Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    Home FortiWeb 6.3.18 CLI Reference
    6.3.18
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.3.23
    6.3.19
    6.3.18
    6.3.17
    6.3.16
    6.3.15
    6.3.14
    6.3.13
    6.3.11
    6.3.10
    6.3.9
    6.3.7
    6.3.6
    6.3.5
    6.3.4
    6.3.3
    6.3.2
    6.3.1
    6.3.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.2
    6.1.1
    5.7.0
    5.6.1
    5.6.0

    system snmp user

    system snmp user

    Use this command to configure the FortiWeb appliance’s SNMP agent to belong to an SNMP version 3 community, and to select which events cause the FortiWeb appliance to generate SNMP traps.

    To configure the SNMP agent as a member of a SNMP version version 1 or 2c community and for more information on the SNMP agent, see system snmp community.

    To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

    Syntax

    config system snmp user

    edit name "<user_str>"

    set status {enable | disable}

    set security-level { noauthnopriv | authnopriv | authpriv >

    set auth-proto {sha1 | md5}

    set auth-pwd "<auth-password_str>"

    set priv-proto {aes | des}

    set priv-pwd "<priv-password_str>"

    set query-status {enable | disable}

    set query-port <port_int>

    set trap-status {enable | disable}

    set trapport-local <port_int>

    set trapport-remote <port_int>

    set events {cpu-high | intf-ip | log-full | mem-low | netlink-down-status | netlink-up-status | policy-start | policy-stop | pserver-failed | sys-ha-cluster-status-change | sys-ha-member-join | sys-ha-member-leave | sys-mode-change | waf-amethod-attack | waf-hidden-fields | waf-pvalid-attack | waf-signature-detection | waf-url-access-attack | power-supply-failure}

    set "<snmp-manager_index>"

    config hosts

    edit "<snmp-manager_index>"

    set {"<manager_ipv4> | <manager_ipv6>"}

    next

    end

    next

    end

    Variable Description Default

    name "<user_str>"

    Enter the name of the SNMP user to which the FortiWeb appliance and at least one SNMP manager belongs. The maximum length is 63 characters.

    The FortiWeb appliance does not respond to SNMP managers whose query packets do not contain a matching community name. Similarly, trap packets from the FortiWeb appliance include the community name, and an SNMP manager may not accept the trap if its community name does not match.

    		 No default.

    status {enable | disable}

    Enable to activate the community.

    This setting takes effect only if the SNMP agent is enabled. For details, see system snmp sysinfo.

    		 disable

    security-level { noauthnopriv | authnopriv | authpriv >

    Enter the security level.

    • noauthnopriv—No additional authentication or encryption compared to SNMP v1 and v2.
    • authnopriv—The SNMP manager needs to provide the password specified in this community configuration. Also specify auth-proto and auth-pwd.
    • authpriv—Adds both authentication and encryption. Also specify auth-proto, auth-pwd, priv-proto, and priv-pwd. Ensure that the SNMP manager and FortiWeb use the same protocols and passwords.
    		 No default.

    auth-proto {sha1 | md5}

    If the security-level option includes authentication, specify the authentication protocol.

    		 sha1

    auth-pwd "<auth-password_str>"

    If the security-level option includes authentication, specify the authentication password.

    		 No default.

    priv-proto {aes | des}

    If the security-level option is authprivuser_name, specify the encryption protocol.

    		 aes

    priv-pwd "<priv-password_str>"

    If the security-level option is authprivuser_name, specify the encryption password.

    		 No default.

    query-status {enable | disable}

    		 Enable to respond to queries using the SNMP v3 version of the SNMP protocol. enable

    query-port <port_int>

    		 Enter the port number on which the FortiWeb appliance listens for SNMP v3 queries from the SNMP managers of the community. The valid range is 1–65,535. 161

    trap-status {enable | disable}

    		 Enable to send traps using the SNMP v3 version of the SNMP protocol. enable

    trapport-local <port_int>

    		 Enter the port number that is the source (also called local) port number for SNMP v3 trap packets. The valid range is 1–65,535. 162

    trapport-remote <port_int>

    		 Enter the port number that is the destination (also called remote) port number for SNMP v3 trap packets. The valid range is 1–65,535. 162

    events {cpu-high | intf-ip | log-full | mem-low | netlink-down-status | netlink-up-status | policy-start | policy-stop | pserver-failed | sys-ha-cluster-status-change | sys-ha-member-join | sys-ha-member-leave | sys-mode-change | waf-amethod-attack | waf-hidden-fields | waf-pvalid-attack | waf-signature-detection | waf-url-access-attack | power-supply-failure}

    Enter the name of one or more the SNMP events. When FortiWeb detects the specified events, it sends traps to the SNMP managers in this community. Also enable trap-status.

