ports combined together. i.e Nagios should send you an alert, even if one of the port is down. In this case, define the following service to monitor multiple ports.

# Monitor ports 1 - 6 on the Cisco core switch.

define service
{
use                   generic-service
host_name             core-switch
service_description   Ports 1-6 Link Status
check_command         check_snmp!-C public -o ifOperStatus.1 -r 1 -m RFC1213-MIB, -o ifOperStatus.2 -r 1 -m RFC1213-MIB, -o ifOperStatus.3 -r 1 -m RFC1213-MIB, -o ifOperStatus.4 -r 1 -m RFC1213-MIB, -o ifOperStatus.5 -r 1 -m RFC1213-MIB, -o ifOperStatus.6 -r 1 -m RFC1213-MIB
}


8. Validate configuration and restart nagios

Verify the nagios configuration to make sure there are no warnings and errors.

# /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

Total Warnings: 0
Total Errors:   0
Things look okay - No serious problems were detected during the pre-flight check

Restart the nagios server to start monitoring the VPN device.

# /etc/rc.d/init.d/nagios stop

Stopping nagios: .done.

# /etc/rc.d/init.d/nagios start

Starting nagios: done.

Check: http://Your-server-ip/nagios or http://localhost/nagios in browsers

4 comments:

Anonymous said...

I am struggling with monitoring ports on a stacked switch. For example I have ports 1/0/1 through 1/0/48. Then I have ports 2/0/2 through 2/0/48.

For the first 48 ports the numbering is as follows: 10001, 10002, 10003 up to 10048. Those ports monitor just fine. Its the next 48 I am having trouble with.

10201 seems to work as well as 10202. But when I try to put in 10203 I get an Unknown Status.

Any help is appreciated!
Danno

Unknown said...

Dano, walk the IF-MIB to see which index numbers are associated with which interfaces:

snmpwalk -c -v <1/2c/3> .1.3.6.1.2.1.2.2.1.2

Unknown said...
This comment has been removed by the author.
Kapil Oberoi said...

Hi,

If you have MRTG intalled, just issue the following command by replacing the ip -

cfgmaker public@192.1.1.2 --global "WorkDir: /home/http/mrtg/" --output server.cfg

then open server.cfg and all your port numbers would be listed there !!!

Regards
Kapil O