You can use an SNMP manager to monitor event-driven alerts and operational statistics for the firewall, Panorama, or WF-500 appliance and for the traffic they process. The statistics and traps can help you identify resource limitations, system changes or failures, and malware attacks. You configure alerts by forwarding log data as traps, and enable the delivery of statistics in response to GET messages (requests) from your SNMP manager. Each trap and statistic has an object identifier (OID). Related OIDs are organized hierarchically within the Management Information Bases (MIBs) that you load into the SNMP manager to enable monitoring.
When an event triggers SNMP trap generation (for example, an interface goes down), the firewall, Panorama virtual appliance, M-Series appliance, and WF-500 appliance respond by updating the corresponding SNMP object (for example, the interfaces MIB) instead of waiting for the periodic update of all objects that occurs every ten seconds. This ensures that your SNMP manager displays the latest information when polling an object to confirm an event.
The firewall, Panorama, and WF-500 appliance support SNMP Version 2c and Version 3. Decide which to use based on the version that other devices in your network support and on your network security requirements. SNMPv3 is more secure and enables more granular access control for system statistics than SNMPv2c. The following table summarizes the security features of each version. You select the version and configure the security features when you Monitor Statistics Using SNMP and Forward Traps to an SNMP Manager.
MIB Access Granularity
SNMP community access for all MIBs on a device
EngineID, username, and authentication password (SHA hashing for the password)
Privacy password for AES 128 encryption of SNMP messages
User access based on views that include or exclude specific OIDs
SNMP Implementation illustrates a deployment in which firewalls forward traps to an SNMP manager while also forwarding logs to Log Collectors. Alternatively, you could configure the Log Collectors to forward the firewall traps to the SNMP manager. For details on these deployments, refer to Log Forwarding Options in Centralized Logging and Reporting. In all deployments, the SNMP manager gets statistics directly from the firewall, Panorama, or WF-500 appliance. In this example, a single SNMP manager collects both traps and statistics, though you can use separate managers for these functions if that better suits your network.
Use an SNMP Manager to Explore MIBs and Objects
Use an SNMP Manager to Explore MIBs and Objects To use SNMP for monitoring Palo Alto Networks firewalls, Panorama, or WF-500 appliances, you must first ...
Monitor Statistics Using SNMP
Monitor Statistics Using SNMP The statistics that a Simple Network Management Protocol (SNMP) manager collects from Palo Alto Networks firewalls can help you gauge the ...
SNMP Monitoring and Traps
SNMP Monitoring and Traps The following topics describe how Palo Alto Networks firewalls, Panorama, and WF-500 appliances implement SNMP, and the procedures to configure SNMP ...
Enable SNMP Monitoring
Enable SNMP Monitoring Device > Setup > Operations Simple Network Management Protocol (SNMP) is a standard protocol for monitoring the devices on your network. Select ...
Monitor Panorama and Log Collector Statistics Using SNMP
Monitor Panorama and Log Collector Statistics Using SNMP You can configure an SNMP manager to request information from a Panorama management server and configure Panorama ...
Walk a MIB
Walk a MIB If you want to see which SNMP objects (system statistics and traps) are available for monitoring, displaying all the objects of a ...
Identify the OID for a System Statistic or Trap
Identify the OID for a System Statistic or Trap To use an SNMP manager for monitoring Palo Alto Networks firewalls, Panorama, or WF-500 appliances, you ...
Forward Traps to an SNMP Manager
Forward Traps to an SNMP Manager Simple Network Management Protocol (SNMP) traps can alert you to system events (failures or changes in hardware or software ...
Device > Server Profiles > SNMP Trap
Device > Server Profiles > SNMP Trap Simple Network Management Protocol (SNMP) is a standard protocol for monitoring the devices on your network. To alert ...