1175 lines
49 KiB
XML
1175 lines
49 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<zabbix_export>
|
|
<version>5.0</version>
|
|
<date>2021-06-19T10:42:34Z</date>
|
|
<groups>
|
|
<group>
|
|
<name>Templates</name>
|
|
</group>
|
|
</groups>
|
|
<templates>
|
|
<template>
|
|
<template>Template_Sophos_XG_FW</template>
|
|
<name>Template_Sophos_XG_FW</name>
|
|
<templates>
|
|
<template>
|
|
<name>Template_Ping</name>
|
|
</template>
|
|
<template>
|
|
<name>Template_SNMP_Interface_Basic</name>
|
|
</template>
|
|
</templates>
|
|
<groups>
|
|
<group>
|
|
<name>Templates</name>
|
|
</group>
|
|
</groups>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
<application>
|
|
<name>CPU</name>
|
|
</application>
|
|
<application>
|
|
<name>Inventory</name>
|
|
</application>
|
|
<application>
|
|
<name>Memory</name>
|
|
</application>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<items>
|
|
<item>
|
|
<name>Service apache status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::apacheService.0</snmp_oid>
|
|
<key>apacheService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service apache status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Device serial number</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::applianceKey.0</snmp_oid>
|
|
<key>applianceKey</key>
|
|
<delay>1h</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<value_type>CHAR</value_type>
|
|
<applications>
|
|
<application>
|
|
<name>Inventory</name>
|
|
</application>
|
|
</applications>
|
|
</item>
|
|
<item>
|
|
<name>Device model</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::applianceModel.0</snmp_oid>
|
|
<key>applianceModel</key>
|
|
<delay>1h</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<value_type>CHAR</value_type>
|
|
<applications>
|
|
<application>
|
|
<name>Inventory</name>
|
|
</application>
|
|
</applications>
|
|
</item>
|
|
<item>
|
|
<name>Service as status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::asService.0</snmp_oid>
|
|
<key>asService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service as status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service av status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::avService.0</snmp_oid>
|
|
<key>avService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service av status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>CPU utilization</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::cpuPercentUsage.0</snmp_oid>
|
|
<key>cpuPercentUsage</key>
|
|
<history>45d</history>
|
|
<trends>150d</trends>
|
|
<units>%</units>
|
|
<applications>
|
|
<application>
|
|
<name>CPU</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{avg(5m)}>{$CPU_UTIL_MAX}</expression>
|
|
<recovery_mode>RECOVERY_EXPRESSION</recovery_mode>
|
|
<recovery_expression>{avg(5m)}<({$CPU_UTIL_MAX}-5)</recovery_expression>
|
|
<name>CPU utilization high</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service database status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::databaseservice.0</snmp_oid>
|
|
<key>databaseService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service database status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service dgd status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::dgdService.0</snmp_oid>
|
|
<key>dgdService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service dgd status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Disk capacity</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::diskCapacity.0</snmp_oid>
|
|
<key>diskCapacity</key>
|
|
<delay>1h</delay>
|
|
<history>2w</history>
|
|
<trends>150d</trends>
|
|
<units>B</units>
|
|
<applications>
|
|
<application>
|
|
<name>Memory</name>
|
|
</application>
|
|
</applications>
|
|
<preprocessing>
|
|
<step>
|
|
<type>MULTIPLIER</type>
|
|
<params>1048576</params>
|
|
</step>
|
|
</preprocessing>
|
|
</item>
|
|
<item>
|
|
<name>Disk utilization</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::diskPercentUsage.0</snmp_oid>
|
|
<key>diskPercentUsage</key>
|
|
<delay>5m</delay>
|
|
<history>45d</history>
|
|
<trends>150d</trends>
|
|
<units>%</units>
|
|
<applications>
|
|
<application>
|
|
<name>Memory</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{avg(5m)}>{$DISK_UTIL_MAX}</expression>
|
|
<recovery_mode>RECOVERY_EXPRESSION</recovery_mode>
|
|
<recovery_expression>{avg(5m)}<({$DISK_UTIL_MAX}-5)</recovery_expression>
|
|
<name>Disk utilization high</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service dns status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::dnsService.0</snmp_oid>
|
|
