Most customers I am talking to operate some sort of enterprise management system, which is picking up statuses from their environment using either SNMP or syslog. Many have approached me with question on possible integration between MWG 7 and this kind of system.

Since MWG 7 we have changed the internal structure of processes. On MWG based appliances, we had a SNMP agent built into the (MWG-)application. This has changed! In MWG 7 we are running snmpd as part of the OS, which gives us additional benefitial information as we are closer to the hardware due to being in the OS rather than in the application. The same applies to syslog. On MWG 6 the appliances were running the standard unix syslogd, whereas on MWG 7 the appliances are running rsyslogd which gives us other interesting opportunities, which I will elaborate on in the following. If you are looking for some network management software, http://www.simpleweb.org is a great recourse.

 

SNMP

 

Generally MWG 7 supports all of the following snmp MIBs (lengthy list ) :

 

  • mcafee/mcafeeGATEWAY/mwg
  • dell/server3 (if dell rpm installed)
  • dell/storage (if dell rpm installed)
  • mibII
  • ucd_snmp
  • snmpv3mibs
  • notification
  • notification-log-mib
  • target
  • agent_mibs
  • agentx
  • disman/event-mib
  • disman/schedule
  • utilities
  • host
  • mibII/ipv6
  • smux
  • ucd-snmp/diskio
  • tcp-mib
  • udp-mib
  • mibII/mta_sendmail
  • ip-mib/ipv4InterfaceTable
  • ip-mib/ipv6InterfaceTable
  • ip-mib/ipAddressPrefixTable/ipAddressPrefixTable
  • ip-mib/ipDefaultRouterTable/ipDefaultRouterTable
  • ip-mib/ipv6ScopeZoneIndexTable
  • ip-mib/ipIfStatsTable
  • sctp-mib
  • rmon-mib
  • etherlike
  • ucd-snmp/lmSensors
  • mibII/system_mib
  • mibII/sysORTable
  • mibII/at
  • mibII/ifTable
  • mibII/ip
  • mibII/snmp_mib
  • mibII/tcp
  • mibII/icmp
  • mibII/udp
  • mibII/vacm_vars
  • mibII/setSerialNo
  • ip-mib
  • if-mib
  • ip-forward-mib
  • ucd-snmp/memory
  • ucd-snmp/vmstat
  • ucd-snmp/proc
  • ucd-snmp/versioninfo
  • ucd-snmp/pass
  • ucd-snmp/pass_persist
  • ucd-snmp/disk
  • ucd-snmp/loadave
  • ucd-snmp/extensible
  • agent/extend
  • ucd-snmp/errormib
  • ucd-snmp/file
  • ucd-snmp/dlmod
  • ucd-snmp/proxy
  • ucd-snmp/logmatch
  • snmpv3/snmpEngine
  • snmpv3/snmpMPDStats
  • snmpv3/usmStats
  • snmpv3/usmConf
  • snmpv3/usmUser
  • notification/snmpNotifyTable
  • snmp-notification-mib/snmpNotifyFilterTable
  • notification/snmpNotifyFilterProfileTable
  • notification-log-mib/notification_log
  • target/snmpTargetAddrEntry
  • target/snmpTargetParamsEntry
  • target/target
  • target/target_counters
  • agent/nsTransactionTable
  • agent/nsModuleTable
  • agent/nsDebug
  • agent/nsCache
  • agent/nsLogging
  • agentx/master
  • agentx/subagent
  • disman/event
  • disman/schedule/schedCore
  • disman/schedule/schedConf
  • disman/schedule/schedTable
  • utilities/override
  • utilities/execute
  • utilities/iquery
  • host/hr_system
  • host/hr_storage
  • host/hr_device
  • host/hr_other
  • host/hr_proc
  • host/hr_network
  • host/hr_print
  • host/hr_disk
  • host/hr_partition
  • host/hr_filesys
  • host/hr_swrun
  • host/hr_swinst
  • mibII/var_route
  • mibII/route_write
  • util_funcs
  • smux/smux
