-- **************************************************************************** -- SONICWALL-FIREWALL-IP-STATISTICS -- -- June 2002 Initial Version Srikanth Nayani -- Apr 2003 Change Postal Susan Yan -- Nov 2005 Add CPU and RAM Utilizations GM Anderson -- 03-10-08 - Removed Imports that are not used to -- prevent warnings in MIB compilation Mike Uy -- 04-17-09 - Updated E-mail CONTACT-INFO Rosalea Real -- 11-11-09 - Renamed this file from sonic_stats.mib to -- SONICWALL-FIREWALL-IP-STATISTICS-MIB.MIB Mike Uy -- 11-11-09 - Updated SonicWALL company address Mike Uy -- 01-25-12 - Modified the data types for FwStatsModule -- entries to Gauge and Integer Ajit Nair -- 06-01-12 - Add dynamic NAT count, management/forward CPU, -- interface statistics. Thomas Tang -- 07-23-12 - Updated company copyright and organization Mike Uy -- 02-18-14 - Add Sensor Table for hardware health monitoring Thomas Tang -- 02-28-14 - Add Syslog Module for syslog configuration and -- syslog statistic info exposing Thomas Tang -- -- 01-08-15 - Update Postal -- Add DPI-SSL Connection Counts Thomas Tang -- -- Copyright (c) 2015 DELL Inc. -- All rights reserved. -- **************************************************************************** SONICWALL-FIREWALL-IP-STATISTICS-MIB DEFINITIONS ::= BEGIN IMPORTS DisplayString,TruthValue FROM SNMPv2-TC IpAddress, Integer32, Counter64, Unsigned32, Counter32, OBJECT-TYPE, MODULE-IDENTITY FROM SNMPv2-SMI Counter, Gauge FROM RFC1155-SMI sonicwallFw FROM SONICWALL-SMI; sonicwallFwStatsModule MODULE-IDENTITY LAST-UPDATED "201501080000Z" ORGANIZATION "DELL SonicWall" CONTACT-INFO " DELL SonicWall Postal: 5455 Great America Parkway Santa Clara, CA 95054 USA Tel: +1 408 745 9600 Fax: +1 408 745 9300 E-mail: products@sonicwall.com" DESCRIPTION "The Generic MIB Module for SonicWALL Firewall." REVISION "201501080000Z" DESCRIPTION "Update Postal, Tel, Fax Add DPI-SSL Connection Counts" REVISION "201402280000Z" -- Feb 28, 2014 DESCRIPTION "Add Syslog Module for syslog configuration and syslog statistic info exposing" REVISION "201402180000Z" -- Feb 18, 2014 DESCRIPTION "Add Sensor Table for hardware health monitoring" REVISION "200511090000Z" DESCRIPTION "Initial Version" ::= { sonicwallFw 3 } -- ------------------------------------------------------------- -- Textual Conventions -- ------------------------------------------------------------- SyslogFacility ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The Syslog standard facilities defined by RFC 3164." REFERENCE "The Syslog Protocol (RFC 3164): Section 4." SYNTAX INTEGER { kern (0), -- kernel messages user (1), -- user-level messages mail (2), -- mail system daemon (3), -- system daemons auth (4), -- security/authorization messages syslog (5), -- messages generated internally by syslogd lpr (6), -- line printer subsystem news (7), -- network news subsystem uucp (8), -- UUCP subsystem cron (9), -- clock daemon authpriv (10),-- security/authorization messages ftp (11),-- FTP daemon ntp (12),-- NTP subsystem audit (13),-- log audit alert (14),-- log alert cron2 (15),-- clock daemon local0 (16),-- local use 0 local1 (17),-- local use 1 local2 (18),-- local use 2 local3 (19),-- local use 3 local4 (20),-- local use 4 local5 (21),-- local use 5 local6 (22),-- local use 6 local7 (23) -- local use 7 } -- ======================= -- sonic Firewall Statistics -- ======================= sonicwallFwStats OBJECT IDENTIFIER ::= {sonicwallFwStatsModule 1} sonicMaxConnCacheEntries OBJECT-TYPE SYNTAX INTEGER (1..2147483647) MAX-ACCESS read-only STATUS current DESCRIPTION " Maximum number of connection cache entries allowed through the firewall" ::= { sonicwallFwStats 1 } sonicCurrentConnCacheEntries OBJECT-TYPE SYNTAX Gauge MAX-ACCESS read-only STATUS current DESCRIPTION " Number of active connection cache entries through the firewall" ::= { sonicwallFwStats 2 } sonicCurrentCPUUtil OBJECT-TYPE SYNTAX Gauge MAX-ACCESS read-only STATUS current DESCRIPTION " Instantaneous CPU Utilization in percent" ::= { sonicwallFwStats 3 } sonicCurrentRAMUtil OBJECT-TYPE SYNTAX Gauge MAX-ACCESS read-only STATUS current DESCRIPTION " Instantaneous RAM Utilization in percent" ::= { sonicwallFwStats 4 } sonicNatTranslationCount OBJECT-TYPE SYNTAX