SNMP Agent
MITIGATOR comes with a built-in SNMP agent listening on port 1161. No community is configured by default.
SNMP metrics of all MITIGATOR instances are only available through the leader instance.
Metrics provided under OID 1.3.6.1.4.1.88778:
- MITIGATOR data ports (
ext*,int*) - MITIGATOR operation (resource utilization, protection statistics)
- Wireguard interface
wg0of cluster VPN (ingatewayservice container)
Access SNMP metrics
Create SNMP configuration file in the working directory /srv/mitigator:
echo "rocommunity $(tr -dc A-Za-z0-9 </dev/urandom | head -c 10)" | tee snmp.confGenerated value of rocommunity field is a de-facto password to access SNMP metrics.
Restart SNMP service:
docker-compose restart snmpExternal SNMP agent
To pass SNMP data into external SNMP agent via AgentX protocol,
set MITIGATOR_SNMP_AGENTX_ADDRESS environment variable in .env file
to the external SNMP agent IP address.
Restart fwstats after the change:
docker-compose up -d fwstatsPort configuration
By default, SNMP agent listens on 1161 port (TCP and UDP).
Set MITIGATOR_SNMP_PORT environment variable in .env file
to an alternative value to change the port.
The new port must not conflict with another SNMP agent
that may be running on the machine, e.g. the system SNMP agent.
Restart MITIGATOR after the change:
docker-compose down && docker-compose up -dRelated Content
- Blocking IP on MITIGATOR with Nginx and Fail2ban
- Challenge-response Authentication Module for HTTP/HTTPS
- Executing Scripts on Log Events
- Exporting Metrics to Prometheus
- FastNetMon Integration
- Integration with the Vestochka Notification Service
- MITIGATOR Challenge Response
- TCP Protection with ISN Synchronization
- Web Server Log Analyzer