  • tcp-mib/tcpConnectionTable
  • tcp-mib/tcpListenerTable
  • udp-mib/udpEndpointTable
  • ip-mib/ipv4InterfaceTable/ipv4InterfaceTable
  • ip-mib/ipv6InterfaceTable/ipv6InterfaceTable
  • ip-mib/ipAddressTable/ipAddressTable
  • ip-mib/ipAddressPrefixTable/ipAddressPrefixTable_interface
  • ip-mib/ipAddressPrefixTable/ipAddressPrefixTable_data_access
  • ip-mib/data_access/defaultrouter
  • ip-mib/ipDefaultRouterTable/ipDefaultRouterTable_interface
  • ip-mib/ipDefaultRouterTable/ipDefaultRouterTable_data_access
  • ip-mib/ipDefaultRouterTable/ipDefaultRouterTable_data_get
  • ip-mib/ipv6ScopeZoneIndexTable/ipv6ScopeZoneIndexTable
  • ip-mib/data_access/systemstats
  • ip-mib/ipIfStatsTable/ipIfStatsTable
  • ip-mib/ipIfStatsTable/ipIfStatsTable_interface
  • ip-mib/ipIfStatsTable/ipIfStatsTable_data_access
  • sctp-mib/sctpScalars
  • sctp-mib/sctpTables
  • rmon-mib/etherStatsTable
  • etherlike-mib/dot3StatsTable
  • if-mib/ifTable
  • mibII/kernel_linux
  • mibII/ipAddr
  • mibII/tcpTable
  • mibII/udpTable
  • mibII/vacm_context
  • mibII/vacm_conf
  • ip-mib/ipAddressTable
  • ip-mib/inetNetToMediaTable
  • ip-mib/ipSystemStatsTable
  • ip-mib/ip_scalars
  • if-mib/ifXTable
  • ip-forward-mib/ipCidrRouteTable
  • ip-forward-mib/inetCidrRouteTable
  • hardware/memory
  • hardware/cpu
  • header_complex
  • snmp-notification-mib/snmpNotifyFilterTable/snmpNotifyFilterTable
  • agentx/protocol
  • agentx/client
  • agentx/master_admin
  • agentx/agentx_config
  • disman/event/mteScalars
  • disman/event/mteTrigger
  • disman/event/mteTriggerTable
  • disman/event/mteTriggerDeltaTable
  • disman/event/mteTriggerExistenceTable
  • disman/event/mteTriggerBooleanTable
  • disman/event/mteTriggerThresholdTable
  • disman/event/mteTriggerConf
  • disman/event/mteEvent
  • disman/event/mteEventTable
  • disman/event/mteEventSetTable
  • disman/event/mteEventNotificationTable
  • disman/event/mteEventConf
  • disman/event/mteObjects
  • disman/event/mteObjectsTable
  • disman/event/mteObjectsConf
  • tcp-mib/data_access/tcpConn
  • tcp-mib/tcpConnectionTable/tcpConnectionTable
  • tcp-mib/tcpListenerTable/tcpListenerTable
  • udp-mib/udpEndpointTable/udpEndpointTable
  • if-mib/data_access/interface
  • if-mib/ifTable/ifTable_interface
  • if-mib/ifTable/ifTable_data_access
  • if-mib/ifTable/ifTable
  • ip-mib/ipv4InterfaceTable/ipv4InterfaceTable_interface
  • ip-mib/ipv4InterfaceTable/ipv4InterfaceTable_data_access
  • ip-mib/ipv6InterfaceTable/ipv6InterfaceTable_interface
  • ip-mib/ipv6InterfaceTable/ipv6InterfaceTable_data_access
  • ip-mib/data_access/ipaddress
  • ip-mib/ipAddressTable/ipAddressTable_interface
  • ip-mib/ipAddressTable/ipAddressTable_data_access
  • ip-mib/data_access/defaultrouter_common
  • ip-mib/data_access/defaultrouter_linux
  • ip-mib/data_access/ipv6scopezone
  • ip-mib/ipv6ScopeZoneIndexTable/ipv6ScopeZoneIndexTable_interface
  • ip-mib/ipv6ScopeZoneIndexTable/ipv6ScopeZoneIndexTable_data_access
  • ip-mib/data_access/systemstats_common
  • ip-mib/data_access/systemstats_linux
  • ip-mib/ipIfStatsTable/ipIfStatsTable_data_get
  • sctp-mib/sctpScalars_common
  • sctp-mib/sctpScalars_linux
  • sctp-mib/sctpTables_common
  • sctp-mib/sctpAssocRemAddrTable
