Fortinet black logo

CLI reference

Home FortiNDR 7.4.3 CLI reference
7.4.3
7.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.2.3
7.2.2
7.2.1
7.2.0
7.1.0
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0

config system snmp user

config system snmp user

Use this command to configure SNMP v3 user settings. SNMP v3 adds more security by using authentication and privacy encryption.

Syntax

config system snmp user

edit <user_name>

set query-status {enable | disable}

set query-port <port_number>

set security-level {authnopriv | authpriv | noauthnopriv}

set auth-proto {sha1 | md5}

set aut-pwd <password>

set status {enable | disable}

set trap-status {enable | disable}

set trapevent {cpu | logdisk | datadisk | mem | system}

set trapport-local <port_number>

set trapport-remote <port_number>

config host

edit <host_no>

set ip <class_ip>

end

end

Variable Description Default

<user_name>

Enter a name to identify the SNMP user on FortiNDR.

query-status {enable | disable}

Enable to allow SNMP v3 query from the SNMP managers. Also configure the query port as described below. disable

query-port <port_number>

Specify the port number used to listen to queries from the SNMP manager. 161

security-level {authnopriv | authpriv | noauthnopriv}

Choose one of the three security levels for the communication between FortiNDR and the SNMP manager.

noauthnotpriv (no authentication, no privacy):

This option is similar to SNMP v1 and v2.

authnopriv (authentication, no privacy)

This option enables authentication only. The SNMP manager needs to supply a password that matches the password you specify on FortiNDR. You must also specify the authentication protocol (either SHA1 or MD5).

authpriv (authentication, privacy)

This option enables both authentication and encryption. You must specify the protocols and passwords. Both the protocols and passwords on the SNMP manager and FortiNDR must match.

auth-proto {sha1 | md5}

Specify the authentication protocol if you choose authentication for the security level. Otherwise, this option is not displayed.

aut-pwd <password>

Specify the authentication password if you choose authentication for the security level. Otherwise, this option is not displayed.

status {enable | disable}

Enable or disable the SNMP v3 user on FortiNDR. disable

trap-status {enable | disable}

Enable to activate traps on FortiNDR. disable

trapevent {cpu | logdisk | datadisk | mem | system}

Enter one or more of the following events that will generate a trap when the event occurs or when its threshold is reached

cpu

CPU usage threshold.

logdisk

Log disk space low threshold.

datadisk

Data disk space low threshold.

mem

Memory low threshold.

system

System events, such as a change in the state of hardware, power failure and so on.

Cpu Logdisk datadisk mem system

trapport-local <port_number>

Enter the local port number for sending traps. 162

trapport-remote <port_number>

Enter the remote port number that listens to SNMP traps on the SNMP manager. 162

<host_no>

Enter an index number for the SNMP manager.

ip <class_ip>

Enter the IP address of the SNMP manager.
Previous
Next

config system snmp user

Use this command to configure SNMP v3 user settings. SNMP v3 adds more security by using authentication and privacy encryption.

Syntax

config system snmp user

edit <user_name>

set query-status {enable | disable}

set query-port <port_number>

set security-level {authnopriv | authpriv | noauthnopriv}

set auth-proto {sha1 | md5}

set aut-pwd <password>

set status {enable | disable}

set trap-status {enable | disable}

set trapevent {cpu | logdisk | datadisk | mem | system}

set trapport-local <port_number>

set trapport-remote <port_number>

config host

edit <host_no>

set ip <class_ip>

end

end

Variable Description Default

<user_name>

Enter a name to identify the SNMP user on FortiNDR.

query-status {enable | disable}

Enable to allow SNMP v3 query from the SNMP managers. Also configure the query port as described below. disable

query-port <port_number>

Specify the port number used to listen to queries from the SNMP manager. 161

security-level {authnopriv | authpriv | noauthnopriv}

Choose one of the three security levels for the communication between FortiNDR and the SNMP manager.

noauthnotpriv (no authentication, no privacy):

This option is similar to SNMP v1 and v2.

authnopriv (authentication, no privacy)

This option enables authentication only. The SNMP manager needs to supply a password that matches the password you specify on FortiNDR. You must also specify the authentication protocol (either SHA1 or MD5).

authpriv (authentication, privacy)

This option enables both authentication and encryption. You must specify the protocols and passwords. Both the protocols and passwords on the SNMP manager and FortiNDR must match.

auth-proto {sha1 | md5}

Specify the authentication protocol if you choose authentication for the security level. Otherwise, this option is not displayed.

aut-pwd <password>

Specify the authentication password if you choose authentication for the security level. Otherwise, this option is not displayed.

status {enable | disable}

Enable or disable the SNMP v3 user on FortiNDR. disable

trap-status {enable | disable}

Enable to activate traps on FortiNDR. disable

trapevent {cpu | logdisk | datadisk | mem | system}

Enter one or more of the following events that will generate a trap when the event occurs or when its threshold is reached

cpu

CPU usage threshold.

logdisk

Log disk space low threshold.

datadisk

Data disk space low threshold.

mem

Memory low threshold.

system

System events, such as a change in the state of hardware, power failure and so on.

Cpu Logdisk datadisk mem system

trapport-local <port_number>

Enter the local port number for sending traps. 162

trapport-remote <port_number>

Enter the remote port number that listens to SNMP traps on the SNMP manager. 162

<host_no>

Enter an index number for the SNMP manager.

ip <class_ip>

Enter the IP address of the SNMP manager.
Previous
Next