clones/librenms
1
0
Fork 0
mirror of https://github.com/librenms/librenms.git synced 2024-09-21 10:28:13 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add Sophos-XG OID for monitoring HA, IPSec and license state (#13423)

Browse Source 
* Add Sophos-XG OID for monitoring HA and license state

* add generic property

* Update MIB to newest version

* Add Test-data for sfosCentralOrchestrationLicRegStatus

* Add IPSec monitoring

* regenerate test-data
This commit is contained in:
Nocturr 2021-10-27 12:52:07 +02:00 committed by GitHub
parent 56b78da254
commit 4912c8c334
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 1727 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

169
includes/definitions/discovery/sophos-xg.yaml
View File

@ -7,4 +7,171 @@ modules:
- SFOS-FIREWALL-MIB::sfosDeviceType.0
serial:
- SFOS-FIREWALL-MIB::sfosDeviceAppKey.0
sensors:
pre-cache:
data:
-
oid:
- sfosIPSecVpnConnName
state:
data:
# HA
-
oid: sfosHAStatus
num_oid: '.1.3.6.1.4.1.2604.5.1.4.1.{{ $index }}'
index: 'sfosHAStatus.{{ $index }}'
descr: 'HA status'
group: HA
value: sfosHAStatus
states:
- { value: 0, graph: 0, generic: 0, descr: disabled }
- { value: 1, graph: 1, generic: 0, descr: enabled }
-
oid: sfosDeviceCurrentHAState
num_oid: '.1.3.6.1.4.1.2604.5.1.4.4.{{ $index }}'
index: 'sfosDeviceCurrentHAState.{{ $index }}'
descr: 'HA local appliance state'
group: HA
value: sfosDeviceCurrentHAState
states:
- { value: 0, graph: 0, generic: 0, descr: notapplicable }
- { value: 1, graph: 1, generic: 2, descr: auxiliary }
- { value: 2, graph: 2, generic: 2, descr: standAlone }
- { value: 3, graph: 3, generic: 0, descr: primary }
- { value: 4, graph: 4, generic: 2, descr: faulty }
- { value: 5, graph: 5, generic: 0, descr: ready }
-
oid: sfosDevicePeerHAState
num_oid: '.1.3.6.1.4.1.2604.5.1.4.5.{{ $index }}'
index: 'sfosDevicePeerHAState.{{ $index }}'
descr: 'HA peer appliance state'
group: HA
value: sfosDevicePeerHAState
states:
- { value: 0, graph: 0, generic: 0, descr: notapplicable }
- { value: 1, graph: 1, generic: 0, descr: auxiliary }
- { value: 2, graph: 2, generic: 2, descr: standAlone }
- { value: 3, graph: 3, generic: 2, descr: primary }
- { value: 4, graph: 4, generic: 2, descr: faulty }
- { value: 5, graph: 5, generic: 0, descr: ready }
# Licensing
-
oid: sfosNetProtectionLicRegStatus
num_oid: '.1.3.6.1.4.1.2604.5.1.5.2.1.{{ $index }}'
index: 'sfosNetProtectionLicRegStatus.{{ $index }}'
descr: 'Network Protection registration Lic status'
group: Licensing
value: sfosNetProtectionLicRegStatus
states:
- { value: 0, graph: 0, generic: 0, descr: none }
- { value: 1, graph: 1, generic: 0, descr: evaluating }
- { value: 2, graph: 2, generic: 0, descr: notsubscribed }
- { value: 3, graph: 3, generic: 0, descr: subscribed }
- { value: 4, graph: 4, generic: 2, descr: expired }
- { value: 5, graph: 5, generic: 0, descr: deactivated }
-
oid: sfosWebProtectionLicRegStatus
num_oid: '.1.3.6.1.4.1.2604.5.1.5.3.1.{{ $index }}'
index: 'sfosWebProtectionLicRegStatus.{{ $index }}'
descr: 'Web Protection registration Lic status'
group: Licensing
value: sfosWebProtectionLicRegStatus
states:
- { value: 0, graph: 0, generic: 0, descr: none }
- { value: 1, graph: 1, generic: 0, descr: evaluating }
- { value: 2, graph: 2, generic: 0, descr: notsubscribed }
- { value: 3, graph: 3, generic: 0, descr: subscribed }
- { value: 4, graph: 4, generic: 2, descr: expired }
- { value: 5, graph: 5, generic: 0, descr: deactivated }
-
oid: sfosMailProtectionLicRegStatus
num_oid: '.1.3.6.1.4.1.2604.5.1.5.4.1.{{ $index }}'
index: 'sfosMailProtectionLicRegStatus.{{ $index }}'
