blog.IT

Basic implementation of memory monitoring using snmp can lead to false alarm. [ Expert@FW1]# free              total       used       free     shared    buffers     cached Mem:       8308232    8027236     280996           0     249776    5983656 -/+ buffers/cache:    1793804    6514428 Swap:     18347752          0   18347752 In the example above, the firewall is running (208772 actives connexions) The OS reports "8027236" of "8308232" used. However, we see that the 'free' + 'buffers' + 'cached' = " 280996 " + "249776" + "5983656" = "6514428", which is 'logically' free for applications to use, and will be handed out by the kernel appropriately. According to sk32206 : How to determine how much Free Memory is available on Linux/SecurePlatform systems ' Free Real Memory ' should be equal to - 'Free Real Memory' in output of 'cpstat -f memory

Configure SNMP v3 on SecurePlatform   [Expert@FW]# snmp user del public [Expert@FW]# snmp user add authuser Nagios pass complexpassphrase priv privatepass [Expert@FW]# snmp service enable [Expert@FW]# cat /etc/snmp/snmpd.conf master agentx syslocation "Somewhere" syscontact SOC - Security sysservices 76 rocommunity PASSWORD trap2sink 192.168.1.2 PASSWORD1 cp_cleartrap 10 2 proc syslogd 1 1 disk /var 20% cp_monitor 1.3.6.1.2.1.2.2.1.8.1 == 2 60 "link 1 down" cp_monitor prErrorFlag.1 != "0" 60 "process monitor" cp_monitor dskErrorFlag.1 != 0 60 "disk monitor" cp_monitor 1.3.6.1.4.1.2021.10.1.5.1 > 100 60 "CPU load 1 min" cp_monitor 1.3.6.1.4.1.2021.10.1.5.2 > 90 60 "CPU load 5 min" cp_monitor 1.3.6.1.4.1.2021.4.4.0 < 2000 60 "memAvailSwap" cp_monitor 1.3.6.1.4.1.2021.4.6.0 < 2000 60 "memAvailReal" cp_monitor 1.3.6.1.4.1.2620.