Open Frames Download Complete PDF Send Feedback Print This Page

Previous

Next

Configuring SNMP Monitoring and Traps

To configure SNMP monitoring and traps:

  1. Edit the /etc/snmp/snmpd.conf configuration file and define the SNMP monitoring rules and the trap server.

    The following is an example configuration file:

    trap2sink 192.0.2.10 public

    cp_cleartrap 10 2

    proc syslogd 1 1

    disk /var 20%

    cp_monitor 1.3.6.1.2.1.2.2.1.8.1 == 2 60 "link 1 down"

    cp_monitor prErrorFlag.1 != "0" 60 "process monitor"

    cp_monitor dskErrorFlag.1 != 0 60 "disk monitor"

    cp_monitor 1.3.6.1.4.1.2021.10.1.5.1 > 100 60 "CPU load 1 min"

    cp_monitor 1.3.6.1.4.1.2021.10.1.5.2 > 90 60 "CPU load 5 min"

    cp_monitor 1.3.6.1.4.1.2021.4.4.0 < 2000 60 "memAvailSwap"

    cp_monitor 1.3.6.1.4.1.2021.4.6.0 < 2000 60 "memAvailReal"

    cp_monitor 1.3.6.1.4.1.2620.1.5.6.0 != "active" 20 "Cluster State"

    cp_monitor 1.3.6.1.4.1.2620.1.1.25.3.0 > 50000 20 "Firewall connections"

    cp_monitor 1.3.6.1.2.1.25.2.3.1.6.6 > 60000 60 "/opt hrStorageUsed"

  2. At the SecurePlatform command prompt, start the snmp service. Run:

    snmp service enable

Working with SNMP Monitoring Thresholds

You can configure a variety of different SNMP thresholds that generate SNMP traps, or alerts. You can use these thresholds to monitor many system components automatically without requesting information from each object or device. The categories of thresholds that you can configure include:

  • Hardware
  • High Availability
  • Networking
  • Resources
  • Log Server Connectivity

Some categories apply only to some machines or deployments.

Note - SNMP monitoring thresholds are supported from R75.20, R71.30, and higher.

In each category there are many individual thresholds that you can set. For example, the hardware category includes alerts for the state of the RAID disk, the state of the temperature sensor, the state of the fan speed sensor, and others. For each individual threshold, you can configure:

  • If it is enabled or disabled
  • How frequently alerts are sent
  • The severity of the alert
  • The threshold point (if necessary)
  • Where the alerts are sent to

You can also configure some settings globally, such as how often alerts are send and where they are sent to.

Types of Alerts

  • Active alerts are sent when a threshold point is passed or the status of a monitored component is problematic.
  • Clear alerts are sent when the problem is resolved and the component has returned to its normal value. Clear alerts look like active alerts but the severity is set to 0.
  
Top of Page ©2014 Check Point Software Technologies Ltd. All rights reserved. Download Complete PDF Send Feedback Print