Fortinet Firewall
Introduction
The Fortinet Firewall Monitoring Observability solution aims to provide detailed insights and comprehensive visibility into firewall infrastructure, leveraging the Simple Network Management Protocol (SNMP)
Getting Started
Compatibility
Fortinet Firewall O11ySource supports SNMP versions v1, v2c and v3.
Data Collection Method
vuSmartMaps collects the availability data for Fortinet Firewall O11ySource using an internal data collector and collects data based on the source configuration. NOTE: SNMP Polling O11ySource has to be enabled and configured before enabling Fortinet Firewall O11ySource
Prerequisites
Dependent Configuration
To configure this O11ySource, create a 'credential' of type 'snmp' under the 'Definition' tab.
Inputs for Configuring Data Source
- Group Name: This field is for grouping devices for SNMP polling, making it easier to manage devices with common characteristics or within the same network segment.
- No. of Retries: Number of times the system should reattempt polling if the initial attempt fails. Default is set to 7 retries
- Timeout Duration: Specify how long the system should wait for a response from a device before considering the attempt unsuccessful. Default timeout is 5 seconds
Devices
- Device IP: Enter the IP address of the device.
- SNMP Credential: Select the SNMP credential from the dropdown list that corresponds to this device.
- Vendor: Select the vendor of the device from the dropdown list
- Model: Select the model of the device from dropdown list.
MIB Groups
- MIB Group: Select the MIB Group to poll, identifying the MIB OID to collect. Default: 'ALL_SUPPORTED_MIB_GROUPS'.
- Interval: Specify the polling interval in seconds. Default: 360 seconds
Firewall Requirement
To collect data from this O11ySource, ensure the following ports are opened:
| Source IP | Destination IP | Destination Port | Protocol | Direction |
|---|---|---|---|---|
| vuSmartMaps IP | IP address of the SNMP device | 161* | UDP | Outbound |
*Before providing the firewall requirements, please update the port based on the customer environment.
Configuring the Target
Configure SNMP on Fortinet Firewall devices and grant SNMP access permissions to vuSmartMaps designated IP address.
Configuration Steps
- Enable the Fortinet Firewall O11ySource.
- Select the Sources tab and press the
+button to add a new SNMP device to be monitored. - Click on
Saveto create the instance
Metrics Collected
| Name | Description | Data Type |
|---|---|---|
| timestamp | Timestamp | DateTime64(3) |
| target | IP of the Target Server | String |
| host | IP of the Host | String |
| hostname | Hostname of the target server | String |
| tenant_id | Tenant Id | LowCardinality(String) |
| bu_id | BU Id | LowCardinality(String) |
| Data Type | Data Type | LowCardinality(String) |
| Type | Type for each data | LowCardinality(String) |
| DeviceIP | Device IP Address | IPv4 |
| index | Index used for different parts | String |
| name | Name of memory | String |
| cpu_name | CPU Name | LowCardinality(String) |
| hard_disk_usage_p | Hard Disk Utilization in percentage | Float64 |
| fghastatsindex | High Availability Statistics Index | UInt64 |
| fghastatsserial | Serial Number of HA cluster member | String |
| fghastatscpuusage | CPU Usgae of HA cluster member | Float32 |
| fghastatsmemusage | Memory Usgae of HA cluster member | Float32 |
| fghastatsnetusage | Network usage of HA cluster member | UInt64 |
| fghastatssescount | Session count of HA Cluster member | UInt64 |
| fghastatspktcount | Packet count of HA Cluster member | UInt64 |
| fghastatspktcount_diff | Diff value of Packet count of HA Cluster member with respect to previous iteration | UInt64 |
| fghastatsbytecount | Byte count of HA Cluster member | UInt64 |
| fghastatsbytecount_diff | Diff value of Byte count of HA Cluster member with respect to previous iteration | UInt64 |
| fghastatsidscount | IDS count of HA cluster member | UInt64 |
| fghastatsidscount_diff | Diff value of IDS count of HA Cluster member with respect to previous iteration | UInt64 |
| fghastatsavcount | VA count of HA cluster member | UInt64 |
| fghastatsavcount_diff | Diff value of VA count of HA Cluster member with respect to previous iteration | UInt64 |
| fghastatshostname | Hostname of the HA Cluster member | String |
| fghastatssyncstatus | Sync Status of HA Cluster member | Int8 |
| fghastatsglobalchecksum | Global checksum of HA Cluster Member | String |
| fghastatsmasterserial | Serial Number of HA cluster master | String |
