DX Unified Infrastructure Management

Hi Everyone.
I need monitoring the HA status of a Fortiweb device. The device is a model...


The administrator sent me this OID's...

fwTrapHAStatusChange Oid: 1.3.6.1.4.1.12356.107.10.0.6
fwTrapHAMemberJoin Oid: 1.3.6.1.4.1.12356.107.10.0.7
fwTrapHAMemberLeave Oid: 1.3.6.1.4.1.12356.107.10.0.8

I am thinking monitoring with snmptd or snmpget probe.
With snmptd the idea is that the administrator sent an status via traps snmp of ha status which according oid is fwTrapHAStatusChange Oid: 1.3.6.1.4.1.12356.107.10.0.6, but according to the administrator a test cannot be sent
With snmpget i see that the device not reporting the ha status whit the OID...

what am I doing wrong ?
Any suggestions?
What probe do you suggest to use?

Did you try to load the "Fortinet Core MIB" and "FortiWeb MIB" mib's?
(in snmpget and snmptd)
Trap oid's can not always be polled, but can be loaded in snmptd to do the translation.
Original Message:
Sent: Feb 01, 2023 04:36 PM
From: Miller Echagarreta
Subject: Monitoring OID of HA Status of FortiWeb with snmptd or snmpget

Hi Everyone.
I need monitoring the HA status of a Fortiweb device. The device is a model...


The administrator sent me this OID's...

fwTrapHAStatusChange Oid: 1.3.6.1.4.1.12356.107.10.0.6
fwTrapHAMemberJoin Oid: 1.3.6.1.4.1.12356.107.10.0.7
fwTrapHAMemberLeave Oid: 1.3.6.1.4.1.12356.107.10.0.8

I am thinking monitoring with snmptd or snmpget probe.
With snmptd the idea is that the administrator sent an status via traps snmp of ha status which according oid is fwTrapHAStatusChange Oid: 1.3.6.1.4.1.12356.107.10.0.6, but according to the administrator a test cannot be sent
With snmpget i see that the device not reporting the ha status whit the OID...

what am I doing wrong ?
Any suggestions?
What probe do you suggest to use?

Hi @Luc Christiaens how are you?
Yes I loaded the mib in snmptd, in fact configure the OID, only created a profile fo each OID, but i don't see the oid for translation, I added manually.
​
I configure this OID's 


How can testing if this OIDs added manually it's working?

The mibs in snmpget thet was load too...

To test traps I use an old CA NSM utility: catrap (see attachment)
Example:
catrap host_name 1.3.6.1.2.1.1.3 "" 6 3 "" 1.3.6.1.2.1.1.3.0 octetstringascii "luc" 1.3.6.1.2.1.1.3.0 octetstringascii "monitor toip" 1.3.6.1.2.1.2.2.1.1.347 octetstringascii "347" 1.3.6.1.2.1.10.20.1.3.4.1.2.347 octetstringascii "2"
---
If you fill in your snmptd instead of host_name you will see the trap coming in.
Original Message:
Sent: Feb 02, 2023 11:27 AM
From: Miller Echagarreta
Subject: Monitoring OID of HA Status of FortiWeb with snmptd or snmpget

Hi @Luc Christiaens how are you?
Yes I loaded the mib in snmptd, in fact configure the OID, only created a profile fo each OID, but i don't see the oid for translation, I added manually.
​
I configure this OID's 


How can testing if this OIDs added manually it's working?

The mibs in snmpget thet was load too...

There are a few questions first:
- what exactly you want to monitor?
- you need the current status of the HA?
- you need some sort of history for the status of HA?

The OID you received cannot be queried. As their name says, they are trap definitions. These could/should contain various varbinds that bring additional meaning to the SNMP message being sent. This usually comes from the MIB definition from the device vendor.

Basically you receive the SNMP Trap from the device and you have to interpret their meaning. This only gives you the current status of the HA and you cannot time report that would tell you how long the HA run. I generally teste these scenarios using trapgen, a snmp trap simulator in which you can define the required traps to test your scenarios.

There should be additional SNMP tables in the MIBs that you can query to tell you the current status of the HA. Those you can query and should be able to create a reporton/alert based the values you get back from the device.


