Search Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
Directory Tree
check_fortigate.pl: fortigate,fortimail, fortianalyzer
1.7.0
2016-06-02
- Nagios 1.x
- Nagios 2.x
- Nagios 3.x
- Nagios 4.x
GPL
98960
Usage:
check_fortigate.pl -H -C -T [-w|-c|-S|-s|-R|-M|-V|-?]
Options:
-H --host STRING or IPADDRESS Check interface on the indicated host
-P --port INTEGER Port of indicated host, defaults to 161
-v --version STRING SNMP Version, defaults to SNMP v2, v1-v3 supported
-T --type STRING CPU, MEM, Ses, VPN, Cluster, Firmware, HW, ..
-S --serial STRING Primary serial number
-s --slave get values of slave
-w --warning INTEGER Warning threshold, applies to cpu, mem, session, firmware
-c --critical INTEGER Critical threshold, applies to cpu, mem, session, firmware
-R --reset Resets ip file (cluster only)
-M --mode STRING Output-Mode: 0 => just print, 1 => print and show failed tunnel, 2 => critical
-V --vpnmode STRING VPN-Mode: both => IPSec & SSL/OpenVPN, ipsec => IPSec only, ssl => SSL/OpenVPN only
SNMP v1/v2c only
-C --community STRING Community-String for SNMP, only at SNMP v1/v2c, defaults to public
SNMP v3 only
-U --username STRING Username
-A --authpassword STRING auth password
-a --authprotocol STRING auth algorithm, defaults to sha
-X --privpassword STRING private password
-x --privprotocol STRING private algorithm, defaults to aes
-? --help Returns full help text
Requires Net::SNMP, List::Compare, Getopt::Long, Pod::Usage, Switch
This plugin checks FortiGate devices via SNMP (enable snmp, configure community and allow snmp access on client lan)
* Update 2016-05-13: added FortiAnalyzer support, improved Cluster-State check and added Firmware-Check
* Update 2015-03-11: added WTP support (thanks to Mikael)
* Update 2015-02-26: added SNMP v3 support
* Update 2013-01-16: changed CPU OID, added net usage
Required Perl modules:
- List::Compare (Ubuntu/Debian: liblist-compare-perl)
- Net::SNMP (Ubuntu/Debian: libnet-snmp-perl)
NAME
Check Fortinet FortiGate Appliances
SYNOPSIS
check_fortigate.pl -H -C -T [-w|-c|-S|-s|-R|-M|-V|-?]
Options:
-H --host STRING or IPADDRESS Check interface on the indicated host
-P --port INTEGER Port of indicated host, defaults to 161
-v --version STRING SNMP Version, defaults to SNMP v2, v1-v3 supported
-T --type STRING CPU, MEM, Ses, VPN, Cluster, firmware, hw, disk
-S --serial STRING Primary serial number
-s --slave get values of slave
-w --warning INTEGER Warning threshold, applies to cpu, mem, session.
-c --critical INTEGER Critical threshold, applies to cpu, mem, session.
-R --reset Resets ip file (cluster only)
-M --mode STRING Output-Mode: 0 => just print, 1 => print and show failed tunnel, 2 => critical
-V --vpnmode STRING VPN-Mode: both => IPSec & SSL/OpenVPN, ipsec => IPSec only, ssl => SSL/OpenVPN only
SNMP v1/v2c only
-C --community STRING Community-String for SNMP, only at SNMP v1/v2c, defaults to public
SNMP v3 only
-U --username STRING
-A --authpassword STRING auth password
-a --authprotocol STRING auth algorithm, defaults to sha
-X --privpassword STRING private password
-x --privprotocol STRING private algorithm, defaults to aes
-? --help Returns full help text
OPTIONS
-H--host
STRING or IPADDRESS - Check interface on the indicated host.
-C|--community
STRING - Community-String for SNMP
-T|--type
STRING - CPU, MEM, Ses, VPN, Cluster, Firmware, fazmem, fazcpu
-S|--serial
STRING - Primary serial number.