<key>dnsService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service dns status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service drouting status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::droutingService.0</snmp_oid>
|
|
<key>droutingService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service drouting status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Firmware version</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::xg-firewallVersion.0</snmp_oid>
|
|
<key>firewallVersion</key>
|
|
<delay>1h</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<value_type>CHAR</value_type>
|
|
<description>Version of Intrusion Detection and Prevention (IDP)</description>
|
|
<applications>
|
|
<application>
|
|
<name>Inventory</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{diff()}=1</expression>
|
|
<recovery_mode>NONE</recovery_mode>
|
|
<name>Firmware version changed</name>
|
|
<priority>INFO</priority>
|
|
<description>Ack to manual close</description>
|
|
<manual_close>YES</manual_close>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service ftp status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::ftpService.0</snmp_oid>
|
|
<key>ftpService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service ftp status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Alert: ftpVirus</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::ftpVirus.0</snmp_oid>
|
|
<key>ftpVirus</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>0</expression>
|
|
<name>Alert: ftpVirus</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service garner status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::garnerService.0</snmp_oid>
|
|
<key>garnerService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service garner status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Alert: dgd gwLiveDead</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::gwLiveDead.0</snmp_oid>
|
|
<key>gwLiveDead</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>0</expression>
|
|
<name>Alert: dgd gwLiveDead</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>HA mode</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::haMode.0</snmp_oid>
|
|
<key>haMode</key>
|
|
<delay>5m</delay>
|
|
<history>45d</history>
|
|
<trends>150d</trends>
|
|
<description>Textual Convention: HaModeType
|
|
Values: standalone(1), active-passive(2), active-active(3)</description>
|
|
</item>
|
|
<item>
|
|
<name>Service ha status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::haService.0</snmp_oid>
|
|
<key>haService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service ha status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Alert: highCpuUsage</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::highCpuUsage.0</snmp_oid>
|
|
<key>highCpuUsage</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
</item>
|
|
<item>
|
|
<name>Alert: highDiskUsage</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::highDiskUsage.0</snmp_oid>
|
|
<key>highDiskUsage</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
</item>
|
|
<item>
|
|
<name>Alert: highMemUsage</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::highMemUsage.0</snmp_oid>
|
|
<key>highMemUsage</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
</item>
|
|
<item>
|
|
<name>Service http status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::httpService.0</snmp_oid>
|
|
<key>httpService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service http status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Alert: httpVirus</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::httpVirus.0</snmp_oid>
|
|
<key>httpVirus</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>0</expression>
|
|
<name>Alert: httpVirus</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Alert: dos icmpFlood</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::icmpFlood.0</snmp_oid>
|
|
<key>icmpFlood</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>0</expression>
|
|
<name>Alert: dos icmpFlood</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Alert: idpAlert</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::idpAlert.0</snmp_oid>
|
|
<key>idpAlert</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>0</expression>
|
|
<name>Alert: idpAlert</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service idp status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::idpService.0</snmp_oid>
|
|
<key>idpService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service idp status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>IDP version</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::idpVersion.0</snmp_oid>
|
|
<key>idpVersion</key>
|
|
<delay>1h</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<value_type>CHAR</value_type>
|
|
<description>Version of Intrusion Detection and Prevention (IDP)</description>
|
|
<applications>
|
|
<application>
|
|
<name>Inventory</name>
|
|
</application>
|
|
</applications>
|
|
</item>
|
|
<item>
|
|
<name>Service imap4 status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::imap4Service.0</snmp_oid>
|
|
<key>imap4Service</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service imap4 status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Alert: imap4Virus</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::imap4Virus.0</snmp_oid>
|
|
<key>imap4Virus</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>0</expression>
|
|
<name>Alert: imap4Virus</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Memory capacity</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::memoryCapacity.0</snmp_oid>
|
|
<key>memoryCapacity</key>
|
|
<delay>1h</delay>
|
|
<history>2w</history>
|
|
<trends>150d</trends>
|
|
<units>B</units>
|
|
<applications>
|
|
<application>
|
|
<name>Memory</name>
|
|
</application>
|
|
</applications>
|
|
<preprocessing>
|
|
<step>
|
|
<type>MULTIPLIER</type>
|
|
<params>1048576</params>
|
|
</step>
|
|
</preprocessing>
|
|
</item>
|
|
<item>
|
|
<name>Memory utilization</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::memoryPercentUsage.0</snmp_oid>
|
|
<key>memoryPercentUsage</key>
|
|
<history>45d</history>
|
|
<trends>150d</trends>
|
|
<units>%</units>
|
|
<applications>
|
|
<application>
|
|
<name>Memory</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{avg(5m)}>{$MEMORY_UTIL_MAX}</expression>
|
|
<recovery_mode>RECOVERY_EXPRESSION</recovery_mode>
|
|
<recovery_expression>{avg(5m)}<({$MEMORY_UTIL_MAX}-5)</recovery_expression>
|
|
<name>Memory utilization high</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service network status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::networkService.0</snmp_oid>
|
|
<key>networkService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service network status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service ntp status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::ntpService.0</snmp_oid>
|
|
<key>ntpService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service ntp status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Alert: csc opcodeFail</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::opcodeFail.0</snmp_oid>
|
|
<key>opcodeFail</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>0</expression>
|
|
<name>Alert: csc opcodeFail</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service pop3 status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::pop3Service.0</snmp_oid>
|
|
<key>pop3Service</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service pop3 status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Alert: pop3Virus</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::pop3Virus.0</snmp_oid>
|
|
<key>pop3Virus</key>
|
|
<delay>3m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>0</expression>
|
|
<name>Alert: pop3Virus</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Alert: csc serviceFail</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::serviceFail.0</snmp_oid>
|
|
<key>serviceFail</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>0</expression>
|
|
<name>Alert: csc serviceFail</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service smtp status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::smtpService.0</snmp_oid>
|
|
<key>smtpService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service smtp status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service sshd status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::sshdService.0</snmp_oid>
|
|
<key>sshdService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service sshd status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service sslvpn status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::sslvpnService.0</snmp_oid>
|
|
<key>sslvpnService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service sslvpn status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Swap capacity</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::swapCapacity.0</snmp_oid>
|
|
<key>swapCapacity</key>
|
|
<delay>1h</delay>
|
|
<history>2w</history>
|
|
<trends>150d</trends>
|
|
<units>B</units>
|
|
<applications>
|
|
<application>
|
|
<name>Memory</name>
|
|
</application>
|
|
</applications>
|
|
<preprocessing>
|
|
<step>
|
|
<type>MULTIPLIER</type>
|
|
<params>1048576</params>
|
|
</step>
|
|
</preprocessing>
|
|
</item>
|
|
<item>
|
|
<name>Swap utilization</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::swapPercentUsage.0</snmp_oid>
