How to determine in real time TOP Client connections from local systems (PCs, terminal servers ...) through the Blue Coat ProxySG proxy server?
Colleagues came to me with such a question. Periodically, the proxy is sick of exceeding client connections and I wanted to see a list of the most active users who have the most current connections through the proxy to the Internet.
I wrote down the processing, the repository https://github.com/dima-sheihin/zabbix-bluecoat
After configuration, we can see the following output on the monitoring board:
TCP session statistics for both proxies in real time
:
BlueCoat SG SNMP, ( SNMP 3 ).
bluecoat_top.pl
my $AUTH_LEVEL = "authPriv";
my $USER = "zabbix";
my $AUTH_PRT = "SHA";
my $AUTH_PASS = "xxxxxxxxx";
my $PRIV_PRT = "AES";
my $PRIV_PASS = "xxxxxxxxx";
Perl , IP
snmpwalk
BLUECOAT-MIB.mib BLUECOAT-SG-PROXY-MIB.mib /usr/share/snmp/mibs/
Templates BlueCoat-TOP.xml zabbix ( 4 )
Templates BlueCoat-TOP.xml BC SG
bluecoat_top.pl BC SG
$hosts{00001}->{hostname} = "bcsg01.domain.com";
$hosts{00001}->{connection} = "172.16.0.3";
$hosts{00001}->{zbbx_tcp} = "bluecoat_json_connState";
$hosts{00001}->{zbbx_top} = "bluecoat_top";
$hosts{00002}->{hostname} = "bcsg02.domain.com";
$hosts{00002}->{connection} = "172.16.0.4";
$hosts{00002}->{zbbx_tcp} = "bluecoat_json_connState";
$hosts{00002}->{zbbx_top} = "bluecoat_top";
{hostname} - ( zabbix-sender)
{connection} - IP MGMT BC SG
{zbbx_tcp} and {zbbx_top} are the names of metrics linked through the template to the host (s) BC SG
In general, everything, add the script to the scheduler
# crontab -e
*/10 * * * * /usr/zabbix/bluecoat_top.pl > /dev/null 2>&1
The repository also has a template Templates-BlueCoat.xml, I recommend it, quite a few metrics can be collected from hardware.