I am trying to monitor the BGP status of Palo Alto peers using PRTG's REST Custom BETA sensor. The basic flow from what I've read should go like this:

  1. Make the API call and receive data back - in this case Palo Alto returns XML compliant data and then PRTG will translate that to JSON
  2. The custom rest sensor template will determine how to parse the result - in this case we only have a channel and value, both of which are variables derived from the API call results

For this particular template I needed a string to be converted to an integer so I used the lookup function. However when I add this sensor I get an error that says '5:16 - 5:17 unexpected "/" while scanning extensions.'

I've tried to read through a couple of links like: https://www.paessler.com/manuals/prtg/rest_custom_sensor and https://helpdesk.paessler.com/en/support/solutions/articles/80028-palo-alto-bgp-monitoring and it got me this far but now I'm stuck. Any help or guidance towards the solution would be greatly appreciated.

Most of the relevant information I could think of is below:

PRTG Version: 20.3.60.1623

Sensor: REST Custom BETA

Request Method: GET
Request Protocol: HTTPS
Certificate Acceptance: Accept all certificates
Authentication Method: No authentications (default)
HTTP Headers: Do no use custom HTTP headers
Timeout (Sec.): 60
Rest Query: /api/?type=op&cmd=<show><routing><protocol><bgp><peer><peer-name>sanatizedPeer</peer-name></peer></bgp></protocol></routing></show>&key=sanatizedKey
Rest Configuration pa-bgp-peer.template

##### CUSTOM REST SENSOR TEMPLATE - pa-bgp-peer.template

{
  "prtg": {
    "description" : {
      "device": "paloalto",
      "query": /api/?type=op&cmd=<show><routing><protocol><bgp><peer><peer-name>$PEER_NAME</peer-name></peer></bgp></protocol></routing></show>&key=$KEY",
      "comment": "Palo Alto BGP Peer status"
    },
    "result":
      {
        "channel": $.response.result.entry.peer-group,
        "value": lookup($.response.result.entry.status, "Idle", "Connect", "Active", "OpenSent", "OpenConfirm", "Established")
      }
  }
}

##### RESULT FROM CLI ON PRTG CORE SERVER

C:\Program Files (x86)\PRTG Network Monitor\Sensor System>rest.exe "https://1.1.1.1/api/?type=op&cmd=<show><routing><protocol><bgp><peer><peer-name>sanatizedPeer</peer-name></peer></bgp></protocol></routing></show>&key=sanatizedKey" passthrough -tlsignore 1
{
  "response": {
    "result": {
      "entry": {
        "-peer": "sanitizedPeer",
        "-vr": "sanitizedVR",
        "ORF-entry-received": 0,
        "aggregate-confed-as": "no",
        "config": {
          "remove-private-as": "no"
        },
        "connect-retry-interval": 1,
        "established-counts": 12,
        "holdtime": 90,
        "holdtime-config": 90,
        "idle-hold": 15,
        "keepalive": 30,
        "keepalive-config": 30,
        "last-error": "HoldTimer expired (4)",
        "last-update-age": 89663,
        "local-address": "2.2.2.2",
        "msg-total-in": 2122,
        "msg-total-out": 2125,
        "msg-update-in": 7,
        "msg-update-out": 56,
        "multi-hop-ttl": 1,
        "nexthop-peer": "no",
        "nexthop-self": "no",
        "nexthop-thirdparty": "yes",
        "open-delay": 0,
        "passive": "no",
        "password-set": "no",
        "peer-address": "3.3.3.3",
        "peer-capability": "",
        "peer-group": "sanatizedGroup",
        "peer-router-id": "4.4.4.4",
        "peering-type": "Unspecified",
        "prefix-counter": "",
        "prefix-limit": 50,
        "reflector-client": "not-client",
        "remote-as": 65000,
        "same-confederation": "no",
        "status": "Connect",
        "status-duration": 896,
        "status-flap-counts": 1148
      }
    },
    "status": "success"
  }
}

##### Error the sensor gives

Parsing error: { "prtg": { "description" : { "device": "paloalto", "query": /api/?type=op&cmd=<show><routing><protocol><bgp><peer><peer-name>$PEER_NAME</peer-name></peer></bgp></protocol></routing></show>&key=$KEY", "comment": "Palo Alto BGP Peer status" }, "result": { "channel": $.response.result.entry.peer-group, "value": lookup($.response.result.entry.status, "Idle", "Connect", "Active", "OpenSent", "OpenConfirm", "Established") } } }:5:16 - 5:17 unexpected "/" while scanning extensions.