    • cpu-high—CPU usage has exceeded 80%.
    • intf-ip—A network interface’s IP address has changed. See system interface.
    • log-full—Local log disk space usage has exceeded 80%. If the space is consumed and a new log message is triggered, the FortiWeb appliance will either drop it or overwrite the oldest log message, depending on your configuration. For details, see log disk.
    • mem-low—Memory (RAM) usage has exceeded 80%.
    • netlink-down-status—A network interface has been brought down (disabled). This could be due to either an administrator changing the network interface’s settings, or due to HA executing a failover.
    • netlink-up-status—A network interface has been brought up (enabled). This could be due to either an administrator changing the network interface’s settings, or due to HA executing a failover.
    • policy-start—A policy was enabled. For details, see server-policy policy.
    • policy-stop—A policy was disabled. For details, see server-policy policy.
    • pserver-failed—A server health check has determined that a physical server that is a member of a server farm is now unavailable. For details, see server-policy policy.
    • sys-ha-cluster-status-change—HA cluster status was changed.
    • sys-ha-member-join—HA member has joined.
    • sys-ha-member-leave—HA member has left.
    • sys-mode-change—The operation mode was changed. For details, see system settings.
    • power-supply-failureFortiWeb detects the power supply fails. It is only available for 2000E, 3000E, 3010E, and 4000E.
    		 No default.

    "<snmp-manager_index>"

    		 Enter the index number of an SNMP manager for the community. The valid range is 1–9,999,999,999,999,999,999. No default.

    {"<manager_ipv4> | <manager_ipv6>"}

    Enter the IP address of the SNMP manager that can do the following when you enable traps, queries, or both in this community:

    • Receive traps from the FortiWeb appliance
    • Query the FortiWeb appliance

    SNMP managers have read-only access.

    To allow any IP address using this SNMP community name to query the FortiWeb appliance, enter 0.0.0.0 or ::.

    Note: Entering 0.0.0.0 or :: effectively disables traps if there are no other host IP entries, because there is no specific destination for trap packets. If you do not want to disable traps, add at least one other entry that specifies the IP address of an SNMP manager.

    		 No default.

    Example

    For an example, see system snmp sysinfo.

    Related topics

    Previous
    Next

    system snmp user

    system snmp user

    Use this command to configure the FortiWeb appliance’s SNMP agent to belong to an SNMP version 3 community, and to select which events cause the FortiWeb appliance to generate SNMP traps.

    To configure the SNMP agent as a member of a SNMP version version 1 or 2c community and for more information on the SNMP agent, see system snmp community.

    To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

    Syntax

    config system snmp user

    edit name "<user_str>"

    set status {enable | disable}

    set security-level { noauthnopriv | authnopriv | authpriv >

    set auth-proto {sha1 | md5}

    set auth-pwd "<auth-password_str>"

    set priv-proto {aes | des}

    set priv-pwd "<priv-password_str>"

    set query-status {enable | disable}

    set query-port <port_int>

    set trap-status {enable | disable}

    set trapport-local <port_int>

    set trapport-remote <port_int>

    set events {cpu-high | intf-ip | log-full | mem-low | netlink-down-status | netlink-up-status | policy-start | policy-stop | pserver-failed | sys-ha-cluster-status-change | sys-ha-member-join | sys-ha-member-leave | sys-mode-change | waf-amethod-attack | waf-hidden-fields | waf-pvalid-attack | waf-signature-detection | waf-url-access-attack | power-supply-failure}

    set "<snmp-manager_index>"

    config hosts

    edit "<snmp-manager_index>"

    set {"<manager_ipv4> | <manager_ipv6>"}

    next

    end

    next

    end

    Variable Description Default

    name "<user_str>"

    Enter the name of the SNMP user to which the FortiWeb appliance and at least one SNMP manager belongs. The maximum length is 63 characters.

    The FortiWeb appliance does not respond to SNMP managers whose query packets do not contain a matching community name. Similarly, trap packets from the FortiWeb appliance include the community name, and an SNMP manager may not accept the trap if its community name does not match.

    		 No default.

    status {enable | disable}

    Enable to activate the community.

