IPSec Tunnel Status alerting - Cisco - Need Solution
How can we setup Cisco ASA IPSec Tunnel Status check alerting in Observium.
On Fri, Nov 10, 2017 at 10:43:26AM -0600, Chandramouleeswaran NV wrote:
How can we setup Cisco ASA IPSec Tunnel Status check alerting in Observium.
--
- Thanks
Moulee M : +91 97 86 795794
Use IP SLA to monitor a destination across the tunnel, and Observium can alert on the IP SLA status. -Nick
Thanks Nick. Can you share the entity match condition information to create alert checkers ?
On Nov 11, 2017 4:11 AM, "Nick Schmalenberger" nick@schmalenberger.us wrote:
On Fri, Nov 10, 2017 at 10:43:26AM -0600, Chandramouleeswaran NV wrote:
How can we setup Cisco ASA IPSec Tunnel Status check alerting in
Observium.
--
- Thanks
Moulee M : +91 97 86 795794
Use IP SLA to monitor a destination across the tunnel, and Observium can alert on the IP SLA status. -Nick _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
On Sat, Nov 11, 2017 at 08:24:37AM -0600, Chandramouleeswaran NV wrote:
Thanks Nick. Can you share the entity match condition information to create alert checkers ?
First, the alert checker entity type needs to be "SLA". Then, you can use the entity metrics and attributes documented here http://docs.observium.org/entities/#ip-sla-rtt
I use "rtt_event ne ok" as my condition, * for device match, and "sla_owner eq XO-link-to-sjc1" for entity match.
That's for an IPsec tunnel between 2 Juniper SRXs connected by a 1g WAN link that has OSPF running on it. Because its a route based tunnel, I can monitor the directly connected IP at the other end, but I have other tunnels that monitor destinations that aren't directly connected also.
-Nick
Is this applicable for Cisco?
On Nov 11, 2017 10:06 PM, "Nick Schmalenberger" nick@schmalenberger.us wrote:
On Sat, Nov 11, 2017 at 08:24:37AM -0600, Chandramouleeswaran NV wrote:
Thanks Nick. Can you share the entity match condition information to
create
alert checkers ?
First, the alert checker entity type needs to be "SLA". Then, you can use the entity metrics and attributes documented here http://docs.observium.org/entities/#ip-sla-rtt
I use "rtt_event ne ok" as my condition, * for device match, and "sla_owner eq XO-link-to-sjc1" for entity match.
That's for an IPsec tunnel between 2 Juniper SRXs connected by a 1g WAN link that has OSPF running on it. Because its a route based tunnel, I can monitor the directly connected IP at the other end, but I have other tunnels that monitor destinations that aren't directly connected also.
-Nick _______________________________________________ observium mailing list observium@observium.org http://postman.memetic.org/cgi-bin/mailman/listinfo/observium
participants (2)
-
Chandramouleeswaran NV -
Nick Schmalenberger