UserGate supports monitoring using the SNMP v2c and SNMP v3 protocols. Both SNMP queries and SNMP trap management are supported. This allows you to monitor critical UserGate parameters using the SMNP management software used in your company.
To configure monitoring using SNMP, you need to create SNMP rules. To create an SNMP rule, click the Add button under SNMP and specify the following parameters:
Name |
Description |
---|---|
Rule name |
The name of the rule. |
Server IP address for traps |
The IP address of the trap server and the port on which the server will listen for notifications. Usually, it is UDP port 162. This setting is required only if you need to send traps to the notification server. |
Community |
SNMP community is a string to identify the UserGate server and SNMP management server for SNMP v2c. Use only Latin letters and numbers. |
Context |
Optional parameter that defines the SNMP context. Use only Latin letters and numbers. |
Version |
Specify the version of the SNMP protocol used in the rule. Available options: SNMP v2c and SNMP v3. |
Allow SNMP queries |
When enabled, allows receiving and processing of SNMP requests from the SNMP manager. |
Allow SNMP traps |
When enabled, allows sending of SNMP traps to the server configured to receive notifications. |
User |
For SNMP v3 only. User name to authenticate the SNMP manager. |
Authentication type |
Select an authentication mode for the SNMP manager. The available options are:
The authPriv mode is considered the most secure. |
Authentication algorithm |
Algorithm used for authentication. |
Authentication password |
Password used for authentication. |
Encryption algorithm |
Algorithm used for encryption. DES or AES can be used. |
Encryption password |
Password used for encryption. |
Events |
Parameters the values of which the SNMP manager will be able to read. If trap sending is allowed, a trap is sent to the server when a critical parameter value is reached. |
Note
Authentication settings for SNMP v2c (community) and SNMP v3 (user, authentication type, authentication algorithm, authentication password, encryption algorithm, encryption password) on the SNMP manager must match those of UserGate.
For information on configuring authentication settings for your SNMP manager, refer to the configuration guide for your SNMP management software.
The Download MIBs button allows you to download MIB files with UserGate monitoring parameters for later use in the SNMP manager. UserGate is assigned the unique SNMP PEN (Private Enterprise Number) 45741.
You can download the following MIB files:
-
UTM-TRAPS-MIB.
-
UTM-TRAPS-BINDINGS-MIB.
-
UTM-MIB.
-
UTM-INTERFACES-MIB.
UTM-TRAPS-MIB
Name |
Description |
---|---|
trapCoreCrush |
Core crash. |
trapStatDown |
Statistics service (UserGate Log Analyzer) unavailable. |
trapCoreBootstrapEnd |
Server booting has finished successfully. |
trapDefaultGatewayChanged |
Default gateway has been changed. |
trapHighSessionsCounter |
Conntrack table 90% full. |
trapHighUsersCounter |
Number of active users has reached 90% of the license threshold. |
trapStatusChanged |
Status of the HA cluster node has been changed. |
trapMemberUp |
Status of the HA cluster node has been changed to "Connected". |
trapMemberDown |
HA cluster node has been disconnected. |
trapAttackDetected |
Attack detected by IPS. |
trapChecksumFailed |
Binary files checksum mismatch. |
trapHighCPUUsage |
High CPU usage. |
trapLowMemory |
Low memory. |
trapLowLogdiskSpace |
Not enough disk space to store logs. |
trapRaidStatus |
RAID status has been changed. |
trapPowerSupply |
The first power supply is off. |
trapCableStatus |
Cable has been connected or disconnected from the interface. |
trapTrafficDrop |
A firewall deny rule has been triggered. |
trapLDAPServerDown |
An LDAP server is unavailable. |
UTM-TRAPS-BINDINGS-MIB
Name |
Data type |
Description |
---|---|---|
utmSessions |
Integer |
Current number of active sessions. |
utmSessionsMax |
Integer |
Maximum number of active sessions. |
utmUsers |
Integer |
Current number of active users. |
utmUsersMax |
Integer |
Maximum number of active users. |
utmHAStatus |
Integer |
Current status of the HA cluster node:
|
utmHAStatusReason |
Integer |
Reason for the change of the HA cluster node status:
|
utmCPUUsage |
Integer |
CPU load (in %). |
utmMemory |
Integer |
RAM usage (in %). |
utmLogdiskSpace |
Integer |
Disk space used for logs (in %). |
utmAdaptecRaidStatus |
Integer |
Current status of RAID (Redundant Array of Independent Disks) built on the Adaptec controller:
|
utmBroadcomRaidStatus |
Integer |
Current status of RAID (Redundant Array of Independent Disks) built on the Broadcom controller:
|
utmPowerSupply |
Integer |
Number of power supplies:
|
utmPowerSupplyStatus |
Integer |
State of the power supply:
|
utmCSCIfName |
String |
The interface name. |
utmCSCStatus |
Integer |
Status of the network adapter:
|
utmLDAPServerName |
String |
LDAP server name. |
utmLDAPServerAddress |
String |
LDAP server IP address. |
UTM-MIB
Name |
Data type |
Description |
---|---|---|
vcpuCount |
Integer |
Number of virtual CPUs in the system. |
vcpuUsage |
Integer |
Virtual CPU load in the system (in %). |
usersCounter |
Integer |
Current number of active users. |
cpuLoad |
Integer |
System CPU load (in %). |
memoryUsed |
Integer |
RAM usage (in %). |
logDiskSpace |
Integer |
Disk space used for logs (in %). |
Sys_power_supply1_status |
String |
State of the first power supply:
|
Sys_power_supply2_status |
String |
State of the second power supply.
|
Sys_raid_status |
Integer |
Current status of RAID (Redundant Array of Independent Disks):
|
UTM-INTERFACES-MIB
Name |
Data type |
Description |
---|---|---|
ifNumber |
Integer |
Number of network interfaces. |
ifIndex |
Integer |
The value is unique for each interface. Available values: from 1 to** **ifNumber. |
ifDescr |
String |
Interface description. |
ifType |
Integer |
Interface type determined according to the physical/link layer protocol:
|
ifMtu |
Integer |
Maximum size of a network layer packet that can be sent over this interface. |
ifSpeed |
gauge32 |
Interface bandwidth in bits per second. |
ifPhysAddress |
String |
Physical interface address (MAC address). |
ifAdminStatus |
Integer |
Interface state assigned by the administrator:
|
ifOperStatus |
Integer |
Current operating status of the interface:
|
ifLastChange |
timeticks |
SysUpTime value when the interface switches to this state. |
ifInOctets |
counter32 |
Number of bytes received by the interface, including service bytes. |
ifInUcastPkts |
counter32 |
Number of delivered unicast packets. |
ifInNUcastPkts |
counter32 |
Number of delivered multicast and broadcast packets. |
ifInDiscards |
counter32 |
Number of incoming packets that were dropped, even if no errors were detected preventing the delivery. Buffer space release may be one of the reasons for dropping. |
ifInErrors |
counter32 |
Number of incoming packets that contain errors preventing the delivery. |
ifInUnknownProtos |
counter32 |
Number of packets that were received through the interface and dropped because an unknown or unsupported protocol was used. |
ifOutOctets |
counter32 |
Number of bytes transmitted by the interface, including service bytes. |
ifOutUcastPkts |
counter32 |
Number of sent unicast packets including packets that were dropped or not sent. |
ifOutNUcastPkts |
counter32 |
Number of sent multicast and broadcast packets including packets that were dropped or not sent. |
ifOutDiscards |
counter32 |
Number of outgoing packets that were dropped, even if no errors were detected preventing the transmission. Buffer space release may be one of the reasons for dropping. |
ifOutErrors |
counter32 |
Number of outgoing packets that could not be transmitted due to errors. |
ifOutQLen |
gauge32 |
Number of packets in the send queue. |
ifInMulticastPkts |
counter32 |
Number of delivered multicast packets. |
ifInBroadcastPkts |
counter32 |
Number of delivered broadcast packets. |
ifOutMulticastPkts |
counter32 |
Number of sent multicast packets including packets that were dropped or not sent. |
ifOutBroadcastPkts |
counter32 |
Number of sent broadcast packets including packets that were dropped or not sent. |
ifHCInOctets |
counter64 |
Identical to ifInOctets: number of bytes received by the interface, including service bytes; uses a higher capacity counter. |
ifHCInUcastPkts |
counter64 |
Identical to ifInUcastPkts: number of delivered unicast packets; uses a higher capacity counter. |
ifHCInMulticastPkts |
counter64 |
Identical to ifInMulticastPkts: number of delivered multicast packets; uses a higher capacity counter. |
ifHCInBroadcastPkts |
counter64 |
Identical to ifInBroadcastPkts: number of delivered broadcast packets; uses a higher capacity counter. |
ifHCOutOctets |
counter64 |
Identical to ifOutOctets: number of bytes transmitted by the interface, including service bytes; uses a higher capacity counter. |
ifHCOutUcastPkts |
counter64 |
Identical to ifOutUcastPkts: number of sent unicast packets including packets that were dropped or not sent; uses a higher capacity counter. |
ifHCOutMulticastPkts |
counter64 |
Identical to ifOutMulticastPkts: number of sent multicast packets including packets that were dropped or not sent; uses a higher capacity counter. |
ifHCOutBroadcastPkts |
counter64 |
Identical to ifOutBroadcastPkts: Number of sent broadcast packets including packets that were dropped or not sent; uses a higher capacity counter. |
ifLinkUpDownTrapEnable |
Integer |
Specifies whether to create a trap when the link status changes:
|
ifHighSpeed |
gauge32 |
Current estimated interface bandwidth pool in bit/s, kbit/s, Mbit/s, or Gbit/s. |
ifPromiscuousMode |
Integer |
Promiscuous mode. Available values:
The object value does not affect broadcast and multicast packets/frames reception. |
ifAlias |
String |
Interface name assigned by the administrator. |
ifCounterDiscontinuityTime |
timeticks |
SysUpTime value when the event occurred that caused one or more interface counters to fail. |