Cisco Wireless LAN
- What is Discovered and Monitored
- Event Types
- Rules
- Reports
- Configuration
- Settings for Access Credentials
What is Discovered and Monitored
Protocol |
Information Discovered |
Metrics collected |
Used for |
---|---|---|---|
SNMP |
Controller host name, Controller hardware model, Controller network interfaces, Associated WLAN Access Points |
Controller Uptime, Controller CPU and Memory utilization, Controller Network Interface metrics (utilization, bytes sent and received, packets sent and received, errors, discards and queue lengths) |
Availability and Performance Monitoring |
SNMP Trap |
Controller device type |
All system logs: User authentication, Admin authentication, WLAN attacks, Wireless link health |
Availability, Security and Compliance |
Event Types
In ADMIN > Device Support > Event, search for "cisco wireless" in the Description column to see the event types associated with this device.
Rules
There are no predefined rules for this device.
Reports
There are no predefined reports for this device.
Configuration
SNMP V1/V2c and SNMP Traps
- Log in to your Cisco wireless LAN controller with administrative privileges.
- Go to MANAGEMENT > SNMP > General.
- Set both SNMP v1 Mode and SNMP v2c Mode to Enable.
- Go to SNMP > Communities.
- Click New and create a
public
community string with Read-Only privileges. - Click Apply.
- Go to SNMP > Trap Controls.
- Select the event traps you want to sent to FortiSIEM.
- Click Apply.
- Go to SNMP > Trap Receivers.
- Click New and enter the IP address of your FortiSIEM virtual appliance as a trap receiver.
- Click Apply.
Sample SNMP Trap
2008-06-09 08:59:50 192.168.20.9 [192.168.20.9]:SNMPv2-MIB::sysUpTime.0 = Timeticks: (86919800) 10 days, 1:26:38.00 SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.14179.2.6.3.2 SNMPv2-SMI::enterprises.14179.2.6.2.35.0 = Hex-STRING: 00 21 55 4D 66 B0 SNMPv2-SMI::enterprises.14179.2.6.2.36.0 = INTEGER: 0 SNMPv2-SMI::enterprises.14179.2.6.2.37.0 = INTEGER: 1 SNMPv2-SMI::enterprises.14179.2.6.2.34.0 = Hex-STRING: 00 12 F0 0A 3F 15 2010-11-01 12:59:57 0.0.0.0(via UDP: [172.22.2.25]:32769) TRAP2, SNMP v2c, community 1n3t3ng . Cold Start Trap (0) Uptime: 0:00:00.00 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (9165100) 1 day, 1:27:31.00 SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.9.9.599.0.4 SNMPv2-SMI::enterprises.9.9.599.1.3.1.1.1.0 = Hex-STRING: 00 24 D7 36 A0 00 SNMPv2-SMI::enterprises.9.9.513.1.1.1.1.5.0 = STRING: "AP-2" SNMPv2-SMI::enterprises.9.9.599.1.3.1.1.8.0 = Hex-STRING: 00 25 45 B7 66 70 SNMPv2-SMI::enterprises.9.9.513.1.2.1.1.1.0 = INTEGER: 0 SNMPv2-SMI::enterprises.9.9.599.1.3.1.1.10.0 = IpAddress: 172.22.4.54 SNMPv2-SMI::enterprises.9.9.599.1.2.1.0 = STRING: "IE\brouse" SNMPv2-SMI::enterprises.9.9.599.1.2.2.0 = STRING: "IE"2011-04-05 10:37:42 0.0.0.0(via UDP: [10.10.81.240]:32768) TRAP2, SNMP v2c, community FortiSIEM . Cold Start Trap (0) Uptime: 0:00:00.00 DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1672429600) 193 days, 13:38:16.00 SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.9.9.615.0.1 SNMPv2-SMI::enterprises.9.9.599.1.3.1.1.1.0 = Hex-STRING: 00 25 BC 80 E8 77 SNMPv2-SMI::enterprises.9.9.599.1.3.1.1.8.0 = Hex-STRING: 6C 50 4D 7D AC 50 SNMPv2-SMI::enterprises.9.9.599.1.3.1.1.9.0 = INTEGER: 1 SNMPv2-SMI::enterprises.9.9.513.1.1.1.1.5.0 = STRING: "AP03-3.rdu2" SNMPv2-SMI::enterprises.9.9.615.1.2.1.0 = INTEGER: 1 SNMPv2-SMI::enterprises.9.9.615.1.2.2.0 = INTEGER: 5000 SNMPv2-SMI::enterprises.9.9.615.1.2.3.0 = INTEGER: 1 SNMPv2-SMI::enterprises.9.9.615.1.2.4.0 = INTEGER: 31 SNMPv2-SMI::enterprises.9.9.615.1.2.5.0 = INTEGER: -60 SNMPv2-SMI::enterprises.9.9.615.1.2.6.0 = INTEGER: -90 SNMPv2-SMI::enterprises.9.9.615.1.2.7.0 = STRING: "0,0,0,0,1,20,24,28,3,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0" SNMPv2-SMI::enterprises.9.9.615.1.2.8.0 = INTEGER: 2 SNMPv2-SMI::enterprises.9.9.615.1.2.9.0 = STRING: "6c:50:4d:7d:ac:50,e8:04:62:0b:b5:f0" SNMPv2-SMI::enterprises.9.9.615.1.2.10.0 = STRING: "-83,-85" SNMPv2-SMI::enterprises.9.9.615.1.2.11.0 = STRING: "1,1" SNMPv2-SMI::enterprises.9.9.512.1.1.1.1.11.5 = INTEGER: 1
Settings for Access Credentials
SNMP Access Credentials for All Devices
Set these Access Method Definition values to allow FortiSIEM to communicate with your device over SNMP. Set the Name and Community String.
Setting | Value |
---|---|
Name | <set name> |
Device Type | Generic |
Access Protocol | SNMP |
Community String | <your own> |