Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
PrasannaRout
Explorer

SNMP Monitoring of Maestro SMO & MHO

2xMHO-140 running on single site. Created a Security Group/SMO Chassis running as VSX Gateway built  with 3 x 6200-Plus Hardware.

1. SMO & MHO are running with R81.10 Jumbo HF#87

2. Configured SNMP V2 on both SMO & MHO

 

Wanted to Set traps/pool ( see below table) in our 3rd Party Monitoring tools via SNMP V2 but it is not working. Even 3rd Party Monitoring tool is unable to pool the interface/Mgmt. Interface correctly for SMO & all three physical gateway. 

 

Do we need to move to SNMP V3 as per sk168878 ? Any advise will be really helpful.

 

Physical Firewalls(under SMO) up/down

Physical Firewalls(under SMO) cpu utilisation

Physical Firewalls(under SMO) memory utilisation

Physical Firewalls (under SMO) disk space utilisation

Physical FW (under SMO) concurrent connection status

Virtual Firewall up/down

Virtual Firewall connection up/down

Virtual Firewall policy tagged

Physical interface up/down

Physical interface error

Physical interface throughput

Physical firewall model, Serial no. inside SMO

OS version for MHO & SMO

Hotfix version for MHO & SMO

SMO policy tagged

Logical FW concurrent connection status

 

 

0 Kudos
3 Replies
Chris_Atkinson
Employee Employee
Employee

The SK provides the current best practice configuration, this may change with R82.x per:

https://community.checkpoint.com/t5/Maestro/SNMP-of-Gateways-in-Maestro-Setup/m-p/162721/highlight/t...

Depending on requirements another option to explore is Skyline (sk178566) which is based on OpenTelemetry 

CCSM R77/R80/ELITE
0 Kudos
IdentityUnknown
Contributor

Hi guys,
I will use the thread to ask more or less the same. May anybody share a working SNMP configuration of a Maestro SG and MHO?

According to https://support.checkpoint.com/results/sk/sk168878
How to configure an IP address with "asg alert"? 
Configure the IP address of your SNMP trap collector:
asg alert

I do not see such an option. I configured snmp on clish with a trap reciever.
I enabled with asg alert all events, but than I miss an option like SNMP (SMS, EMAIL, LOG are the options)

Anyway If I am using LOG with Log Mode "Monitor" I do not see any SNMP traps with the "run test" option or by triggering a trap event.

Furthermore following system event types are in the "asg alert table":

System Event Types

System event types are:
-----------------------------------
1       | SGM State
2       | Chassis State
3       | Port State
4       | Diagnostics
5       | Memory Leak Detection
6       | LSP Monitor Port State Change
7       | VS Monitor State Change
Hardware Monitor events:
8       | Fans
9       | SSM
10      | CMM
11      | Power Supplies
12      | CPU Temperature
Performance events:
13      | Concurrent Connections
14      | Connection Rate
15      | Packet Rate
16      | Throughput
17      | CPU Load
18      | Hard Drive Utilization
19      | Memory Utilization
 
Please choose event types for which to send alerts: [all]
(format: all or 1,4 or 1,3-7,10)

 

How to find the appropriate OID within a MIB file?


Kind regards

0 Kudos
Diego_dg
Collaborator

We have been able to monitor some things (CPU, Memory, Power supply, fan status...) by SNMP. But some interfaces don't support SNMP, if you query the MIB (even the supported branch for orchestrators) the OIDs related with interfaces only have indexes for some interfaces, not for all of them. TAC has confirmed us that uplink interfaces are not supported for snmp monitoring 😧

0 Kudos