-s|--slave
BOOL - Get values of slave
-w|--warning
INTEGER - Warning threshold, applies to cpu, net, mem, session.
-c|--critical
INTEGER - Critical threshold, applies to cpu, net, mem, session.
-R|--reset
BOOL - Resets ip file (cluster only)
-M|--mode
STRING - Output-Mode: 0 => just print, 1 => print and show
failed tunnel, 2 => critical
-V|--vpnmode
STRING - VPN-Mode: both => IPSec & SSL/OpenVPN, ipsec => IPSec
only, ssl => SSL/OpenVPN only
DESCRIPTION
This plugin checks Fortinet FortiGate devices via SNMP
From Web:
1. Select Network -> Interface -> Local interface
2. Administrative Access: Enable SNMP
3. Select Config -> SNMP
4. Enable SNMP, fill your details
5. SNMP v1/v2c: Create new
6. Configure for your needs, Traps are not required for this plugin!
From CLI:
config system interface
edit "internal"
set allowaccess ping https ssh snmp fgfm
next
end
config system snmp sysinfo
set description "DMZ1 FortiGate 300C"
set location "Room 404"
set conctact-info "BOFH"
set status enable
end
config system snmp community
edit 1
set events cpu-high mem-low fm-if-change
config hosts
edit 1
set interface "internal"
set ip %SNMP Client IP%
next
end
set name "public"
set trap-v1-status disable
set trap-v2c-status disable
next
end
Thats it!
Samples:
To use SNMPv3 just replace "-C public" with "-v 3 -U username -A this_is_auth_string -a sha -x aes128 -X this_is_priv_string"
Cluster:
$ check_fortigate.pl -H 192.168.123.100 -C public -T cluster
OK: Fortinet 300C (Master: FGSERIALMASTER, Slave: FGSERIALSLAVE): HA (Active/Passive) is active
- Warning if unknown node appears
- Critical if single node
- Optional: Critical, if preferred master (-S Serial) is not master
CPU:
$ check_fortigate.pl -H 192.168.123.100 -C public -T cpu
OK: Fortinet 300C (Master: FGSERIALMASTER) CPU is okay: 1%|'cpu'=1%;80;90
CPU-Slave:
$ check_fortigate.pl -H 192.168.123.100 -C public -T cpu -s
OK: Fortinet 300C (Master: FGSERIALMASTER) slave_CPU is okay: 5%|'slave_cpu'=5%;80;90
- Defaults: 80%/90%
Memory:
$ check_fortigate.pl -H 192.168.123.100 -C public -T mem
OK: Fortinet 300C (Master: FGSERIALMASTER) Memory is okay: 29%|'memory'=29%;80;90
Memory-Slave:
$ check_fortigate.pl -H 192.168.123.100 -C public -T mem
OK: Fortinet 300C (Master: FGSERIALMASTER) slave_Memory is okay: 29%|'slave_memory'=29%;80;90
- Defaults: 80%/90%
Sessions:
$ check_fortigate.pl -H 192.168.123.100 -C public -T ses
WARNING: Fortinet 300C (Master: FGSERIALMASTER) Session is warning: 85|'session'=85;80;90
Sessions-Slave:
$ check_fortigate.pl -H 192.168.123.100 -C public -T ses -s
WARNING: Fortinet 300C (Master: FGSERIALMASTER) slave_Session is warning: 85|'slave_session'=85;80;90
- Defaults: 80/90
VPN:
Both: $ check_fortigate.pl -H 192.168.123.200 -C public -T vpn -V both -M 1
OK: Fortigate 100D (Master: FGSERIALMASTER): Active SSL-VPN Connections/Tunnels: 0/0: IPSEC Tunnels: Configured/Active: 4/3 , Static_Sample_p2 down|'ActiveSSL-VPN'=0 'ActiveIPSEC'=3
SSL: $ check_fortigate.pl -H 192.168.123.100 -C public -T vpn -V ssl -M 0
OK: Fortinet 300C (Master: FGSERIALMASTER): Active SSL-VPN Connections/Tunnels: 0/0|'ActiveSSL-VPN'=0 'ActiveIPSEC'=0
IPSec: $ check_fortigate.pl -H 192.168.123.200 -C public -T vpn -V ipsec -M 2
WARNING: Fortigate 100D (Master: FGSERIALMASTER): IPSEC Tunnels: Configured/Active: 4/3 , Static_Sample_p2 down|'ActiveSSL-VPN'=0 'ActiveIPSEC'=3
- Warning if Mode (-M) > 1 and ipsec tunnel is down
- List::Compare (Ubuntu/Debian: liblist-compare-perl)
- Net::SNMP (Ubuntu/Debian: libnet-snmp-perl)
NAME
Check Fortinet FortiGate Appliances
SYNOPSIS
check_fortigate.pl -H -C -T [-w|-c|-S|-s|-R|-M|-V|-?]
