23.4 Querying For SNMP Attributes

To query any SNMP attribute the following details are needed:

  • IP Address of the Administration Console

  • The community string name

  • The Object Identifier (OID) of the attributeID

  • The IP address of the device - Identity Server or Access Gateway.

For example, consider a scenario where you want to query the memory utilization of an Identity Server with IP address 10.0.0.0. The query is issued to the Administration Console whose IP address is 192.168.0.0

You can perform the query either by using the OID or by using the namespace of the object.

If you are using the net-snmp package for monitoring, the equivalent command to retrieve memory utilization details are:

23.4.1 Querying Using the Namespace

snmpget -v2c -m /opt/volera/roma/conf/NAM.mib -c netiq 192.168.0.0 .iso.org.dod.internet.private.enterprises.netiq .mibdoc.namMIB.namStatistics.namComponents.namDevices.identityProvider.idpApplication.idpMemoryTable.idpMemoryEntry.idpMemory.10.0.0.0

NOTE:You must provide the exact path of the Access Manager mib file.

23.4.2 Querying Using the OID

snmpget -v2c -c netiq 192.168.0.0 .1.3.6.1.4.1.1691.2.100.1.1.1.1.1.1.1.1.10.0.0.0

In the same manner, you can query values of various attributes supported by the Identity Server and the Access Gateway.

Using the same example, if you query idpHealthEntry parameter by using the Namespace, the command is:

snmpget -v2c -m /opt/volera/roma/conf/NAM.mib -c netiq 192.168.0.0 .iso.org.dod.internet.private.enterprises.netiq.mibdoc.namMIB.namStatistics.namComponents.namDevices.identityProvider.idpApplication.idpMemoryTable.idpMemoryEntry.idpMemory.10.0.0.0

The idpApplication parameter is substituted with the idpHealthEntry attribute in the above example.

NOTE:You must provide the exact path of the Access Manager mib file.

Understanding Return Values of an SNMP Query

When an SNMP query is performed, it retrieves the last fetched data from the Administration Console. If the device is down or not reachable a negative value is retrieved.

For example: If you query for the idpHealthyEntry attribute, the value that is returned can be Red, Yellow, Green or NoReport.

NOTE:The return value of NoReport indicates a server that is disconnected or unavailable.