Configure SNMP

Enable SNMP on the appliance to monitor the appliance from your existing Network Management System. You can configure an SNMP agent on the appliance so that the SNMP manager can poll the appliance to get the status of the supported OIDs using v2c or v3 queries. For more information on the supported OIDs, see Standard OIDs and Custom OIDs.

The appliance can also send trap notifications to the trap receiver in your network when SNMP traps are configured on the appliance.

Prerequisites

The following settings need to be configured before an appliance can start responding to SNMP queries.

Access the appliance console using ssh.
Log in using the nsadmin/nsappliance credentials. An nsshell opens.
Enter configure to enter the nsshell configure mode.
Configure the SNMP agent. See Configuring SNMP Agent.
Configure the SNMP traps. See Configuring SNMP Traps.

Configuring SNMP Agent

Configure the SNMP agent so that the appliance responds to SNMP queries from the SNMP manager. Run these commands:

set snmp agent enable true
set snmp agent syscontact <email address>
set snmp agent syslocation <location>

To poll the appliance using v2c queries, run:

set snmp agent v2c rocommunity-string <string value>
add snmp agent v2c allowed-network-list
set snmp agent v2c allowed-network-list 0 network <IP address of the SNMP agent>
save

To poll the appliance using v3 queries, run:

set snmp agent v3 engine-id <engine-id>
set snmp agent v3 usm auth username <username> key <passphrase> protocol [MD5|SHA]
set snmp agent v3 usm privacy protocol [AES|DES] key <passphrase>
save

The command descriptions are:

CLI Command		Description
`set snmp agent`	`enable`	Enable/Disable SNMP agent on the appliance. When set to `true`, the appliance must be configured as v2c or v3 agent.
	`syscontact`	Set the system contact information (admin email etc). For example, admin@localskope.local.
	`syslocation`	Set the system location. For example, "Los Altos HQ".
	`v2c rocommunity-string`	Provide a string value. The string configured here will be used in `snmpwalk`/`snmpget` commands from the SNMP manager to access the information exposed. If the value does not match the one configured, the relevant information will not be returned. It is used as access control in SNMPv2.
	`v2c allowed-network-list`	(Optional) Provide the list of hosts/subnets.
	`v3 engine-id`	(Optional) Set the engine identifier of the SNMP agent in hex format. For example, 0x0102030405.
	`v3 usm auth`	`username`	Set the username to authenticate a user with the SNMP agent.
		`key`	Set the password required to connect with the SNMP agent.
		`protocol`	Choose a hash function, "MD5" or "SHA" to store the data exchanged between the SNMP agent on the appliance and the SNMP manager.
	`v3 usm privacy`	`protocol`	(Optional) Choose an encryption type, "AES" or "DES" to encrypt the traffic between the SNMP agent on the appliance and the SNMP manager.
	`v3 usm privacy`	`key`	(Optional) Set the password required to access the encrypted data on the SNMP agent.

Configuring SNMP Traps

Configure SNMP traps on the appliance to send trap notifications to the SNMP trap receiver. Run these commands:

set snmp traps server <hostname or IP address>

To send SNMP v2c traps to the trap receiver, run:

set snmp traps v2c enable true
save

To send SNMP v3 traps to the trap receiver, run:

set snmp traps v3 enable true 
set snmp traps v3 use-agent-settings [true|false]
set snmp traps v3 engine-id <engine-id>
set snmp traps v3 usm auth username <username> key <passphrase> protocol [MD5|SHA]
set snmp traps v3 usm privacy protocol [AES|DES] key <passphrase>
save

The command descriptions are:

CLI Command		Description
`set snmp traps`	`server`	Provide the hostname or IP address of the SNMP trap receiver so that the appliance can send v2c or v3 traps.
	`v2c enable`	When set to `true`, the appliance sends v2c trap notifications to the trap receiver.
	`v3`	`enable`	When set to `true`, the appliance sends v3 trap notifications to the trap receiver.
		`use-agent-settings`	Set to `true` if you want to use the same v3 usm authentication and privacy configurations as the SNMP agent. Else, configure v3 usm authentication and privacy for the trap client on appliance.
		`engine-id`	Set the engine identifier of the trap client. This is required if `use-agent-settings` is not set.
	`v3 usm auth`	`username`	Set the username to authenticate a user with the trap client.
		`key`	(Optional) Set the password required to connect with the trap client.
		`protocol`	Choose a hash function, "MD5" or "SHA" to store the data exchanged between the trap client on the appliance and the trap receiver.
	`v3 usm privacy`	`protocol`	(Optional) Choose an encryption type, "AES" or "DES" to encrypt the traffic between the trap client on the appliance and the trap receiver.
	`v3 usm privacy`	`key`	(Optional) Set the password required to access the encrypted data on the appliance.