descr: 'EMail Protection Lic Status'
group: Licensing
value: sfosMailProtectionLicRegStatus
states:
- { value: 0, graph: 0, generic: 0, descr: none }
- { value: 1, graph: 1, generic: 0, descr: evaluating }
- { value: 2, graph: 2, generic: 0, descr: notsubscribed }
- { value: 3, graph: 3, generic: 0, descr: subscribed }
- { value: 4, graph: 4, generic: 2, descr: expired }
- { value: 5, graph: 5, generic: 0, descr: deactivated }
-
oid: sfosWebServerProtectionLicRegStatus
num_oid: '.1.3.6.1.4.1.2604.5.1.5.5.1.{{ $index }}'
index: 'sfosWebServerProtectionLicRegStatus.{{ $index }}'
descr: 'Web Server Protection Lic status'
group: Licensing
value: sfosWebServerProtectionLicRegStatus
states:
- { value: 0, graph: 0, generic: 0, descr: none }
- { value: 1, graph: 1, generic: 0, descr: evaluating }
- { value: 2, graph: 2, generic: 0, descr: notsubscribed }
- { value: 3, graph: 3, generic: 0, descr: subscribed }
- { value: 4, graph: 4, generic: 2, descr: expired }
- { value: 5, graph: 5, generic: 0, descr: deactivated }
-
oid: sfosSandstromLicRegStatus
num_oid: '.1.3.6.1.4.1.2604.5.1.5.6.1.{{ $index }}'
index: 'sfosSandstromLicRegStatus.{{ $index }}'
descr: 'Sandstorm Protection Lic status'
group: Licensing
value: sfosSandstromLicRegStatus
states:
- { value: 0, graph: 0, generic: 0, descr: none }
- { value: 1, graph: 1, generic: 0, descr: evaluating }
- { value: 2, graph: 2, generic: 0, descr: notsubscribed }
- { value: 3, graph: 3, generic: 0, descr: subscribed }
- { value: 4, graph: 4, generic: 2, descr: expired }
- { value: 5, graph: 5, generic: 0, descr: deactivated }
-
oid: sfosEnhancedSupportLicRegStatus
num_oid: '.1.3.6.1.4.1.2604.5.1.5.7.1.{{ $index }}'
index: 'sfosEnhancedSupportLicRegStatus.{{ $index }}'
descr: 'Enhanced Support Lic Status'
group: Licensing
value: sfosEnhancedSupportLicRegStatus
states:
- { value: 0, graph: 0, generic: 0, descr: none }
- { value: 1, graph: 1, generic: 0, descr: evaluating }
- { value: 2, graph: 2, generic: 0, descr: notsubscribed }
- { value: 3, graph: 3, generic: 0, descr: subscribed }
- { value: 4, graph: 4, generic: 2, descr: expired }
- { value: 5, graph: 5, generic: 0, descr: deactivated }
-
oid: sfosEnhancedPlusLicRegStatus
num_oid: '.1.3.6.1.4.1.2604.5.1.5.8.1.{{ $index }}'
index: 'sfosEnhancedPlusLicRegStatus.{{ $index }}'
descr: 'Enhanced Plus Support Lic Status'
group: Licensing
value: sfosEnhancedPlusLicRegStatus
states:
- { value: 0, graph: 0, generic: 0, descr: none }
- { value: 1, graph: 1, generic: 0, descr: evaluating }
- { value: 2, graph: 2, generic: 0, descr: notsubscribed }
- { value: 3, graph: 3, generic: 0, descr: subscribed }
- { value: 4, graph: 4, generic: 2, descr: expired }
- { value: 5, graph: 5, generic: 0, descr: deactivated }
-
oid: sfosCentralOrchestrationLicRegStatus
num_oid: '.1.3.6.1.4.1.2604.5.1.5.9.1.{{ $index }}'
index: 'sfosCentralOrchestrationLicRegStatus.{{ $index }}'
descr: 'Central Orchestration registration Lic Status'
group: Licensing
value: sfosCentralOrchestrationLicRegStatus
states:
- { value: 0, graph: 0, generic: 0, descr: none }
- { value: 1, graph: 1, generic: 0, descr: evaluating }
- { value: 2, graph: 2, generic: 0, descr: notsubscribed }
- { value: 3, graph: 3, generic: 0, descr: subscribed }
- { value: 4, graph: 4, generic: 2, descr: expired }
- { value: 5, graph: 5, generic: 0, descr: deactivated }
count:
data:
-
oid: sfosIPSecVpnActiveTunnel
num_oid: '.1.3.6.1.4.1.2604.5.1.5.2.1.{{ $index }}'
index: 'sfosIPSecVpnActiveTunnel.{{ $index }}'
descr: '{{ $sfosIPSecVpnConnName }} active tunnels'
group: IPSec

73
mibs/sophos/SFOS-FIREWALL-MIB
View File

@ -30,8 +30,7 @@ IMPORTS
FROM SNMPv2-CONF
DisplayString,
TEXTUAL-CONVENTION,
PhysAddress,
DateAndTime
PhysAddress
FROM SNMPv2-TC
Ipv6Address
FROM IPV6-TC;
@ -124,10 +123,12 @@ SubscriptionStatusType ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION "enumerated type for subscription status"
SYNTAX INTEGER {
trial ( 1 ),
unsubscribed ( 2 ),
none ( 0 ),
evaluating ( 1 ),
notsubscribed ( 2 ),
subscribed ( 3 ),
expired ( 4 )
expired ( 4 ),
deactivated ( 5 )
}
IPSecVPNConnectionType ::= TEXTUAL-CONVENTION
@ -219,7 +220,7 @@ sfosIPSVersion OBJECT-TYPE
-- sfosXGDeviceStats
sfosCurrentDate OBJECT-TYPE
SYNTAX DisplayString
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Current system date and time"
@ -577,20 +578,21 @@ sfosDeviceWebServerLic OBJECT IDENTIFIER ::= { sfosXGLicenseDetails 5 }
sfosDeviceSandstromLic OBJECT IDENTIFIER ::= { sfosXGLicenseDetails 6 }
sfosDeviceEnhancedSupportLic OBJECT IDENTIFIER ::= { sfosXGLicenseDetails 7 }
sfosDeviceEnhancedPlusSupportLic OBJECT IDENTIFIER ::= { sfosXGLicenseDetails 8 }
sfosDeviceCentralOrchestrationLic OBJECT IDENTIFIER ::= { sfosXGLicenseDetails 9 }
-- sfosXGLicenseDetails.sfosDeviceBaseFWLic
sfosBaseFWLicRegStatus OBJECT-TYPE
SYNTAX SubscriptionStatusType
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Base Firewall protection lic status "
DESCRIPTION "Base Firewall protection Lic status"
::= { sfosDeviceBaseFWLic 1 }
sfosBaseFWLicExpiryDate OBJECT-TYPE
SYNTAX DisplayString
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Base Firewall protection lic expiry date "
DESCRIPTION "Base Firewall protection Lic expiry date"
::= { sfosDeviceBaseFWLic 2 }
-- sfosXGLicenseDetails.sfosDeviceNetProtecLic
@ -598,14 +600,14 @@ sfosNetProtectionLicRegStatus OBJECT-TYPE
SYNTAX SubscriptionStatusType
MAX-ACCESS read-only
STATUS current
DESCRIPTION " Network Protection registration Lic status"
DESCRIPTION "Network Protection registration Lic status"
::= { sfosDeviceNetProtecLic 1 }
sfosNetProtectionLicExpiryDate OBJECT-TYPE
SYNTAX DisplayString
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Network Protection Iic Expiry Date "
DESCRIPTION "Network Protection Lic Expiry Date"
::= { sfosDeviceNetProtecLic 2 }
-- sfosXGLicenseDetails.sfosDeviceWebProtecLic
@ -613,14 +615,14 @@ sfosWebProtectionLicRegStatus OBJECT-TYPE
SYNTAX SubscriptionStatusType
MAX-ACCESS read-only
STATUS current
DESCRIPTION " "
DESCRIPTION "Web Protection registration Lic status"
::= { sfosDeviceWebProtecLic 1 }
sfosWebProtectionLicExpiryDate OBJECT-TYPE
SYNTAX DisplayString
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Network Protection Iic Expiry Date "
DESCRIPTION "Web Protection Lic Expiry Date"
::= { sfosDeviceWebProtecLic 2 }
-- sfosXGLicenseDetails.sfosDeviceMailProtecLic
@ -628,14 +630,14 @@ sfosMailProtectionLicRegStatus OBJECT-TYPE
SYNTAX SubscriptionStatusType
MAX-ACCESS read-only
STATUS current
DESCRIPTION "EMail Protection Iic Status "
DESCRIPTION "EMail Protection Lic Status"
::= { sfosDeviceMailProtecLic 1 }
sfosMailProtectionLicExpiryDate OBJECT-TYPE
SYNTAX DisplayString
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION "EMail Protection Iic Expiry Date"
DESCRIPTION "EMail Protection Lic Expiry Date"
::= { sfosDeviceMailProtecLic 2 }
-- sfosXGLicenseDetails.sfosDeviceWebServerLic
@ -643,14 +645,14 @@ sfosWebServerProtectionLicRegStatus OBJECT-TYPE
SYNTAX SubscriptionStatusType
MAX-ACCESS read-only
STATUS current
DESCRIPTION "web server Protection Iic status"
DESCRIPTION "web server Protection Lic status"
::= { sfosDeviceWebServerLic 1 }
sfosWebServerProtectionLicExpiryDate OBJECT-TYPE
SYNTAX DisplayString
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION "web server Protection Iic Expiry Date"
DESCRIPTION "web server Protection Lic Expiry Date"
::= { sfosDeviceWebServerLic 2 }
-- sfosXGLicenseDetails.sfosDeviceSandstromLic
@ -658,14 +660,14 @@ sfosSandstromLicRegStatus OBJECT-TYPE
SYNTAX SubscriptionStatusType
MAX-ACCESS read-only
STATUS current
DESCRIPTION "sandstrom Protection Iic status"
DESCRIPTION "sandstrom Protection Lic status"
::= { sfosDeviceSandstromLic 1 }
sfosSandstromLicExpiryDate OBJECT-TYPE
SYNTAX DisplayString
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION "sandstrom Protection Iic Expiry Date"
DESCRIPTION "sandstrom Protection Lic Expiry Date"
::= { sfosDeviceSandstromLic 2 }
-- sfosXGLicenseDetails.sfosDeviceEnhancedSupportLic
@ -677,7 +679,7 @@ sfosEnhancedSupportLicRegStatus OBJECT-TYPE
::= { sfosDeviceEnhancedSupportLic 1 }
sfosEnhancedSupportLicExpiryDate OBJECT-TYPE
SYNTAX DisplayString
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Enhanced Support Lic expiry date"
@ -692,12 +694,27 @@ sfosEnhancedPlusLicRegStatus OBJECT-TYPE
::= { sfosDeviceEnhancedPlusSupportLic 1 }
sfosEnhancedPlusLicExpiryDate OBJECT-TYPE
SYNTAX DisplayString
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Enhanced Plus Support Lic expiry date"
::= { sfosDeviceEnhancedPlusSupportLic 2 }
-- sfosXGLicenseDetails.sfosDeviceCentralOrchestrationLic
sfosCentralOrchestrationLicRegStatus OBJECT-TYPE
SYNTAX SubscriptionStatusType
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Central Orchestration registration Lic Status"
::= { sfosDeviceCentralOrchestrationLic 1 }
sfosCentralOrchestrationLicExpiryDate OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Central Orchestration Lic expiry date"
::= { sfosDeviceCentralOrchestrationLic 2 }
-- SFOS-XG MIB.sfosXGTunnelInfo
sfosVPNInfo OBJECT IDENTIFIER ::= { sfosXGTunnelInfo 1 }
@ -1194,7 +1211,9 @@ sfosLicInfoGroup OBJECT-GROUP
sfosEnhancedSupportLicRegStatus,
sfosEnhancedSupportLicExpiryDate,
sfosEnhancedPlusLicRegStatus,
sfosEnhancedPlusLicExpiryDate }
sfosEnhancedPlusLicExpiryDate,
sfosCentralOrchestrationLicRegStatus,
sfosCentralOrchestrationLicExpiryDate }
STATUS current
DESCRIPTION "A collection of objects providing SFOS License info"
::= { sfosXGMIBGroups 5 }

