Notification OIDs for Rule-Level Assessments
FortiDB uses the following object identifiers (OIDs) for rule-level assessment notifications:
OID | Meaning |
---|---|
SNMPv2-SMI::enterprises.12356 | Fortinet enterprise ID |
SNMPv2-SMI::enterprises.12356.104 | FortiDB product ID |
SNMPv2-SMI::enterprises.12356.104.0.6 | VA Alert Trap/Notification |
SNMPv2-SMI::enterprises.12356.104.0.8 | VA Target Level Alert Trap/Notification |
SNMPv2-SMI::enterprises.12356.104.0.102 | Severity |
SNMPv2-SMI::enterprises.12356.104.0.103 | Policy Name |
SNMPv2-SMI::enterprises.12356.104.0.105 | Assessment Time |
SNMPv2-SMI::enterprises.12356.104.0.106 | Application name@ server name |
SNMPv2-SMI::enterprises.12356.104.0.107 | Target Name |
SNMPv2-SMI::enterprises.12356.104.0.123 | Assessment Name |
SNMPv2-SMI::enterprises.12356.104.0.107 | Target Name |
SNMPv2-SMI::enterprises.12356.104.0.124 | FortiDB host name |
SNMPv2-SMI::enterprises.12356.104.0.125 | Policy count |
SNMPv2-SMI::enterprises.12356.104.0.126 | Total Failed Count |
SNMPv2-SMI::enterprises.12356.104.0.127 | Critical failure count |
SNMPv2-SMI::enterprises.12356.104.0.128 | Major failure count |
SNMPv2-SMI::enterprises.12356.104.0.129 | Minor failure count |
SNMPv2-SMI::enterprises.12356.104.0.130 | Caution failure count |
SNMPv2-SMI::enterprises.12356.104.0.131 | Informational count |
SNMPv2-SMI::enterprises.12356.104.0.132 | Policy ID |
An example of formatted traps for a rule-level SNMP notification.
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (73) 0:00:00.73SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.12356.104.0.8SNMPv2-SMI::enterprises.12356.104.0.123 = STRING: "Test Assessment"SNMPv2-SMI::enterprises.12356.104.0.107 = STRING: "Test Target"SNMPv2-SMI::enterprises.12356.104.0.124 = STRING: "jdoe.fdb.com"SNMPv2-SMI::enterprises.12356.104.0.105 = STRING: "Thu Dec 06 16:26:26 PST 2007"SNMPv2-SMI::enterprises.12356.104.0.125 = STRING: "158"SNMPv2-SMI::enterprises.12356.104.0.126 = STRING: "36"SNMPv2-SMI::enterprises.12356.104.0.127 = STRING: "10"SNMPv2-SMI::enterprises.12356.104.0.128 = STRING: "0"SNMPv2-SMI::enterprises.12356.104.0.129 = STRING: "2"SNMPv2-SMI::enterprises.12356.104.0.130 = STRING: "4"SNMPv2-SMI::enterprises.12356.104.0.131 = STRING: "20"
An example of the trap with the rule information:
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (84) 0:00:00.84SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.12356.104.0.6SNMPv2-SMI::enterprises.12356.104.0.132 = STRING: "6501"SNMPv2-SMI::enterprises.12356.104.0.102 = STRING: "MINOR"SNMPv2-SMI::enterprises.12356.104.0.103 = STRING: "DVA ORCL 01.01 Lock and ExpireUnused Default Accounts"SNMPv2-SMI::enterprises.12356.104.0.106 = STRING: "VA@jdoe.fdb.com"SNMPv2-SMI::enterprises.12356.104.0.107 = STRING: "Test Target"SNMPv2-SMI::enterprises.12356.104.0.123 = STRING: "Test Assessment"SNMPv2-SMI::enterprises.12356.104.0.105 = STRING: "Thu Dec 06 16:26:26 PST 2007"