|
|
<key>swapPercentUsage</key>
|
|
<delay>5m</delay>
|
|
<history>45d</history>
|
|
<trends>150d</trends>
|
|
<units>%</units>
|
|
<applications>
|
|
<application>
|
|
<name>Memory</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{avg(5m)}>{$SWAP_UTIL_MAX}</expression>
|
|
<recovery_mode>RECOVERY_EXPRESSION</recovery_mode>
|
|
<recovery_expression>{avg(5m)}<({$SWAP_UTIL_MAX}-5)</recovery_expression>
|
|
<name>Swap utilization high</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Alert: dos synFlood</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::synFlood.0</snmp_oid>
|
|
<key>synFlood</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>0</expression>
|
|
<name>Alert: dos synFlood</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Alert: dos tcpFlood</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::tcpFlood.0</snmp_oid>
|
|
<key>tcpFlood</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>0</expression>
|
|
<name>Alert: dos tcpFlood</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Service tomcat status</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::tomcatService.0</snmp_oid>
|
|
<key>tomcatService</key>
|
|
<delay>5m</delay>
|
|
<history>2w</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Services</name>
|
|
</application>
|
|
</applications>
|
|
<valuemap>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
</valuemap>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>4 and {last()}<>7</expression>
|
|
<name>Service tomcat status is not running</name>
|
|
<priority>AVERAGE</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
<item>
|
|
<name>Alert: dos udpFlood</name>
|
|
<type>SNMP_AGENT</type>
|
|
<snmp_oid>XG-FIREWALL-MIB::udpFlood.0</snmp_oid>
|
|
<key>udpFlood</key>
|
|
<delay>30m</delay>
|
|
<history>30d</history>
|
|
<trends>0</trends>
|
|
<applications>
|
|
<application>
|
|
<name>Alerts</name>
|
|
</application>
|
|
</applications>
|
|
<triggers>
|
|
<trigger>
|
|
<expression>{last()}<>0</expression>
|
|
<name>Alert: dos udpFlood</name>
|
|
<priority>HIGH</priority>
|
|
</trigger>
|
|
</triggers>
|
|
</item>
|
|
</items>
|
|
<macros>
|
|
<macro>
|
|
<macro>{$CPU_UTIL_MAX}</macro>
|
|
<value>95</value>
|
|
</macro>
|
|
<macro>
|
|
<macro>{$DISK_UTIL_MAX}</macro>
|
|
<value>85</value>
|
|
</macro>
|
|
<macro>
|
|
<macro>{$MEMORY_UTIL_MAX}</macro>
|
|
<value>85</value>
|
|
</macro>
|
|
<macro>
|
|
<macro>{$SNMP_COMMUNITY}</macro>
|
|
<value>public</value>
|
|
</macro>
|
|
<macro>
|
|
<macro>{$SWAP_UTIL_MAX}</macro>
|
|
<value>85</value>
|
|
</macro>
|
|
</macros>
|
|
</template>
|
|
</templates>
|
|
<graphs>
|
|
<graph>
|
|
<name>System: CPU usage</name>
|
|
<ymin_type_1>FIXED</ymin_type_1>
|
|
<ymax_type_1>FIXED</ymax_type_1>
|
|
<graph_items>
|
|
<graph_item>
|
|
<drawtype>GRADIENT_LINE</drawtype>
|
|
<color>FF0000</color>
|
|
<item>
|
|
<host>Template_Sophos_XG_FW</host>
|
|
<key>cpuPercentUsage</key>
|
|
</item>
|
|
</graph_item>
|
|
</graph_items>
|
|
</graph>
|
|
<graph>
|
|
<name>System: Disk usage</name>
|
|
<ymin_type_1>FIXED</ymin_type_1>
|
|
<ymax_type_1>FIXED</ymax_type_1>
|
|
<graph_items>
|
|
<graph_item>
|
|
<drawtype>GRADIENT_LINE</drawtype>
|
|
<color>4000FF</color>
|
|
<item>
|
|
<host>Template_Sophos_XG_FW</host>
|
|
<key>diskPercentUsage</key>
|
|
</item>
|
|
</graph_item>
|
|
</graph_items>
|
|
</graph>
|
|
<graph>
|
|
<name>System: Memory usage</name>
|
|
<ymin_type_1>FIXED</ymin_type_1>
|
|
<ymax_type_1>FIXED</ymax_type_1>
|
|
<graph_items>
|
|
<graph_item>
|
|
<drawtype>GRADIENT_LINE</drawtype>
|
|
<color>1A7C11</color>
|
|
<item>
|
|
<host>Template_Sophos_XG_FW</host>
|
|
<key>memoryPercentUsage</key>
|
|
</item>
|
|
</graph_item>
|
|
<graph_item>
|
|
<sortorder>1</sortorder>
|
|
<color>F63100</color>
|
|
<item>
|
|
<host>Template_Sophos_XG_FW</host>
|
|
<key>swapPercentUsage</key>
|
|
</item>
|
|
</graph_item>
|
|
</graph_items>
|
|
</graph>
|
|
</graphs>
|
|
<value_maps>
|
|
<value_map>
|
|
<name>XG-FIREWALL-MIB::serviceStatus</name>
|
|
<mappings>
|
|
<mapping>
|
|
<value>1</value>
|
|
<newvalue>untouched</newvalue>
|
|
</mapping>
|
|
<mapping>
|
|
<value>2</value>
|
|
<newvalue>stopped</newvalue>
|
|
</mapping>
|
|
<mapping>
|
|
<value>3</value>
|
|
<newvalue>initializing</newvalue>
|
|
</mapping>
|
|
<mapping>
|
|
<value>4</value>
|
|
<newvalue>running</newvalue>
|
|
</mapping>
|
|
<mapping>
|
|
<value>5</value>
|
|
<newvalue>exiting</newvalue>
|
|
</mapping>
|
|
<mapping>
|
|
<value>6</value>
|
|
<newvalue>dead</newvalue>
|
|
</mapping>
|
|
<mapping>
|
|
<value>7</value>
|
|
<newvalue>unregistered</newvalue>
|
|
</mapping>
|
|
</mappings>
|
|
</value_map>
|
|
</value_maps>
|
|
</zabbix_export>
|