diff --git a/definitions/ext-db2/dashboard.json b/definitions/ext-db2/dashboard.json index 790fa71b3..11e417d1a 100644 --- a/definitions/ext-db2/dashboard.json +++ b/definitions/ext-db2/dashboard.json @@ -1,7 +1,6 @@ { "name": "DB2 Database Status", "description": null, - "permissions": "PUBLIC_READ_WRITE", "pages": [{ "name": "DB2 Database Status", "description": null, diff --git a/definitions/ext-firewall/cisco-asa-dashboard.json b/definitions/ext-firewall/cisco-asa-dashboard.json new file mode 100644 index 000000000..b44f95ad4 --- /dev/null +++ b/definitions/ext-firewall/cisco-asa-dashboard.json @@ -0,0 +1,125 @@ +{ + "name": "Cisco ASA Firewall", + "description": null, + "pages": [ + { + "name": "Cisco ASA Firewall", + "description": null, + "widgets": [ + { + "visualization": { + "id": "viz.billboard" + }, + "layout": { + "column": 1, + "row": 1, + "height": 4, + "width": 4 + }, + "title": "Device Uptime", + "rawConfiguration": { + "dataFormatters": [ + { + "name": "Total Hours", + "precision": null, + "type": "decimal" + }, + { + "name": "Total Days", + "precision": null, + "type": "decimal" + } + ], + "nrqlQueries": [ + { + "accountId": 0, + "query": "FROM Metric SELECT latest(`kentik.snmp.Uptime`)/100/60/60/24 AS 'Total Days', latest(`kentik.snmp.Uptime`)/100/60/60 AS 'Total Hours' WHERE provider = 'kentik-firewall'" + } + ], + "thresholds": [] + } + }, + { + "visualization": { + "id": "viz.line" + }, + "layout": { + "column": 5, + "row": 1, + "height": 4, + "width": 6 + }, + "title": "CPU Utilization %", + "rawConfiguration": { + "dataFormatters": [], + "legend": { + "enabled": true + }, + "nrqlQueries": [ + { + "accountId": 0, + "query": "FROM Metric SELECT max(kentik.snmp.CPU) AS 'CPU Utilization %' TIMESERIES 5 MINUTES" + } + ], + "yAxisLeft": { + "max": 100, + "min": 0, + "zero": false + } + } + }, + { + "visualization": { + "id": "viz.billboard" + }, + "layout": { + "column": 1, + "row": 5, + "height": 4, + "width": 4 + }, + "title": "Total Active Sessions", + "rawConfiguration": { + "dataFormatters": [], + "nrqlQueries": [ + { + "accountId": 0, + "query": "FROM Metric SELECT latest(kentik.snmp.crasNumSessions) AS 'Active Sessions' SINCE 10 MINUTES AGO COMPARE WITH 1 DAY AGO" + } + ], + "thresholds": [] + } + }, + { + "visualization": { + "id": "viz.line" + }, + "layout": { + "column": 5, + "row": 5, + "height": 4, + "width": 6 + }, + "title": "Memory Utilization %", + "rawConfiguration": { + "dataFormatters": [], + "legend": { + "enabled": true + }, + "nrqlQueries": [ + { + "accountId": 0, + "query": "FROM Metric SELECT max(kentik.snmp.MemoryUtilization) AS 'Memory Utilization %' TIMESERIES 5 MINUTES" + } + ], + "yAxisLeft": { + "max": 100, + "min": 0, + "zero": false + } + } + } + ] + } + ] + } diff --git a/definitions/ext-firewall/definition.yml b/definitions/ext-firewall/definition.yml index 1f033032d..c2453faec 100644 --- a/definitions/ext-firewall/definition.yml +++ b/definitions/ext-firewall/definition.yml @@ -1,7 +1,4 @@ domain: EXT -# Firewall devices from Kentik using Metric API -# Note this initial definition is limited to only Fortigate Firewalls using the FORTINET-FORTIGATE-MIB -# Future firewall entities will need to be isolated in the definition type: FIREWALL synthesis: name: device_name @@ -20,5 +17,12 @@ goldenTags: - device_ip dashboardTemplates: - kentik: - template: kentik-dashboard.json + # Cisco ASA profiles (default) + kentik/cisco-asa: + template: cisco-asa-dashboard.json + # Palo Alto profiles + kentik/palo-alto: + template: palo-alto-dashboard.json + # Fortinet Fortigate profiles + kentik/fortinet-fortigate: + template: fortinet-fortigate-dashboard.json diff --git a/definitions/ext-firewall/kentik-dashboard.json b/definitions/ext-firewall/fortinet-fortigate-dashboard.json similarity index 100% rename from definitions/ext-firewall/kentik-dashboard.json rename to definitions/ext-firewall/fortinet-fortigate-dashboard.json diff --git a/definitions/ext-firewall/golden_metrics.yml b/definitions/ext-firewall/golden_metrics.yml index b7bf0741d..9561db9fb 100644 --- a/definitions/ext-firewall/golden_metrics.yml +++ b/definitions/ext-firewall/golden_metrics.yml @@ -1,27 +1,47 @@ cpuUtilization: title: CPU Utilization (%) - query: - select: max(kentik.snmp.fgSysCpuUsage) - from: Metric - where: "provider = 'kentik-firewall'" + queries: + kentik/cisco-asa: + select: max(kentik.snmp.CPU) + from: Metric + where: "provider = 'kentik-firewall'" + kentik/palo-alto: + select: max(kentik.snmp.hrProcessorLoad) + from: Metric + where: "provider = 'kentik-firewall' AND Index = '.1'" + kentik/fortinet-fortigate: + select: max(kentik.snmp.fgSysCpuUsage) + from: Metric + where: "provider = 'kentik-firewall'" memoryUtilization: title: Memory Utilization (%) - query: - select: (max(kentik.snmp.fgSysMemUsage) / max(kentik.snmp.fgSysMemCapacity)) * 100 - from: Metric - where: "provider = 'kentik-firewall'" + queries: + kentik/cisco-asa: + select: max(kentik.snmp.MemoryUtilization) + from: Metric + where: "provider = 'kentik-firewall'" + kentik/palo-alto: + select: (max(kentik.snmp.hrStorageUsed) / max(kentik.snmp.hrStorageSize)) * 100 + from: Metric + where: "provider = 'kentik-firewall' AND storage_description LIKE '%Management Memory%'" + kentik/fortinet-fortigate: + select: (max(kentik.snmp.fgSysMemUsage) / max(kentik.snmp.fgSysMemCapacity)) * 100 + from: Metric + where: "provider = 'kentik-firewall'" -lowmemUtilization: - title: Lowmem Utilization (%) - query: - select: (max(kentik.snmp.fgSysLowMemUsage) / max(kentik.snmp.fgSysLowMemCapacity)) * 100 - from: Metric - where: "provider = 'kentik-firewall'" - -ipSessionRate: - title: IP Session Rate (1min) - query: - select: latest(kentik.snmp.fgSysSesRate1) + latest(kentik.snmp.fgSysSes6Rate1) - from: Metric - where: "provider = 'kentik-firewall'" +sessionsTotal: + title: Current Sessions + queries: + kentik/cisco-asa: + select: latest(kentik.snmp.crasNumSessions) + from: Metric + where: "provider = 'kentik-firewall'" + kentik/palo-alto: + select: max(kentik.snmp.panSessionActive) + from: Metric + where: "provider = 'kentik-firewall'" + kentik/fortinet-fortigate: + select: latest(kentik.snmp.fgSysSesCount) + latest(kentik.snmp.fgSysSes6Count) + from: Metric + where: "provider = 'kentik-firewall'" diff --git a/definitions/ext-firewall/palo-alto-dashboard.json b/definitions/ext-firewall/palo-alto-dashboard.json new file mode 100644 index 000000000..8b5a96411 --- /dev/null +++ b/definitions/ext-firewall/palo-alto-dashboard.json @@ -0,0 +1,233 @@ +{ + "name": "Palo Alto Firewall", + "description": null, + "pages": [ + { + "name": "Palo Alto Firewall", + "description": null, + "widgets": [ + { + "visualization": { + "id": "viz.billboard" + }, + "layout": { + "column": 1, + "row": 1, + "height": 4, + "width": 3 + }, + "title": "Device Uptime", + "rawConfiguration": { + "dataFormatters": [ + { + "name": "Total Hours", + "precision": null, + "type": "decimal" + }, + { + "name": "Total Days", + "precision": null, + "type": "decimal" + } + ], + "nrqlQueries": [ + { + "accountId": 0, + "query": "FROM Metric SELECT latest(`kentik.snmp.Uptime`)/100/60/60/24 AS 'Total Days', latest(`kentik.snmp.Uptime`)/100/60/60 AS 'Total