We're looking to monitor FortiGate DHCP information using SNMP from a remote appliance for historical and alerting purposes. We used the published KB to create an additional poller for the listed OID but the problem we're facing is we can't figure out how to corelate the utilization to a specific interface.
Being able to simply trigger off pool exhaustion is handy, but the historical data and even the alerts and semi-useless if we don't know which network or pool it corresponds to. Is anyone out there today familiar with this?
Ref:
hi,
wouldn't be easier to create a automation stitch that looks for a fortios event log and a dhcp event in it ?
Not in our case. For historical utilization we would have to store those events for summarization and hope that things stay in sync. Even if we were to use events on the FortiGate to trigger tracking events (+1, -1, etc) there's still the possibility that a single event could get dropped somewhere along the way offsetting the counts for everything following.
We need a way to accurately and consistently have the FortiGate tell us DHCP stats and which networks they belong to.
To monitor FortiGate DHCP via SNMP and correlate it with specific interfaces, you need to use both IF-MIB for interface information and the relevant DHCP OIDs. The key is to combine interface-specific data with DHCP pool stats. If direct correlation isn’t available through SNMP, custom scripts or SNMP traps can help send the required data together for better tracking.
I could be overlooking something however comparing at the RAW OIDs, there doesn't appear to be anything that corelates the DHCP pools which have a serialized trailing identifier to the interfaces. I spot checked some and they simply don't match, the pools on the box I checked were 1-7 were all indexed above 100. I would love if instead of using a serialized identifier, that the UID matched that of the interface/network the DHCP pool was associated with.
you're encountering an issue with matching the DHCP pool serial identifiers to interfaces in SNMP, which can sometimes be tricky with serialized OIDs. Since there isn’t a direct correlation, using custom scripts or SNMP traps might be a good workaround to correlate the data. You could also explore logging or monitoring tools that integrate with FortiGate for better insights.
User | Count |
---|---|
2677 | |
1412 | |
810 | |
703 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.