SNMP

Fudo PAM’s status can be monitored over SNMPv3 protocol.


Configuring SNMP


  1. Select Settings > System.
  2. Select SNMPv3 option in the Maintenance and supervision section.
  3. From the IP address drop-down list select IP address, which will be used for SNMP communication.
  4. Click Save.
  1. Select Management > Users.
  2. Click Add.
  1. Select service from the Role drop-down list and fill in the rest of the General section parameters.
  2. Select password from the Authentication drop-down list and enter the password string.

Note

  • SNMP user password must be at least eight characters long.
  • SNMP service authenticates the service account using the first defined password.
  1. Select Enabled option in the SNMP section.
  1. Select authentication methods from the Authentication method drop-down list.
  2. Select the SNMP encryption algorithm from the Encryption drop-down list.
  1. Click Save.

SNMP MIBs

Fudo PAM supports following MIBs:

  • MIB-II (RFC 1213)
  • HOST-RESOURCES-MIB (RFC 2790) - partly supported
  • UCD-SNMP-MIB

Getting SNMP readings using snmpwalk

Note

Getting SNMP readings requires installing Net-SNMP 5.7.3.

Fetching all SNMP information

snmpwalk -v3 -u "${SNMP_USER}" -a SHA -A "${SNMP_PASSWORD}" -x AES -X "${SNMP_PASSWORD}" -l authPriv "${FUDO_IP}" .1

Fetching specific SNMP information

snmpwalk -v3 -u "${SNMP_USER}" -a SHA -A "${SNMP_PASSWORD}" -x AES -X "${SNMP_PASSWORD}" -l authPriv "${FUDO_IP}" .1.3.6.1.4.1.24410

Data specifier Description
.1.3.6.1.4.1.24410.1.1.1 Disk status (ZFS status)
.1.3.6.1.4.1.24410.1.1.2

Power supply status

Note

This feature is not supported on all Fudo PAM units. Contact technical support for more information.

.1.3.6.1.4.1.24410.1.1.3 CPU temperatures
.1.3.6.1.4.1.24410.1.1.4 S.M.A.R.T status

Fudo PAM specific SNMP extensions

Overview

Extensions enable monitoring the number of active sessions, ZFS status, PSU status (if available), CPU temperature on all cores, S.M.A.R.T status such as temperature, health or reallocated sectors.


MIB specification file

Provided MIB file specification can be uploaded to the SNMP manager to enable Fudo PAM specific SNMP extensions.

Warning

The MIB file name has changed in Fudo PAM 4.0. Make sure to replace the old file with the new definition.

FUDO-SECURITY-MIB DEFINITIONS ::= BEGIN

--
-- MIB definition for Fudo Security products
--

IMPORTS
        MODULE-IDENTITY, OBJECT-TYPE, Integer32, Gauge32, Counter32, enterprises
                FROM SNMPv2-SMI;

fudosecurity MODULE-IDENTITY
        LAST-UPDATED "201910100000Z"    -- 10 October 2019
        ORGANIZATION "Fudo Security Inc."
        CONTACT-INFO
                 "Postal:   Fudo Security Inc. (USA)
                                        39899 Balentine Drive, Suite 200,
                                        Newark, CA 94560
                  Phone:    +1 (408) 320 0980
                  email:    info@fudosecurity.com"
        DESCRIPTION
        "Top-level infrastructure of the Fudo Security enterprise MIB tree"

        REVISION     "201910100000Z"
        DESCRIPTION
        "Update company information, rename module."
        REVISION     "201908120000Z"
        DESCRIPTION
        "Add objects for available and used storage."
        REVISION     "201704240000Z"
        DESCRIPTION
        "Moved common to .1, fudo to .2."
        REVISION     "201703270000Z"
        DESCRIPTION
        "Added objects for checking CPU temperature."
        REVISION     "201703150000Z"
        DESCRIPTION
        "Added objects describing status of power supply units."
        REVISION     "201703060000Z"
        DESCRIPTION
        "New objects to monitor disk status."
        REVISION     "201702140000Z"
        DESCRIPTION
        "First draft"
        ::= { enterprises 24410 }

products  OBJECT IDENTIFIER ::= { fudosecurity 1 }

common OBJECT IDENTIFIER ::= { products 1 } -- Objects common to more than one product.
fudo   OBJECT IDENTIFIER ::= { products 2 }