Standard OIDs

These are the standard OIDs.

OID	Description	Values
`SNMPv2-MIB::sysDescr`	Standard system description.	STRING: `Linux lcsnmp 4.4.0-21-generic #37-Ubuntu SMP Mon Apr 18 18:33:37 UTC 2016 x86_64`
`DISMAN-EVENT-MIB::sysUpTimeInstance`	Ticks since snmp agent has been up.	Timeticks: (2515) 0:00:25.15
`SNMPv2-MIB::sysName`	Hostname can be used for this. By default SNMP agent picks up the hostname.	Hostname set by CLI (`set system hostname`).
`SNMPv2-MIB::sysContact`	Standard SNMP configuration parameter.	Set by CLI: `set snmp agent syscontact`
`SNMPv2-MIB::sysLocation`	Standard SNMP configuration parameter.	Set by CLI: `set snmp agent syslocation`
`SNMPv2-MIB::sysObjectID`	Standard SNMP configuration parameter.	OID: `NET-SNMP-MIB::netSnmpAgentOIDs.10`
`HOST-RESOURCES-MIB::hrSystemUptime`	Actual system up time.	Timeticks: (381446115) 44 days, 3:34:21.15
`UCD-SNMP-MIB::systemStats`	System wide statistics.	CLI command: `snmpwalk -v 2c -c appliancecom172.18.78.228UCD-SNMP- MIB::systemStats`
`UCD-SNMP-MIB::memory`	Memory usage statistics.	CLI command: `snmpwalk -v 2c -c appliancecom172.18.78.228UCD-SNMP- MIB::memory`

Custom OIDs

The official Private Enterprise Number (PEN) assigned to Netskope from IANA (http://www.iana.org/ assignments/enterprise-numbers) is 48007.

OID	Description	Values
`enabledServices`	Different services that are enabled on the box. For example: Management Plane, OPLP, Forwarder, and so on.	Possible values are: `Management-Plane`, `Tap`, `Forwarder`, `Forward-Proxy`, `DNS-Proxy`, `PAC-Server`, `Log-Processing`, `OPLP`, and `Database`. Sample output: `[DNS-Proxy,PAC-Server,OPLP]`
`dataplaneStatus`	Mirroring DP health check. `configure> set dataplane healthcheck enable true`.	Integer values are: `1` = Down, `2` = Up, and `3` = Unknown
`managementplaneStatus`	If the appliance is connected to Management Plane or not. If connected, detailed monitoring status is available through the Management Plane.	Integer values are: `1` = Connected, `2` = Disconnected/Error condition, `3` = On Appliance, `4` = Unknown
`lastConnectedToMP`	The last time when there was a successful connection to the MP.	String as date-time. For example: `"Thu, 02 Jun 2016 21:28:27"`
`deviceStatus`	Represents the health of the appliance (as reported by the monitoring framework). If the device is a management plane appliance, the status represents the health of the services like Zookeeper, Kafka and Mongo. If the device is not management plane appliance, it represents the status of log management or any other relevant service for that mode.	Integer values are: `1` = Good, `2` = Bad `3` = Unknown

Here's the Netskope MIB file:

NETSKOPE-APPLIANCE-MIB DEFINITIONS ::= BEGIN

IMPORTS
        OBJECT-TYPE, NOTIFICATION-TYPE, enterprises, MODULE-IDENTITY
                    FROM SNMPv2-SMI
        NOTIFICATION-GROUP, OBJECT-GROUP, MODULE-COMPLIANCE
                    FROM SNMPv2-CONF
;

netskopeApplianceMIB MODULE-IDENTITY
    LAST-UPDATED "202301131558Z"
    ORGANIZATION "Netskope"
    CONTACT-INFO "nauman@netskope.com"
    DESCRIPTION "Netskope Custom OIDs"
    REVISION "202301131558Z"
    DESCRIPTION "Deleted eventflowNotification"
    REVISION "202212291713Z"
    DESCRIPTION "Added deviceAutoUpgradeStatusNotification"
    REVISION "202212051713Z"
    DESCRIPTION "Deprecated storageKafkaBrokerNotification, storageMysqlNotification, and storageMongoEventNotification"
    REVISION "202106031737Z"
    DESCRIPTION "Restructured NETSKOPE APPLIANCE MIB to include objects as traps"
    REVISION "200006140000Z"
    DESCRIPTION "MIB file to represent state of Netskope Appliance"
    ::= {netskopeAppliance 6}

netskopeAppliance   OBJECT IDENTIFIER ::= {enterprises 48007}
netskopeApplianceMIBNotifs  OBJECT IDENTIFIER ::= {netskopeApplianceMIB 0}
netskopeApplianceMIBNotifsGroups OBJECT IDENTIFIER ::= {netskopeApplianceMIB 1}
netskopeApplianceMIBObjects OBJECT IDENTIFIER ::= {netskopeApplianceMIB 2}
netskopeApplianceMIBGroups OBJECT IDENTIFIER ::= {netskopeApplianceMIB 3}

-- [= = = Administrative/Conformance = = =]
netskopeApplianceMIBConformance OBJECT IDENTIFIER ::= {netskopeApplianceMIB 4}

-- [= = = OIDs section = = =]

enabledServices OBJECT-TYPE
    SYNTAX OCTET STRING (SIZE(0..1024))
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION "Description of the modes the appliance is running in.
                 Example: [DNS-Proxy,OPLP]"
    ::= {netskopeApplianceMIBObjects 1}

dataplaneStatus OBJECT-TYPE
    SYNTAX INTEGER { up(1), down(2), unknown(3) }
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION "Status of dataplane if applicable"
    ::= {netskopeApplianceMIBObjects 2}

managementplaneStatus OBJECT-TYPE
    SYNTAX INTEGER { up(1), down(2), onbox(3), unknown(4) }
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION "Status of the appliance connection to MP.
                 Returns 2 if the box itself is the Management Plane."
    ::= {netskopeApplianceMIBObjects 3}

lastConnectedToMP OBJECT-TYPE
    SYNTAX OCTET STRING (SIZE(0..256))
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION "Timestamp when connection was made to MP last time.
                 Example: Sun, 26 Jun 2016 20:13:16"
    ::= {netskopeApplianceMIBObjects 4}

deviceStatus OBJECT-TYPE
    SYNTAX INTEGER { good(1), bad(2), unknown(3) }
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION "Status of the appliance as seen by the MP."
    ::= {netskopeApplianceMIBObjects 5}

-- [= = = Grouping OIDs = = =]

netskopeApplianceGroup OBJECT-GROUP
    OBJECTS {
                enabledServices,
                dataplaneStatus,
                managementplaneStatus,
                lastConnectedToMP,
                deviceStatus
            }
    STATUS current
    DESCRIPTION "Group of Netskope Appliance OIDs"
    ::= {netskopeApplianceMIBGroups 1}

-- [= = = Traps/Notifications section = = =]

mpConnectionNotification NOTIFICATION-TYPE
    OBJECTS { mpConnectionNotif }
    STATUS current
    DESCRIPTION "varbinds for mp connection notification"
    ::= {netskopeApplianceMIB 1}

deviceStatusNotification NOTIFICATION-TYPE
    OBJECTS { deviceStatusNotif }
    STATUS current
    DESCRIPTION "varbinds for device status notification"
    ::= {netskopeApplianceMIB 2}

deviceRebootNotification NOTIFICATION-TYPE
    OBJECTS { deviceRebootNotif }
    STATUS current
    DESCRIPTION "varbinds for device reboot notification"
    ::= {netskopeApplianceMIB 3}

storageRootNotification NOTIFICATION-TYPE
    OBJECTS { storageRootNotif }
    STATUS current
    DESCRIPTION "varbinds for storage root notification"
    ::= {netskopeApplianceMIB 4}

storageMongoInfraNotification NOTIFICATION-TYPE
    OBJECTS { storageMongoInfraNotif }
    STATUS current
    DESCRIPTION "varbinds for storage mongo infra notification"
    ::= {netskopeApplianceMIB 5}

storageLogNotification NOTIFICATION-TYPE
    OBJECTS { storageLogNotif }
    STATUS current
    DESCRIPTION "varbinds for storage log notification"
    ::= {netskopeApplianceMIB 6}

cfgagentConnectionNotification NOTIFICATION-TYPE
    OBJECTS { cfgagentConnectionNotif }
    STATUS current
    DESCRIPTION "varbinds for cfgaent connection notification"
    ::= {netskopeApplianceMIB 10}

filesNotUploaded24hNotification NOTIFICATION-TYPE
    OBJECTS { filesNotUploaded24hNotif }
    STATUS current
    DESCRIPTION "varbinds for filesNotUploaded24h notification"
    ::= {netskopeApplianceMIB 12}

filesNotUploaded48hNotification NOTIFICATION-TYPE
    OBJECTS { filesNotUploaded48hNotif }
    STATUS current
    DESCRIPTION "varbinds for filesNotUploaded48h notification"
    ::= {netskopeApplianceMIB 13}

filesNotPicked24hNotification NOTIFICATION-TYPE
    OBJECTS { filesNotPicked24hNotif }
    STATUS current
    DESCRIPTION "varbinds for filesNotPicked24h notification"
    ::= {netskopeApplianceMIB 14}

filesNotPicked48hNotification NOTIFICATION-TYPE
    OBJECTS { filesNotPicked48hNotif }
    STATUS current
    DESCRIPTION "varbinds for filesNotPicked24h notification"
    ::= {netskopeApplianceMIB 15}

threatfeedAgeNotification NOTIFICATION-TYPE
    OBJECTS { threatfeedAgeNotif }
    STATUS current
    DESCRIPTION "varbinds for threatfeed age notification"
    ::= {netskopeApplianceMIB 16}

authProxyStatusNotification NOTIFICATION-TYPE
    OBJECTS { authProxyStatusNotif }
    STATUS current
    DESCRIPTION "varbinds for authproxy status notification"
    ::= {netskopeApplianceMIB 17}

noEventsFromDeviceNotification NOTIFICATION-TYPE
    OBJECTS { noEventsFromDeviceNotif }
    STATUS current
    DESCRIPTION "varbinds for no events from device notification"
    ::= {netskopeApplianceMIB 18}

noMetricsFromDeviceNotification NOTIFICATION-TYPE
    OBJECTS { noMetricsFromDeviceNotif }
    STATUS current
    DESCRIPTION "varbinds for no metrics from device notification"
    ::= {netskopeApplianceMIB 19}

storageSecureStoreNotification NOTIFICATION-TYPE
    OBJECTS { storageSecureStoreNotif }
    STATUS current
    DESCRIPTION "varbinds for storage secure store notification"
    ::= {netskopeApplianceMIB 20}

storageUpgradeNotification NOTIFICATION-TYPE
    OBJECTS { storageUpgradeNotif }
    STATUS current
    DESCRIPTION "varbinds for storage upgrade notification"
    ::= {netskopeApplianceMIB 21}

callhomeConnectivityNotification NOTIFICATION-TYPE
    OBJECTS { callhomeConnectivityNotif }
    STATUS current
    DESCRIPTION "varbinds for callhome connectivity notification"
    ::= {netskopeApplianceMIB 22}

downloaderConnectivityNotification NOTIFICATION-TYPE
    OBJECTS { downloaderConnectivityNotif }
    STATUS current
    DESCRIPTION "varbinds for downloader connectivity notification"
    ::= {netskopeApplianceMIB 23}

configsvcConnectivityNotification NOTIFICATION-TYPE
    OBJECTS { configsvcConnectivityNotif }
    STATUS current
    DESCRIPTION "varbinds for config service connectivity notification"
    ::= {netskopeApplianceMIB 24}