Gauge MAX-ACCESS read-only STATUS current DESCRIPTION " Current number of dynamic NAT translations being performed." ::= { sonicwallFwStats 5 } sonicCurrentManagementCPUUtil OBJECT-TYPE SYNTAX Gauge MAX-ACCESS read-only STATUS current DESCRIPTION " Instantaneous management CPU Utilization in percent." ::= { sonicwallFwStats 6 } sonicCurrentFwdAndInspectCPUUtil OBJECT-TYPE SYNTAX Gauge MAX-ACCESS read-only STATUS current DESCRIPTION " Instantaneous Forwarding/Inspection CPU Utilization in percent." ::= { sonicwallFwStats 7 } -- ======================= -- sonic Interface Statistics Table -- ======================= sonicIfStatTable OBJECT-TYPE SYNTAX SEQUENCE OF SonicIfStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "List of physical interfaces and their current usage in percentage." ::= { sonicwallFwStats 8 } sonicIfStatEntry OBJECT-TYPE SYNTAX SonicIfStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Interface status entry." INDEX { sonicIfIndex } ::= { sonicIfStatTable 1 } SonicIfStatEntry ::= SEQUENCE { sonicIfIndex INTEGER, sonicIfUsage INTEGER, sonicIfThroughput INTEGER } sonicIfIndex OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "A unique value for each interface. Its value ranges between 1 and the value of ifNumber. The value for each interface must remain constant at least from one re-initialization of the entity's network management system to the next re- initialization." ::= { sonicIfStatEntry 1 } sonicIfUsage OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Interface bandwidth usage value in percentage." ::= { sonicIfStatEntry 2 } sonicIfThroughput OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Interface throughput value in bits per second." ::= { sonicIfStatEntry 3 } sonicwallFwVPNStats OBJECT IDENTIFIER ::= {sonicwallFwStatsModule 2} sonicwallFwVpnIPSecStats OBJECT IDENTIFIER ::= {sonicwallFwVPNStats 1} -- ======================= -- sonic IPsec Statistics Table -- ======================= sonicSAStatTable OBJECT-TYPE SYNTAX SEQUENCE OF SonicSAStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table provides statistics for each Security Association." ::= { sonicwallFwVpnIPSecStats 1 } sonicSAStatEntry OBJECT-TYPE SYNTAX SonicSAStatEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Entries in table cannot be added or deleted. This table is completely controlled by the agent. Each SA statistics will be represented by an entry in this table. " INDEX { sonicIpsecSaIndex} ::= { sonicSAStatTable 1 } SonicSAStatEntry ::= SEQUENCE { sonicIpsecSaIndex Counter, sonicSAStatPeerGateway IpAddress, sonicSAStatSrcAddrBegin IpAddress, sonicSAStatSrcAddrEnd IpAddress, sonicSAStatDstAddrBegin IpAddress, sonicSAStatDstAddrEnd IpAddress, sonicSAStatCreateTime DisplayString, sonicSAStatEncryptPktCount Counter, sonicSAStatEncryptByteCount Counter, sonicSAStatDecryptPktCount Counter, sonicSAStatDecryptByteCount Counter, sonicSAStatInFragPktCount Counter, sonicSAStatOutFragPktCount Counter, sonicSAStatUserName DisplayString } sonicIpsecSaIndex OBJECT-TYPE SYNTAX Counter MAX-ACCESS read-only STATUS current DESCRIPTION " Phase2 SA index." ::= { sonicSAStatEntry 1 } sonicSAStatPeerGateway OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Peer gateway address where the tunnel gets terminated ." ::= { sonicSAStatEntry 2 } sonicSAStatSrcAddrBegin OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "First address of the Source network for the phase2 SA ." ::= { sonicSAStatEntry 3 } sonicSAStatSrcAddrEnd OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Last address of the Source network for the phase2 SA ." ::= { sonicSAStatEntry 4 } sonicSAStatDstAddrBegin OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "First address of the destination network for the phase2 SA ." ::= { sonicSAStatEntry 5 } sonicSAStatDstAddrEnd OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Last address of the destination network for the phase2 SA ." ::= { sonicSAStatEntry 6 } sonicSAStatCreateTime OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "Time this phase2 SA was actually created in GMT." ::= { sonicSAStatEntry 7 } sonicSAStatEncryptPktCount OBJECT-TYPE SYNTAX Counter MAX-ACCESS read-only STATUS current DESCRIPTION "Total encrypted packet count for