zpool OBJECT IDENTIFIER ::= { common 1 }

syncPercentage OBJECT-TYPE
        SYNTAX     Integer32 (0..100)
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "Percentage of vdev synchronization."
        ::= { zpool 1 }

syncTimeLeft OBJECT-TYPE
        SYNTAX     OCTET STRING
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "Time left for synchronization or N/A if it cannot be determined."
        ::= { zpool 2 }

vdevTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF VdevEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "The table of vdevs. The vdev is an element in ZFS pool"
        ::= { zpool 3 }

vdevEntry OBJECT-TYPE
        SYNTAX      VdevEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "An entry for one vdev status in ZFS pool."
        INDEX { vdevIndex }
        ::= { vdevTable 1 }

VdevEntry ::= SEQUENCE {
        vdevIndex         Integer32,
        vdevStatus        OCTET STRING
}

vdevIndex OBJECT-TYPE
        SYNTAX     Integer32 (1..2147483647)
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "A unique value for each vdev in ZFS pool."
        ::= { vdevEntry 1 }

vdevStatus OBJECT-TYPE
        SYNTAX     OCTET STRING
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "Status of the vdev in ZFS pool."
        ::= { vdevEntry 2 }

storageAvailable OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Available storage space in MB."
        ::= { zpool 4 }

storageUsed OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
                "Used storage space in MB."
        ::= { zpool 5 }

powerSupply OBJECT IDENTIFIER ::= { common 2 }

powerSupplyTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF PowerSupplyEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "The table of power supply units status, such as which unit is
                 operating."
        ::= { powerSupply 1 }

powerSupplyEntry OBJECT-TYPE
        SYNTAX      PowerSupplyEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "An entry in power supply table representing the status of the
                 associated power supply unit."
        INDEX { powerSupplyIndex }
        ::= { powerSupplyTable 1 }

PowerSupplyEntry ::= SEQUENCE {
        powerSupplyIndex   Integer32,
        powerSupplyStatus  INTEGER
}

powerSupplyIndex OBJECT-TYPE
        SYNTAX     Integer32 (1..2147483647)
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "A unique index for each power supply unit."
        ::= { powerSupplyEntry 1 }

powerSupplyStatus OBJECT-TYPE
        SYNTAX     INTEGER {
                unknown(1),
                present(2),
                absent(3),
                configError(4),
                acLost(5),
                predictiveFailure(6),
                failed(7)
        }
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "The status of power supply unit. When everything is working, reported
                 status should be present(1). This information is gathered from IPMI
                 subsystem."
        ::= { powerSupplyEntry 2 }

cpu OBJECT IDENTIFIER ::= { common 3 }

cpuTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF CpuEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "The table of CPUs statuses."
        ::= { cpu 1 }

cpuEntry OBJECT-TYPE
        SYNTAX      CpuEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "An entry in CPU table representing the status of the associated CPU."
        INDEX { cpuIndex }
        ::= { cpuTable 1 }

CpuEntry ::= SEQUENCE {
        cpuIndex       Integer32,
        cpuTemperature Gauge32
}

cpuIndex OBJECT-TYPE
        SYNTAX     Integer32 (1..2147483647)
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "A unique index for each CPU."
        ::= { cpuEntry 1 }

cpuTemperature OBJECT-TYPE
        SYNTAX     Gauge32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "The temperature of CPU in degree Celsius."
        ::= { cpuEntry 2 }

smart OBJECT IDENTIFIER ::= { common 4 }

smartTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF SmartEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "The table contains devices with enabled SMART and their statuses. Note
                that interpretation all elements reported in this table are hard disk
                manufacturer dependent. Values are reported as raw value or as
                (normalized value - threshold). The lower is value of
                (normalized value - threshold) the worst. Keep in mind that every
                manufacturer uses their own algorithms for calculating 'normalized
                value'."
        ::= { smart 1 }

smartEntry OBJECT-TYPE
        SYNTAX      SmartEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "An entry in SMART table representing the status of the associated
                device."
        INDEX { smartIndex }
        ::= { smartTable 1 }