  • sctp-mib/sctpAssocLocalAddrTable
  • sctp-mib/sctpLookupLocalPortTable
  • sctp-mib/sctpLookupRemPortTable
  • sctp-mib/sctpLookupRemHostNameTable
  • sctp-mib/sctpLookupRemPrimIPAddrTable
  • sctp-mib/sctpLookupRemIPAddrTable
  • sctp-mib/sctpAssocTable
  • sctp-mib/sctpTables_linux
  • rmon-mib/data_access/etherstats
  • rmon-mib/etherStatsTable/etherStatsTable
  • rmon-mib/etherStatsTable/etherStatsTable_data_get
  • rmon-mib/etherStatsTable/etherStatsTable_data_set
  • rmon-mib/etherStatsTable/etherStatsTable_data_access
  • rmon-mib/etherStatsTable/etherStatsTable_interface
  • etherlike-mib/data_access/dot3stats
  • etherlike-mib/dot3StatsTable/dot3StatsTable
  • etherlike-mib/dot3StatsTable/dot3StatsTable_data_get
  • etherlike-mib/dot3StatsTable/dot3StatsTable_data_set
  • etherlike-mib/dot3StatsTable/dot3StatsTable_data_access
  • etherlike-mib/dot3StatsTable/dot3StatsTable_interface
  • ip-mib/data_access/arp
  • ip-mib/inetNetToMediaTable/inetNetToMediaTable
  • ip-mib/inetNetToMediaTable/inetNetToMediaTable_interface
  • ip-mib/inetNetToMediaTable/inetNetToMediaTable_data_access
  • ip-mib/ipSystemStatsTable/ipSystemStatsTable
  • ip-mib/ipSystemStatsTable/ipSystemStatsTable_interface
  • ip-mib/ipSystemStatsTable/ipSystemStatsTable_data_access
  • ip-mib/data_access/scalars_common
  • if-mib/ifXTable/ifXTable
  • ip-forward-mib/ipCidrRouteTable/ipCidrRouteTable
  • ip-forward-mib/inetCidrRouteTable/inetCidrRouteTable
  • hardware/memory/memory_linux
  • hardware/memory/hw_mem
  • hardware/cpu/cpu_linux
  • hardware/cpu/cpu
  • snmp-notification-mib/snmpNotifyFilterTable/snmpNotifyFilterTable_interface
  • snmp-notification-mib/snmpNotifyFilterTable/snmpNotifyFilterTable_data_access
  • tcp-mib/data_access/tcpConn_common
  • tcp-mib/data_access/tcpConn_linux
  • tcp-mib/tcpConnectionTable/tcpConnectionTable_interface
  • tcp-mib/tcpConnectionTable/tcpConnectionTable_data_access
  • tcp-mib/tcpListenerTable/tcpListenerTable_interface
  • tcp-mib/tcpListenerTable/tcpListenerTable_data_access
  • udp-mib/data_access/udp_endpoint
  • udp-mib/udpEndpointTable/udpEndpointTable_interface
  • udp-mib/udpEndpointTable/udpEndpointTable_data_access
  • if-mib/data_access/interface_linux
  • if-mib/data_access/interface_ioctl
  • ip-mib/data_access/ipaddress_common
  • ip-mib/data_access/ipaddress_linux
  • ip-mib/data_access/ipv6scopezone_common
  • ip-mib/data_access/ipv6scopezone_linux
  • rmon-mib/data_access/etherstats_linux
  • etherlike-mib/data_access/dot3stats_linux
  • ip-mib/data_access/arp_common
  • ip-mib/data_access/arp_linux
  • ip-mib/data_access/scalars_linux
  • if-mib/ifXTable/ifXTable_interface
  • if-mib/ifXTable/ifXTable_data_access
  • ip-forward-mib/data_access/route
  • ip-forward-mib/ipCidrRouteTable/ipCidrRouteTable_interface
  • ip-forward-mib/ipCidrRouteTable/ipCidrRouteTable_data_access
  • ip-forward-mib/inetCidrRouteTable/inetCidrRouteTable_interface
  • ip-forward-mib/inetCidrRouteTable/inetCidrRouteTable_data_access
  • udp-mib/data_access/udp_endpoint_common
  • udp-mib/data_access/udp_endpoint_linux
  • ip-mib/data_access/ipaddress_ioctl
  • ip-forward-mib/data_access/route_common
  • ip-forward-mib/data_access/route_linux
  • ip-forward-mib/data_access/route_ioctl