------------------------------
Cătălin Fărcășanu
Senior Consultant
SolvIT Networks
------------------------------

Original Message:
Sent: Feb 01, 2023 04:36 PM
From: Miller Echagarreta
Subject: Monitoring OID of HA Status of FortiWeb with snmptd or snmpget

Hi Everyone.
I need monitoring the HA status of a Fortiweb device. The device is a model...


The administrator sent me this OID's...

fwTrapHAStatusChange Oid: 1.3.6.1.4.1.12356.107.10.0.6
fwTrapHAMemberJoin Oid: 1.3.6.1.4.1.12356.107.10.0.7
fwTrapHAMemberLeave Oid: 1.3.6.1.4.1.12356.107.10.0.8

I am thinking monitoring with snmptd or snmpget probe.
With snmptd the idea is that the administrator sent an status via traps snmp of ha status which according oid is fwTrapHAStatusChange Oid: 1.3.6.1.4.1.12356.107.10.0.6, but according to the administrator a test cannot be sent
With snmpget i see that the device not reporting the ha status whit the OID...

what am I doing wrong ?
Any suggestions?
What probe do you suggest to use?

Hi,

Those OIDs are used for traps, so you can use them with snmptd. To test it, you could probably restart the slave.

You need a different OID for snmpget, one that is used for queries, not for traps.
For example, fwSysHaMode 1.3.6.1.4.1.12356.107.2.1.3
High-availability mode HA mode(Standalone, Master, Slave)

Look for something similar in the Fortiweb MIBs. If you can't find it, you probably can't use snmpget for this.
Original Message:
Sent: Feb 01, 2023 04:36 PM
From: Miller Echagarreta
Subject: Monitoring OID of HA Status of FortiWeb with snmptd or snmpget

Hi Everyone.
I need monitoring the HA status of a Fortiweb device. The device is a model...


The administrator sent me this OID's...

fwTrapHAStatusChange Oid: 1.3.6.1.4.1.12356.107.10.0.6
fwTrapHAMemberJoin Oid: 1.3.6.1.4.1.12356.107.10.0.7
fwTrapHAMemberLeave Oid: 1.3.6.1.4.1.12356.107.10.0.8

I am thinking monitoring with snmptd or snmpget probe.
With snmptd the idea is that the administrator sent an status via traps snmp of ha status which according oid is fwTrapHAStatusChange Oid: 1.3.6.1.4.1.12356.107.10.0.6, but according to the administrator a test cannot be sent
With snmpget i see that the device not reporting the ha status whit the OID...

what am I doing wrong ?
Any suggestions?
What probe do you suggest to use?

Thank you guys @Luc Christiaens @@Catalin Farcasanu @Marius Nitu I will test simulating the traps and see how coming in snmptd. 
I had a small idea that traps could not be consulted directly, but now with your comments I can confirm it.
thank you, i learn a lot with this community
Anything other comments it's welco.​​​
Original Message:
Sent: Feb 02, 2023 07:02 AM
From: Marius Nitu
Subject: Monitoring OID of HA Status of FortiWeb with snmptd or snmpget

Hi,

Those OIDs are used for traps, so you can use them with snmptd. To test it, you could probably restart the slave.

You need a different OID for snmpget, one that is used for queries, not for traps.
For example, fwSysHaMode 1.3.6.1.4.1.12356.107.2.1.3
High-availability mode HA mode(Standalone, Master, Slave)

Look for something similar in the Fortiweb MIBs. If you can't find it, you probably can't use snmpget for this.
Original Message:
Sent: Feb 01, 2023 04:36 PM
From: Miller Echagarreta
Subject: Monitoring OID of HA Status of FortiWeb with snmptd or snmpget

Hi Everyone.
I need monitoring the HA status of a Fortiweb device. The device is a model...


The administrator sent me this OID's...

fwTrapHAStatusChange Oid: 1.3.6.1.4.1.12356.107.10.0.6
fwTrapHAMemberJoin Oid: 1.3.6.1.4.1.12356.107.10.0.7
fwTrapHAMemberLeave Oid: 1.3.6.1.4.1.12356.107.10.0.8

I am thinking monitoring with snmptd or snmpget probe.
With snmptd the idea is that the administrator sent an status via traps snmp of ha status which according oid is fwTrapHAStatusChange Oid: 1.3.6.1.4.1.12356.107.10.0.6, but according to the administrator a test cannot be sent
With snmpget i see that the device not reporting the ha status whit the OID...

what am I doing wrong ?
Any suggestions?
What probe do you suggest to use?