General Information on SNMP Subagent

For Network Management purposes, IBM Firewall supports SNMP-based management. Packaged with the Firewall is a SNMP sub-agent that allows SNMP managers to monitor the firewall. Specifically, the sub-agent allows SNMP managers to access an IBM Firewall Management Information Base (MIB). Traps can be sent that report on critical system log activity and the status of important Firewall daemons. You can use the SNMP Subagent Configuration panel to configure key parameters for the subagent. You can also use this panel to start and stop the subagent.

Notes:

  1. For the IBM Firewall to be managed by an SNMP manager, connection rules must be defined to allow SNMP traffic to pass between the firewall and the SNMP manager.
  2. Upon installation, the SNMP daemon and SNMP Firewall subagent are not started. If you click start on the SNMP panel to activate the SNMP Firewall subagent, the daemon will automatically be activated. If the SNMP Firewall subagent is active and the machine is brought down, reboot the machine to start the SNMP Firewall subagent and the daemon. When an SNMP manager is deleted or added to the IBM Firewall, the daemon will be refreshed if it is running.

Further Information

SNMP (User's Guide)
Using Network Management with the IBM Firewall (Reference)

Log Filename

Specifies the name of the critical syslog to be polled by the subagent. This string should be an absolute path to a file. This field defaults to the local1 log file specified in /etc/security/syslog.conf.

When a critical log entry is detected, a trap is sent to the SNMP manager.


Log Polling Interval

Frequency with which the critical syslog file (specified above) is polled for its status. The value of this field must be an integer between 0 and 1440 (24 hours). A value of 0 disables the thread. The default value is 5 minutes.

When a critical log entry is detected, a trap is sent to the SNMP manager.


Server Polling Interval

Frequency with which the Firewall Server daemons are polled for their status. The value of this field must be an integer between 0 and 1440 (24 hours). A value of 0 disables the thread. The default value is 5 minutes.

Specifically, the following daemons are checked:

If the status of any of these daemons has changed from the last poll, a trap is sent to the SNMP manager.


Time to Start

Indicates the time at which to begin monitoring (and trapping on) critical log records. The default is the time the subagent is started. Thus, if you would like the monitoring to start at a later time, after you start the subagent, you can customize the time values according to your desired start time.

Date to Start

Indicates the date on which to begin monitoring (and trapping on) critical log records. The default is the date the subagent is started. Thus, if you would like the monitoring to start at a later date, after you start the subagent, you can customize the date values according to your desired start date.

Start

Start the subagent with the displayed operational settings.

Stop

Stop the subagent.

Defaults

Return the operational setting values, displayed on this screen, to their default values.

Close

Press the "Close" button to eliminate the window from your display.