 

Example: host-recourse MIB

The majority of these are standard SNMP MIBs which are generally accessible over the internet.

If it come to hardware monitoring, your best friend usually is the host recource MIBs. It provides you with a lot of access to hardware information. I have found this page which lets you kindly step through the MIB: http://www.simpleweb.org/ietf/mibs/modules/html/?category=IETF&module=HOST-RESOU RCES-MIB


This MIB gives you valuable information about the hardware status of you system. For a basic hardware overview of you system you can poll OID 1.3.6.1.2.1.25.3.2 which is a table containing CPU, NIC, CD and other information. To poll this data, I use the standard unix snmp tools. As this is a table the command of choice is: snmptable -v 2c -c Public 10.150.163.18:9161 1.3.6.1.2.1.25.3.2

-v is the version I am using as configured on the web gateway under Configuration > SNMP; 2c in our case

-c is the community I specified on Web Gateway. Note: This is case sensitive, so Public in this case

10.150.163.18 is the IP of my web gateway appliances

:9161 is the port on which the SNMP daemon listens

1.3.6.1.2.1.25.3.2 is the OID I am polling

 

The result is:

 

michael@michael-desktop:~$ snmptable -v 2c -c Public 10.150.163.18:9161 1.3.6.1.2.1.25.3.2
SNMP table: HOST-RESOURCES-MIB::hrDeviceTable

 hrDeviceIndex                              hrDeviceType                                                 hrDeviceDescr              hrDeviceID hrDeviceStatus hrDeviceErrors
           768   HOST-RESOURCES-TYPES::hrDeviceProcessor GenuineIntel:                   Intel(R) Xeon(TM) CPU 3.00GHz SNMPv2-SMI::zeroDotZero              ?              ?
           769   HOST-RESOURCES-TYPES::hrDeviceProcessor GenuineIntel:                   Intel(R) Xeon(TM) CPU 3.00GHz SNMPv2-SMI::zeroDotZero              ?              ?
           770   HOST-RESOURCES-TYPES::hrDeviceProcessor GenuineIntel:                   Intel(R) Xeon(TM) CPU 3.00GHz SNMPv2-SMI::zeroDotZero              ?              ?
           771   HOST-RESOURCES-TYPES::hrDeviceProcessor GenuineIntel:                   Intel(R) Xeon(TM) CPU 3.00GHz SNMPv2-SMI::zeroDotZero              ?              ?
          1025     HOST-RESOURCES-TYPES::hrDeviceNetwork                                          network interface lo SNMPv2-SMI::zeroDotZero        running              0
          1026     HOST-RESOURCES-TYPES::hrDeviceNetwork                                        network interface eth0 SNMPv2-SMI::zeroDotZero        running              0
          1027     HOST-RESOURCES-TYPES::hrDeviceNetwork                                        network interface sit0 SNMPv2-SMI::zeroDotZero           down              0
          1536 HOST-RESOURCES-TYPES::hrDeviceDiskStorage                                VMware Virtual IDE CDROM Drive SNMPv2-SMI::zeroDotZero              ?              ?
          1552 HOST-RESOURCES-TYPES::hrDeviceDiskStorage                                          SCSI disk (/dev/sda) SNMPv2-SMI::zeroDotZero              ?              ?
          3072 HOST-RESOURCES-TYPES::hrDeviceCoprocessor           Guessing that there's a floating point co-processor SNMPv2-SMI::zeroDotZero              ?              ?

 

I have 4 CPUs, obviously Interl XEONs with 3 GHz each

have 3 network connections: localhost, et0 and sit0, from which the first two ar up and running

There is a VMWare CDRom

and a SCSI disk.

 

Another interesting OID in this MIB is .1.3.6.1.2.1.25.2.3 as it gives you an excellent overview over your disks and usage! I have now switched from command line to a MIB Broswer, which I obtained as 30 day Trial from http://ireasoning.com/. It is the iReasoning MIB Browser Professional.

I simple entered the connection data to my Web Gateway as described before and shown in the screenshot:

ireasoning.jpg

 

Then I selected hrStorage > hrStorageTable from Host-Recourse MIB, right cklicked on it and selected Table View. As result it gave me a nice table of my different partitions and their usage:

 

storage.jpg

 

As you can see with just some monitoring points and SNMP best practises, you will get extremely helpful and interesting results. What to monitor? This is something you should already know when asking about SNMP.