this phase2 SA." ::= { sonicSAStatEntry 8 } sonicSAStatEncryptByteCount OBJECT-TYPE SYNTAX Counter MAX-ACCESS read-only STATUS current DESCRIPTION "Total encrypted byte count for this phase2 SA." ::= { sonicSAStatEntry 9 } sonicSAStatDecryptPktCount OBJECT-TYPE SYNTAX Counter MAX-ACCESS read-only STATUS current DESCRIPTION "Total decrypted packet count for this phase2 SA." ::= { sonicSAStatEntry 10} sonicSAStatDecryptByteCount OBJECT-TYPE SYNTAX Counter MAX-ACCESS read-only STATUS current DESCRIPTION "Total decrypted byte count for this phase2 SA." ::= { sonicSAStatEntry 11 } sonicSAStatInFragPktCount OBJECT-TYPE SYNTAX Counter MAX-ACCESS read-only STATUS current DESCRIPTION "Incoming Fragmented packet count for this phase2 SA" ::= { sonicSAStatEntry 12 } sonicSAStatOutFragPktCount OBJECT-TYPE SYNTAX Counter MAX-ACCESS read-only STATUS current DESCRIPTION "Outgoing Fragmented packet count for this phase2 SA" ::= { sonicSAStatEntry 13 } sonicSAStatUserName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "Name of the security policy used for creating this phase2 SA." ::= { sonicSAStatEntry 14 } sonicwallFwHWStats OBJECT IDENTIFIER ::= {sonicwallFwStatsModule 3} -- ======================================================================= -- Sensor Stats -- ======================================================================= sonicwallFwHWSensorStats OBJECT IDENTIFIER ::= {sonicwallFwHWStats 3} -- ======================================================================= -- Sensor Table -- ======================================================================= sonicwallSensorsTable OBJECT-TYPE SYNTAX SEQUENCE OF SonicwallSensorsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This lists all the sensors and their value in SonicWALL firewall device." ::= { sonicwallFwHWSensorStats 1 } sonicwallSensorsEntry OBJECT-TYPE SYNTAX SonicwallSensorsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "SonicWALL sensor entry" INDEX { sonicwallSensorsIndex } ::= { sonicwallSensorsTable 1 } SonicwallSensorsEntry ::= SEQUENCE { sonicwallSensorsIndex Integer32, sonicwallSensorsId Integer32, sonicwallSensorsDevice DisplayString, sonicwallSensorsValue Integer32, sonicwallSensorsUnit DisplayString } sonicwallSensorsIndex OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "Index that identifies the sensor" ::= { sonicwallSensorsEntry 1 } sonicwallSensorsId OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "Index that identifies the sensor ID" ::= { sonicwallSensorsEntry 2 } sonicwallSensorsDevice OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "Sensor descriptive name" ::= { sonicwallSensorsEntry 3 } sonicwallSensorsValue OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "Sensor value" ::= { sonicwallSensorsEntry 4 } sonicwallSensorsUnit OBJECT-TYPE SYNTAX DisplayString (SIZE (0..255)) MAX-ACCESS read-only STATUS current DESCRIPTION "Sensor unit" ::= { sonicwallSensorsEntry 5 } sonicwallFwSyslogStats OBJECT IDENTIFIER ::= {sonicwallFwStatsModule 4} -- ======================================================================= -- Syslog Stats -- ======================================================================= -- Subgroups sonicwallFwSyslogSetting OBJECT IDENTIFIER ::= {sonicwallFwSyslogStats 1} sonicwallFwSyslogServer OBJECT IDENTIFIER ::= {sonicwallFwSyslogStats 2} sonicwallFwSyslogStatistic OBJECT IDENTIFIER ::= {sonicwallFwSyslogStats 3} -- Syslog setting objects sonicSyslogFacility OBJECT-TYPE SYNTAX SyslogFacility MAX-ACCESS read-only STATUS current DESCRIPTION "Syslog facility configured on firewall." ::= { sonicwallFwSyslogSetting 1 } sonicSyslogOverrideSetting OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "When using SonicWALL ViewPoint for reporting solution, this object indicates whether the appliance overrides Syslog settings with reporting software settings." ::= { sonicwallFwSyslogSetting 2 } sonicSyslogFormat OBJECT-TYPE SYNTAX INTEGER { default(0), webTrends(1), enhSyslog(2), arcSight(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "Syslog format configured on firewall. The following Syslog formats can be specified: Default - Use the default SonicWALL Syslog format. WebTrends - Use the WebTrends Syslog format. You must have WebTrends