FortiSIEM Configuring Storage

Configuring Storage

AccelOps supports these storage devices for discovery and monitoring.

Brocade SAN Switch Configuration

Dell Compellant Storage Configuration

Dell EqualLogic Storage Configuration

EMC Clarion Storage Configuration

EMC Isilon Storage Configuration

EMC VNX Storage Configuration

NetApp Filer Storage Configuration

Nimble Storage Configuration

Nutanix Storage Configuration

 

 

Brocade SAN Switch Configuration

What is Discovered and Monitored

Protocol Information Discovered Metrics collected Used for
SNMP Host name, Operating system version, Hardware model,

Serial number, Network interfaces, Physical Disks, Components

Uptime, Network Interface metrics (utilization, bytes sent and received, packets sent and received, errors, discards and queue lengths) Availability and

Performance

Monitoring

SNMP Hardware Status: Fan, Power Supply, Temperature (AccelOps

Event Type: PH_DEV_MON_HW_STATUS)

Availability

Monitoring

Event Types

In CMDB > Event Types, search for “brocade” in the Description column to see the event types associated with this device.

Rules

There are no predefined rules for this device.

Reports

There are no predefined reports for this device.

Configuration

SNMP

AccelOps uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation, then follow the instructions in Setting Access Credentials for Device Discovery to establish the connection between the device and AccelOps, and to initiate the device discovery process.

Settings for Access Credentials

 

Dell Compellant Storage Configuration

What is Discovered and Monitored

Event Types

Rules

Availability

Performance (Fixed threshold) Reports

Configuration

SNMP

Settings for Access Credentials

What is Discovered and Monitored

Protocol Information Discovered Metrics collected Used for
SNMP Host name, Operating system version, Hardware model,

Serial number, Network interfaces, Physical Disks, Components

Uptime, Network Interface metrics (utilization, bytes sent and received, packets sent and received, errors, discards and queue lengths) Availability and

Performance

Monitoring

SNMP Hardware component health: Power, Temperature, Fan Availability

Monitoring

SNMP Volume Utilization Performance

Monitoring

Event Types

Ping Monitoring: PH_DEV_MON_PING_STAT

Interface Utilization: PH_DEV_MON_NET_INTF_UTIL

Hardware Status: PH_DEV_MON_HW_STATUS

Disk Utilization: PH_DEV_MON_DISK_UTIL

Rules

Availability

Storage Hardware Warning

Storage Hardware Critical

Performance (Fixed threshold)

NFS Disk space Warning

NFS Disk Space Critical

Reports

Dell Compellent Hardware Status

Top Dell Compellent Devices By Disk Space Util

Top Dell Compellent Devices By Disk Space Util (Detailed)

Top Dell Compellent modules by fan speed

Top Dell Compellent modules by temperature

Top Dell Compellent modules by voltage

Configuration

SNMP

AccelOps uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation, then follow the instructions in Setting Access Credentials for Device Discovery to establish the connection between the device and AccelOps, and to initiate the device discovery process.

Settings for Access Credentials

 

Dell EqualLogic Storage Configuration

What is Discovered and Monitored

Protocol Information Discovered Metrics collected Used for
SNMP Host name, Operating system version, Hardware model, Serial number, Network interfaces, Physical Disks, Components Uptime, Network Interface metrics (utilization, bytes sent and received, packets sent and received, errors, discards and queue lengths) Availability

and

Performance

Monitoring

SNMP Hardware component health: Component name (Disk, Power supply, Temperature, Fan, RAID health), Component status, Host spare ready disk count

Overall Disk health metrics: Total disk count, Active disk count, Failed disk count, Spare disk count

Availability

Monitoring

SNMP Connection metrics: Connection Count, Read request rate (IOPS), Write request rate (IOPS), Read latency, Write latency, Read volume (KBps), Write volume (KBps)

Disk performance metrics: Disk Name, Disk I/O Utilization, Disk I/O Queue,

Read volume (KBps), Write volume (KBps)

Group level performance metrics: Total storage, Used storage, Reserved storage, Reserved used storage, Total volumes, Used volumes, Online volumes, Total snapshot, Used snapshot, Online snapshot

Performance

Monitoring

Event Types

In CMDB > Event Types, search for “equallogic” in the Description column to see the event types associated with this device.

