This is an example of how to monitor the bandwidth usage of a firewall. The data is queried via SNMP from the firewall and visualized via Node-Red. Firewall System in this case is an OPNSense.
The background: On Linux systems you can’t query utilization via SNMP. You can just query the number of octets transmitted or received on a specific interface.
The trick: Query the octets of input and output interface, wait for 1 second and check query again. Then subtract both values from each other and convert them to MBit/s.
Here are the single node configurations for the Input Utilization:
Start with Inject node: Mark inject once after 0.1 seconds and set repeat to 2 seconds.
SNMP node (WAN interface input): OID 220.127.116.11.18.104.22.168.1.10.1 (beware: no leading dot)
Split node (split): default
Change node: Move msg.payload.value to msg.payload
Head over to the Delay node: Configure a 1 second delay
Add another SNMP, Split and Change Node with same parameters as above
Combine both Change nodes with a Join node (Input): Manual Mode, combine each msg.payload to create an array after a number of message parts: 2
Add a function node to calculate the bandwidth utilization:
msg.payload = msg.payload – msg.payload;
msg.payload = msg.payload / 1048576 * 8;
At least (for input) add a chart node, label it input and configure x-axis last 1 minute.
To add another graph for Output, just copy and paste the flow above and change the OID in the two SNMP nodes to OID 22.214.171.124.126.96.36.199.1.16.1 for outgoing packets.