As some guidance, you definately want to monitor CPU:

 

Idle time of the CPU: .1.3.6.1.4.1.2021.11.11.0

Percentage spent on processes in the user space: .1.3.6.1.4.1.2021.11.9.0

Percentage spent on process in the system space: .1.3.6.1.4.1.2021.11.10.0

 

Memory:

Total Free: .1.3.6.1.4.1.2021.4.11.0

Total Real: .1.3.6.1.4.1.2021.4.5.0

Avail. Swap: .1.3.6.1.4.1.2021.4.4.0 (should never be 0 )

 

All other monitoring points for hardware are depending on your requirement and should be accievable with the onboard tools, simply talk to your SNMP admin what he expects.

 

There is of course the McAfee Web Gatway unique MIB, which can be downloaded from the UI under Configuration > SNMP.

 

It contains product version information as part of .1.3.6.1.4.1.1230.2.7.1.1.0

 

kProductName.0McAfee Web GatewayOctetString
kCompanyName.0McAfee Inc.OctetString
kProductVersion.07.0.1.3.0OctetString
kMajorVersion.07Integer
kMinorVersion.00Integer
kMicroVersion.01Integer
kHotfixVersion.00Integer
kCustomVersion.00Integer
kRevision.023272OctetString
pAMEngineVersion.07001.1001.1500OctetString
pAMSignatureVersion.02708OctetString
pMFEEngineVersion.05400OctetString
pMFEDATVersion.06155OctetString
pAMProactiveVersion.0366OctetString
pTSDBVersion.025566OctetString

 

Information on pattern and engine update status as part of .1.3.6.1.4.1.1230.2.7.1.20.1.0

 

pAMEngineVersion.07001.1001.1500OctetString
pAMSignatureVersion.02708OctetString
pMFEEngineVersion.05400OctetString
pMFEDATVersion.06155OctetString
pAMProactiveVersion.0366OctetString
pTSDBVersion.025566OctetString

 

You have access to ALL statistics which are available in the dashboards under .1.3.6.1.4.1.1230.2.7.2.1.1.0 :

 