Rules

In Analytics > Rules, search for “equallogic” in the Name column to see the rules associated with this device.

Reports

In Analytics > Reports, search for “equallogic” in the Name column to see the reports associated with this device.

Configuration

SNMP

AccelOps uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation, then follow the instructions in Setting Access Credentials for Device Discovery to establish the connection between the device and AccelOps, and to initiate the device discovery process.

Settings for Access Credentials

 

EMC Clarion Storage Configuration

What is Discovered and Monitored

Protocol Information Discovered Metrics collected Used for
NaviSecCLI Host name, Operating system version, Hardware model, Serial number, Network interfaces* Installed Software, Storage

Controller Ports

Hardware components: Enclosures, Fan,

Power Supply, Link Control Card, CPU, Disk

RAID Groups and the assigned disks

LUNs and LUN -> RAID Group mappings Storage Groups and memberships (Host, Port, LUN).

Processor utilization: SP Name, Read request rate (IOPS), Write request rate

(IOPS), Read volume (KBps), Write volume (KBps), Read/Write request rate (IOPS), Read/Write volume (KBps)

Port I/O: Port name, Read request rate (IOPS), Write request rate (IOPS), Read

volume (KBps), Write volume (KBps), Read/Write request rate (IOPS),

Read/Write volume (KBps)

RAID Group I/O:  RAID Group id, RAID type, Total disk, Read request rate

(IOPS), Write request rate (IOPS), Read volume (KBps), Write volume (KBps),

Read/Write request rate (IOPS), Read/Write volume (KBps)

LUN I/O: LUN name, LUN id, Total disk, Used disk, Free disk, Disk util, Read request rate (IOPS), Write request rate (IOPS), Read volume (KBps), Write volume (KBps), Read/Write request rate (IOPS), Read/Write volume (KBps) Host HBA Connectivity: Source IP, Source Name, Source WWN, Dest IP,

Destination Name, SP Port Name, Storage Group, LUN Names, Login Status, Registration Status

Host HBA Unregistered Host: Source IP, Source Name, Source WWN, Dest

IP, Destination Name, SP Port Name

Hardware component health: Component name (Disk, Power supply, LCC,

Fan, Link, Port), Component status, Host spare ready disk count

Overall Disk health:  Total disk count, Total disk size (MB), Active disk count, Failed disk count, Spare disk count

Availability

and

Performance

Monitoring

Event Types

In CMDB > Event Types, search for “clarion” in the Name column to see the event types associated with this device.

Rules

There are no predefined rules for this device.

Reports

There are no predefined reports for this device.

Configuration

Installing the NaviSecCLI Library in AccelOps

Changing NaviSecCLI Credentials

If you change the NaviSecCLI credentials on your EMC Clarion device, the certificates may also be changed and naviseccli may prompt you to accept new certificates. This should only happen the first time after a certificate change, however, AccelOps discovery and performance monitoring will fail. You will need to run NaviSecCLI manually on each Supervisor and Worker in your deployment and accept the certificate, and then rediscover your EMC Clarion device for performance monitoring to resume.

Configuration of your EMC Clarion storage device involves installing EMC’s NaviSecCLI library in your AccelOps virtual appliance, and then setting the access credentials that the appliance will use to communicate with your device.

  1. Log in to your AccelOps virtual appliance as root.
  2. Copy the file NaviCLI-Linux-64-x86-versionxyz.rpm to the AccelOps directory.
  3. Run rpm –Uvh NaviCLI-Linux-64-x86-versionxyz.rpm to install the rpm package.

 

  1. Change the user role to the admin su – admin and make sure that the user can run the command naviseccli -h -User <user> -Password <pwd> -Scope global getall -sp from the directory /opt/phoenix/bin.
  2. Make sure that the Navisphere Analyzer module is on.

