cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

Monitoring of connection tables

I'm looking for a way to monitor and alert on connection table usage and wondered if anyone has come across a way to do it this effectively. This could either be based on a figure or percentage.  Ideally I would like some sort of SNMP trap or email when a table reaches 75-80% of its capacity. This is something  I would then like use on all our firewalls. 

Our current setup is R80.10 management (take 189) with a mixture of R80.10 / R77.30 gateways all running VSX which the exception of one stand alone firewall.

 

0 Kudos
5 Replies

Re: Monitoring of connection tables

If you have the IPS blade, enable the Aggressive Aging signature with the parameters you want, then set the Track for that signature to Email or SNMP Trap.  Email recipient and/or trap receiver is configured under Global Properties...Log & Alert...Alerts.

"IPS Immersion Training" Self-paced Video Class
Now Available at http://www.maxpowerfirewalls.com
0 Kudos

Re: Monitoring of connection tables

You can certainly monitor the number of connections, CheckPointfwNumConn, (not exactly connection table) via SNMP. We monitor that with Solarwinds, and could probably alert from there. 

0 Kudos

Re: Monitoring of connection tables

Thats actually really great idea to have monitoring of provided (or all) kernel tables in place.

I can imagine to have syntax something like:

snmpwalk <kernel_table> <threshold>

On the other hand, is there way to check name of all kernel tables ?

Kind regards,
Jozko Mrkvicka
0 Kudos
Admin
Admin

Re: Monitoring of connection tables

fw tab (no arguments) should show you all the different kernel table names.

0 Kudos
Highlighted

Re: Monitoring of connection tables

Thanks everyone. Will probably have a look at what we can do with SNMP and Solarwinds. 

0 Kudos