Options:
-H --host STRING or IPADDRESS Check interface on the indicated host
-P --port INTEGER Port of indicated host, defaults to 161
-v --version STRING SNMP Version, defaults to SNMP v2, v1-v3 supported
-T --type STRING CPU, MEM, Ses, VPN, Cluster, firmware, hw, disk
-S --serial STRING Primary serial number
-s --slave get values of slave
-w --warning INTEGER Warning threshold, applies to cpu, mem, session.
-c --critical INTEGER Critical threshold, applies to cpu, mem, session.
-R --reset Resets ip file (cluster only)
-M --mode STRING Output-Mode: 0 => just print, 1 => print and show failed tunnel, 2 => critical
-V --vpnmode STRING VPN-Mode: both => IPSec & SSL/OpenVPN, ipsec => IPSec only, ssl => SSL/OpenVPN only
SNMP v1/v2c only
-C --community STRING Community-String for SNMP, only at SNMP v1/v2c, defaults to public
SNMP v3 only
-U --username STRING
-A --authpassword STRING auth password
-a --authprotocol STRING auth algorithm, defaults to sha
-X --privpassword STRING private password
-x --privprotocol STRING private algorithm, defaults to aes
-? --help Returns full help text
OPTIONS
-H--host
STRING or IPADDRESS - Check interface on the indicated host.
-C|--community
STRING - Community-String for SNMP
-T|--type
STRING - CPU, MEM, Ses, VPN, Cluster, Firmware, fazmem, fazcpu
-S|--serial
STRING - Primary serial number.
-s|--slave
BOOL - Get values of slave
-w|--warning
INTEGER - Warning threshold, applies to cpu, net, mem, session.
-c|--critical
INTEGER - Critical threshold, applies to cpu, net, mem, session.
-R|--reset
BOOL - Resets ip file (cluster only)
-M|--mode
STRING - Output-Mode: 0 => just print, 1 => print and show
failed tunnel, 2 => critical
-V|--vpnmode
STRING - VPN-Mode: both => IPSec & SSL/OpenVPN, ipsec => IPSec
only, ssl => SSL/OpenVPN only
DESCRIPTION
This plugin checks Fortinet FortiGate devices via SNMP
From Web:
1. Select Network -> Interface -> Local interface
2. Administrative Access: Enable SNMP
3. Select Config -> SNMP
4. Enable SNMP, fill your details
5. SNMP v1/v2c: Create new
6. Configure for your needs, Traps are not required for this plugin!
From CLI:
config system interface
edit "internal"
set allowaccess ping https ssh snmp fgfm
next
end
config system snmp sysinfo
set description "DMZ1 FortiGate 300C"
set location "Room 404"
set conctact-info "BOFH"
set status enable
end
config system snmp community
edit 1
set events cpu-high mem-low fm-if-change
config hosts
edit 1
set interface "internal"
set ip %SNMP Client IP%
next
end
set name "public"
set trap-v1-status disable
set trap-v2c-status disable
next
end
Thats it!
Samples:
To use SNMPv3 just replace "-C public" with "-v 3 -U username -A this_is_auth_string -a sha -x aes128 -X this_is_priv_string"
Cluster:
$ check_fortigate.pl -H 192.168.123.100 -C public -T cluster
OK: Fortinet 300C (Master: FGSERIALMASTER, Slave: FGSERIALSLAVE): HA (Active/Passive) is active
- Warning if unknown node appears
- Critical if single node
- Optional: Critical, if preferred master (-S Serial) is not master
CPU:
$ check_fortigate.pl -H 192.168.123.100 -C public -T cpu
OK: Fortinet 300C (Master: FGSERIALMASTER) CPU is okay: 1%|'cpu'=1%;80;90
CPU-Slave:
$ check_fortigate.pl -H 192.168.123.100 -C public -T cpu -s
OK: Fortinet 300C (Master: FGSERIALMASTER) slave_CPU is okay: 5%|'slave_cpu'=5%;80;90
- Defaults: 80%/90%
Memory:
$ check_fortigate.pl -H 192.168.123.100 -C public -T mem
OK: Fortinet 300C (Master: FGSERIALMASTER) Memory is okay: 29%|'memory'=29%;80;90
Memory-Slave:
$ check_fortigate.pl -H 192.168.123.100 -C public -T mem
OK: Fortinet 300C (Master: FGSERIALMASTER) slave_Memory is okay: 29%|'slave_memory'=29%;80;90
- Defaults: 80%/90%
Sessions:
$ check_fortigate.pl -H 192.168.123.100 -C public -T ses
WARNING: Fortinet 300C (Master: FGSERIALMASTER) Session is warning: 85|'session'=85;80;90
Sessions-Slave:
$ check_fortigate.pl -H 192.168.123.100 -C public -T ses -s
WARNING: Fortinet 300C (Master: FGSERIALMASTER) slave_Session is warning: 85|'slave_session'=85;80;90
- Defaults: 80/90
VPN:
Both: $ check_fortigate.pl -H 192.168.123.200 -C public -T vpn -V both -M 1
OK: Fortigate 100D (Master: FGSERIALMASTER): Active SSL-VPN Connections/Tunnels: 0/0: IPSEC Tunnels: Configured/Active: 4/3 , Static_Sample_p2 down|'ActiveSSL-VPN'=0 'ActiveIPSEC'=3
SSL: $ check_fortigate.pl -H 192.168.123.100 -C public -T vpn -V ssl -M 0
OK: Fortinet 300C (Master: FGSERIALMASTER): Active SSL-VPN Connections/Tunnels: 0/0|'ActiveSSL-VPN'=0 'ActiveIPSEC'=0
IPSec: $ check_fortigate.pl -H 192.168.123.200 -C public -T vpn -V ipsec -M 2
WARNING: Fortigate 100D (Master: FGSERIALMASTER): IPSEC Tunnels: Configured/Active: 4/3 , Static_Sample_p2 down|'ActiveSSL-VPN'=0 'ActiveIPSEC'=3
- Warning if Mode (-M) > 1 and ipsec tunnel is down
Reviews (27)
bymitchell_dennis_raygen, April 14, 2024
To allow AuthNoPriv I needed to delete any references to $priv_password and $priv_prot in get_snmp_session_v3().
Also needed to update the USM.pm perl module file to allow SHA-256 to work. See : https://github.com/Napsty/scripts/blob/master/perl-net-snmp-sha2/USM.pm
Other than, works pretty good.
Also needed to update the USM.pm perl module file to allow SHA-256 to work. See : https://github.com/Napsty/scripts/blob/master/perl-net-snmp-sha2/USM.pm
Other than, works pretty good.
byjjssff_joshing, August 11, 2023
Got the script to work with snmpv3 with sha256 and aes128. Only thing to do to get sha256 working is download the new USM.pm file from https://github.com/Napsty/scripts/tree/master/perl-net-snmp-sha2 and copy it to /usr/share/perl5/Net/SNMP/Security/ directory. I did use libnet-snmp-perl instead of cpan install Net::SNMP since cpan didn't give me all the files for SNMP.
It was working fine but I noticed that it is now showing "0" for sessions and memory. Maybe because it's a newer firmware. Has anyone gone through the same problem?
Thanks
Thanks
bykamesh, October 30, 2022
this is really good and working fine.
we used to have a sonicwall plugin which would check specific vpn tunnels if they are active/down.
is it possible in this plugin too? i just find that it can only show the status of all vpn tunnels configure in that firewall.
thanks.
we used to have a sonicwall plugin which would check specific vpn tunnels if they are active/down.
is it possible in this plugin too? i just find that it can only show the status of all vpn tunnels configure in that firewall.
thanks.
bymdcdh, April 7, 2022
If anybody is having issues with "UNKNOWN: session get request failed" then this may help...
First off, the script expects a dir to exist /usr/local/nagios/var/spool/FortiSerial so create that on your Nagios host and make sure perms are the same as the other folders in the spool dir (or pass your own location to the script with -p or --path /my/path)
Secondly, running the commands check_fortigate_xyz wasn't working for me, so I created a check_fortigate_blank command (Configure > Commands > Copy check_fortigate_CPU > edit the copy) and set the command line to $USER1$/check_fortigate.pl -H $HOSTADDRESS$ $ARG1$
You can then use this command in services by entering all the required variable for the SNMP auth, eg. for SNMP v3 into the ARG1 field, eg.
--snmp_version 3 --username blah --privprotocol blah --privpassword blah --authpassword blah --authprotocol blah --type blah
You can see the variables by running ./check_fortigate.pl -h
First off, the script expects a dir to exist /usr/local/nagios/var/spool/FortiSerial so create that on your Nagios host and make sure perms are the same as the other folders in the spool dir (or pass your own location to the script with -p or --path /my/path)
Secondly, running the commands check_fortigate_xyz wasn't working for me, so I created a check_fortigate_blank command (Configure > Commands > Copy check_fortigate_CPU > edit the copy) and set the command line to $USER1$/check_fortigate.pl -H $HOSTADDRESS$ $ARG1$
You can then use this command in services by entering all the required variable for the SNMP auth, eg. for SNMP v3 into the ARG1 field, eg.
--snmp_version 3 --username blah --privprotocol blah --privpassword blah --authpassword blah --authprotocol blah --type blah
You can see the variables by running ./check_fortigate.pl -h
bynscblauensteiner, March 7, 2022
Hello folks,
I am facing the problem "UNKNOWN: session get request failed"
Has anyone had the same problem and was able to solve it?
Thanks in advance!
I am facing the problem "UNKNOWN: session get request failed"
Has anyone had the same problem and was able to solve it?
Thanks in advance!
bymelesban, June 19, 2020
1 of 1 people found this review helpful
Hello
I have 3 different fortigate
In two of them models 200B and 600C the plugins work perfectly for me
But on model 501E I get the following error UNKNOWN: session get request failed
The SNMP configuration is activated in all 3 fortigate the same, with the IP of my nagios server, with the SNMP events cpu-high mem-low fm-if-change activated, I also have the protocol v1 and v2c port 161 enable activated
Could someone help me, this is driving me crazy
Thank you
I have 3 different fortigate
In two of them models 200B and 600C the plugins work perfectly for me
But on model 501E I get the following error UNKNOWN: session get request failed
The SNMP configuration is activated in all 3 fortigate the same, with the IP of my nagios server, with the SNMP events cpu-high mem-low fm-if-change activated, I also have the protocol v1 and v2c port 161 enable activated
Could someone help me, this is driving me crazy
Thank you
bylmiltchev, July 9, 2018
MayraAltamirano, if you are already in the plugins directory, make sure to run your plugin as such:
./check_fortigate.pl -H 192.168.200.254 -C public -T cluster
or run it with:
/full/path/to/the/check_fortigate.pl -H 192.168.200.254 -C public -T cluster
Hope this helps.