If the module is off, performance metrics will not be available and discovery will fail. This log shows an example of  the module being turned off.

[admin@accelops ~]$ naviseccli -user admin -password admin*1 -scope

0 -h 192.168.1.100 getall -sp

Server IP Address:       192.168.1.100

Agent Rev:           7.32.26 (0.95)

SP Information

————–

Storage Processor:                  SP A

Storage Processor Network Name:     A-IMAGE

Storage Processor IP Address:       192.168.1.100

Storage Processor Subnet Mask:      255.255.255.0

Storage Processor Gateway Address:  192.168.1.254

Storage Processor IPv6 Mode:               Not Supported Management Port Settings:

Link Status:                        Link-Up

Current Speed:                      1000Mbps/full duplex

Requested Speed:                    Auto

Auto-Negotiate:                     YES

Capable Speeds:                     1000Mbps half/full duplex

10Mbps half/full duplex

100Mbps half/full duplex

Auto

System Fault LED:              OFF Statistics Logging:            OFF    <—– Note: performance statistics are not being collected                                       <—— so AccelOp can not pull stats and discovery will fail.                                       <—— See how to turn ON Statistics Logging below.

SP Read Cache State            Enabled

SP Write Cache State           Enabled ….

  1. If the Navisphere Analyzer module is off, turn it on with the setstats -on

 

  1. Once this command runs successfully, you are ready to set the access credentials for your device in AccelOps and initiate the discovery process.

Settings for Access Credentials

EMC Isilon Storage Configuration

What is Discovered and Monitored
Protocol Information Discovered Metrics collected Used for
SNMP Host name, Operating system version, Hardware model, Serial number, Network interfaces, Physical Disks, Components Uptime, Network Interface metrics (utilization, bytes sent and received, packets sent and received, errors, discards and queue lengths) Availability

and

Performance

Monitoring

SNMP Hardware component health: Component name (Disk, Power supply, Temperature, Fan),

Component status (AO event type: PH_DEV_MON_HW_STATUS)

Environmental: Temperature (AO event type: PH_DEV_MON_HW_TEMP), Voltage readings (AO event type: PH_DEV_MON_HW_VOLTAGE)

Cluster membership change: (AO event type:

PH_DEV_MON_ISILON_CLUSTER_MEMBERSHIP_CHANGE)

Availability

Monitoring

SNMP Node health and performance: Overall health, Overall CPU, User CPU, System CPU, Read Bytes/sec, Write Bytes/sec, Network Read Bytes/sec, Network Write Bytes/sec (AO event type:

PH_DEV_MON_ISILON_NODE_HEALTH)

Cluster health and performance: Cluster name, Cluster health, Online nodes, Offline nodes, Total Space, Used Space, Available Space, Overall CPU, System CPU, User CPU,  Read Bytes/sec, Write Bytes/sec, Network Read Bytes/sec, Network Write Bytes/sec (AO event type:

PH_DEV_MON_ISILON_CLUSTER_HEALTH)

Cluster Snapshot: Snapshot name, alias, path, creation date, expiry date, size (AO event type: PH_DEV_MON_ISILON_CLUSTER_SNAPSHOT)

Storage Quota metrics:  Cluster name, Soft Threshold, Hard Threshold, Advisable threshold, Usage, Usage with Overhead, Inode usage, Grace period (AO event type:

PH_DEV_MON_ISILON_NODE_CLUSTER_QUOTA)

Disk performance metrics: Operations/sec, Read Bytes/sec, Write Bytes/sec (AO event type:

PH_DEV_MON_ISILON_NODE_DISK_PERF)

Protocol Performance: Protocol name, Latency: current, average,  min latency and max, Operations/sec, Read Bytes: current, average, min, max, standard deviation, Write Bytes: current, average, min, max, standard deviation (AO event type:

PH_DEV_MON_ISILON_NODE_PROTO_PERF)

Performance

Monitoring

Event Types

In CMDB > Event Types, search for “isilon” in the Description column to see the event types associated with this device.

