| Author | Nicolas Barberis |
| Compatibility | Xymon 4.3.27 |
| Requirements | BASH, snmpget, snmpwalk |
| Download | None |
| Last Update | 2016-12-23 |
This test was developed in order to get the Top-Talkers list from a cisco device vía SNMP. Tested on a Cisco 2911 with IOS 15.3
Client side
(Client side being the Cisco router)
interface Vlan1
!config to verify the traffic-wise top user
! assuming vlan1 to be the LAN side
ip flow egress
! ip flow egress means "the traffic going out of this iface to the user"
ip flow-top-talkers
top 10
sort-by bytes
Server side
Copy paste the script to $XYMONHOME/ext/iptop.sh Don´t forget to change the COMMUNITY variable.
Add the topt tag to the desireddevices (topt: “top 10”)
#!/bin/bash
#
# Author: Nicolas Barberis(nbarberis@gestionamas.com.ar)
# Description: This script will report the ip-flow top talkers on a cisco router
#
# You need to setup ip flow on the cisco router for the MIBS to be available:
# interface Vlan1
# !config to verify the internet top user
# ! assuming vlan1 to be the LAN side
# ip flow egress
# ip flow-top-talkers
# top 10
# sort-by bytes
#
BBHTAG=topt # What we put in bb-hosts to trigger this test
COLUMN=$BBHTAG # Name of the column, often same as tag in bb-hosts
COMMUNITY=public
$XYMONHOME/bin/bbhostgrep $BBHTAG | while read L
do
set $L # To get one line of output from bbhostgrep
HOSTIP="$1"
MACHINEDOTS="$2"
MACHINE=`echo $2 | $SED -e's/\./,/g'`
COLOR=green
MSG="Ranking de consumo de datos de $MACHINEDOTS"
MSG=$(echo -e "$MSG\n\n<table border=\"1\"><tr><th>Index</th><th>Source IP</th><th>Target IP</th><th>Port</th><th>KB/s</th></tr>")
for INDEX in `/usr/local/bin/snmpwalk -c $COMMUNITY -v2c $HOSTIP 1.3.6.1.4.1.9.9.387.1.7.8.1.3|awk '{ print $1 }'|awk -F\. '{ print $10 }'`
do
IP_ORIG_HEX=$(/usr/local/bin/snmpget -c $COMMUNITY -v2c $HOSTIP 1.3.6.1.4.1.9.9.387.1.7.8.1.3.$INDEX|awk -F\: '{ print $4 }')
IP_ORIG_OCT=$((16#${IP_ORIG_HEX:1:3}))"."$((16#${IP_ORIG_HEX:4:3}))"."$((16#${IP_ORIG_HEX:7:3}))"."$((16#${IP_ORIG_HEX:10:3}))
IP_DEST_HEX=$(/usr/local/bin/snmpget -c $COMMUNITY -v2c $HOSTIP 1.3.6.1.4.1.9.9.387.1.7.8.1.6.$INDEX|awk -F\: '{ print $4 }')
IP_DEST_OCT=$((16#${IP_DEST_HEX:1:3}))"."$((16#${IP_DEST_HEX:4:3}))"."$((16#${IP_DEST_HEX:7:3}))"."$((16#${IP_DEST_HEX:10:3}))
PORT=$(/usr/local/bin/snmpget -c $COMMUNITY -v2c $HOSTIP 1.3.6.1.4.1.9.9.387.1.7.8.1.10.$INDEX|awk '{ print $4 }')
BYTES=$(/usr/local/bin/snmpget -c $COMMUNITY -v2c $HOSTIP 1.3.6.1.4.1.9.9.387.1.7.8.1.24.$INDEX|awk '{ print $4 }')
KB=$((BYTES/1024))
KBTOT+=$((KB))
#$((0x${hexNum}))
CCOLOR="green"
COLOR=green
# if [ $KBTOT > 950000000 ]
# then
# CCOLOR="red"
# COLOR=red
# elif
# CCOLOR="green"
# COLOR=green
# fi
STATUSTRANSLATED=${STATUSCODES[$STATUS]}
#MSG=$(echo -e "$MSG\n<img src=/xymon/gifs/$CCOLOR.gif> Index: $INDEX\tIP Local: $IP_ORIG_OCT\tIP Remota: $IP_DEST_OCT\tPuerto: $PORT\tKB/s: $KB")
MSG=$(echo -e "$MSG\n<tr><td>$INDEX</td><td>$IP_ORIG_OCT</td><td>$IP_DEST_OCT</td><td>$PORT</td><td>$KB</td></tr>")
done
MSG=$(echo -e "$MSG\n</table>")
$XYMON $XYMSRV "status $MACHINE.$COLUMN $COLOR `date`
${MSG}
"
# uncomment to debug the message sent to xymon
# echo $XYMON $XYMSRV "status $MACHINE.$COLUMN $COLOR `date` " >> /tmp/ip_dbg.log
done
exit 0
Known Bugs and Issues
*Make sure about your path to snmpget and snmpwalk. Adjust accordingly.
* Set the test color to go along with the if-load column