stBadReputation.00Counter64
stMalwareDetected.019Counter64
stConnectionsLegitimate.062958Counter64
stBlockedByAntiMalware.019Counter64
stConnectionsBlocked.059495Counter64
stBlockedByMediaFilter.00Counter64
stBlockedByURLFilter.057493Counter64
stMimeType.00Counter64
stCategories.0220381Counter64
stCategoryName.1ChatOctetString
stCategoryName.2GamesOctetString
stCategoryName.3NudityOctetString
stCategoryName.4SportsOctetString
stCategoryName.5TravelOctetString
stCategoryName.6TobaccoOctetString
stCategoryName.7Web AdsOctetString
stCategoryName.8BusinessOctetString
stCategoryName.9PharmacyOctetString
stCategoryName.10PhishingOctetString
stCategoryName.11Web MailOctetString
stCategoryName.12ProfanityOctetString
stCategoryName.13Spam URLsOctetString
stCategoryName.14Blogs/WikiOctetString
stCategoryName.15AnonymizersOctetString
stCategoryName.16PornographyOctetString
stCategoryName.17Real EstateOctetString
stCategoryName.18General NewsOctetString
stCategoryName.19Portal SitesOctetString
stCategoryName.20Web MeetingsOctetString
stCategoryName.21EntertainmentOctetString
stCategoryName.22Media SharingOctetString
stCategoryName.23Parked DomainOctetString
stCategoryName.24Stock TradingOctetString
stCategoryName.25Content ServerOctetString
stCategoryName.26Fashion/BeautyOctetString
stCategoryName.27Motor VehiclesOctetString
stCategoryName.28Personal PagesOctetString
stCategoryName.29Search EnginesOctetString
stCategoryName.30Finance/BankingOctetString
stCategoryName.31Malicious SitesOctetString
stCategoryName.32Online ShoppingOctetString
stCategoryName.33Streaming MediaOctetString
stCategoryName.34Dating/PersonalsOctetString
stCategoryName.35Sexual MaterialsOctetString
stCategoryName.36Incidental NudityOctetString
stCategoryName.37Internet Radio/TVOctetString
stCategoryName.38Internet ServicesOctetString
stCategoryName.39Social NetworkingOctetString
stCategoryName.40Software/HardwareOctetString
stCategoryName.41Public InformationOctetString
stCategoryName.42Recreation/HobbiesOctetString
stCategoryName.43Shareware/FreewareOctetString
stCategoryName.44Education/ReferenceOctetString
stCategoryName.45Auctions/ClassifiedsOctetString
stCategoryName.46Information SecurityOctetString
stCategoryName.47Visual Search EngineOctetString
stCategoryName.48Forum/Bulletin BoardsOctetString
stCategoryName.49Game/Cartoon ViolenceOctetString
stCategoryName.50Technical InformationOctetString
stCategoryName.51Marketing/MerchandisingOctetString
stCategoryName.52Non-Profit/Advocacy/NGOOctetString
stCategoryName.53Professional NetworkingOctetString
stCategoryName.54Personal Network StorageOctetString
stCategoryName.55Residential IP AddressesOctetString
stCategoryName.56Spyware/Adware/KeyloggersOctetString
stCategoryName.57Technical/Business ForumsOctetString
stCategoryName.58Potential Illegal SoftwareOctetString
stCategoryName.59Interactive Web ApplicationsOctetString
stCategoryName.60Potential Criminal ActivitiesOctetString
stCategoryCount.15Counter64
stCategoryCount.258447Counter64
stCategoryCount.319Counter64
stCategoryCount.444Counter64
stCategoryCount.5267Counter64
stCategoryCount.63Counter64
stCategoryCount.71480Counter64
stCategoryCount.85413Counter64
stCategoryCount.987Counter64
stCategoryCount.101Counter64
stCategoryCount.115Counter64
stCategoryCount.122Counter64
stCategoryCount.13147Counter64
stCategoryCount.14373Counter64
stCategoryCount.1523Counter64
stCategoryCount.16674Counter64
stCategoryCount.17221Counter64
stCategoryCount.183115Counter64
stCategoryCount.191541Counter64
stCategoryCount.206Counter64
stCategoryCount.21979Counter64
stCategoryCount.2299Counter64
stCategoryCount.233Counter64
stCategoryCount.2470Counter64
stCategoryCount.252794Counter64
stCategoryCount.261Counter64
stCategoryCount.275Counter64
stCategoryCount.28208Counter64
stCategoryCount.291038Counter64
stCategoryCount.30586Counter64
stCategoryCount.31133Counter64
stCategoryCount.32236Counter64
stCategoryCount.33638Counter64
stCategoryCount.342Counter64
stCategoryCount.3527Counter64
stCategoryCount.361244Counter64
stCategoryCount.3784Counter64
stCategoryCount.382009Counter64
stCategoryCount.3958404Counter64
stCategoryCount.404600Counter64
stCategoryCount.41238Counter64
stCategoryCount.42151Counter64
stCategoryCount.4334Counter64
stCategoryCount.441076Counter64
stCategoryCount.45114Counter64
stCategoryCount.4635Counter64
stCategoryCount.4777Counter64
stCategoryCount.48171Counter64
stCategoryCount.4957657Counter64
stCategoryCount.502134Counter64
stCategoryCount.51201Counter64
stCategoryCount.527Counter64
stCategoryCount.53499Counter64
stCategoryCount.549604Counter64
stCategoryCount.5513Counter64
stCategoryCount.563Counter64
stCategoryCount.573284Counter64
stCategoryCount.5845Counter64
stCategoryCount.592Counter64
stCategoryCount.603Counter64
stHttpRequests.0259598Counter64
stHttpTraffic.01100133919Counter64
stHttpBytesFromClient.0171080546Counter64
stHttpBytesFromServer.01062287639Counter64
stHttpBytesToClient.01129926052Counter64
stHttpBytesToServer.037846280Counter64
stHttpsRequests.013753Counter64
stHttpsTraffic.0112400857Counter64
stHttpsBytesFromClient.019907878Counter64
stHttpsBytesFromServer.094078027Counter64
stHttpsBytesToClient.0142130758Counter64
stHttpsBytesToServer.018322830Counter64
stFtpTraffic.0872066246Counter64
stFtpBytesFromClient.00Counter64
stFtpBytesFromServer.0872065091Counter64
stFtpBytesToClient.00Counter64
stFtpBytesToServer.01155Counter64

 

 

In addition to all these POLL values, MWG has the ability to send out traps as an Even in every rule! Thus you not only passivly poll info but can let MWG send out information based on a rule criteria, which could be a unwanted category or in case a virus has been detected. Below is an example rule set and the output on a SNMP trap sink. For the rule you need to have trap sinks configured under Configuration > SNMP.

 

 

rule.jpg

 

 

The trap sink then shows:

 

trap.jpg