Rules

In Analytics > Rules, search for “isilon” in the Name column to see the rules associated with this device.

Reports

In Analytics > Reports, search for “isilon” in the Name column to see the reports associated with this device.

Configuration

SNMP

AccelOps uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation, then follow the instructions in Setting Access Credentials for Device Discovery to establish the connection between the device and AccelOps, and to initiate the device discovery process.

Settings for Access Credentials

EMC VNX Storage Configuration

Configuring EMC VNX

Like EMC Clarion, AccelOps uses Navisec CLI to discover the device and to collect performance metrics. The only difference is that a slightly different command and XML formatted output is used.

Protocol Information Discovered Metrics collected Used for
Navisec

CLI

Host name, Operating system version, Hardware model, Serial number, Network interfaces* Installed Software, Storage

Controller Ports

Hardware components: Enclosures, Fan,

Power Supply, Link Control Card, CPU, Disk Storage Pools, RAID Groups and the assigned disks

LUNs and LUN -> Storage Pool and RAID

Group mappings

Storage Groups and memberships (Host, Port, LUN)

Processor utilization: SP Name, Read request rate (IOPS), Write request rate

(IOPS), Read volume (KBps), Write volume (KBps), Read/Write request rate (IOPS), Read/Write volume (KBps)

Storage Pool I/O:  RAID Group id, RAID type, Total disk, Read request rate

(IOPS), Write request rate (IOPS), Read volume (KBps), Write volume (KBps),

Read/Write request rate (IOPS), Read/Write volume (KBps)

LUN I/O: LUN name, LUN id, Total disk, Used disk, Free disk, Disk util, Read request rate (IOPS), Write request rate (IOPS), Read volume (KBps), Write volume (KBps), Read/Write request rate (IOPS), Read/Write volume (KBps) Host HBA Connectivity: Source IP, Source Name, Source WWN, Dest IP,

Destination Name, SP Port Name, Storage Group, LUN Names, Login Status, Registration Status

Host HBA Unregistered Host: Source IP, Source Name, Source WWN, Dest IP,

Destination Name, SP Port Name

Hardware component health: Component name (Disk, Power supply, LCC, Fan, Link, Port), Component status, Host spare ready disk count

Overall Disk health:  Total disk count, Total disk size (MB), Active disk count, Failed disk count, Spare disk count

Availability

and

Performance

Monitoring

Configuration

 

Installing the NaviSecCLI Library in AccelOps

Changing NaviSecCLI Credentials

If you change the NaviSecCLI credentials on your EMC Clarion device, the certificates may also be changed and naviseccli may prompt you to accept new certificates. This should only happen the first time after a certificate change, however, AccelOps discovery and performance monitoring will fail. You will need to run NaviSecCLI manually on each Supervisor and Worker in your deployment and accept the certificate, and then rediscover your EMC Clarion device for performance monitoring to resume. 

Configuration of your EMC Clarion storage device involves installing EMC’s NaviSecCLI library in your AccelOps virtual appliance, and then setting the access credentials that the appliance will use to communicate with your device.

  1. Log in to your AccelOps virtual appliance as root.
  2. Copy the file NaviCLI-Linux-64-x86-versionxyz.rpm to the AccelOps directory.
  3. Run rpm –Uvh NaviCLI-Linux-64-x86-versionxyz.rpm to install the rpm package.

 

  1. Change the user role to the admin su – admin and make sure that the user can run the command naviseccli -h -User <user> -Password <pwd> -Scope global getall -sp from the directory /opt/phoenix/bin.
  2. Make sure that the Navisphere Analyzer module is on.

If the module is off, performance metrics will not be available and discovery will fail. This log shows an example of  the module being turned off.

