Sorry for the late reply. Just simple SNMP v2.

Hey Steve,

No problem.

Try the following for SNMP v2:

curl -sk -H "Content-Type: application/json" -H "Authorization: Bearer <ACCESS TOKEN>" -X POST -d \
'{"type":"snmphost","name":"SNMPV2-POLLER","interface":{"type":"physicalinterface","name":"outside"},"managerAddress":{"type":"networkobject","name":"<NETWORK OBJECT NAME>"},"securityConfiguration":{"type":"snmpv2csecurityconfiguration","community":"<COMMUNITY STRING>"}}' \
https://<FDM-MGMT-IP>/api/fdm/latest/object/snmphosts | jq -r '.'

Kind regards,

Michael

Hey thanks for your reply. Unfortunately I can't set this as solved because I don't have access to the Firepower anymore. It's already delivered to our customer. And it sits there on the desk till we get some further information about an site-to-site vpn from another customer. I'll get back to your Post in a couple of weeks.

But thank you so much for your help.

Hey Steve. No problem at all

Hi Michael, i have the same problem but i have no idea about Rest API and how to use your script. Please, can you help me? Thank you,

Marcello

Hi Marcello,

Have a read through the following Cisco Firepower Threat Defense REST API guide to get started:

https://www.cisco.com/c/en/us/td/docs/security/firepower/ftd-api/guide/ftd-rest-api/ftd-rest-api-intro.html

Essentially you are just sending a cURL request to the FDM API to configure SNMPv2 programmatically.

You need to request an access token first and then submit this access token in the command I showed in my previous comment (i.e. replace <ACCESS TOKEN> with your access token)

<NETWORK OBJECT> needs to be replaced with a network object that contains the IP address of the SNMP poller.
<COMMUNITY STRING> needs to be replaced with a community string that you define.
<FDM-MGMT-IP> needs to be replaced with the FDM management IP

Kind regards,

Michael

Hi MIchael,

really thanks for your answer.

I need to use PRTG Network Monitor software for monitoring FTD and i don't understand what i have to do on the monitoring software (PRTG) and what on the FDM. I haven' t developer background and it's very difficult for me understand the needs. 

Regards

Marcello

I was able to run the script directly on the FDM device itself using python3 by just search and replacing the raw_input( ) python functions with just input( )

ssh admin@ftd.ip.address

admin@ftd.ip.address's password: [enter password]

Cisco Firepower Extensible Operating System (FX-OS) v2.10.1 (build 159)
Cisco Firepower 1010 Threat Defense v7.0.0.1 (build 15)

> expert

admin@MyFtd:~$ sudo su

Password: [enter password]
root@MyFtd:/home/admin# vi fdm-snmp-onbox.py

i  <-- "Insert" mode in vi

   [now paste the py file, first changing "raw_input" to "input"]

:s!  <-- this saves the file in vi

:q  <-- quit vi

root@MyFtd:/home/admin# python3 ./fdm-snmp-onbox.py

###########################################################
# CONFIGURE SNMP ON FDM #
###########################################################
Enter the username of the FTD: