FORTINET-FORTIANALYZER-MIB DEFINITIONS ::= BEGIN IMPORTS FnIndex, fnGenTrapMsg, fnSysSerial, fortinet, fnTrapsPrefix FROM FORTINET-CORE-MIB InetPortNumber FROM INET-ADDRESS-MIB sysName FROM SNMPv2-MIB MODULE-COMPLIANCE, NOTIFICATION-GROUP, OBJECT-GROUP FROM SNMPv2-CONF Counter32, Gauge32, Integer32, IpAddress, MODULE-IDENTITY, NOTIFICATION-TYPE, OBJECT-TYPE FROM SNMPv2-SMI DisplayString, TEXTUAL-CONVENTION FROM SNMPv2-TC; fnFortiAnalyzerMib MODULE-IDENTITY LAST-UPDATED "200909210000Z" ORGANIZATION "Fortinet Technologies, Inc." CONTACT-INFO " Technical Support email: support@fortinet.com http://www.fortinet.com" DESCRIPTION "MIB module for Fortinet FortiAnalyzer devices." REVISION "200909210000Z" DESCRIPTION "Fix syntax errors." REVISION "200902050000Z" DESCRIPTION "Initial version of FORTINET-FORTIANALYZER-MIB." ::= { fortinet 102 } FaSessProto ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "data type for session protocols" SYNTAX INTEGER { ip(0), icmp(1), igmp(2), ipip(4), tcp(6), egp(8), pup(12), udp(17), idp(22), ipv6(41), rsvp(46), gre(47), esp(50), ah(51), ospf(89), pim(103), comp(108), raw(255) } FaRAIDStatusCode ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Enumerated list of RAID status codes." SYNTAX INTEGER { arrayOK(1), arrayDegraded(2), arrayInoperable(3), arrayRebuilding(4), arrayRebuildingStarted(5), arrayRebuildingFinished(6), arrayInitializing(7), arrayInitializingStarted(8), arrayInitializingFinished(9), diskOK(10), diskDegraded(11), diskFailEvent(12) } FaSysEventCode ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "Enumerated list of system events." SYNTAX INTEGER { systemHalt(1), systemReboot(2), upgradeConfig(3), systemUpgrade(4), logdiskFormat(5) } faTraps OBJECT IDENTIFIER ::= { fnFortiAnalyzerMib 0 } faTrapPrefix OBJECT IDENTIFIER ::= { faTraps 0 } faTrapObject OBJECT IDENTIFIER ::= { faTraps 1 } faSystemEvent OBJECT-TYPE SYNTAX FaSysEventCode MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Type of system event that triggered notification." ::= { faTrapObject 1 } faRAIDStatus OBJECT-TYPE SYNTAX FaRAIDStatusCode MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "New RAID state associated with a RAID status change event." ::= { faTrapObject 2 } faRAIDDevIndex OBJECT-TYPE SYNTAX DisplayString (SIZE(0..32)) MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "Name/index of a RAID device relating to the event." ::= { faTrapObject 3 } faGenAlert OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "Detail of defined event alert sent from FortiAnalyzer" ::= { faTrapObject 4 } faModel OBJECT IDENTIFIER ::= { fnFortiAnalyzerMib 1 } faz100 OBJECT IDENTIFIER ::= { faModel 1000 } faz100A OBJECT IDENTIFIER ::= { faModel 1001 } faz100B OBJECT IDENTIFIER ::= { faModel 1002 } faz100C OBJECT IDENTIFIER ::= { faModel 1003 } faz400 OBJECT IDENTIFIER ::= { faModel 4000 } faz400B OBJECT IDENTIFIER ::= { faModel 4002 } faz800 OBJECT IDENTIFIER ::= { faModel 8000 } faz800B OBJECT IDENTIFIER ::= { faModel 8002 } faz1000B OBJECT IDENTIFIER ::= { faModel 10002 } faz2000 OBJECT IDENTIFIER ::= { faModel 20000 } faz2000A OBJECT IDENTIFIER ::= { faModel 20001 } faz4000 OBJECT IDENTIFIER ::= { faModel 40000 } faz4000A OBJECT IDENTIFIER ::= { faModel 40001 } faInetProto OBJECT IDENTIFIER ::= { fnFortiAnalyzerMib 2 } faInetProtoInfo OBJECT IDENTIFIER ::= { faInetProto 1 } faInetProtoTables OBJECT IDENTIFIER ::= { faInetProto 2 } faIpSessTable OBJECT-TYPE SYNTAX SEQUENCE OF FaIpSessEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information on the IP sessions active on the device" ::= { faInetProtoTables 1 } faIpSessEntry OBJECT-TYPE SYNTAX FaIpSessEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Information on a specific session, including source and destination" INDEX { faIpSessIndex } ::= { faIpSessTable 1 } FaIpSessEntry ::= SEQUENCE { faIpSessIndex FnIndex, faIpSessProto FaSessProto, faIpSessFromAddr IpAddress, faIpSessFromPort InetPortNumber, faIpSessToAddr IpAddress, faIpSessToPort InetPortNumber, faIpSessExp