Hello,
I’m thinking of developing monitoring for Fortigate using influxdb and telegraf. So far, I have designed a dashboard consisting of these data. Fortigate’s CPU, ram, and session information are coming.
But I want to capture and display network traffic like which IP addresses use how much network.
I am sharing my Telegraf.conf file and dashboard below.
InfluxDB v2.5.1 (git: 5b6fdbf05d)
Grafana *v8.2.3 (fb85ed6912)
Telegraf v1.24.3 (git: HEAD@ff7323e1)
[[inputs.snmp]]
agents = [ "IP_ADDRESS:161" ]
timeout = "5s"
retries = 3
version = 2
community = "monitoring"
# ## SNMPv3 auth parameters
sec_name = "sec_name"
auth_protocol = "MD5" # Values: "MD5", "SHA", ""
auth_password = "pass"
sec_level = "authPriv" # Values: "noAuthNoPriv", "authNoPriv", "authPriv"
#context_name = ""
priv_protocol = "AES" # Values: "DES", "AES", ""
priv_password = "pass"
name = "FortiGate"
[[inputs.snmp.field]]
name = "hostname"
oid = "SNMPv2-MIB::sysName.0"
[[inputs.snmp.field]]
name = "sysLocation"
oid = "SNMPv2-MIB::sysLocation.0"
[[inputs.snmp.field]]
name = "uptime"
oid = "DISMAN-EXPRESSION-MIB::sysUpTimeInstance.0"
[[inputs.snmp.field]]
name = "fnSysSerial"
oid = "FORTINET-CORE-MIB::fnSysSerial.0"
[[inputs.snmp.field]]
name = "fgSysVersion"
oid = "FORTINET-FORTIGATE-MIB::fgSysVersion.0"
[[inputs.snmp.field]]
name = "fgSysUpTime"
oid = "FORTINET-FORTIGATE-MIB::fgSysUpTime.0"
[[inputs.snmp.field]]
name = "fgSysMemUsage"
oid = "FORTINET-FORTIGATE-MIB::fgSysMemUsage.0"
[[inputs.snmp.field]]
name = "fgSysCpuUsage"
oid = "FORTINET-FORTIGATE-MIB::fgSysCpuUsage.0"
[[inputs.snmp.field]]
name = "fgSysMemCapacity"
oid = "FORTINET-FORTIGATE-MIB::fgSysMemCapacity.0"
[[inputs.snmp.field]]
name = "fgSysDiskUsage"
oid = "FORTINET-FORTIGATE-MIB::fgSysDiskUsage.0"
[[inputs.snmp.field]]
name = "fgSysDiskCapacity"
oid = "FORTINET-FORTIGATE-MIB::fgSysDiskCapacity.0"
[[inputs.snmp.field]]
name = "fgSysSesCount"
oid = "FORTINET-FORTIGATE-MIB::fgSysSesCount.0"
[[inputs.snmp.field]]
name = "fgSysLowMemUsage"
oid = "FORTINET-FORTIGATE-MIB::fgSysLowMemUsage.0"
[[inputs.snmp.field]]
name = "fgSysLowMemCapacity"
oid = "FORTINET-FORTIGATE-MIB::fgSysLowMemCapacity.0"
# IF-MIB::ifXTable contains newer High Capacity (HC) counters that do not overflow as fast for a few of the ifTable counters
[[inputs.snmp.table]]
name = "FortiGate-interface"
# Interface tag - used to identify interface in metrics database
[[inputs.snmp.table.field]]
name = "ifName"
oid = "IF-MIB::ifName"
is_tag = true
[[inputs.snmp.table.field]]
name = "ifHCOutOctets"
oid = "IF-MIB::ifHCOutOctets"
[[inputs.snmp.table.field]]
name = "ifHCInOctets"
oid = "IF-MIB::ifHCInOctets"
#FORTINET-FORTIGATE-MIB::fgVdTable
[[inputs.snmp.table]]
name = "FORTINET-FORTIGATE-MIB::fgVdTable"
inherit_tags = [ "hostname" ]
oid = "FORTINET-FORTIGATE-MIB::fgVdTable"
