Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
DamianE
New Contributor III

Created on ‎09-25-2023 07:34 PM Edited on ‎02-26-2024 06:58 AM By Community Manager

Policy monitoring through SNMP

It is possible to monitor the number of active sessions through a specific policy using SNMP?

 

Like its shown in the fortiview.

 

Screenshot_20230919-170919.png

 

I couldn't find the right OID in the MIB file. 

 

The finaI result is to to take an alert if the session count falls in an specifict policy

Labels:
1073
0 Kudos
1 Solution
ebilcari
Staff
Staff
In response to DamianE

Created on ‎09-29-2023 05:29 AM

The full OID should be like this: .1.3.6.1.4.1.12356.101.5.1.2.1.1.4.1.6  where .1.3.6.1.4.1.12356.101.5.1.2.1.1.4.1[.6] the number "6" is the policy ID 

policy ID.PNG

The OID value:  09/29/2023 14:24 (20 second(s) ago)

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

View solution in original post

987
7 REPLIES 7
sjoshi
Staff
Staff

Created on ‎09-25-2023 11:08 PM

Dear DamianE,

 

All the possible OID can be download from FGT and you can use tool to retrieve those OID

Below is one of the example on how to check the OID

https://community.fortinet.com/t5/FortiGate/Technical-Tip-The-correct-OID-to-monitor-each-interface-....

 

 

Salon Raj Joshi
1047
0 Kudos
ebilcari
Staff
Staff

Created on ‎09-26-2023 01:43 AM

It appears that this is not implemented in the SNMP agent. Currently the only information available for policies are bytes and packets count and the last used timer.

If you think that this values should be included as an OID, I would suggest to submit a NFR over your local Fortinet representatives.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
1033
0 Kudos
DamianE
New Contributor III
In response to ebilcari

Created on ‎09-26-2023 07:13 AM

Thanks for your reply, these are the OIDs tha you talking about, right?

 

image.png

 

I try to use these OIDs to get the same conclusion for now, but it will be very helpfull if we have the specifict OID for that in a future.

 

1028
ebilcari
Staff
Staff
In response to DamianE

Created on ‎09-26-2023 07:24 AM

Yes, I think: fgFwPolLastUsed -  .1.3.6.1.4.1.12356.101.5.1.2.1.1.4  {How many minutes since last used} can give an alert on the monitoring system if one of the policies is not being used for a long time, similar result like the count drop you are trying to achieve.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
1026
0 Kudos
DamianE
New Contributor III
In response to ebilcari

Created on ‎09-26-2023 08:13 AM

I make a walk to the header of the table (1.3.6.1.4.1.12356.101.3.2.1) and only return one row....

image.png

 

Do you know what i could to add to de OID to consult the information for the policy ID 2 or 3 for example?

 

 

 

1017
0 Kudos
ebilcari
Staff
Staff
In response to DamianE

Created on ‎09-29-2023 05:29 AM

The full OID should be like this: .1.3.6.1.4.1.12356.101.5.1.2.1.1.4.1.6  where .1.3.6.1.4.1.12356.101.5.1.2.1.1.4.1[.6] the number "6" is the policy ID 

policy ID.PNG

The OID value:  09/29/2023 14:24 (20 second(s) ago)

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
988
DamianE
New Contributor III
In response to ebilcari

Created on ‎09-29-2023 07:15 AM

I understand now, thanks!!!

 

So if in the future could add de session count for the it's would be great!!!

976
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.