uploadConnectivityNotification NOTIFICATION-TYPE
    OBJECTS { uploadConnectivityNotif }
    STATUS current
    DESCRIPTION "varbinds for upload connectivity notification"
    ::= {netskopeApplianceMIB 25}

loguploadConnectivityNotification NOTIFICATION-TYPE
    OBJECTS { loguploadConnectivityNotif }
    STATUS current
    DESCRIPTION "varbinds for logupload connectivity notification"
    ::= {netskopeApplianceMIB 26}

deviceAutoUpgradeStatusNotification NOTIFICATION-TYPE
    OBJECTS { deviceAutoUpgradeStatusNotif }
    STATUS current
    DESCRIPTION "varbinds for device auto upgrade status notification"
    ::= {netskopeApplianceMIB 27}

mpConnectionNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "MP Connection State Notification
                1 = Connected
                2 = Disconnected
                3 = The device itself is MP
                4 = Unknown"
    ::= {netskopeApplianceMIBNotifs 1}

deviceStatusNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Device State Change Notification
                1 = Healthy
                2 = Unhealthy: one or more services/functionality may be affected
                3 = Unknown"
    ::= {netskopeApplianceMIBNotifs 2}

deviceRebootNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Device Rebooted Notification
                 1 = Device rebooted"
    ::= {netskopeApplianceMIBNotifs 3}

storageRootNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Root partition usage Notification.
                 1 = Normal
                 2 = Medium
                 3 = High"
    ::= {netskopeApplianceMIBNotifs 4}

storageMongoInfraNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Mongo Infrastructure partition usage Notification.
                1 = Normal
                2 = Medium
                3 = High"
    ::= {netskopeApplianceMIBNotifs 6}

storageLogNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Log processor partition usage Notification.
                1 = Normal
                2 = Medium
                3 = High"
    ::= {netskopeApplianceMIBNotifs 7}

cfgagentConnectionNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Config agent connection status Notification.
                1 = Connection restored"
    ::= {netskopeApplianceMIBNotifs 12}

filesNotUploaded24hNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "File upload status Notification.
                1 = Success
                2 = At least 5 files not uploaded within last 24 hours"
    ::= {netskopeApplianceMIBNotifs 15}

filesNotUploaded48hNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "File upload status Notification.
                1 = Success
                2 = At least 5 files not uploaded within last 48 hours"
    ::= {netskopeApplianceMIBNotifs 16}

filesNotPicked24hNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "File picked status Notification.
                1 = Success
                2 = At least 1 file not uploaded within last 24 hours"
    ::= {netskopeApplianceMIBNotifs 17}

filesNotPicked48hNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "File picked status Notification.
                1 = Success
                2 = At least 1 files not uploaded within last 48 hours"
    ::= {netskopeApplianceMIBNotifs 18}

threatfeedAgeNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Threatfeed age status Notification.
                1 = Up to date
                2 = Outdated"
    ::= {netskopeApplianceMIBNotifs 23}

authProxyStatusNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Auth Proxy status Notification.
                1 = Running
                2 = Not running"
    ::= {netskopeApplianceMIBNotifs 24}

noEventsFromDeviceNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Event generation status Notification.
                1 = Events from device are being successfully sent
                2 = Events from device not received during last 24 hrs"
    ::= {netskopeApplianceMIBNotifs 25}

noMetricsFromDeviceNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Metrics generation status Notification.
                1 = Metrics from device are being successfully sent
                2 = Metrics from device are not received during last 6 hrs"
    ::= {netskopeApplianceMIBNotifs 26}

storageSecureStoreNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "SecureStore partition usage Notification.
                1 = Normal
                2 = Medium
                3 = High"
    ::= {netskopeApplianceMIBNotifs 27}

storageUpgradeNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Upgrade partition usage Notification.
                1 = Normal
                2 = Medium
                3 = High"
    ::= {netskopeApplianceMIBNotifs 28}

callhomeConnectivityNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Callhome service Connectivity Notification
                 1 = Reachable
                 2 = Not Reachable"
    ::= {netskopeApplianceMIBNotifs 29}

downloaderConnectivityNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Downloader Connectivity Notification
                 1 = Reachable
                 2 = Not Reachable"
    ::= {netskopeApplianceMIBNotifs 30}

configsvcConnectivityNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Config service Connectivity Notification
                 1 = Reachable
                 2 = Not Reachable"
    ::= {netskopeApplianceMIBNotifs 31}

uploadConnectivityNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Upload Connectivity Notification
                 1 = Reachable
                 2 = Not Reachable"
    ::= {netskopeApplianceMIBNotifs 32}

loguploadConnectivityNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Logupload Connectivity Notification
                 1 = Reachable
                 2 = Not Reachable"
    ::= {netskopeApplianceMIBNotifs 33}

deviceAutoUpgradeStatusNotif OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS accessible-for-notify
    STATUS current
    DESCRIPTION "Device Auto Upgrade Status Notification
                 1 = Success
                 2 = Failed"
    ::= {netskopeApplianceMIBNotifs 34}

-- [= = = Grouping Traps/Notifications = = =]

netskopeApplianceNotifGroup NOTIFICATION-GROUP
    NOTIFICATIONS {
                mpConnectionNotif,
                deviceStatusNotif,
                deviceRebootNotif,
                storageRootNotif,
                storageMongoInfraNotif,
                storageLogNotif,
                cfgagentConnectionNotif,
                filesNotUploaded24hNotif,
                filesNotUploaded48hNotif,
                filesNotPicked24hNotif,
                filesNotPicked48hNotif,
                threatfeedAgeNotif,
                authProxyStatusNotif,
                noEventsFromDeviceNotif,
                noMetricsFromDeviceNotif,
                storageSecureStoreNotif,
                storageUpgradeNotif,
                callhomeConnectivityNotif,
                downloaderConnectivityNotif,
                configsvcConnectivityNotif,
                uploadConnectivityNotif,
                loguploadConnectivityNotif,
                deviceAutoUpgradeStatusNotif
            }
    STATUS current
    DESCRIPTION "Group for Netskope Appliance Notifications"
    ::= {netskopeApplianceMIBNotifsGroups 1}

-- [= = = Conformance Information = = =]

netskopeApplianceMIBCompliances
    OBJECT IDENTIFIER ::= {netskopeApplianceMIBConformance 1}

netskopeApplianceMIBCompliance MODULE-COMPLIANCE
    STATUS current
    DESCRIPTION "The compliance statement for Netskope Appliance"
    MODULE  -- this module
    MANDATORY-GROUPS {
                netskopeApplianceGroup,
                netskopeApplianceNotifGroup
             }
    ::= { netskopeApplianceMIBCompliances 1}
END

SNMP Traps

Setup an SNMP traps receiver on your SNMP server to receive SNMP traps notifications from the appliance. The appliance uses the following SNMP traps notification OIDs.

OID	Description	Values
`mpConnectionNotif`	Whenever the management plane connection status changes, a notification will be sent to the trap server.	N/A
`deviceStatusNotif`	Whenever the device status changes, a notification will be sent to the trap server.	N/A

Make sure the daemon that receives the SNMP traps (snmptrapd) is running.

To set up the traps receiver,

On your SNMP server, go to the directory you want to use as your working directory. For example, cd /Users/snmpuser/.
Create a config file for snmptrapd (snmptrapd.conf), which just has one line.
```
cat snmptrapd.conf 
disableAuthorization yes
```
Start the snmptrapd.
```
sudo snmptrapd -f -Lo -c snmptrapd.conf
```
Note this system's IP address, which should be reachable from the appliance you want to send the traps from.
On the appliance, configure that IP address as snmp traps server and make sure SNMP is enabled.
```
set snmp traps server <hostname or IP address>
```
When the management plane connection state changes, you should see a notification on the SNMP server similar to:
```
2016-09-29 18:19:24 <UNKNOWN> [UDP: [192.168.64.36]:55034->[0.0.0.0]:0]:
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (28067711) 3 days, 5:57:57.11  
SNMPv2-MIB::snmpTrapOID.0 = OID: SNMPv2-SMI::enterprises.48007.5    
SNMPv2-SMI::enterprises.48007.5.1 = INTEGER: 0
```
Note the value after INTEGER: is 0, which reflects the current state of the management plane connection. Refer to managementplaneStatus in the Custom OIDs table for more value descriptions.

In this section:

Netskope Help