SNMP¶
Fudo Enterprise’s status can be monitored over SNMPv3 protocol.
Configuring SNMP¶
- Select > .
- Select SNMPv3 option in the Maintenance and supervision section.
- From the IP address drop-down list select IP address, which will be used for SNMP communication.
- Click .
- Select > .
- Click .
- Select
service
from the Role drop-down list and fill in the rest of the General section parameters. - Select
password
from the Authentication drop-down list and enter the password string.
Note
- SNMP user password must be at least eight characters long.
- SNMP service authenticates the service account using the first defined password.
- Select Enabled option in the SNMP section.
- Select authentication methods from the Authentication method drop-down list.
- Select the SNMP encryption algorithm from the Encryption drop-down list.
- Click .
Configuring SNMPv3 TRAP¶
On Policies violation, Fudo is able to send a SNMPv3 TRAP, fudoPolicyViolationNotification
with information containing during which session which user violated which policy. For more details check Fudo’s MIB definition in the following section.
To configure SNMP TRAPs the administrator has to configure the service in the System settings and enable them for particular policy.
To configure the policy to send SNMPv3 TRAP notifications about suspicious sessions, follow the procedure:
Create a user for SNMPv3 service:
Select
> .Create a new one.
Enter Login.
Choose the
service
in the Role field.Select
Password
in the Authentication Type field and provide your password.In the SNMP section, define the settings:
- Enable SNMP.
- Select
SHA
orMD5
in the Authentication Method field. - Select AES or DES in the Encryption field.
Click
.
Configure SNMPv3 TRAP:
- Select >
- Scroll down to the Maintenance and supervision section
- Configure the SNMPv3 TRAP server address and port
- Select the user with
service
role, created in step 1. - Click .
As Fudo Enterprise uses SNMPv3 for sending TRAPs, the manager software (such as snmptrapd from Net-SNMP) has to know the user’s name and password.
Note
The fudoPolicyViolationNotification
TRAP contains Fudo object identifiers: sessionId
, userId
and policyId
. As all identifiers in Fudo Enterprise are 64-bit integers and SNMP doesn’t support 64-bit integers natively, those ids are encoded as big-endian 8-byte arrays.
SNMP MIBs¶
Fudo Enterprise supports following MIBs:
- MIB-II (RFC 1213)
- HOST-RESOURCES-MIB (RFC 2790) - partly supported
- UCD-SNMP-MIB
Getting SNMP readings using snmpwalk
¶
Note
Getting SNMP readings requires installing Net-SNMP 5.7.3.
Fetching all SNMP information
snmpwalk -v3 -u "${SNMP_USER}" -a SHA -A "${SNMP_PASSWORD}"
-x AES -X "${SNMP_PASSWORD}" -l authPriv "${FUDO_IP}" .1
Fetching specific SNMP information
snmpwalk -v3 -u "${SNMP_USER}" -a SHA -A "${SNMP_PASSWORD}"
-x AES -X "${SNMP_PASSWORD}" -l authPriv "${FUDO_IP}" .1.3.6.1.4.1.24410
Data specifier | Description |
---|---|
.1.3.6.1.4.1.24410.1.1.1 | Disk status (ZFS status) |
.1.3.6.1.4.1.24410.1.1.2 | Power supply status Note This feature is not supported on all Fudo Enterprise units. Contact technical support for more information. |
.1.3.6.1.4.1.24410.1.1.3 | CPU temperatures |
.1.3.6.1.4.1.24410.1.1.4 | S.M.A.R.T status |
Fudo Enterprise specific SNMP extensions¶
Overview
Extensions enable monitoring the number of active sessions, ZFS status, PSU status (if available), CPU temperature on all cores, S.M.A.R.T status such as temperature, health or reallocated sectors.
MIB specification file
MIB specification files (Fudo Security Common MIB and Fudo Security PAM MIB) are available for downloading at the
> in the Maintenance and supervision section:Related topics: