User Guide

Network Palo Alto Firewall

The nep-network-paloalto-firewall provides the minimum requirements to implement a basic monitoring of a Palo Alto Firewall using SSH protocol. With nep-network-paloalto-firewall it is possible to perform standard monitoring of:

  • Environment Health

  • HA-Status

  • Interfaces Health

  • IPSEC Tunnels Health

  • Licenses Stauts

  • System Health

Centreon Plugin Documentation

Minimum supported environment

This package can be installed on systems running the software described below. Systems with equivalent components are also suitable for installation.

Required software

Requirements

NetEye

Version 4.20+

NetEye modules

Core

Package requirements

Service and Host Template shipped with package nep-network-paloalto-firewall require the following nep:

  • nep-common

  • nep-network-base

  • nep-centreon-plugins-base

The Package require the installation of following packages: - centreon-plugin-Network-Firewalls-Paloalto-Standard-Ssh - perl-Pod-Parser - perl-DateTime - libssh

On NetEye environment this operation is automatically done by Setup Routine.

Setup instructions

If all requirements are met, you can now install this package. To manually set up the nep-network-paloalto-firewall package, just use nep-setup utility to install it.

nep-setup install nep-network-paloalto-firewall

Once installed the following custom variables should be set:

  • nx_hardware_vendor = Palo Alto

Available Objects

This section contains a description of all the Objects from this package that can be used to build your own monitoring environment.

Director Objects

This package contains the following Director Objects:

Data Lists

The following Data Lists can be freely customized by the End User. Their purpose is to provide easy data filling to better describe the monitoring environment.

Datalist name

Description

[NX] Centreon PaloAlto ssh backend list

Used to provide ssh backend (libssh - default, plink, sshcli)

[NX] Centreon PaloAlto Mode List

Used to provide the list of check available for command

Service Templates

The following Service Templates can be used to freely create Service Objects, Service Apply Rules or Service Sets. Remember to not edit these Service Templates because they will be restored/updated at the next NEP Package update.

Template name

Run on Agent

Description

nx-st-agentless-ssh-centreon-paloalto

No

Checks all base monitoring Palo Alto Firewall using Centreon Plugin

Service Sets

The following Service Sets can be used to freely monitor Host Objects. Remember to not edit these Service Sets because they will be restored/updated at the next NEP Package update.

Service Set name

Description

nx-ss-paloalto-firewall

Service Set providing common monitoring for Palo Alto firewalls

ITOA Dashboards

The Package does not provide any ITOA Dashboards right now.

Package’s objects list

Object Type

Object Name

Editable

Containing File

Director Command

nx-c-cetreon-paloalto_ssh

No

baskets/import/nx-c-cetreon-paloalto_ssh02-command.json

Director Data List

[NX] Centreon PaloAlto ssh backend list

No

baskets/import/nep-network-paloalto-firewall-01-datalist.json

Director Data List

[NX] Centreon PaloAltro Mode List

No

baskets/import/nep-network-paloalto-firewall-01-datalist.json

Director Service Set

nx-ss-paloalto-firewall

No

baskets/import/nep-network-paloalto-firewall-05-serviceset.json

Director Service Template

nx-st-agentless-ssh-centreon-paloalto

No

baskets/import/nep-network-paloalto-firewall-04-service.json