software installed on your system. Enhanced Syslog - Use the Enhanced SonicWALL Syslog format. ArcSight - Use the ArcSight Syslog format. A Syslog server must be configured with the ArcSight Logger application to decode the ArcSight messages." ::= { sonicwallFwSyslogSetting 3 } sonicSyslogID OBJECT-TYPE SYNTAX DisplayString (SIZE (0..32)) MAX-ACCESS read-only STATUS current DESCRIPTION "The Syslog ID field is included in all generated syslog messages, prefixed by id=. The Syslog ID field is disabled when the Override Syslog Settings with Reporting Software Settings option is enabled." ::= { sonicwallFwSyslogSetting 4 } sonicSyslogEventRateLimitEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates whether the appliance enables rate limiting of events to prevent the internal or external logging mechanism from being overwhelmed by log events." ::= { sonicwallFwSyslogSetting 5 } sonicSyslogEventRateLimit OBJECT-TYPE SYNTAX Gauge MAX-ACCESS read-only STATUS current DESCRIPTION "Event rate limiting: Maximum Events Per Second." ::= { sonicwallFwSyslogSetting 6 } sonicSyslogDataRateLimitEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates whether the appliance enables rate limiting of data to prevent the internal or external logging mechanism from being overwhelmed by log events." ::= { sonicwallFwSyslogSetting 7 } sonicSyslogDataRateLimit OBJECT-TYPE SYNTAX Gauge MAX-ACCESS read-only STATUS current DESCRIPTION "Data rate limiting: Maximum Bytes Per Second." ::= { sonicwallFwSyslogSetting 8 } sonicSyslogNDPPEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object indicates whether the appliance enables NDPP Enforcement for Syslog Server." ::= { sonicwallFwSyslogSetting 9 } -- Syslog server objects sonicSyslogMaxServers OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The maximum number of syslog servers that can be configured for the system in sonicSyslogTable." ::= { sonicwallFwSyslogServer 1 } sonicSyslogServerTable OBJECT-TYPE SYNTAX SEQUENCE OF SonicSyslogEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains entries of syslog servers for the appliance. The maximum number of entries is indicated by the object sonicwallSyslogMaxServers." ::= { sonicwallFwSyslogServer 2 } sonicSyslogServerEntry OBJECT-TYPE SYNTAX SonicSyslogEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry containing info about syslog server configured by SonicWALL firewall appliance" INDEX { sonicSyslogServerIndex } ::= { sonicSyslogServerTable 1 } SonicSyslogEntry ::= SEQUENCE { sonicSyslogServerIndex INTEGER, sonicSyslogServerAddr IpAddress, sonicSyslogServerPort INTEGER } sonicSyslogServerIndex OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "Index that identifies the syslog server" ::= { sonicSyslogServerEntry 1 } sonicSyslogServerAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Syslog server address." ::= { sonicSyslogServerEntry 2 } sonicSyslogServerPort OBJECT-TYPE SYNTAX INTEGER (0..65535) MAX-ACCESS read-only STATUS current DESCRIPTION "Syslog server port." ::= { sonicSyslogServerEntry 3 } -- Syslog statistics objects sonicSyslogMessage OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Running total of syslog message generated since startup." ::= { sonicwallFwSyslogStatistic 1 } sonicSyslogStreamData OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Running total of syslog stream data generated since startup." ::= { sonicwallFwSyslogStatistic 2 } -- ======================================================================= -- sonic DPI-SSL Stats -- ======================================================================= sonicwallFwDpiSslStats OBJECT IDENTIFIER ::= {sonicwallFwStatsModule 5} sonicDpiSslConnCountCur OBJECT-TYPE SYNTAX Gauge MAX-ACCESS read-only STATUS current DESCRIPTION "Current SSL-inspected connections through the firewall." ::= { sonicwallFwDpiSslStats 1 } sonicDpiSslConnCountHighWater OBJECT-TYPE SYNTAX Gauge MAX-ACCESS read-only STATUS current DESCRIPTION "Highwater SSL-inspected connections through the firewall." ::= { sonicwallFwDpiSslStats 2 } sonicDpiSslConnCountMax OBJECT-TYPE SYNTAX Gauge MAX-ACCESS read-only STATUS current DESCRIPTION "Maximum SSL-inspected connections through the firewall." ::= { sonicwallFwDpiSslStats 3 } END