Filter
Top Products
FortiAnalyzer Version 3.0 MR7 Administration Guide
138 05-30007-0082-20080908
Output Alert
Adding an SNMP server
You can add an SNMP server to define a destination IP address that can be
selected as the recipient of FortiAnalyzer unit SNMP alerts. Defined SNMP
servers are also granted permission to request FortiAnalyzer unit system
information using SNMP traps.
To add an SNMP community
1 Go to Alert > Output > SNMP Access List.
2 Select Create New.
3 Enter a name in the Community Name field.
4 Select Add and then enter the IP address of the host.
5 If you need to enter multiple hosts, repeat step 4 until all hosts are included.
6 If you need to disable an SNMP event in the SNMP Event list, select the check
box beside the SNMP event to unselect the check box.
7 Select OK.
FortiAnalyzer SNMP support
You can configure the FortiAnalyzer unit to respond to traps and send alert
messages to SNMP managers that you have added to SNMP communities. If the
standard MIBs used by the FortiAnalyzer SNMP agent are already compiled into
your SNMP manager, you do not have to recompile them.
FortiAnalyzer SNMP is read-only: SNMP v1 and v2 compliant SNMP managers
have read-only access to FortiAnalyzer system information and can receive
FortiAnalyzer traps. RFC support includes most of RFC 2665 (Ethernet-like MIB)
and most of RFC 1213 (MIB II). FortiAnalyzer units also use object identifiers from
the Fortinet proprietary MIB.
For your SNMP manager to be able to communicate with the FortiAnalyzer unit,
you must first compile the Fortinet proprietary MIBs and supported standard MIBs
into your SNMP manager’s MIB database. You can obtain the Fortinet MIB files
from Fortinet Technical Support.
Your SNMP manager might already have a database of compiled standard and
private MIBs. In that case, add the Fortinet proprietary MIB to this database.
The Fortinet MIB contains support for all Fortinet devices, and includes some
generic SNMP traps; information responses and traps that FortiAnalyzer units
send are a subset of the total number supported by the Fortinet proprietary MIB.
fnTrapFlgEventCount is associated with alerts, which arise from log messages
received by the FortiAnalyzer unit from devices in the device list. All other traps
sent by FortiAnalyzer units arise from events on the FortiAnalyzer unit itself.
SNMP support provided by the Fortinet MIB is listed as follows.
Enable Select to disable the SNMP community.
Action Select Delete to remove the SNMP server configuration.
Select Edit to change the SNMP server configuration.
Select Test to verify the SNMP server configuration by sending a
test SNMP trap. This option does not appear if the IP or FQDN is
0.0.0.0.