Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
kgeorge
Staff
Staff

Created on ‎12-31-2024 05:00 AM Edited on ‎04-17-2025 11:43 PM By Moderator

Article Id 367574

Technical Tip: SNMP OIDs for monitoring the number of sessions on the FortiGate (Global and Per-VDOM)

Description

 

This article describes the SNMP OIDs to use for monitoring the number of sessions on the FortiGate, both from a global perspective and also on a per-VDOM basis (if applicable).

 

Scope

 

FortiGate, SNMP, VDOMs.

 

Solution

 

First, ensure that the FORTINET-CORE and FORTINET-FORTIGATE SNMP Management Information Base (MIB) files have been downloaded and installed in the SNMP Manager that will be querying the FortiGate. These MIBs may either be downloaded from the FortiGate itself under System -> SNMP in the Global VDOM, or they can be downloaded from the Fortinet Support Site in the firmware download section. For more information on these MIBs, refer to the following documentation links:

 

With the above in mind, the following SNMP OIDs can be used to retrieve session counts and session setup rates on the FortiGate globally:

 

fgSysSesCount - .1.3.6.1.4.1.12356.101.4.1.8 - Total number active sessions on the FortiGate.

 

fgSysSesRate1 - .1.3.6.1.4.1.12356.101.4.1.11 - Average session setup rate over the past minute.
fgSysSesRate10 - .1.3.6.1.4.1.12356.101.4.1.12 - Average session setup rate over the past 10 minutes.
fgSysSesRate30 - .1.3.6.1.4.1.12356.101.4.1.13 - Average session setup rate over the past 30 minutes.
fgSysSesRate60 - .1.3.6.1.4.1.12356.101.4.1.14 - Average session setup rate over the past 60 minutes.

 

To retrieve the current session count and session setup rate on a per-VDOM basis, query either of the following SNMP OIDs in the FORTINET-FORTIGATE-MIB:

 

fgVdEntSesCount - .1.3.6.1.4.1.12356.101.3.2.1.1.7.x - Current number of active sessions on the virtual domain.

fgVdEntSesRate -  .1.3.6.1.4.1.12356.101.3.2.1.1.8.x - Session setup rate on the virtual domain.

 

fgIpSessNumber - .1.3.6.1.4.1.12356.101.11.2.2.1.1.x - Current number of sessions on the virtual domain.

 

Note that 'x' is snmp-index ID associated with the VDOM. This index can be retrieved by querying fgVdEntName (.1.3.6.1.4.1.12356.101.3.2.1.1.2.x) to learn the VDOM name associated with index #1 and onward, or by checking from the FortiGate CLI under config system vdom-property:

 

FortiGate # config global

FortiGate # show system vdom-property

config system vdom-property

    edit "root"

        set description "property limits for vdom root"

        set snmp-index 1

    next

    edit "VPN"

        set description "property limits for vdom VPN"

        set snmp-index 2

    next

end

 

Related articles:

Technical Tip: FortiGate SNMP Resource List

Technical Tip: How to Configure FortiGate SNMP Agent for Monitoring

Technical Tip: The correct OID to monitor each interface state 

Labels:
1569
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.