In addition to common MIB files such as SNMPv2-MIB, IF-MIB and HOST-RESOURCES-MIB, there is a custom HALON-SP-MIB file available exporting all mail and custom created statistics. This MIB file extends the SNMPv2-SMI::enterprises OID with Halon Security's IANA assigned 33234 enterprise number. In some cases it may be more appropriate to use the REST API. SNMPv1 doesn't support 64-bit counters, prefer using version SNMPv2c or higher.
Enable SNMP
Configure a read-only community (v1/2c) or add SNMPv3 user account on the Hosts -> Services -> SNMP page, this will enable the SNMP service. Even if the SNMP service only provides read-only access, using the "standard" community "public" is not recommended for the reason of possible information leakage. An IP flow may further restrict access. As for client software, we recommend you start by using Net-SNMP simply because of its transparency and ease of use. Net-SNMP works on many platforms including Win32, OSX and Linux.
Mac OS X
Mac OS X comes bundled with Net-SNMP, install the HALON-SP-MIB.txt to the MIB directory .snmp/mibs
.
Linux
Some distributions comes bundled with Net-SNMP. Otherwise it's probably per-packages using its package manager tool, install the HALON-SP-MIB.txt to the MIB directory .snmp/mibs
.
Halon MIB file
The latest version (and matching version) to your appliance is available from the appliance itself on the URI /download/HALON-SP-MIB.txt
(e.g. http://demo.halon.se/download/HALON-SP-MIB.txt). This is the layout of a MIB file (snmptranslate -Tp HALON-SP-MIB::halonSecurity).
+--halonSecurity(33234) | +--halonSecurityProducts(1) | +--halonSecuritySP(1) | +--halonSecuritySPObjects(1) | +-- -R-- String serialNumber(1) +-- -R-- Integer32 configurationRevision(2) +-- -R-- Counter64 mailQueueLength(3) +-- -R-- Counter64 quarantinedMessages(4) | +--statTable(5) | +--statEntry(1) | Index: statKey1Index, statKey2Index, statKey3Index | +-- -R-- String statKey1Index(1) +-- -R-- String statKey2Index(2) +-- -R-- String statKey3Index(3) +-- -R-- Counter64 statCount(4) +-- -R-- Integer32 statCreated(5) +-- -R-- Integer32 statUpdated(6)
SNMP Options
Below are a few useful options for Net-SNMP.
-OE (snmpwalk) escapes quotes for snmpget in terminal. -On (snmpget) prints the full OID. Useful for other tools '.1.3.6.1.4.1.33234.1.1.1.5.1.4.10.109...' -Oqv only prints the value, which is good for script et.c. -Ir needs to be specified to skip range/type checks.
This is by no means a replacement for the Net-SNMP manual, however.
Examples
Statistics
To display the statTable, use the following command
snmptable -c public -v2c 10.2.0.30 HALON-SP-MIB::statTable
Output:
SNMP table: HALON-SP-MIB::statTable statKey1Index statKey2Index statKey3Index statCount statCreated statUpdated "mail:total" "mailserver:1" "" 5579 1357946416 1358191975 "mail:total" "mailserver:1" "any" 11 1358179610 1358191975 "mail:total" "mailserver:1" "example.com" 5568 1357946416 1358108867
In order to extract eg. the example.com's statCount value, use the following command
snmpwalk -OE -c public -v2c 10.2.0.30 HALON-SP-MIB::statCount
Output:
HALON-SP-MIB::statCount.\"mail:total\".\"mailserver:1\".\"\" = Counter64: 5579 HALON-SP-MIB::statCount.\"mail:total\".\"mailserver:1\".\"any\" = Counter64: 11 HALON-SP-MIB::statCount.\"mail:total\".\"mailserver:1\".\"example.com\" = Counter64: 5568
And then run the following command to get the specific counter for example.com
snmpget -Oqv -Ir -c public -v2c 10.2.0.30 HALON-SP-MIB::statCount.\"mail:total\".\"mailserver:1\".\"example.com\"
Queue length
In order to extract the mailQueueLength, use the following command
snmpget -Oqv -Ir -c public -v2c 10.2.0.30 HALON-SP-MIB::mailQueueLength.0
Disk usage
To display the hrStorageTable, use the following command
snmptable -c public -v2c 10.2.0.30 HOST-RESOURCES-MIB::hrStorageTable
In order to extract eg. the StorageSize and StorageUsed values for the storage partition, use the following commands
snmpget -Oqv -Ir -c public -v2c 10.2.0.30 HOST-RESOURCES-MIB::hrStorageSize.40
snmpget -Oqv -Ir -c public -v2c 10.2.0.30 HOST-RESOURCES-MIB::hrStorageUsed.40
Note that 8% of the hrStorageSize for the storage partition is reserved.
Memory usage
To display the hrStorageTable, use the following command
snmptable -c public -v2c 10.2.0.30 HOST-RESOURCES-MIB::hrStorageTable
In order to extract eg. the StorageSize and StorageUsed values for the RAM usage, use the following commands
snmpget -Oqv -Ir -c public -v2c 10.2.0.30 HOST-RESOURCES-MIB::hrStorageSize.1
snmpget -Oqv -Ir -c public -v2c 10.2.0.30 HOST-RESOURCES-MIB::hrStorageUsed.1
CPU usage
In order to extract the CPU usage, use the following command
snmpget -Oqv -Ir -c public -v2c 10.2.0.30 HOST-RESOURCES-MIB::hrProcessorLoad.196608
Comments
0 comments
Article is closed for comments.