./check_fortigate.pl -H 192.168.200.254 -C public -T cluster
or run it with:
/full/path/to/the/check_fortigate.pl -H 192.168.200.254 -C public -T cluster
Hope this helps.
byMayraAltamirano, July 6, 2018
Hello!
Firts of all I'm sorry for my bad english.
I'm a Nagios Newbie and I want to install the plugin check_fortigate.pl, I already install perl and every time I tried to prove the command
check_fortigate.pl -H 192.168.200.254 -C public -T cluster
The server says: check_fortigate.pl: command not found
So I don't know how to make it works.
Any help will be great!
Thanks!
Regards from México!
Firts of all I'm sorry for my bad english.
I'm a Nagios Newbie and I want to install the plugin check_fortigate.pl, I already install perl and every time I tried to prove the command
check_fortigate.pl -H 192.168.200.254 -C public -T cluster
The server says: check_fortigate.pl: command not found
So I don't know how to make it works.
Any help will be great!
Thanks!
Regards from México!
bygnaggios, May 11, 2018
Works well
bys.ferrara, April 25, 2018
It's very usefull and works well.
My only problem, it's that, I can't find in the documentation if we check with -T ses the active session or the session per sec. (I presume that it's the session but I have some big doubt).
My only problem, it's that, I can't find in the documentation if we check with -T ses the active session or the session per sec. (I presume that it's the session but I have some big doubt).
bystefanslawidis, February 14, 2018
First of all a Great PLugin, which lets you monitor your Fortigate Device. Works with Fortigate 600D (5.4.8). To make it work with Fortimanager (5.6.2) all you have to do is change ( /^(FL|FAZ)/ to ( /^(FL|FAZ|FMG)/ otherwise it will not work for Fortimanager. Unforntunalty the disk check is not working for Fortigate, because it's not defined in the oids and I wasn't able to get the right oid. For the error from mugundan28 all you have to do is to provide the right permissions to /var/spool/nagios/ramdisk/FortiSerial, a chown nagios:nagios did the trick for me.
bymugundan28, February 7, 2018
I am trying to monitor fortigate disk but it will through the error like "CRITICAL: Error writing on /var/spool/nagios/ramdisk/FortiSerial directory, permission denied" the command I am running is ./check_fortigate.pl -H fortigate_firewall -C community -T disk
bympuff, February 19, 2017
Hi all,
is this plugin compatible with FortiOS v5.4?
Thanks.
Kind regards,
Martin
is this plugin compatible with FortiOS v5.4?
Thanks.
Kind regards,
Martin
byjmsanesteban, February 6, 2017
Hi all!!
First of all, thank you for such great job.
Second, sorry for my english :)
Third, I think that there may be a little problem with the phase 2 selectors of the VPN, it seems that the plugin shows as 'disconnected VPN' two of my phase 2 selectors, so it is show wrong information.
$return_string = OK, but there are two phase2 down, the $return_state is CRITICAL.
Thank you in advance.
+1 for VPN exclusion list!!
Regards and keep on!!.
Juanma.
First of all, thank you for such great job.
Second, sorry for my english :)
Third, I think that there may be a little problem with the phase 2 selectors of the VPN, it seems that the plugin shows as 'disconnected VPN' two of my phase 2 selectors, so it is show wrong information.
$return_string = OK, but there are two phase2 down, the $return_state is CRITICAL.
Thank you in advance.
+1 for VPN exclusion list!!
Regards and keep on!!.
Juanma.
bySysManSD, October 13, 2015
Hello highfeeling,
I had the same problem until I activated the SNMP Administrative Access on the interface.
After resolving that, that I had a problem with "error writing on /path_to_nagios_plugins/FortiSerial directory, permission denied", which I resolved creating the directory in the specified path.
I had the same problem until I activated the SNMP Administrative Access on the interface.
