I'm trying to set up Telegraf with the SNMP plugin to monitor our network devices, but I can't for the life of me figure it out.
The first device I'm trying to look at is a Fortigate 600D on 5.4.X. I downloaded the MIB from support and opened it using the Paessler MIB Importer to get the OID numbers. Here's my Telegraf config:
[[inputs.snmp]] agents = [ "192.168.1.1:161" ] version = 2 community = "public" name = "system" [[inputs.snmp.field]] name = "fg sys cpu usage" oid = "1.3.6.1.4.1.12356.101.4.1.3.0" [[inputs.snmp.field]] name = "fg sys mem usage" oid = "1.3.6.1.4.1.12356.101.4.1.4.0" [[inputs.snmp.field]] name = "fg sys disk usage" oid = "1.3.6.1.4.1.12356.101.4.1.6.0" [[inputs.snmp.field]] name = "fg sys ses count" oid = "1.3.6.1.4.1.12356.101.4.1.8.0" [[inputs.snmp.field]] name = "fg ips intrusions detected" oid = "1.3.6.1.4.1.12356.101.9.2.1.1.1" [[inputs.snmp.field]] name = "fg ips intrusions blocked" oid = "1.3.6.1.4.1.12356.101.9.2.1.1.2" [[inputs.snmp.field]] name = "fg ips anomaly detections" oid = "1.3.6.1.4.1.12356.101.9.2.1.1.9" [[inputs.snmp.field]] name = "fg ip sess number" oid = "1.3.6.1.4.1.12356.101.11.2.2.1.1" [[inputs.snmp.field]] name = 'if in ucast pkts' oid = "1.3.6.1.2.1.2.2.1.11" [[inputs.snmp.field]] name = 'if out ucast pkts' oid = "1.3.6.1.2.1.2.2.1.17" [[inputs.snmp.field]] name = 'if in errors' oid = "1.3.6.1.2.1.2.2.1.14" [[inputs.snmp.field]] name = 'if out errors' oid = "1.3.6.1.2.1.2.2.1.20"
The names starting with fg, and their OID numbers, are taken straight from the MIB. The names starting with if were taken from another generic RF1918 MIB that I found, since I can't seem to find interface stats in the Fortigate MIB.
The only stats I see in Grafana/InfluxDB are the first 4: CPU, Memory, Disk, Sessions. I don't see any IPS stats or interface stats. We use IPS/IDS heavily on our FG units.
Any ideas on how I can get these stats?
Edit: Some additional info. I experience similar symptoms when trying to monitor Cisco devices. Another question: if I do an SNMP Walk against my devices, I get a massive list of OIDs. How do I know what these OIDs represent?
No comments:
Post a Comment