On 11/5/2014 7:08 AM, Carlos Martinez wrote:
I noticed that a pair of firewalls I had failed over about a month ago but the only thing showing in the logs of the device was that the mac addresses all changed. Is there a way to get better alerting on failover? I know the stateful failover are almost sub second but logs are generated.
Not sure if you can monitor that with SNMP but figured I would throw that out there.
Yes, the status can be checked via SNMP -- here is a subset of code from a Perl Nagios plugin we use that shows the different modes. Not pretty, but does the job.
# load failover hash based on this table my $snmpCfwHardwareStatusValue = '1.3.6.1.4.1.9.9.147.1.2.1.1.1.3';
if ($failover{6} == 0) { $state = 'WARNING'; print "$state: $hostname failover disabled\n"; } elsif ($failover{6} == 9 and $failover{7} == 10) { $state = 'OK'; print "$state: $hostname pri active, sec standby\n"; } elsif ($failover{6} == 9 and $failover{7} == 9) { $state = 'CRITICAL'; print "$state: $hostname pri and sec are BOTH active\n"; } elsif ($failover{6} == 9 and $failover{7} == 4) { $state = 'WARNING'; print "$state: $hostname pri active, sec error\n"; } elsif ($failover{6} == 9) { $state = 'WARNING'; print "$state: $hostname pri active, sec unknown\n"; } elsif ($failover{6} == 10 and $failover{7} == 9) { $state = 'WARNING'; print "$state: $hostname pri standby, sec is active\n"; } elsif ($failover{6} == 10 and $failover{7} == 4) { $state = 'WARNING'; print "$state: $hostname pri standby, sec error\n"; } elsif ($failover{7} == 9) { $state = 'WARNING'; print "$state: $hostname pri unknown, sec active\n"; } else { $state = 'UNKNOWN'; print "$state: $hostname failover status is unknown\n"; }
Regards, Mark