SmartEntry ::= SEQUENCE {
        smartIndex              Integer32,
        smartModelFamily        OCTET STRING,
        smartDeviceModel        OCTET STRING,
        smartSerialNumber       OCTET STRING,
        smartHealth             INTEGER,
        smartTemperature        Gauge32,
        smartReallocatedSectors Gauge32,
        smartPendingSectors     Gauge32,
        smartUncorrectable      Gauge32,
        smartUdmaCrcErrors      Gauge32,
        smartReadErrorRate      Gauge32,
        smartSeekErrorRate      Gauge32
}

smartIndex OBJECT-TYPE
        SYNTAX     Integer32 (1..2147483647)
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "A unique index for each SMART-enabled device."
        ::= { smartEntry 1 }

smartModelFamily OBJECT-TYPE
        SYNTAX     OCTET STRING
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "Model family of device."
        ::= { smartEntry 2 }

smartDeviceModel OBJECT-TYPE
        SYNTAX     OCTET STRING
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "Device model."
        ::= { smartEntry 3 }

smartSerialNumber OBJECT-TYPE
        SYNTAX     OCTET STRING
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "Serial number of the device."
        ::= { smartEntry 4 }

smartHealth OBJECT-TYPE
        SYNTAX     INTEGER {
                unknown(1),
                ok(2),
                failed(3)
        }
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "Health of the device as reported by SMART system."
        ::= { smartEntry 5 }

smartTemperature OBJECT-TYPE
        SYNTAX     Gauge32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "The temperature of disk in degree Celsius."
        ::= { smartEntry 6 }

smartReallocatedSectors OBJECT-TYPE
        SYNTAX     Gauge32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "The number of reallocated sectors: bad sectors found and then remapped.
                Reported as raw value of 'Reallocated Sectors Count' SMART attribute."
        ::= { smartEntry 7 }

smartPendingSectors OBJECT-TYPE
        SYNTAX     Gauge32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "The number of sectors waiting to be remapped. Reported as raw value of
                'Current Pending Sector Count' SMART attribute."
        ::= { smartEntry 8 }

smartUncorrectable OBJECT-TYPE
        SYNTAX     Gauge32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "The number of uncorrectable errors when accessing sectors. Reported as
                raw value of 'Offline Uncorrectable Sector Count' SMART attribute."
        ::= { smartEntry 9 }

smartUdmaCrcErrors OBJECT-TYPE
        SYNTAX     Gauge32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "The number of errors in data transfer determined by the means of ICRC.
                Reported as raw value of 'UltraDMA CRC Error Count' SMART attribute."
        ::= { smartEntry 10 }

smartReadErrorRate OBJECT-TYPE
        SYNTAX     Gauge32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "The rate of hardware read errors. Reported as
                (normalized value - threshold) of 'Read Error Rate' SMART attribute."
        ::= { smartEntry 11 }

smartSeekErrorRate OBJECT-TYPE
        SYNTAX     Gauge32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "The rate of seek errors. Reported as (normalized value - threshold) of
                'Seek Error Rate'."
        ::= { smartEntry 12 }

sessionTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF SessionEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "The table of active sessions on Fudo."
        ::= { fudo 1 }

sessionEntry OBJECT-TYPE
        SYNTAX      SessionEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
                "An entry for one session type on Fudo. For example, information about
                active RDP sessions."
        INDEX { sessionIndex }
        ::= { sessionTable 1 }

SessionEntry ::= SEQUENCE {
        sessionIndex         Integer32,
        sessionName          OCTET STRING,
        sessionDescription   OCTET STRING,
        sessionActive        Counter32
}

sessionIndex OBJECT-TYPE
        SYNTAX     Integer32 (1..2147483647)
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "A unique value for each supported sessions on Fudo."
        ::= { sessionEntry 1 }

sessionName OBJECT-TYPE
        SYNTAX     OCTET STRING
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "A name of session type."
        ::= { sessionEntry 2 }

sessionDescription OBJECT-TYPE
        SYNTAX     OCTET STRING
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "A description of session type."
        ::= { sessionEntry 3 }

sessionActive OBJECT-TYPE
        SYNTAX     Counter32
        MAX-ACCESS read-only
        STATUS     current
        DESCRIPTION
                "A number of active sessions of this type."
        ::= { sessionEntry 4 }

END

Related topics: