You can add Juniper SRX Firewall entities using the Add Entity UI or using the cloud agent command line interface (
omcli) with the appropriate JSON files.
Step 1: Prepare Juniper SRX Firewall for monitoring.
SNMPv1/v2 or SNMPv3 credentials are needed for monitoring.
If SNMPv1/v2 is used, you must supply the SNMP community string (which was entered during Juniper SRX Firewall configuration) along with IP address of agent that will be used to monitor the Juniper SRX Firewall.
If SNMPv3 is used, you must supply the SNMPv3 user, plus the authentication method (SHA or MD5) and authentication password, if authentication is used. In addition, privilege method (only DES supported) and privilege password will be required, if privileges are used. Everything must be manually configured up front in the Juniper SRX Firewall.
Read-only access is sufficient for Juniper SRX Firewall monitoring.
Step 2: Decide how you want to add the Juniper SRX Firewall.
You can add Juniper SRX Firewall entities using one of two ways:
- Add them from UI
- Use the agent's
omcli add_entitycommand with the appropriate JSON files
Adding Entities from the UI
- From the Management Cloud main menu, select Administration, Discovery, and then Add Entity. The Add Entity page displays.
- Select the Juniper SRX Firewall Entity Type.
- Enter the following UI properties.
Juniper SRX Firewall UI Fields
- Entity Name: Name of your Juniper SRX Firewall in Oracle Management Cloud.
- Dispatch URL: snmp://<Fully qualified host name or IP address of Juniper SRX Firewall>
- SNMP Port: Port where Juniper SRX Firewall listens for SNMP requests - 161 by default (optional)
- SNMP Timeout: Timeout for SNMP requests in seconds - 30 secs by default (optional)
- Cloud Agent: Cloud agent monitoring your Juniper SRX Firewall.
- Community String: SNMPv1/v2c community string.
- Username: SNMPv3 username.
- Authorization Password: Password used for authentication
- Authorization Protocol: Protocol used for authentication. (MD5 or SHA)
- Privacy Password: password used for encryption
See Add Entities from the Console for detailed instructions on using the Add Entity UI.
omcli and the Appropriate JSON Files
- Download and extract the required JSON file(s) from the master JSON zip file. See the table below for the specific JSON files you'll need.
- Edit the file(s) and specify the requisite properties shown below.
Juniper SRX Firewall JSON Files and Properties
- name: Your Juniper SRX Firewall entity name.
- displayName: Your Juniper SRX Firewall entity display name.
- timezoneRegion: Time zone of your entity. It is recommended that you use the long values IANA-maintained TZ database time zones. For example: America/New_York
- host_name: Under “value”, provide fully qualified host name or IP address of the Juniper SRX Firewall.
- omc_dispatch_url: Under “value”, following the string snmp://, provide the fully qualified hostname or IP address of the Juniper SRX Firewall.
- omc_snmp_port: Under “value”, provide the port where the Juniper SRX Firewall listens for SNMP requests. The default is 161.
- omc_snmp_timeout: Under “value”, provide the timeout for SNMP requests in seconds, 10 by default.
- omc_snmp_version: Under “value”, provide the SNMP version used to monitor the Juniper SRX Firewall.
Use this credential file if you have configured your switch with SNMPv1/v2.
- community: Under “value”, within the square brackets, provide the SNMPv2c community string used during the Juniper SRX Firewall configuration.
Use this credential file if you have configured your switch with SNMPv3.
- authUser: Under “value”, within the square brackets, provide the SNMPv3 username.
- authPwd: Under “value”, within the square brackets, provide the authorization password or empty out the field. .
- authProtocol: Under “value”, within the square brackets, provide the authorization method (SHA or MD5).
- privPwd: Under “value”, within the square brackets, provide the privilege method password, if privilege is used. Only the DES privilege method is supported.
- Add the entity using
omcli add_entity agent DEFINITION_FILE [-credential_file CREDENTIAL_FILE [-encryption_method_gpg]]
- Verify the status of the newly added entity.
omcli status_entity agent DEFINITION_FILE
Step 3: (Optional but recommended) Set up alerts.
To enable lights-out monitoring, you can set up alert rules to generate alerts and send notifications if your entities have performance issues.See Set Up Alert Rules and Set Up Alert Thresholds and Notifications.