Thank you!

Article Comments

Hello there,

The / needs to be removed first of all. /api/?type... won't work, /api?type...should work. But depends on the manufacturer.

Kind regards,
Felix Saure, Tech Support Team


Jul, 2020 - Permalink

Hi Felix,

Sorry for the delayed reply on this. I've figured out the inital issue was that my result section in the template was not in [ ].

I'm now instead getting an error of: "Could no evaluate channel value of BgpStatus: unknown key result."

This is the template I'm using: { { { { "prtg": { "result": [ { "channel": "BgpStatus" , "value": $.response.result.entry.keepalive } ] } } } } }

And this is the debug I get on the prtg server when running rest.exe manually { { { C:\Program Files (x86)\PRTG Network Monitor\Sensor System>rest.exe "https://1.1.1.1/api/?type=op&cmd=<show><routing><protocol><bgp><peer><peer-name>sanatizedPeer</peer-name></peer></bgp></protocol></routing></show>&key=sanatizedKey" passthrough -tlsignore 1 { "response": { "result": { "entry": { "-peer": "sanitizedPeer", "-vr": "sanitizedVR", "ORF-entry-received": 0, "aggregate-confed-as": "no", "config": { "remove-private-as": "no" }, "connect-retry-interval": 1, "established-counts": 12, "holdtime": 90, "holdtime-config": 90, "idle-hold": 15, "keepalive": 30, "keepalive-config": 30, "last-error": "HoldTimer expired (4)", "last-update-age": 89663, "local-address": "2.2.2.2", "msg-total-in": 2122, "msg-total-out": 2125, "msg-update-in": 7, "msg-update-out": 56, "multi-hop-ttl": 1, "nexthop-peer": "no", "nexthop-self": "no", "nexthop-thirdparty": "yes", "open-delay": 0, "passive": "no", "password-set": "no", "peer-address": "3.3.3.3", "peer-capability": "", "peer-group": "sanatizedGroup", "peer-router-id": "4.4.4.4", "peering-type": "Unspecified", "prefix-counter": "", "prefix-limit": 50, "reflector-client": "not-client", "remote-as": 65000, "same-confederation": "no", "status": "Connect", "status-duration": 896, "status-flap-counts": 1148 } }, "status": "success" } } } } }


Aug, 2020 - Permalink

Hello Essense,

The template is not in the correct format, use this and it will work:

{
    "prtg": {
        "result": [{
            "channel": "BgpStatus",
            "value": $.response.result.entry.keepalive
        }]
    }
}

Kind regards,
Felix Saure, Tech Support Team


Aug, 2020 - Permalink

Hi Felix,

Thank you for the response. I got this working late yesterday and it looks like the template was correct.

For future reference and anyone else having this issue I had to change the rest query when adding the sensor to remove the <> characters and replace them with their character code counterparts.

< became %3C

> became %3E



Rest Query

/api/?type=op&cmd=%3Cshow%3E%3Crouting%3E%3Cprotocol%3E%3Cbgp%3E%3Cpeer%3E%3Cpeer-name%3ESANATIZED_PEER%3C/peer-name%3E%3C/peer%3E%3C/bgp%3E%3C/protocol%3E%3C/routing%3E%3C/show%3E&key=SANATIZED_KEY



Template

{
  "prtg": {
    "result": [
      {
        "channel": "BgpStatus" ,
        "value": lookup($.response.result.entry.status, "Idle", "Connect", "Active", "OpenSent", "OpenConfirm", "Established"),
        "LimitMode":1,
        "LimitMinError": 5
      }
    ]
  }
}

Aug, 2020 - Permalink