Using specific OIDs
“Standard” indicators (e.g., interface, disk or memory) can be obtained by querying SNS firewalls on OIDs that belong to the standard MIB; the SNS firewall can also be queried on OIDs specific to SNS technology (e.g., policy, high availability, VPN). It is advisable to build monitoring templates that use indicators from both of these MIBs in order to get an accurate view of the status of the SNS firewalls.
The following is for example the SNMP query request making it possible to retrieve the name of the network filter policy enabled on an SNS firewall:
snmpwalk -v 3 -u <user_snmp> -l authPriv -a SHA -x AES \ <ip_admin_SNS> .1.3.6.1.4.1.11256.1.8.1.1.3.1
The SNS firewall will return a response in the following form:
iso.3.6.1.4.1.11256.1.8.1.1.3.1 = STRING : "POL-PROD-SITE1-FW1"
The value .1.3.6.1.4.1.11256.1.8.1.1.3.1 represents the OID through which the name of the security policy can be accessed in the SNS MIB. The character string "POL-PROD-SITE1-FW1" corresponds to the name that the administrator of the queried SNS firewall gave to the policy.
The list of OIDs worth monitoring on an SNS firewall is provided in table below.
OID | Description |
General information | |
.1.3.6.1.4.1.11256.1.0.1.0 | Hostname |
.1.3.6.1.4.1.11256.1.0.2.0 | Stormshield version |
.1.3.6.1.4.1.11256.1.0.3.0 | Serial number |
.1.3.6.1.4.1.11256.1.10.2.0 | Uptime |
.1.3.6.1.4.1.11256.1.10.6.1.3 | List of power supply modules and status |
HA | |
.1.3.6.1.4.1.11256.1.16.2.1.4.0 | Health status of the HA link |
.1.3.6.1.4.1.11256.1.16.2.1.3.0 | HA mode |
CPU | |
.1.3.6.1.2.1.25.3.3.1.2 | Percentage of CPU used over the last minute |
.1.3.6.1.4.1.11256.1.7.1.1.2 | List of active services |
Load | |
.1.3.6.1.4.1.2021.10.1.3.1 | Load over the last minute |
Memory | |
.1.3.6.1.4.1.2021.4.5.0 | Amount of memory on the SNS firewall |
.1.3.6.1.4.1.2021.4.6.0 | Amount of memory currently available |
Disk space | |
.1.3.6.1.2.1.25.2.3.1.5.31 |
Total number of / blocks |
.1.3.6.1.2.1.25.2.3.1.6.31 |
Number of blocks used on / |
.1.3.6.1.2.1.25.2.3.1.5.35 |
Total number of /log blocks |
.1.3.6.1.2.1.25.2.3.1.6.35 |
Number of blocks used on /log |
Network interfaces | |
.1.3.6.1.4.1.11256.1.4.1.1.38 | List of interfaces |
.1.3.6.1.4.1.11256.1.4.1.1.4.2 |
IP address of interface 2 |
.1.3.6.1.4.1.11256.1.4.1.1.38.2 |
System name of interface 2 |
.1.3.6.1.4.1.11256.1.4.1.1.3.2 |
Custom name of interface 2 |
.1.3.6.1.2.1.2.2.1.7.2 |
Administration status of interface 2 |
.1.3.6.1.4.1.11256.1.4.1.1.28.2 |
Max outgoing throughput on interface 2 |
.1.3.6.1.4.1.11256.1.4.1.1.27.2 |
Max incoming throughput on interface 2 |
.1.3.6.1.4.1.11256.1.8.1.1.3.1 | Name of the activated filter policy |
Tunnels | |
.1.3.6.1.4.1.11256.1.8.1.1.3.2 | Name of the active IPsec policy |
.1.3.6.1.4.1.11256.1.13.1.1.0 | Number of incoming SPDs |
.1.3.6.1.4.1.11256.1.13.1.2.0 | Number of outgoing SPDs |
.1.3.6.1.4.1.11256.1.13.2.2.0 | Number of mounted VPN tunnels (”Mature” state) |
.1.3.6.1.4.1.11256.1.13.2.3.0 | Number of VPN tunnels (“Dying” state) |
.1.3.6.1.4.1.11256.1.13.2.4.0 | Number of VPN tunnels (”Dead” state) |
The full list of OIDs available on an SNS firewall can be obtained by using the following command:
snmpwalk -v 3 -u <user_snmp> -l authPriv -a SHA -x AES <ip_admin_SNS> .1