SNMP polling and alerting

Forcepoint appliances can issue alerts using SNMP trap data when integrated with a supported Security Information Event Management (SIEM) system. SNMP traps send alerts to system administrators about significant events that affect the security of the network.

In the CLI, the appliance can be configured to:

Allow your SNMP manager to poll the appliance for standard SNMP counters.
Send SNMP traps for selected events to your SNMP manager.

Support is included for SNMP v1, v2c, and v3.

With SNMP v1 and v2c, a suffix (-proxy, -web, -na, or -email) is appended to the community name to indicate the originating module for the counter.
With SNMP v3, you can specify the context name (Proxy, Web, NA, or Email) to poll counters for each module.
If you use v1 or v2c, you must specify the community name for the appliance. If you use v3, you must specify security level, user, authentication, and encryption type to associate with SNMP communication.

To enable polling:

set snmp service --status on
set snmp version --options <values>