MIB and SNMP traps
The Simple Network Management Protocol (SNMP) allows you to monitor all hosts installed on your network. SNMP alerts (traps) and data listening (MIB) can be configured using the SNMP Agent module in the firewall’s web administration interface.
In it, you can configure the workstations to which the firewall must send traps, and configure access to those that gather data. This manager allows you to communicate with the SNMP agent on a firewall and to obtain, manage and monitor data from any firewall through the network. The SNMP agent authorizes read-only access to supervisors that comply with SNMP versions v1, v2c, and v3.
To configure data tracking and receive Stormshield traps, you must first download MIBs (text files that describe a list of SNMP objects that the supervisor uses). These MIBs therefore provision data that the supervisor may need in order to interpret SNMP traps, events and request messages sent to the firewall.
Downloading MIBs
Download MIBs from your MyStormshield personal area (authentication required): in Downloads > Downloads > Stormshield Network Security > SNMP MIB > MIB corresponding to your SNS version.
Stormshield Network MIB
The following is the list of Stormshield Network MIBs, the corresponding CLI/Serverd commands and console commands.
STORMSHIELD-SMI-MIB is the top-level MIB of all MIBs.
STORMSHIELD-VPN-MIB is the top-level MIB of VPNIKESA, VPNSA and VPNSP.
Stormshield Network MIB | Contents | CLI/Serverd | Console |
STORMSHIELD-ALARM-MIB | Triggered alarms | sfctl -s log | |
STORMSHIELD-ASQ-STATS-MIB | IPS statistics | sfctl –s stat | |
STORMSHIELD-AUTHUSERS-MIB | Authenticated users | MONITOR USER | sfctl -s user |
STORMSHIELD-AUTOUPDATE-MIB |
Status of modules updated by Active Update |
MONITOR AUTOUPDATE | |
STORMSHIELD-HA-MIB | Information on high availability | HA INFO | hainfo |
STORMSHIELD-HEALTH-MONITOR-MIB | Health status of firewalls | MONITOR HEALTH | |
STORMSHIELD-HOSTS-MIB | Table of protected hosts | MONITOR HOST | sfctl -s host |
STORMSHIELD-IF-MIB | Status of interfaces seen by IPS | MONITOR INTERFACE | sfctl -s global |
STORMSHIELD-IPSEC-STATS-MIB | IPsec statistics | ipsecinfo | |
STORMSHIELD-OVPNTABLE-MIB | MONITOR OPENVPN LIST | ||
STORMSHIELD-POLICY-MIB | Filter policy | MONITOR POLICY | slotinfo |
STORMSHIELD-PROPERTY-MIB | Information returned by the "SYSTEM PROPERTY" command | SYSTEM PROPERTY SYSTEM IDENT SYSTEM LANGUAGE |
|
STORMSHIELD-QOS-MIB | Information on QoS | MONITOR QOS | sfctl -s qos |
STORMSHIELD-ROUTE-MIB | Table of routers | MONITOR ROUTE | sfctl -s route |
STORMSHIELD-SERVICES-MIB | Status of firewall services | MONITOR SERVICE | dstat |
STORMSHIELD-SYSTEM-MONITOR-MIB | IPS resource usage counters | MONITOR STAT | |
STORMSHIELD-VPNIKESA-MIB | Table of negotiated IKE SAs | MONITOR GETIKESA | |
STORMSHIELD-VPNSA-MIB | Table of SAs | MONITOR GETSA | showSAD |
STORMSHIELD-VPNSP-MIB | Table of SPs | MONITOR GETSPD | showSPD |