[admin@accelops ~]$ naviseccli -user admin -password admin*1 -scope

0 -h 192.168.1.100 getall -sp

Server IP Address:       192.168.1.100

Agent Rev:           7.32.26 (0.95)

SP Information

————–

Storage Processor:                  SP A

Storage Processor Network Name:     A-IMAGE

Storage Processor IP Address:       192.168.1.100

Storage Processor Subnet Mask:      255.255.255.0

Storage Processor Gateway Address:  192.168.1.254

Storage Processor IPv6 Mode:               Not Supported Management Port Settings:

Link Status:                        Link-Up

Current Speed:                      1000Mbps/full duplex

Requested Speed:                    Auto

Auto-Negotiate:                     YES

Capable Speeds:                     1000Mbps half/full duplex

                                    10Mbps half/full duplex

                                    100Mbps half/full duplex

                                    Auto

System Fault LED:              OFF Statistics Logging:            OFF    <—– Note: performance statistics are not being collected                                       <—— so AccelOp can not pull stats and discovery will fail.                                       <—— See how to turn ON Statistics Logging below.

SP Read Cache State            Enabled

SP Write Cache State           Enabled ….

  1. If the Navisphere Analyzer module is off, turn it on with the setstats -on

 

  1. Once this command runs successfully, you are ready to set the access credentials for your device in AccelOps and initiate the discovery process.
Settings for Access Credentials

NetApp Filer Storage Configuration

What is Discovered and Monitored
Protocol Information Discovered Metrics collected Used for
SNMP Host name, Operating system version, Hardware model, Serial number, Network interfaces, Logical volumes, Physical Disks Uptime, CPU utilization, Network Interface metrics (utilization, bytes sent and received, packets sent and received, errors, discards and queue lengths), Logical Disk Volume utilization Availability

and

Performance

Monitoring

SNMP Hardware component health: Component name (Battery, Disk, Power supply, Temperature, Fan),

Component status, Failed power supply count, Failed Fan Count

Overall Disk health metrics: Total disk count, Active disk count, Failed disk count, Spare disk count, Reconstructing disk count, Scrubbing disk count, Add spare disk count

Availability

Monitoring

SNMP NFS metrics: Cache age, CIFS request rate (IOPS), NFS request rate (IOPS), Disk read rate (IOPS),

Disk write rate (IOPS), Network Sent rate (Kbps), Network received rate (Kbps), RPC Bad calls, NFS

Bad calls, CIFS Bad calls

Performance

Monitoring

ONTAP

API

Detailed NFS V3 metrics: Read request rate (IOPS), Write request rate (IOPS), Read latency, Write latency, Read volume (KBps), Write volume (KBps)

Detailed NFS V4 metrics: Read request rate (IOPS), Write request rate (IOPS), Read latency, Write latency, Read volume (KBps), Write volume (KBps)

Detailed CIFS metrics: Total Read/Write rate (IOPS), Latency

Detailed ISCSI metrics: Read request rate (IOPS), Write request rate (IOPS), Read latency, Write latency, Read volume (KBps), Write volume (KBps)

Detailed FCP metrics: Read request rate (IOPS), Write request rate (IOPS), Read latency, Write latency, Read volume (KBps), Write volume (KBps)

Detailed LUN metrics: LUN Name, Read request rate (IOPS), Write request rate (IOPS), Read/Write latency, Read volume (KBps), Write volume (KBps), Disk queue full

Detailed Aggregate metrics: Aggregate name, Read request rate (IOPS), Write request rate (IOPS), Transfer rate, CP Read rate

Detailed Volume metrics: Volume Name, Disk Read request rate (IOPS), Disk Write request rate

(IOPS), Disk read latency, Disk write latency, NFS Read request rate (IOPS), NFS Write request rate (IOPS), NFS Read latency, NFS Write latency, CIFS Read request rate (IOPS), CIFS Write request rate (IOPS), CIFS Read latency, CIFS Write latency, SAN Read request rate (IOPS), SAN Write request rate (IOPS), SAN Read latency, SAN Write latency

Detailed Disk performance metrics: Disk Name, Disk Utilization, Read request rate (IOPS), Write request rate (IOPS), Read latency, Write latency, Transfer operations rate

Performance

Monitoring

Event Types

In CMDB > Event Types, search for “netapp” in the Device Type column to see the event types associated with this device.

