To Monitor SNMP agents with Zabbix, We may either import current community templates or design our own, based on snmpwalk results. We’ll need a username or a security name, a SHA password or an authentication passphrase, an AES password or privacy pass, and finally an Object Identifier to generate an SNMP-v3 template (OID). An OID is a number that is used to identify managed devices and their current condition.

The best place to look for OIDs and their descriptions is in vendor documentation. The document can be obtained at the following URL.

http://www.circitor.fr/Mibs/Html/F/FORTINET-FORTIGATE-MIB.php#fgVdEntName

Afterwards, conduct a snmpwalk from the root or a specified subtree. An snmpwalk returns a list of OIDs for devices, networks, and other objects, as well as their values. The snmpwalk command is as follows.

We utilize the VDOMS-specific OID from the documentation because we only need information about VDOMS.

We utilize the VDOMS-specific OID from the documentation because we only need information about VDOMS.

The output of snmpwalk reveals that the firewall has 8 virtual domains. An index, name, operation mode, HA cluster member state, CPU consumption, memory usage, active session count, and session rate are all assigned to each domain.

SNMPv2-SMI::enterprises, i.e. 1.3.6.1.4.1, is ubiquitous. The next numbering structure is particular to Fortinet-Fortigate, followed by devices. We can observe from the findings that OIDs 12356.101.3.2.1.1.2 list the names of virtual domains. This OID, followed by an index from 1 to 8, provides a name for a specific VDOM.

STEP-1 : Create a new Zabbix template now.

STEP-2 : Create a discovery rule as shown in the example below inside the template.

• Select Type as SNMPv3 agent.
• Provide a unique key.
• Specify an SNMP OID, although it does not have to be a sequence of integers in a discovery rule. “discovery[#SNMPVALUE, OID]” must be typed down. The OID shown above is the virtual domain’s root OID.
• Choose Security level as authPriv, Authentication protocol as SHA, and Privacy protocol as AES.
• For the above fields, values are entered using macros in the fields Security name, Authentication passphrase, and Privacy passphrase respectively.
• Port should always be 161 unless a custom port is used.
• Update interval is time in seconds used for polling data
• Store history for any number of days by entering a value in the field Keep lost resources period.
• Finally, add the template.

STEP-3 : Create a prototype item that will find index values for all domains.

• All of the detected indices from the discovery rule will be populated in the item prototype. The index of the discovered OID is applied to discovered entities using the built-in macro #SNMPINDEX.
• Because index is a number, the type of data collected here is numeric. The data type for storing names will be text.
• Because index data does not change frequently, it is polled once a day. Cpu and other members will be polled every 5 minutes.
• For the last 30 days, we’ve stated that the history and trend should be saved.
• To be monitored, the items that will be discovered must be added to an application. A new application can be added or an existing application can be picked from the list. An application is nothing more than a collection of items.
• Finally, to add the prototype, click Add.

STEP-4 : We may clone the first item prototype and make changes as needed to produce more item prototypes for name, CPU usage, memory consumption, and so on, or we can export the template as XML or YAML if there are a significant number of trigger prototypes to be built. Then copy and paste the item prototype section at the end of the old one. This will result in the creation of a new item prototype. In the duplicated entry, make the appropriate modifications. Similarly, if necessary, add more item prototypes. This method can be used to construct not only item porotypes, but also apps, trigger prototypes, items, and other things. Save the file with the changes. Remove the old template from Zabbix and replace it with the new one.

STEP-5 : Finally, connect the template to a host having an SNMP interface and build three authentication macros.

STEP-6: This will add new objects to the host that can be tracked using the most recent data.

For each item, we can also see the graph.