Counter32 } faIpSessIndex OBJECT-TYPE SYNTAX FnIndex MAX-ACCESS not-accessible STATUS current DESCRIPTION "An index value that uniquely identifies an IP session within the faIpSessTable" ::= { faIpSessEntry 1 } faIpSessProto OBJECT-TYPE SYNTAX FaSessProto MAX-ACCESS read-only STATUS current DESCRIPTION "The protocol the session is using (IP, TCP, UDP, etc.)" ::= { faIpSessEntry 2 } faIpSessFromAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Source IP address (IPv4 only) of the session" ::= { faIpSessEntry 3 } faIpSessFromPort OBJECT-TYPE SYNTAX InetPortNumber MAX-ACCESS read-only STATUS current DESCRIPTION "Source port number (UDP and TCP only) of the session" ::= { faIpSessEntry 4 } faIpSessToAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Destination IP address (IPv4 only) of the session" ::= { faIpSessEntry 5 } faIpSessToPort OBJECT-TYPE SYNTAX InetPortNumber MAX-ACCESS read-only STATUS current DESCRIPTION "Destination Port number (UDP and TCP only) of the session" ::= { faIpSessEntry 6 } faIpSessExp OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of seconds remaining before the session expires (if idle)" ::= { faIpSessEntry 7 } fa300Compat OBJECT IDENTIFIER ::= { fnFortiAnalyzerMib 99 } faHwSensors OBJECT IDENTIFIER ::= { fa300Compat 1 } faHwSensorCount OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS deprecated DESCRIPTION "The number of entries in faHwSensorTable" ::= { faHwSensors 1 } faHwSensorTable OBJECT-TYPE SYNTAX SEQUENCE OF FaHwSensorEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A list of device specific hardware sensors and values. Because different devices have different hardware sensor capabilities, this table may or may not contain any values." ::= { faHwSensors 2 } faHwSensorEntry OBJECT-TYPE SYNTAX FaHwSensorEntry MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "An entry containing the name, value, and alarm status of a given hardware sensor" INDEX { faHwSensorEntIndex } ::= { faHwSensorTable 1 } FaHwSensorEntry ::= SEQUENCE { faHwSensorEntIndex FnIndex, faHwSensorEntName DisplayString, faHwSensorEntValue DisplayString, faHwSensorEntAlarmStatus INTEGER } faHwSensorEntIndex OBJECT-TYPE SYNTAX FnIndex MAX-ACCESS not-accessible STATUS deprecated DESCRIPTION "A unique identifier within the faHwSensorTable" ::= { faHwSensorEntry 1 } faHwSensorEntName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS deprecated DESCRIPTION "A string identifying the sensor by name" ::= { faHwSensorEntry 2 } faHwSensorEntValue OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS deprecated DESCRIPTION "A string representation of the value of the sensor. Because sensors can present data in different formats, string representation is most general format. Interpretation of the value (units of measure, for example) is dependent on the individual sensor." ::= { faHwSensorEntry 3 } faHwSensorEntAlarmStatus OBJECT-TYPE SYNTAX INTEGER { false(0), true(1) } MAX-ACCESS read-only STATUS deprecated DESCRIPTION "If the sensor has an alarm threshold and has exceeded it, this will indicate its status. Not all sensors have alarms." ::= { faHwSensorEntry 4 } fa300System OBJECT IDENTIFIER ::= { fa300Compat 2 } fa300SysSerial OBJECT-TYPE SYNTAX DisplayString (SIZE(0..32)) MAX-ACCESS read-only STATUS current DESCRIPTION "Serial number of the device" ::= { fa300System 1 } fa300SysVersion OBJECT-TYPE SYNTAX DisplayString (SIZE(0..128)) MAX-ACCESS read-only STATUS current DESCRIPTION "Firmware version of the device" ::= { fa300System 2 } fa300SysCpuUsage OBJECT-TYPE SYNTAX Gauge32 (0..100) MAX-ACCESS read-only STATUS current DESCRIPTION "Current CPU usage (percentage)" ::= { fa300System 3 } fa300SysMemUsage OBJECT-TYPE SYNTAX Gauge32 (0..100) MAX-ACCESS read-only STATUS current DESCRIPTION "Current memory utilization (percentage)" ::= { fa300System 4 } fa300SysSesCount OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of active sessions on the device" ::= { fa300System 5 } fa300SysDiskCapacity OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total hard disk capacity (MB), if disk is present" ::= { fa300System 6 } fa300SysDiskUsage OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "Current hard disk usage (MB), if disk is present" ::= { fa300System 7 } fa300SysMemCapacity OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "Total physical memory (RAM) installed (KB)" ::= { fa300System 8 } faMIBConformance OBJECT IDENTIFIER ::= { fnFortiAnalyzerMib 100 } faTrapSystemEvent NOTIFICATION-TYPE OBJECTS { fnSysSerial, faSystemEvent } STATUS current DESCRIPTION "A system event occured. The specific type of event is indecated by the faSystemEvent parameter." ::= { faTrapPrefix 1001 } faTrapRAIDStatusChange NOTIFICATION-TYPE OBJECTS { fnSysSerial, faRAIDStatus, faRAIDDevIndex } STATUS current DESCRIPTION "Trap is sent when there is a change in the status of the RAID array, if present." ::= { faTrapPrefix 1002 } faTrapGenAlert NOTIFICATION-TYPE OBJECTS { fnSysSerial, fnGenTrapMsg } STATUS current DESCRIPTION "Trap sent when FortiAnalyzer event parameter exceeds configured limit. Event description included in trap." ::= { faTrapPrefix 1003 } faTrapLogRateThreshold NOTIFICATION-TYPE OBJECTS { fnSysSerial, sysName } STATUS current DESCRIPTION "Indicates that the incoming log rate has exceeded the configured threshold." ::= { fnTrapsPrefix 1005 } faTrapDataRateThreshold NOTIFICATION-TYPE OBJECTS { fnSysSerial, sysName } STATUS current DESCRIPTION "Indicates that the incoming data rate has exceeded the configured threshold." ::= { fnTrapsPrefix 1006 } faSystemComplianceGroup OBJECT-GROUP OBJECTS { fa300SysSerial, fa300SysVersion, fa300SysCpuUsage, fa300SysMemUsage, fa300SysDiskCapacity, fa300SysDiskUsage, fa300SysMemCapacity, fa300SysSesCount, faSystemEvent } STATUS current DESCRIPTION "System related instrumentation" ::= { faMIBConformance 1 } faTrapsComplianceGroup NOTIFICATION-GROUP NOTIFICATIONS { faTrapSystemEvent, faTrapRAIDStatusChange, faTrapGenAlert, faTrapLogRateThreshold, faTrapDataRateThreshold } STATUS current DESCRIPTION "Event notifications" ::= { faMIBConformance 2 } faSessionComplianceGroup OBJECT-GROUP OBJECTS { faIpSessProto, faIpSessFromAddr, faIpSessFromPort, faIpSessToAddr, faIpSessToPort, faIpSessExp } STATUS current DESCRIPTION "Session related instrumentation" ::= { faMIBConformance 3 } faMiscComplianceGroup OBJECT-GROUP OBJECTS { faGenAlert } STATUS current DESCRIPTION "Miscellanious instrumentation" ::= { faMIBConformance 4 } faHwSensorComplianceGroup OBJECT-GROUP OBJECTS { faHwSensorCount, faHwSensorEntName, faHwSensorEntValue, faHwSensorEntAlarmStatus } STATUS deprecated DESCRIPTION "Hardware sensor related information" ::= { faMIBConformance 5 } faNotificationObjectsComplianceGroup OBJECT-GROUP OBJECTS { faSystemEvent, faRAIDStatus, faRAIDDevIndex } STATUS current DESCRIPTION "Object identifiers used in notifications" ::= { faMIBConformance 6 } faMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the application MIB." MODULE -- this module GROUP faSystemComplianceGroup DESCRIPTION "System related instrumentation" GROUP faSessionComplianceGroup DESCRIPTION "Session related instrumentation" GROUP faMiscComplianceGroup DESCRIPTION "Miscellanious instrumentation" GROUP faTrapsComplianceGroup DESCRIPTION "Traps are optional. Not all models support all traps. Consult product literature to see which traps are supported." GROUP faNotificationObjectsComplianceGroup DESCRIPTION "Object identifiers used in notifications. Objects are required if their containing trap is implemented." ::= { faMIBConformance 100 } faObsoleteMIBCompliance MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement of deprecated objects for the application MIB, they may still be used by older models." MODULE -- this module GROUP faHwSensorComplianceGroup DESCRIPTION "Traps are optional. Not all models support all traps. Consult product literature to see which traps are supported." ::= { faMIBConformance 101 } END -- end of module FORTINET-FORTIANALYZER-MIB.