Rules

In Analytics > Rules, search for “netapp” in the Name column to see the rules associated with this device.

Reports

In Analytics > Reports, search for “netapp” in the Name column to see the reports associated with this device.

Configuration

SNMP

  1. Log in to your NetApp device with administrative privileges.
  2. Go to SNMP > Configure.
  3. For SNMP Enabled, select Yes.
  4. Under Communities, create a public community with Read-Only
  5. Click Apply.
Settings for Access Credentials

 

Nimble Storage Configuration

What is Discovered and Monitored
Protocol Information Discovered Metrics collected Used for
SNMP Host name, Operating system version, Hardware model, Serial number,

Network interfaces, Physical

Disks, Components

Uptime, Network Interface metrics (utilization, bytes sent and received, packets sent and received, errors, discards and queue lengths) Availability

and

Performance

Monitoring

SNMP Storage Disk Utilization: Disk name, Total Disk, Used Disk, Free Disk, Disk Utilization Availability

Monitoring

SNMP Storage Performance metrics: Read rate (IOPS), Sequential Read Rate (IOPS), Write rate

(IOPS),  Sequential Write Rate (IOPS), Read latency, Write latency, Read volume (KBps), Sequential Read volume (KBps), Sequential Write volume (KBps), Used Volume (MB), Used Snapshot (MB), Non-Sequential Cache Hit Ratio (AccelOps Event Type:

PH_DEV_MON_NIMBLE_GLOBAL_STAT)

Performance

Monitoring

Event Types

In CMDB > Event Types, search for “nimble” in the Description column to see the event types associated with this device.

Rules

There are no predefined rules for this device.

Reports

There are no predefined reports for this device.

Configuration

SNMP

AccelOps uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation, then follow the instructions in Setting Access Credentials for Device Discovery to establish the connection between the device and AccelOps, and to initiate the device discovery process.

Settings for Access Credentials

Nutanix Storage Configuration

What is Discovered and Monitored

Event Types

Rules

Reports

Configuration

SNMP

Settings for Access Credentials

What is Discovered and Monitored
Protocol Information Discovered Metrics collected Used for
SNMP Host name, Operating system version, Hardware model, Serial number, Network interfaces, Physical Disks, Components Uptime, Process count, CPU utilization, Real and virtual memory utilization, Disk utilization, Process CPU/Memory utilization, Network Interface metrics Availability and

Performance

Monitoring

SNMP Disk Status: Cluster, Controller VM, Disk id, Disk serial, Disk utilization, Total Disk, Used Disk, Free Disk

Disk Temp: Disk Id, disk serial, Controller VM, temperature

Cluster Status: Cluster, Cluster version, storage utilization, total storage, used storage, IOPS, latency

Service Status: Cluster, Controller VM, Cluster VM Status, Zeus Status, Stargate Status

Availability

Monitoring

SNMP Storage Pool Info: Cluster, storage pool name, storage utilization, total storage, used storage, IOPS, latency

Container Info: Cluster, Container name, storage utilization, total storage, used storage, IOPS, latency

Performance

Monitoring

 

Currently there are no system rules defined.

Reports

Nutanix Cluster Disk Usage

Nutanix Cluster Performance

Nutanix Cluster Service Status

Nutanix Cluster Storage Usage

Nutanix Container Performance

Nutanix Container Storage Usage

Nutanix Storage Pool Performance

Nutanix Storage Pool Usage

Configuration

SNMP

AccelOps uses SNMP to discover and monitor this device. Make sure SNMP is enabled for the device as directed in its product documentation, then follow the instructions in Setting Access Credentials for Device Discovery to establish the connection between the device and AccelOps, and to initiate the device discovery process.

Settings for Access Credentials

 


Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Don't Forget To Buy Your Fortinet Hardware From The Fortinet GURU

Leave a Reply

Name *
Email *
Website

This site uses Akismet to reduce spam. Learn how your comment data is processed.