DescriptionIt is possible to configure the FortiGate to send an SNMP trap when its configuration is not synchronized with the FortiManager database.
ScopeSolutionThe specific event type is called "
fm-conf-change"
CLI configuration (only) :
config system snmp community edit 1 set events fm-conf-change config hosts edit 1 set ip X.X.X.X next end set name "public" next end
|
As soon as the FortiGate detects that the FortiManager has not synchronized the configuration in its database, the FortiGate will issue the following SNMP trap:
fgFmTrapConfChange NOTIFICATION-TYPE
OBJECTS { fnSysSerial }
STATUS current
DESCRIPTION
"The device configuration has been changed by something other than the
managing FortiManager device."
::= { fgFmTrapPrefix 1003 }
(OID).1.3.6.1.4.1.12356.101.6.0.1003
If you load the FortiGate MIB, the textual OID would be:
iso.org.dod.internet.private.enterprises.fortinet.fnFortiGateMib.fgMgmt.fgFmTrapPrefix.fgFmTrapConfChange