After resolving that, that I had a problem with "error writing on /path_to_nagios_plugins/FortiSerial directory, permission denied", which I resolved creating the directory in the specified path.
byjosy-cig, June 10, 2015
Thank you for this great Plugin!
Could somebody help me with the follow problem?
We have some IPsec VPNs, which are down most of the time.
Therefor the “check_fortigate_vpn_IPSEC” returns a Critical Status.
1) Is it possible to define VPN as an exception?
2) Is it possible to change the number of the VPN connections that must be down before that status is critical?
3) Is there a way to monitor only some IPSec VPN Connections?
Thank You
Could somebody help me with the follow problem?
We have some IPsec VPNs, which are down most of the time.
Therefor the “check_fortigate_vpn_IPSEC” returns a Critical Status.
1) Is it possible to define VPN as an exception?
2) Is it possible to change the number of the VPN connections that must be down before that status is critical?
3) Is there a way to monitor only some IPSec VPN Connections?
Thank You
Owner's reply
Hi Josy,
that is a good idea, actually i have something like that in mind.
It will be integrated in the near future.
byebierens, June 7, 2015
Hi,
i've got some problems with the following unknown error:
UNKNOWN: session get request failed
regards
i've got some problems with the following unknown error:
UNKNOWN: session get request failed
regards
byankush.grover, April 12, 2015
0 of 1 people found this review helpful
Hi,
I am facing a strange problem. If I run the snmpwalk command against the fortinet firwall(300c) with Firmware Version 5.2.1 I am able to get the values but I am getting "session get request failed" when I try to run this plugin. I have rechecked SNMP is configured properly on the Fortigate firewall.
What could be the reason for this issue. I am running Nagios 3.5.x on Centos 7 64-bit Os.
snmpwalk -c SNMP-TESTs -v 2c 172.31.5.6
SNMPv2-MIB::sysDescr.0 = STRING: trafic
sysObjectID.0 = OID: fgt300C
SNMPv2-MIB::sysContact.0 = STRING: firewall@example.com
SNMPv2-MIB::sysName.0 = STRING: firewall@example.com
SNMPv2-MIB::sysLocation.0 = STRING: xxxxxx
SNMPv2-MIB::sysServices.0 = INTEGER: 78
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
Firmware Version
fgSysVersion.0 = STRING: v5.2.1,build0618,140915 (GA)
./check_fortigate.pl -C SNMP -v 2c -H 172.31.5.6
UNKNOWN: session get request failed
Thanks & Regards
Ankush Grover
I am facing a strange problem. If I run the snmpwalk command against the fortinet firwall(300c) with Firmware Version 5.2.1 I am able to get the values but I am getting "session get request failed" when I try to run this plugin. I have rechecked SNMP is configured properly on the Fortigate firewall.
What could be the reason for this issue. I am running Nagios 3.5.x on Centos 7 64-bit Os.
snmpwalk -c SNMP-TESTs -v 2c 172.31.5.6
SNMPv2-MIB::sysDescr.0 = STRING: trafic
sysObjectID.0 = OID: fgt300C
SNMPv2-MIB::sysContact.0 = STRING: firewall@example.com
SNMPv2-MIB::sysName.0 = STRING: firewall@example.com
SNMPv2-MIB::sysLocation.0 = STRING: xxxxxx
SNMPv2-MIB::sysServices.0 = INTEGER: 78
SNMPv2-MIB::sysORLastChange.0 = Timeticks: (0) 0:00:00.00
Firmware Version
fgSysVersion.0 = STRING: v5.2.1,build0618,140915 (GA)
./check_fortigate.pl -C SNMP -v 2c -H 172.31.5.6
UNKNOWN: session get request failed
Thanks & Regards
Ankush Grover
It's really helpful plugin. Please update description :) Probably you forgot about -U "username" variable.
Maybe in next release you try add bandwith monitoring? :)
Best Regards,
Rafal
Maybe in next release you try add bandwith monitoring? :)
Best Regards,
Rafal
Page 1 of 2