Skip to main content

Hi Team,

Can you please help me with a NQE Query to get SNMP configured IPs on Fortinet Devices. 

Team, Can someone pls help ?


@VarunS - A few questions:
1. What type of Fortinet device?​​​​​​​​​​​​​  2. Would you mind providing an example output of the configuration your seeking?  


The SNMP configuration for the Fortinet device may not be in the config file that we collect from the device.

If not, you would first have to run a custom command on Fortinet devices such as “show full-configuration”.

Once you have configured the custom command and run a collection, you can use an NQE query similar to the following to list all the SNMP servers for each device.

pattern =
```
config system snmp community
edit {number}
set name {string}
set status enable
config hosts
edit {number}
set source-ip 0.0.0.0
set ip {serverIp:string} {ipSubnet:string}
```;

getServerIps(blocks) =
foreach match in blockMatches(blocks, pattern)
select { serverIp: match?.data?.serverIp, ipSubnet: match?.data?.ipSubnet };

foreach device in network.devices
where device.platform.os == OS.FORTINET
foreach command in device.outputs.commands
where command.commandText == "show full-configuration"
let blocks = parseConfigBlocks(OS.FORTINET, command.response)
select {
device: device.name,
os: device.platform.os,
"SNMP Server IPs": (foreach subnet in getServerIps(blocks)
select subnet.serverIp + " " + subnet.ipSubnet)
}

Keep in mind that the configuration for your device may very, requiring additional changes to the pattern in the NQE query.


Reply