2

I'm using GroundWork (a monitoring framework built upon Nagios) to monitor some network devices via SNMP, but I'm stuck on a problem with bandwidth usage.

Most routers, including the Cisco 2800 used here, can be queried via SNMP for network traffic information; however, they return this information in the form of a counter, meaning "how many bytes have gone in or out of a given interface since the router was turned on". So, in order to get something meaningful out of this information, you need to, f.e. query this information each second and see how much each measure differs from the previous one.

Groundwork/Nagios can automatically manage this for performance data, because they use RRD for storing those data and RRD supports computing deltas between values.

But how can I generate an alert when bandwidth usage exceeds a certain limit? Nagios can send alerts only when a value is above a given threshold, not based on the difference between two distinct measures of the same value.

I need a way to check if bandwidth usage is above a certain threshold, and generate a Nagios alert (thus sending an e-mail) if this happens; I can't rely only on the admin looking at performance data to see if something is wrong with network bandwidth.

Improve this question

2 Answers 2

Reset to default
2

I did this with a cron script, stores current value in a temp file then next time uses it to calculate bandwidth utilization since last run. 

#!/bin/bash email_address="" router_ip="" # 80% BANDWIDTH [ (384000bps) 48,000Bps ] - 20% = 38,400 Bps alertBW="76800" lastBWFile="/var/log/ciscoGW.log" lastBW=`cat $lastBWFile | awk '{print$2}'` lastTime=`cat $lastBWFile | awk '{print$1}'` curBW=` snmpget -c snmap_name -v 1 $router_ip IF-MIB::ifOutOctets.2 | awk '{print$4}'` let diffBW=$curBW-$lastBW #echo "Diff BW: $diffBW" timeNow=`date +%s` let diffTime=$timeNow-$lastTime let alertBW=$alertBW*$diffTime echo "$timeNow $curBW" > $lastBWFile if [ $diffBW -gt $alertBW ]; then # echo "Over limit!" echo "Bandwith used over $diffTime seconds: $diffBW" | mail -s "BANDWIDTH OVER LIMIT!!!!" $email_address fi

Since I was more interested in actual peaks I've since moved to using rrdtool:

#start 15 minutes ago #end 5 minutes ago since rrdtool queries every 5 minutes rrdtool fetch $FROM MAX -s -900 -e -300
Improve this answer
3
  • The data is already in a RRD, so I'd prefer to get it from there, instead of doing another SNMP query to the router; I've read of a check_rrd Nagios plugin, but I can't seem to find it anywhere... Commented Nov 25, 2009 at 15:30
  • Google found this: exchange.nagios.org/directory/Plugins/Databases/RRD/… (I don't use any rrd checks within nagios itself so I don't have any working examples) Commented Nov 25, 2009 at 15:45
  • Found that one, but it doesn't work on a GroundWork setup. Commented Nov 25, 2009 at 19:27
1

to optimize, replace snmpget -c snmap_name -v 1 $router_ip IF-MIB::ifOutOctets.2 | awk '{print$4}' by snmpget -O qv -c snmap_name -v 1 $router_ip IF-MIB::ifOutOctets.2 (one process less to launch)

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.