1542
tests/data/sophos-xg.json
View File

File diff suppressed because it is too large Load Diff

13
tests/snmpsim/sophos-xg.snmprec
View File

@ -1274,3 +1274,16 @@
1.3.6.1.4.1.2604.5.1.1.3.0|4|18.0.1 MR-1-Build396
1.3.6.1.4.1.2604.5.1.1.4.0|4|C01001GF24TPDE1
1.3.6.1.6.3.10.2.1.3.0|2|18653
1.3.6.1.4.1.2604.5.1.4.1.0|2|0
1.3.6.1.4.1.2604.5.1.4.4.0|2|0
1.3.6.1.4.1.2604.5.1.4.5.0|2|0
1.3.6.1.4.1.2604.5.1.5.2.1.0|2|1
1.3.6.1.4.1.2604.5.1.5.3.1.0|2|1
1.3.6.1.4.1.2604.5.1.5.4.1.0|2|1
1.3.6.1.4.1.2604.5.1.5.5.1.0|2|1
1.3.6.1.4.1.2604.5.1.5.6.1.0|2|2
1.3.6.1.4.1.2604.5.1.5.7.1.0|2|1
1.3.6.1.4.1.2604.5.1.5.8.1.0|2|2
1.3.6.1.4.1.2604.5.1.5.9.1.0|2|2
1.3.6.1.4.1.2604.5.1.6.1.1.1.1.2.1|4|VPNTunnel1
1.3.6.1.4.1.2604.5.1.6.1.1.1.1.8.1|2|4