Hours' WHERE provider = 'kentik-firewall'" + } + ], + "thresholds": [] + } + }, + { + "visualization": { + "id": "viz.billboard" + }, + "layout": { + "column": 4, + "row": 1, + "height": 4, + "width": 3 + }, + "title": "Total Active Sessions", + "rawConfiguration": { + "dataFormatters": [], + "nrqlQueries": [ + { + "accountId": 0, + "query": "FROM Metric SELECT latest(kentik.snmp.panSessionActive) AS 'Active Sessions', latest(kentik.snmp.panSessionUtilization) AS 'Session Utilization %' SINCE 10 MINUTES AGO COMPARE WITH 1 DAY AGO" + } + ], + "thresholds": [] + } + }, + { + "visualization": { + "id": "viz.area" + }, + "layout": { + "column": 7, + "row": 1, + "height": 4, + "width": 6 + }, + "title": "Sessions by Type", + "rawConfiguration": { + "legend": { + "enabled": true + }, + "nrqlQueries": [ + { + "accountId": 0, + "query": "FROM Metric SELECT max(kentik.snmp.panSessionActiveICMP) AS 'ICMP', max(kentik.snmp.panSessionActiveSslProxy) AS 'SSL Proxy', max(kentik.snmp.panSessionActiveTcp) AS 'TCP', max(kentik.snmp.panSessionActiveUdp)AS 'UDP' TIMESERIES 5 MINUTES" + } + ] + } + }, + { + "visualization": { + "id": "viz.line" + }, + "layout": { + "column": 1, + "row": 5, + "height": 4, + "width": 6 + }, + "title": "CPU Utilization %", + "rawConfiguration": { + "dataFormatters": [], + "legend": { + "enabled": true + }, + "nrqlQueries": [ + { + "accountId": 0, + "query": "FROM Metric SELECT max(kentik.snmp.hrProcessorLoad) AS 'CPU Utilization %' TIMESERIES 5 MINUTES WHERE Index = '.1'" + } + ], + "yAxisLeft": { + "max": 100, + "min": 0, + "zero": true + } + } + }, + { + "visualization": { + "id": "viz.line" + }, + "layout": { + "column": 7, + "row": 5, + "height": 4, + "width": 6 + }, + "title": "Memory Utilization %", + "rawConfiguration": { + "dataFormatters": [], + "facet": { + "showOtherSeries": false + }, + "legend": { + "enabled": true + }, + "nrqlQueries": [ + { + "accountId": 0, + "query": "FROM Metric SELECT (max(kentik.snmp.hrStorageUsed)/max(kentik.snmp.hrStorageSize)) * 100 AS 'Memory Utilization %' FACET storage_description TIMESERIES 5 MINUTES" + } + ], + "yAxisLeft": { + "max": 100, + "min": 0, + "zero": true + } + } + }, + { + "visualization": { + "id": "viz.table" + }, + "layout": { + "column": 1, + "row": 9, + "height": 3, + "width": 4 + }, + "title": "Interface Inventory", + "rawConfiguration": { + "dataFormatters": [], + "facet": { + "showOtherSeries": false + }, + "nrqlQueries": [ + { + "accountId": 0, + "query": "FROM Metric SELECT latest(ifOperStatus) AS 'Interface Status', rate((max(kentik.snmp.ifHCInOctets) + max(kentik.snmp.ifHCOutOctets))*8/1000/1000, 1 second) AS 'Mbps' FACET device_name, if_Name OR if_Alias OR if_Description AS 'interface_name' WHERE provider = 'kentik-firewall' LIMIT MAX" + } + ] + } + }, + { + "visualization": { + "id": "viz.line" + }, + "layout": { + "column": 5, + "row": 9, + "height": 3, + "width": 4 + }, + "title": "Top 10 Interfaces - Incoming Traffic", + "rawConfiguration": { + "facet": { + "showOtherSeries": false + }, + "legend": { + "enabled": true + }, + "nrqlQueries": [ + { + "accountId": 0, + "query": "FROM Metric SELECT rate(max(kentik.snmp.ifHCInOctets)*8/1000/1000, 1 second) AS 'Mbps' FACET device_name, if_Name OR if_Alias OR if_Description AS 'interface_name' TIMESERIES 5 MINUTES WHERE provider = 'kentik-firewall' LIMIT 10" + } + ], + "yAxisLeft": { + "zero": false + } + } + }, + { + "visualization": { + "id": "viz.line" + }, + "layout": { + "column": 9, + "row": 9, + "height": 3, + "width": 4 + }, + "title": "Top 10 Interfaces - Outgoing Traffic", + "rawConfiguration": { + "facet": { + "showOtherSeries": false + }, + "legend": { + "enabled": true + }, + "nrqlQueries": [ + { + "accountId": 0, + "query": "FROM Metric SELECT rate(max(kentik.snmp.ifHCOutOctets)*8/1000/1000, 1 second) AS 'Mbps' FACET device_name, if_Name OR if_Alias OR if_Description AS 'interface_name' TIMESERIES 5 MINUTES WHERE provider = 'kentik-firewall' LIMIT 10" + } + ], + "yAxisLeft": { + "zero": false + } + } + } + ] + } + ] + } diff --git a/definitions/ext-firewall/summary_metrics.yml b/definitions/ext-firewall/summary_metrics.yml index fff46b88e..70c167d5f 100644 --- a/definitions/ext-firewall/summary_metrics.yml +++ b/definitions/ext-firewall/summary_metrics.yml @@ -7,26 +7,59 @@ ipAddress: cpuUtilization: title: CPU unit: PERCENTAGE - query: - select: max(kentik.snmp.fgSysCpuUsage) - from: Metric - where: "provider = 'kentik-firewall'" - eventId: entity.guid + queries: + kentik/cisco-asa: + select: max(kentik.snmp.CPU) + from: Metric + where: "provider = 'kentik-firewall'" + eventId: entity.guid + kentik/palo-alto: + select: max(kentik.snmp.hrProcessorLoad) + from: Metric + where: "provider = 'kentik-firewall' AND Index = '.1'" + eventId: entity.guid + kentik/fortinet-fortigate: + select: max(kentik.snmp.fgSysCpuUsage) + from: Metric + where: "provider = 'kentik-firewall'" + eventId: entity.guid memoryUtilization: title: Memory unit: PERCENTAGE - query: - select: (max(kentik.snmp.fgSysMemUsage) / max(kentik.snmp.fgSysMemCapacity)) * 100 - from: Metric - where: "provider = 'kentik-firewall'" - eventId: entity.guid + queries: + kentik/cisco-asa: + select: max(kentik.snmp.MemoryUtilization) + from: Metric + where: "provider = 'kentik-firewall'" + eventId: entity.guid + kentik/palo-alto: + select: (max(kentik.snmp.hrStorageUsed) / max(kentik.snmp.hrStorageSize)) * 100 + from: Metric + where: "provider = 'kentik-firewall' AND storage_description LIKE '%Management Memory%'" + eventId: entity.guid + kentik/fortinet-fortigate: + select: (max(kentik.snmp.fgSysMemUsage) / max(kentik.snmp.fgSysMemCapacity)) * 100 + from: Metric + where: "provider = 'kentik-firewall'" + eventId: entity.guid -ipSessionsTotal: - title: Current IP Sessions +sessionsTotal: + title: Current Sessions unit: COUNT - query: - select: latest(kentik.snmp.fgSysSesCount) + latest(kentik.snmp.fgSysSes6Count) - from: Metric - where: "provider = 'kentik-firewall'" - eventId: entity.guid + queries: + kentik/cisco-asa: + select: latest(kentik.snmp.crasNumSessions) + from: Metric + where: "provider = 'kentik-firewall'" + eventId: entity.guid + kentik/palo-alto: + select: max(kentik.snmp.panSessionActive) + from: Metric + where: "provider = 'kentik-firewall'" + eventId: entity.guid + kentik/fortinet-fortigate: + select: latest(kentik.snmp.fgSysSesCount) + latest(kentik.snmp.fgSysSes6Count) + from: Metric + where: "provider = 'kentik-firewall'" + eventId: entity.guid diff --git a/definitions/ext-kentik_default/dashboard.json b/definitions/ext-kentik_default/dashboard.json index ad7d4d904..00383f60b 100644 --- a/definitions/ext-kentik_default/dashboard.json +++ b/definitions/ext-kentik_default/dashboard.json @@ -40,7 +40,7 @@ "nrqlQueries": [ { "accountId": 0, - "query": "FROM Metric SELECT latest(timestamp) AS 'Last Poll' FACET device_name AS 'Name', src_addr AS 'IP Address', SysObjectID, sysoid_profile AS 'ktranslate profile' WHERE provider = 'kentik-default'" + "query": "FROM Metric SELECT latest(timestamp) AS 'Last Poll' FACET device_name AS 'Name', src_addr AS 'IP Address', SysObjectID, sysoid_profile AS 'ktranslate profile' WHERE provider = 'kentik-default' AND SysObjectID IS NOT NULL" } ] }