Technical Tip: How to get and troubleshoot MIBs and OIDs from SNMP
Descritpion
This article describes that to monitor the performance of the IT unit, one of the most popular method is to use Simple Network Management Protocol (SNMP). Some users prefer not to get all the information available on SNMP. On these type of cases it is necessary to go through the Management Information Base (MIBs file) to get all different Object Identifiers (OIDs).
If there is a specific OID, only that part of the status of the unit will appear instead of all SNMP walkthrough.
Scope
- This article will show the typical OIDs to monitor and how to get all the possible OIDs.
- To get OIDs is a must to be familiar of how SNMP and MIBs works.
- Firmware 6.4.6 MIB database of FortiManager/FortiAnalyzer is used.
- Use the correct firmware version. If OIDs provided here do not work: it is necessary to verify the correct ID downloading MIB database of the firmware version.
- Same procedure works for FortiGate, using MIB file appropiate for desired firmware version. This MIB file can be downloaded from Support Portal into the FortiGate firmware folder.
Solution
- Log in to the Support portal.
- On the Customer Service Support page, select: Download -> Firmware Images, then select Product -> FortiManager (or FortiAnalyzer) and then select the 'Download' tab.
- Select the appropriate FortiManager/FortiAnalyzer Version directory (6.2, 6.4, 7.0, 7.2, ...).
- Select the MIB file and download the applicable files using the https link (version 6.4.6, as example): FORTINET-FORTIMANAGER-FORTIANALYZER-MIB-build2363.mib.
These OIDs are the most typical ones used. Normally, they do not change from version to version, but if it does not work, refer to the scope of this article.
fmSysCpuUsage <----- Current CPU usage (percentage).
.1.3.6.1.4.1.12356.103.2.1.1
fmSysMemUsed <----- Current memory used (KB).
.1.3.6.1.4.1.12356.103.2.1.2
fmSysMemCapacity <----- Total physical and swap memory installed (KB).
.1.3.6.1.4.1.12356.103.2.1.3
fmSysDiskUsage <----- Current hard disk usage (MB).
.1.3.6.1.4.1.12356.103.2.1.4
fmSysDiskCapacity <----- Total hard disk capacity (MB).
.1.3.6.1.4.1.12356.103.2.1.5
fnSysSerial <----- Unit serial number
.1.3.6.1.4.1.12356.100.1.1.1
fmSysVersion <----- Firmware version of the unit.
.1.3.6.1.4.1.12356.103.2.1.7
To get all OIDs available.
It is possible to use FortiManager/FortiAnalyzer CLI, 'Wireshark' and 'iReasoning MIB Browser' (as an example) to get details of communication and OIDs. (Take note of the packet sniffing on port 161 and compare the result with the equivalent commands on FortiManager/FortiAnalyzer. This is an advanced form of verification - not all users may wish to do this.)
To troubleshoot SNMP:
Get the PCAP file sniffing SNMP Protocol (it is possible to open it with Wireshark) and then verify what is the communication. Get in mind the following on SNMP protocol.
*get-request is the SNMP server trying to get all OIDs available in SNMP.
*get-response is FortiManager/FortiAnalyzer answering to the general request of SNMP (not using specific OIDs).
fmSysMemUsed <----- Current memory used (KB).
fmSysCpuUsage <----- Current CPU usage (percentage).
fmSysMemCapacity <----- Total physical and swap memory installed (KB).
fmSysDiskUsage <----- Current hard disk usage (MB).
fmSysDiskCapacity <----- Total hard disk capacity (MB).
fmSysVersion <----- Firmware version of the unit.
fnSysSerial <----- Unit serial number.
Related article:
Technical Tip: How to configure and test snmpv3 config on fmg/faz