Monitoring with SNMP

There is an SNMP agent installed on Guardium® systems, and read-only access is provided using the SNMP community name of guardiumsnmp.

When querying, a value of -1 (minus one) indicates a NULL in the database. The table at the end of this section lists the available SNMP OIDs.

SNMP Examples

From a Unix session, you can display SQL Guard SNMP information using the snmpget or snmpwalk commands. (Use snmpget -h or snmpwalk -h to display command syntax.) Various UI-based software packages are available for displaying SNMP information. Those alternatives are not described here.

Table 1. SNMP Examples
SNMP Examples

Disk space used and available:

> snmpget -v 2c -c guardiumsnmp UCD-SNMP-MIB::dskAvail.1

UCD-SNMP-MIB::dskAvail.1 = INTEGER: 1043856

> snmpget -v 2c -c guardiumsnmp UCD-SNMP-MIB::dskUsed.1

UCD-SNMP-MIB::dskUsed.1 = INTEGER: 914856


To list total memory and used memory:

> snmpget -v 2c -c guardiumsnmp


HOST-RESOURCES-MIB::hrStorageSize.101 = INTEGER: 2067352

> snmpget -v 2c -c guardiumsnmp HOST-RESOURCES-MIB::hrStorageUsed.101

HOST-RESOURCES-MIB::hrStorageUsed.101 = INTEGER: 1017548


To list the available memory:

> snmpwalk -v 2c -c guardiumsnmp memAvailReal

UCD-SNMP-MIB::memAvailReal.0 = INTEGER: 1049564


To list values relating to cpu usage:

> snmpwalk -v 2c -c guardiumsnmp ssCpuRawUser

UCD-SNMP-MIB::ssCpuRawUser.0 = Counter32: 89240

> snmpwalk -v 2c -c guardiumsnmp ssCpuRawSystem

UCD-SNMP-MIB::ssCpuRawSystem.0 = Counter32: 195310

> snmpwalk -v 2c -c guardiumsnmp ssCpuRawNice

UCD-SNMP-MIB::ssCpuRawNice.0 = Counter32: 11

Note: Adding the RawUser, RawSystem, and RawNice numbers provides a good approximation of total CPU usage.

> snmpwalk -v 2c -c guardiumsnmp ssCpuRawIdle

UCD-SNMP-MIB::ssCpuRawIdle.0 = Counter32: 26734332


Guardium SNMP OID

Table 2. Guardium SNMP OID
SNMP OID Description



Disk space available in / directory




Disk space available in /var directory




Disk space used in / directory




Disk space used in /var directory




Total memory available




Memory in use




Open monitored session count




Requests logged by the current sniffer process (set to zero for each restart)




Last session timestamp




Last construct timestamp




Memory used by the sniffer process




Packets in on ETH1/ out on ETH2; usually only one number (inbound) when a SPAN port or TAP is used




Packets in on ETH3/ out on ETH4; usually only one number (inbound) when a SPAN port or TAP is used




Packets in on ETH5/ out on ETH6; usually only one number (inbound) when a SPAN port or TAP is used


Other MIBs accessible in the machine are: SNMPv2-MIB, IF-MIB, RFC1213-MIB, and HOST-RESOURCES-MIB.