anyone have an idea how to create a rule to trigger alert whenever the SRX switch between node0 and node 1.
Also i need to know how to do it for the Fortigate
1 Like
If the devices are reporting sensor states correctly then the default State Sensor Critical rule should flag it like it does on my Palo Alto HA cluster.
I am monitoring both devices via their management ports, not the cluster virtual IP, so I have two devices in LibreNMS and they will both report and flag each end of the event out of the box:
Here’s the sensor state info off the device page and then the top graph showing the event:
I used to have an SRX cluster but unfortunately not any more - what sensor states and history can you see on the devices pages, and do you have the Sensor state rule enabled?
One of the notifications from the event that hit slack:
From a quick dive it looks like out of the box:
- SRX: no
- Fortigate: probably like the Palo
SRX will only report this via traps, so it’s possible with some more work (LibreNMS read here) (and/or get creative with SLAX 
) - I wasn’t using LibreNMS back when I had those running:
https://kb.juniper.net/InfoCenter/index?page=content&id=KB23921
Fortigate handling looks much like the Palo and should fall in to previous post about state sensors:
:~/includes/discovery/sensors/state$ grep -B5 CRITICAL fortigate.inc.php
if (is_array($haStatsEntries)) {
$stateName = 'clusterState';
$descr = 'Cluster State';
$states = [
['value' => 0, 'generic' => 2, 'graph' => 0, 'descr' => 'CRITICAL'],
yes i have the sensor state rule enabled but i cannot see anything related to high availability status or mode .
i have attached the sensor state info for my srx
This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.