    This setting takes effect only if the SNMP agent is enabled. For details, see system snmp sysinfo.

    		 disable

    security-level { noauthnopriv | authnopriv | authpriv >

    Enter the security level.

    • noauthnopriv—No additional authentication or encryption compared to SNMP v1 and v2.
    • authnopriv—The SNMP manager needs to provide the password specified in this community configuration. Also specify auth-proto and auth-pwd.
    • authpriv—Adds both authentication and encryption. Also specify auth-proto, auth-pwd, priv-proto, and priv-pwd. Ensure that the SNMP manager and FortiWeb use the same protocols and passwords.
    		 No default.

    auth-proto {sha1 | md5}

    If the security-level option includes authentication, specify the authentication protocol.

    		 sha1

    auth-pwd "<auth-password_str>"

    If the security-level option includes authentication, specify the authentication password.

    		 No default.

    priv-proto {aes | des}

    If the security-level option is authprivuser_name, specify the encryption protocol.

    		 aes

    priv-pwd "<priv-password_str>"

    If the security-level option is authprivuser_name, specify the encryption password.

    		 No default.

    query-status {enable | disable}

    		 Enable to respond to queries using the SNMP v3 version of the SNMP protocol. enable

    query-port <port_int>

    		 Enter the port number on which the FortiWeb appliance listens for SNMP v3 queries from the SNMP managers of the community. The valid range is 1–65,535. 161

    trap-status {enable | disable}

    		 Enable to send traps using the SNMP v3 version of the SNMP protocol. enable

    trapport-local <port_int>

    		 Enter the port number that is the source (also called local) port number for SNMP v3 trap packets. The valid range is 1–65,535. 162

    trapport-remote <port_int>

    		 Enter the port number that is the destination (also called remote) port number for SNMP v3 trap packets. The valid range is 1–65,535. 162

    events {cpu-high | intf-ip | log-full | mem-low | netlink-down-status | netlink-up-status | policy-start | policy-stop | pserver-failed | sys-ha-cluster-status-change | sys-ha-member-join | sys-ha-member-leave | sys-mode-change | waf-amethod-attack | waf-hidden-fields | waf-pvalid-attack | waf-signature-detection | waf-url-access-attack | power-supply-failure}

    Enter the name of one or more the SNMP events. When FortiWeb detects the specified events, it sends traps to the SNMP managers in this community. Also enable trap-status.

    • cpu-high—CPU usage has exceeded 80%.
    • intf-ip—A network interface’s IP address has changed. See system interface.
    • log-full—Local log disk space usage has exceeded 80%. If the space is consumed and a new log message is triggered, the FortiWeb appliance will either drop it or overwrite the oldest log message, depending on your configuration. For details, see log disk.
    • mem-low—Memory (RAM) usage has exceeded 80%.
    • netlink-down-status—A network interface has been brought down (disabled). This could be due to either an administrator changing the network interface’s settings, or due to HA executing a failover.
    • netlink-up-status—A network interface has been brought up (enabled). This could be due to either an administrator changing the network interface’s settings, or due to HA executing a failover.
    • policy-start—A policy was enabled. For details, see server-policy policy.
    • policy-stop—A policy was disabled. For details, see server-policy policy.
    • pserver-failed—A server health check has determined that a physical server that is a member of a server farm is now unavailable. For details, see server-policy policy.
    • sys-ha-cluster-status-change—HA cluster status was changed.
    • sys-ha-member-join—HA member has joined.
    • sys-ha-member-leave—HA member has left.
    • sys-mode-change—The operation mode was changed. For details, see system settings.
    • power-supply-failureFortiWeb detects the power supply fails. It is only available for 2000E, 3000E, 3010E, and 4000E.
    		 No default.

    "<snmp-manager_index>"

    		 Enter the index number of an SNMP manager for the community. The valid range is 1–9,999,999,999,999,999,999. No default.

    {"<manager_ipv4> | <manager_ipv6>"}

    Enter the IP address of the SNMP manager that can do the following when you enable traps, queries, or both in this community:

    • Receive traps from the FortiWeb appliance
    • Query the FortiWeb appliance

    SNMP managers have read-only access.

    To allow any IP address using this SNMP community name to query the FortiWeb appliance, enter 0.0.0.0 or ::.

    Note: Entering 0.0.0.0 or :: effectively disables traps if there are no other host IP entries, because there is no specific destination for trap packets. If you do not want to disable traps, add at least one other entry that specifies the IP address of an SNMP manager.

    		 No default.

    Example

    For an example, see system snmp sysinfo.

    Related topics

    Previous
    Next