Configure the following settings:
New SNMP User
User Name The name of the SNMPv3 user.
Security Level The security level of the user. Select one of the following:
l No Authentication, No Privacy Authentication, No Privacy
Select the authentication algorithm (SHA1, MD5) and enter the password.
l Authentication, Privacy
Select the authentication algorithm (SHA1, MD5), the private algorithm (AES, DES) and enter the password.
Notification Hosts The IP address or addresses of the host. Select the add icon to add multiple IP addresses.
Queries
Enable Select to enable queries.
Port Type the port number. Default port: 161
New SNMP User
SNMP Event Enable the events that will cause the FortiManager unit to send SNMP traps to the community. FortiManager SNMP events:
l Interface IP changed Log disk space low CPU Overusage Memory Low
l System Restart CPU usage exclude NICE threshold HA Failover RAID Event This SNMP event is available for devices which support RAID.
FortiAnalyzer feature set SNMP events: High licensed device quota High licensed log GB/day Log Alert Log Rate Data Rate
You can edit and delete existing SNMPv3 users.
SNMP MIBs
Fortinet device SNMP agents support Fortinet proprietary MIBs as well as standard RFC 1213 and RFC 2665 MIBs. RFC support includes support for the parts of RFC 2665 (Ethernet-like MIB) and the parts of RFC 1213 (MIB II) that apply to FortiManager unit configuration.
RFC support for SNMP v3 includes Architecture for SNMP Frameworks (RFC 3411), and partial support of User-based Security Model (RFC 3414).
The Fortinet and FortiManager MIBs are listed in SNMP MIBs along with the two RFC MIBs. You can obtain these MIB files from Customer Service & Support. To be able to communicate with the SNMP agent, you must compile all of these MIBs into your SNMP manager. Generally your SNMP manager will be an application on your local computer.
Your SNMP manager might already include standard and private MIBs in a compiled database that is ready to use. You must add the Fortinet and FortiManager proprietary MIBs to this database.
You can download the FortiManager MIB file in the firmware image file folder. The Fortinet Core MIB file is located in the main FortiManager 5.00 file folder. For more information see Appendix A: SNMP MIB Support.
SNMP MIBs
MIB file name or RFC Description
FORTINET-CORE-MIB.mib The proprietary Fortinet MIB includes all system configuration information and trap information that is common to all Fortinet products. Your SNMP manager requires this information to monitor Fortinet unit configuration settings and receive traps from the Fortinet SNMP agent. For more information, see Appendix A:
SNMP MIB Support and Fortinet & FortiManager MIB fields.
FORTINET-FORTIMANAGERMIB.mib The proprietary FortiManager MIB includes system information and trap information for FortiManager units. For more information, see Fortinet & FortiManager MIB fields.
RFC-1213 (MIB II) The Fortinet SNMP agent supports MIB II groups with the following exceptions.
l No support for the EGP group from MIB II (RFC 1213, section 3.11 and 6.10).
l Protocol statistics returned for MIB II groups
(IP/ICMP/TCP/UDP/etc.) do not accurately capture all Fortinet traffic activity. More accurate information can be obtained from the information reported by the Fortinet MIB.
RFC-2665 (Ethernet-like MIB) The Fortinet SNMP agent supports Ethernet-like MIB information with the following exception.
No support for the dot3Tests and dot3Errors groups.
SNMP traps
Fortinet devices share SNMP traps, but each type of device also has traps specific to that device. For example FortiManager units have FortiManager specific SNMP traps. To receive Fortinet device SNMP traps, you must load and compile the FORTINET-CORE-MIB into your SNMP manager.
Traps sent include the trap message as well as the unit serial number (fnSysSerial) and host name (sysName). The Trap Message column includes the message included with the trap as well as the SNMP MIB field name to help locate the information about the trap.
Generic SNMP traps
Trap message Description
ColdStart,
WarmStart, LinkUp,
LinkDown Standard traps as described in RFC 1215.
SNMP system traps
Trap message Description
CPU usage high (fnTrapCpuThreshold) CPU usage exceeds the set percent. This threshold can be set in the CLI using the following commands:
config system snmp sysinfo set trap-high-cpu-threshold
<percentage value> end
CPU usage excluding NICE processes (fmSysCpuUsageExcludedNice) CPU usage excluding NICE processes exceeds the set percentage. This threshold can be set in the CLI using the following commands:
config system snmp sysinfo set trap-cpu-high-excludenice-threshold
<percentage value> end
Memory low (fnTrapMemThreshold) Memory usage exceeds 90 percent. This threshold can be set in the CLI using the following commands:
config system snmp sysinfo
set trap-low-memory-threshold
<percentage value> end
Log disk too full
(fnTrapLogDiskThreshold) Log disk usage has exceeded the configured threshold. Only available on devices with log disks.
Temperature too high (fnTrapTempHigh) A temperature sensor on the device has exceeded its threshold. Not all devices have thermal sensors. See manual for specifications.
Voltage outside acceptable range (fnTrapVoltageOutOfRange) Power levels have fluctuated outside of normal levels. Not all devices have voltage monitoring instrumentation.
Power supply failure
(fnTrapPowerSupplyFailure) Power supply failure detected. Not available on all models. Available on some devices which support redundant power supplies.
Interface IP change (fnTrapIpChange) The IP address for an interface has changed. The trap message includes the name of the interface, the new IP address and the serial number of the Fortinet unit. You can use this trap to track interface IP address changes for interfaces with dynamic IP addresses set using DHCP or PPPoE.
HA traps
Trap message Description
HA switch
(fmTrapHASwitch) FortiManager HA cluster has been re-arranged. A new master has been selected and asserted.
Fortinet & FortiManager MIB fields
The Fortinet MIB contains fields reporting current Fortinet unit status information. The tables below list the names of the MIB fields and describe the status information available for each one. You can view more details about the information available from all Fortinet MIB fields by compiling the fortinet.3.00.mib file into your SNMP manager and browsing the Fortinet MIB fields.
System MIB fields
MIB field Description
fnSysSerial Fortinet unit serial number.
Administrator accounts
MIB field Description
fnAdminNumber The number of administrators on the Fortinet unit.
fnAdminTable Table of administrators.
fnAdminIndex Administrator account index number.
fnAdminName The user name of the administrator account.
fnAdminAddr An address of a trusted host or subnet from which this administrator account can be used.
fnAdminMask The netmask for fnAdminAddr.
Custom messages
MIB field Description
fnMessages The number of custom messages on the Fortinet unit.
FortiManager MIB fields and traps
MIB field Description
fmModel A table of all FortiManager models.
MIB field Description
fmTrapHASwitch The FortiManager HA cluster has been re-arranged. A new master has been selected and asserted.
Mail server
Configure SMTP mail server settings for event management, edit existing settings, or delete mail servers.