Wednesday, March 18, 2020

Fortigate SNMP to get sessions with specific IP address

I have a need to keep a count of sessions from the Internet to a specific IP address.

snmpwalk -c mycommunity 10.1.2.3 1.3.6.1.4.1.12356.101.11.2.1.1.5 | grep 64.65.66.67 | wc

This one liner does the trick for now. 64.65.66.67 is the destination IP address on my network.

***

The example below will list all the session on the Fortigate and took about two minutes to complete with 1628 sessions.

snmpwalk -c mycommunity 10.1.2.3 1.3.6.1.4.1.12356.101.11.2.1.1.5

SNMPv2-SMI::enterprises.12356.101.11.2.1.1.5.1624 = IpAddress: 10.1.2.3
SNMPv2-SMI::enterprises.12356.101.11.2.1.1.5.1625 = IpAddress: 10.1.3.1
SNMPv2-SMI::enterprises.12356.101.11.2.1.1.5.1626 = IpAddress: 10.1.4.2
SNMPv2-SMI::enterprises.12356.101.11.2.1.1.5.1627 = IpAddress: 10.1.5.5
SNMPv2-SMI::enterprises.12356.101.11.2.1.1.5.1628 = IpAddress: 199.232.32.21
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)