SNMP Monitoring of Maestro SMO & MHO

PrasannaRout · ‎2023-02-27

2xMHO-140 running on single site. Created a Security Group/SMO Chassis running as VSX Gateway built with 3 x 6200-Plus Hardware.

1. SMO & MHO are running with R81.10 Jumbo HF#87

2. Configured SNMP V2 on both SMO & MHO

Wanted to Set traps/pool ( see below table) in our 3rd Party Monitoring tools via SNMP V2 but it is not working. Even 3rd Party Monitoring tool is unable to pool the interface/Mgmt. Interface correctly for SMO & all three physical gateway.

Do we need to move to SNMP V3 as per sk168878 ? Any advise will be really helpful.

Physical Firewalls(under SMO) up/down

Physical Firewalls(under SMO) cpu utilisation

Physical Firewalls(under SMO) memory utilisation

Physical Firewalls (under SMO) disk space utilisation

Physical FW (under SMO) concurrent connection status

Virtual Firewall up/down

Virtual Firewall connection up/down

Virtual Firewall policy tagged

Physical interface up/down

Physical interface error

Physical interface throughput

Physical firewall model, Serial no. inside SMO

OS version for MHO & SMO

Hotfix version for MHO & SMO

SMO policy tagged

Logical FW concurrent connection status

Chris_Atkinson · ‎2023-02-27

The SK provides the current best practice configuration, this may change with R82.x per:

https://community.checkpoint.com/t5/Maestro/SNMP-of-Gateways-in-Maestro-Setup/m-p/162721/highlight/t...

Depending on requirements another option to explore is Skyline (sk178566) which is based on OpenTelemetry

CCSM R77/R80/ELITE

IdentityUnknown · ‎2023-04-28

Hi guys,
I will use the thread to ask more or less the same. May anybody share a working SNMP configuration of a Maestro SG and MHO?

According to https://support.checkpoint.com/results/sk/sk168878
How to configure an IP address with "asg alert"?
Configure the IP address of your SNMP trap collector:
asg alert

I do not see such an option. I configured snmp on clish with a trap reciever.
I enabled with asg alert all events, but than I miss an option like SNMP (SMS, EMAIL, LOG are the options)

Anyway If I am using LOG with Log Mode "Monitor" I do not see any SNMP traps with the "run test" option or by triggering a trap event.

Furthermore following system event types are in the "asg alert table":

System Event Types

System event types are:

-----------------------------------

1       | SGM State

2       | Chassis State

3       | Port State

4       | Diagnostics

5       | Memory Leak Detection

6       | LSP Monitor Port State Change

7       | VS Monitor State Change

Hardware Monitor events:

8       | Fans

9       | SSM

10      | CMM

11      | Power Supplies

12      | CPU Temperature

Performance events:

13      | Concurrent Connections

14      | Connection Rate

15      | Packet Rate

16      | Throughput

17      | CPU Load

18      | Hard Drive Utilization

19      | Memory Utilization

Please choose event types for which to send alerts: [all]

(format: all or 1,4 or 1,3-7,10)

How to find the appropriate OID within a MIB file?

Kind regards

Diego_dg · ‎2024-07-08

We have been able to monitor some things (CPU, Memory, Power supply, fan status...) by SNMP. But some interfaces don't support SNMP, if you query the MIB (even the supported branch for orchestrators) the OIDs related with interfaces only have indexes for some interfaces, not for all of them. TAC has confirmed us that uplink interfaces are not supported for snmp monitoring 😧