Output

Alert

Enable

Select to disable the SNMP community.

Action

Select Delete to remove the SNMP server configuration.

 

Select Edit to change the SNMP server configuration.

 

Select Test to verify the SNMP server configuration by sending a

 

test SNMP trap. This option does not appear if the IP or FQDN is

 

0.0.0.0.

Adding an SNMP server

You can add an SNMP server to define a destination IP address that can be selected as the recipient of FortiAnalyzer unit SNMP alerts. Defined SNMP servers are also granted permission to request FortiAnalyzer unit system information using SNMP traps.

To add an SNMP community

1Go to Alert > Output > SNMP Access List.

2Select Create New.

3Enter a name in the Community Name field.

4Select Add and then enter the IP address of the host.

5If you need to enter multiple hosts, repeat step 4 until all hosts are included.

6If you need to disable an SNMP event in the SNMP Event list, select the check box beside the SNMP event to unselect the check box.

7Select OK.

FortiAnalyzer SNMP support

You can configure the FortiAnalyzer unit to respond to traps and send alert messages to SNMP managers that you have added to SNMP communities. If the standard MIBs used by the FortiAnalyzer SNMP agent are already compiled into your SNMP manager, you do not have to recompile them.

FortiAnalyzer SNMP is read-only: SNMP v1 and v2 compliant SNMP managers have read-only access to FortiAnalyzer system information and can receive FortiAnalyzer traps. RFC support includes most of RFC 2665 (Ethernet-like MIB) and most of RFC 1213 (MIB II). FortiAnalyzer units also use object identifiers from the Fortinet proprietary MIB.

For your SNMP manager to be able to communicate with the FortiAnalyzer unit, you must first compile the Fortinet proprietary MIBs and supported standard MIBs into your SNMP manager’s MIB database. You can obtain the Fortinet MIB files from Fortinet Technical Support.

Your SNMP manager might already have a database of compiled standard and private MIBs. In that case, add the Fortinet proprietary MIB to this database.

The Fortinet MIB contains support for all Fortinet devices, and includes some generic SNMP traps; information responses and traps that FortiAnalyzer units send are a subset of the total number supported by the Fortinet proprietary MIB.

fnTrapFlgEventCount is associated with alerts, which arise from log messages received by the FortiAnalyzer unit from devices in the device list. All other traps sent by FortiAnalyzer units arise from events on the FortiAnalyzer unit itself.

SNMP support provided by the Fortinet MIB is listed as follows.

 

FortiAnalyzer Version 3.0 MR7 Administration Guide

138

05-30007-0082-20080908

Page 146
Image 146
Fortinet 3.0 MR7 manual Adding an Snmp server, FortiAnalyzer Snmp support