#FORTINET-FORTIGATE-MIB::fgVdEntName
[[inputs.snmp.table.field]]
name = "fgVdEntName"
oid = "FORTINET-FORTIGATE-MIB::fgVdEntName"
is_tag = true
#VPN
[[inputs.snmp.table]]
## measurement name
name = "fgVpnTun"
[[inputs.snmp.table.field]]
name = "fgVpnTunEntPhase1Name"
oid = "FORTINET-FORTIGATE-MIB::fgVpnTunEntPhase1Name"
is_tag = true
[[inputs.snmp.table.field]]
name = "fgVpnTunEntPhase2Name"
oid = "FORTINET-FORTIGATE-MIB::fgVpnTunEntPhase2Name"
is_tag = true
[[inputs.snmp.table.field]]
name = "fgVpnTunEntInOctets"
oid = "FORTINET-FORTIGATE-MIB::fgVpnTunEntInOctets"
[[inputs.snmp.table.field]]
name = "fgVpnTunEntOutOctets"
oid = "FORTINET-FORTIGATE-MIB::fgVpnTunEntOutOctets"
[[inputs.snmp.table.field]]
name = "fgVpnTunEntStatus"
oid = "FORTINET-FORTIGATE-MIB::fgVpnTunEntStatus"
#HA
[[inputs.snmp.table]]
## measurement name
name = "fgHaStats"
[[inputs.snmp.table.field]]
name = "fgHaStatsHostname"
oid = "FORTINET-FORTIGATE-MIB::fgHaStatsHostname"
is_tag = true
[[inputs.snmp.table.field]]
name = "fgHaStatsSyncStatus"
oid = "FORTINET-FORTIGATE-MIB::fgHaStatsSyncStatus"
[[inputs.snmp.table.field]]
name = "fgHaStatsCpuUsage"
oid = "FORTINET-FORTIGATE-MIB::fgHaStatsCpuUsage"
[[inputs.snmp.table.field]]
name = "fgHaStatsSerial"
oid = "FORTINET-FORTIGATE-MIB::fgHaStatsSerial"
[[inputs.snmp.table.field]]
name = "fgHaStatsMemUsage"
oid = "FORTINET-FORTIGATE-MIB::fgHaStatsMemUsage"
[[inputs.snmp.table.field]]
name = "fgHaStatsNetUsage"
oid = "FORTINET-FORTIGATE-MIB::fgHaStatsNetUsage"
[[inputs.snmp.table.field]]
name = "fgHaStatsSesCount"
oid = "FORTINET-FORTIGATE-MIB::fgHaStatsSesCount"
[[inputs.snmp.table.field]]
name = "fgHaStatsPktCount"
oid = "FORTINET-FORTIGATE-MIB::fgHaStatsPktCount"
[[inputs.snmp.table.field]]
name = "fgHaStatsByteCount"
oid = "FORTINET-FORTIGATE-MIB::fgHaStatsByteCount"
[[inputs.snmp.table.field]]
name = "fgHaStatsIdsCount"
oid = "FORTINET-FORTIGATE-MIB::fgHaStatsIdsCount"
[[inputs.snmp.table.field]]
name = "fgHaStatsAvCount"
oid = "FORTINET-FORTIGATE-MIB::fgHaStatsAvCount"
[[inputs.snmp.field]]
name = "Uptime"
oid = "iso.3.6.1.2.1.1.3.0"
[[inputs.snmp.field]]
name = "Memory"
oid = "iso.3.6.1.4.1.12356.101.4.5.3.1.7.1"
[[inputs.snmp.field]]
name = "CPU"
oid = ".1.3.6.1.4.1.12356.101.4.1.3.0"
[[inputs.snmp.field]]
name = "Sessions"
oid = "1.3.6.1.4.1.12356.101.4.1.8.0"
[[inputs.snmp.field]]
name = "OF"
oid = ".1.3.6.1.4.1.12356.101.8.2.1.1.1"
[[inputs.snmp.field]]
name = "Red"
oid = "1.3.6.1.4.1.12356.101.13.2.1.1.5.1"
[[inputs.snmp.field]]
name = "disk usage"
oid = "1.3.6.1.4.1.12356.101.4.1.6.0"
[[inputs.snmp.field]]
name = "LAN - Entry"
oid = "1.3.6.1.2.1.31.1.1.1.6.8"
[[inputs.snmp.field]]
name = "VAN - Entry"
oid = "1.3.6.1.2.1.31.1.1.1.6.1"
Grafana Dashboard:
If there is a dashboard and/or telegraf.conf file ready for Fortigate, could you please share it?
Thanks.