Wednesday, June 9, 2010

Monitoring ASA Active/Standby Cluster Failover with Nagios

Although a cluster is a beautiful thing (a lifesaver even), it is important to know when the cluster fails from one member to another. To accomplish this with Nagios, I used the check_snmp plugin. Basically, this uses a simple SNMPGET for the value of the specified OID. In my Nagios configuration, I created a command specifically for this in the commands.cfg file. When the primary unit is checked, it should return "9". If anything else is returned, Nagios will announce a "CRITICAL" state rather than "OK".

Syntax of Nagios check_snmp:

check_snmp -H -C public -o -s 9


John said...

Thanks for the info. I was getting ready to implement the same check. However, I have a question. When the Standby becomes the active unit, it takes the IP of that unit and likewise the Active takes the ip if the Standby.

Won't this check always return '9'?


Brian Bohanon said...

This works because the primary unit is always the primary, even if it is the standby. That's also why this failover check only has to be run against the primary - anything else will alarm

Phyo Lwin said...

Which IP address we must use? Primary ASA or virtual IP address?

Brian Bohanon said...

The primary ASA management address.