I’am trying to monitor my firewall fortigate 100D i just could extract some metrics and display them using dashboard ‘‘snmp stats’’ ID 11169
the problem that this is not the metrics wanted !!
I need to see other metrics such as VPN accounts Users (Users and devices)
Using the generator for snmp_Exporter and the MIB files downloaded from your 100D, you should be able to customize whatever you want to see in there!
If you open the fortigate MIB (not the CORE mib) and scroll down past the notes at top you will find the ID’s that you can provide. I recently set it up for SLA monitoring and worked like a charm. Just make sure when using the generator you upload/move the MIB files in the mib directory inside of the generator.
I noticed that when running the generator, the only way to get it working with my Fortigate MIBS was to run the go build, make mibs, and export MIBDIRS=mibs
to get it to work, not doing the above would result in kicking back an error of MIB not found.
Hope this helps, sorry so jumbled, in a rush this morning, feel free to reach out with any questions!
Hi, can you please help me with integrating the Fortigate Firewall to the Prometheus’ snmp_exporter?
I got this error:
prometheus.yml CONFIG:
and this is generator.yml’s CONFIG:
auths:
public_v2:
version: 3
community: public
username: public
security_level: noAuthNoPriv
password: snmppassw
auth_protocol: MD5
#priv_protocol: DES
#priv_password: otherPass
#context_name: context
modules:
if_mib:
walk:
#- 1.3.6.1.2.1.2
- 1.3.6.1.2.1.31.1.1
#- 1.3.6.1.2.1.31.1.1.1.6.40
- 1.3.6.1.4.1.12356.101 #Fortigate
- 1.3.6.1.4.1.12356.100 #Fortigate-Core
- 1.3.6.1.2.1.31.1.1.1.1.31 #= STRING: “MKT-CEBU-GLOBE”
- 1.3.6.1.2.1.31.1.1.1.1.32 #= STRING: “MKT-QC-PLDT”
- 1.3.6.1.2.1.31.1.1.1.1.33 #= STRING: “MKT-BCD-Globe”
max_repetitions: 25
retries: 5
timeout: 90s
lookups:
- source_indexes: [ifIndex]
lookup: ifAlias
- source_indexes: [ifIndex]
lookup: ifDescr
- source_indexes: [bsnDot11EssIndex]
lookup: bsnDot11EssSsid
drop_source_indexes: false
- source_indexes: [cbQosPolicyIndex, cbQosObjectsIndex]
lookup: cbQosConfigIndex
- source_indexes: [cbQosConfigIndex]
lookup: cbQosCMName
overrides: # Allows for per-module overrides of bits of MIBs
metricName:
ignore: true # Drops the metric from the output.
regex_extracts:
Temp: # A new metric will be created appending this to the metricName to become metricNameTemp.
- regex: '(.*)' # Regex to extract a value from the returned SNMP walks's value.
value: '$1' # The result will be parsed as a float64, defaults to $1.
Status:
- regex: '.*Example'
value: '1'
- regex: '.*'
value: '0'
offset: 1.0 # Add the value to the same. Applied after scale.
scale: 1.0 # Scale the value of the sample by this value.
type: DisplayString # Override the metric type, possible types are:
filters:
static:
- targets:
- bsnDot11EssSsid
indices: ["2","3","4"] # List of interface indices to get
dynamic:
- oid: 1.3.6.1.2.1.2.2.1.7
targets:
- "1.3.6.1.2.1.2.2.1.4"
values: ["1", "2"]