Fortigate IPS Intrusions detected stats (#14857)

* Update fortigate.yaml

* Use IPS stats table

* Update fortigate.yaml

* Update fortigate.yaml

* Update fortigate.yaml

* Update fortigate.yaml

* Update fortigate.yaml

* Test data

* Update fortigate_ips.snmprec

* Potential for multiple entries.

Further testing found some firewalls with multiple table entries.

* cleanup display

* Update fortigate.yaml

* Update fortigate.yaml

* Update fortigate.yaml

* Update Testdata

includes/definitions/discovery/fortigate.yaml

@@ -31,6 +31,7 @@ modules:
                         - fgVpnTunEntPhase1Name
                         - fgVpnTunEntPhase2Name
                         - fgVpnTunEntRemGwyIp
+                        - fgVdEntName
         state:
             data:
                 -
@@ -143,7 +144,78 @@ modules:
                     descr: 'Monitor Jitter {{ $fgLinkMonitorName }}'
                     group: Link monitor
                     index: 'fgLinkMonitorJitter.{{ $index }}'
-
+                -
+                    oid: fgIpsStatsTable
+                    value: fgIpsIntrusionsDetected
+                    num_oid: '.1.3.6.1.4.1.12356.101.9.2.1.1.1.{{ $index }}'
+                    descr: '{{ $fgVdEntName }} IPS Intrusions Detected'
+                    group: IPS
+                    index: 'fgIpsIntrusionsDetected.{{ $index }}'
+                    rrd_type: COUNTER
+                -
+                    oid: fgIpsStatsTable
+                    value: fgIpsIntrusionsBlocked
+                    num_oid: '.1.3.6.1.4.1.12356.101.9.2.1.1.2.{{ $index }}'
+                    descr: '{{ $fgVdEntName }} IPS Intrusions Blocked'
+                    group: IPS
+                    index: 'fgIpsIntrusionsBlocked.{{ $index }}'
+                    rrd_type: COUNTER
+                -
+                    oid: fgIpsStatsTable
+                    value: fgIpsCritSevDetections
+                    num_oid: '.1.3.6.1.4.1.12356.101.9.2.1.1.3.{{ $index }}'
+                    descr: '{{ $fgVdEntName }} IPS Severity Critical Detected'
+                    group: IPS
+                    index: 'fgIpsCritSevDetections.{{ $index }}'
+                    rrd_type: COUNTER
+                -
+                    oid: fgIpsStatsTable
+                    value: fgIpsHighSevDetections
+                    num_oid: '.1.3.6.1.4.1.12356.101.9.2.1.1.4.{{ $index }}'
+                    descr: '{{ $fgVdEntName }} IPS Severity High Detected'
+                    group: IPS
+                    index: 'fgIpsHighSevDetections.{{ $index }}'
+                    rrd_type: COUNTER
+                -
+                    oid: fgIpsStatsTable
+                    value: fgIpsMedSevDetections
+                    num_oid: '.1.3.6.1.4.1.12356.101.9.2.1.1.5.{{ $index }}'
+                    descr: '{{ $fgVdEntName }} IPS Severity Medium Detected'
+                    group: IPS
+                    index: 'fgIpsMedSevDetections.{{ $index }}'
+                    rrd_type: COUNTER
+                -
+                    oid: fgIpsStatsTable
+                    value: fgIpsLowSevDetections
+                    num_oid: '.1.3.6.1.4.1.12356.101.9.2.1.1.6.{{ $index }}'
+                    descr: '{{ $fgVdEntName }} IPS Severity Low Detected'
+                    group: IPS
+                    index: 'fgIpsLowSevDetections.{{ $index }}'
+                    rrd_type: COUNTER
+                -
+                    oid: fgIpsStatsTable
+                    value: fgIpsInfoSevDetections
+                    num_oid: '.1.3.6.1.4.1.12356.101.9.2.1.1.7.{{ $index }}'
+                    descr: '{{ $fgVdEntName }} IPS Severity Informational Detected'
+                    group: IPS
+                    index: 'fgIpsInfoSevDetections.{{ $index }}'
+                    rrd_type: COUNTER
+                -
+                    oid: fgIpsStatsTable
+                    value: fgIpsSignatureDetections
+                    num_oid: '.1.3.6.1.4.1.12356.101.9.2.1.1.8.{{ $index }}'
+                    descr: '{{ $fgVdEntName }} IPS Signature Detected'
+                    group: IPS
+                    index: 'fgIpsSignatureDetections.{{ $index }}'
+                    rrd_type: COUNTER
+                -
+                    oid: fgIpsStatsTable
+                    value: fgIpsAnomalyDetections
+                    num_oid: '.1.3.6.1.4.1.12356.101.9.2.1.1.9.{{ $index }}'
+                    descr: '{{ $fgVdEntName }} IPS Anomaly Detected'
+                    group: IPS
+                    index: 'fgIpsAnomalyDetections.{{ $index }}'
+                    rrd_type: COUNTER
         signal:
             data:
                 -

tests/snmpsim/fortigate_ips.snmprec

@@ -0,0 +1,33 @@
+
+1.3.6.1.2.1.1.2.0|6|1.3.6.1.4.1.12356.101.1.1000
+1.3.6.1.4.1.12356.101.4.1.1.0|4|v6.4.8,build1914,211117 (GA)
+1.3.6.1.4.1.12356.101.4.8.1.0|2|2
+1.3.6.1.4.1.12356.101.4.8.2.1.1.1|2|1
+1.3.6.1.4.1.12356.101.4.8.2.1.2.1|4|lhm-am7
+1.3.6.1.4.1.12356.101.4.8.2.1.3.1|2|0
+1.3.6.1.4.1.12356.101.4.8.2.1.4.1|4|4.102
+1.3.6.1.4.1.12356.101.4.8.2.1.5.1|4|0.092
+1.3.6.1.4.1.12356.101.4.8.2.1.6.1|70|34769755
+1.3.6.1.4.1.12356.101.4.8.2.1.7.1|70|34736903
+1.3.6.1.4.1.12356.101.4.8.2.1.8.1|4|0.000%
+1.3.6.1.4.1.12356.101.4.8.2.1.9.1|4|root
+1.3.6.1.4.1.12356.101.9.2.1.1.1.1|65|47376
+1.3.6.1.4.1.12356.101.9.2.1.1.1.5|65|0
+1.3.6.1.4.1.12356.101.9.2.1.1.2.1|65|4760
+1.3.6.1.4.1.12356.101.9.2.1.1.2.5|65|0
+1.3.6.1.4.1.12356.101.9.2.1.1.3.1|65|815
+1.3.6.1.4.1.12356.101.9.2.1.1.3.5|65|0
+1.3.6.1.4.1.12356.101.9.2.1.1.4.1|65|3739
+1.3.6.1.4.1.12356.101.9.2.1.1.4.5|65|0
+1.3.6.1.4.1.12356.101.9.2.1.1.5.1|65|333
+1.3.6.1.4.1.12356.101.9.2.1.1.5.5|65|0
+1.3.6.1.4.1.12356.101.9.2.1.1.6.1|65|495
+1.3.6.1.4.1.12356.101.9.2.1.1.6.5|65|0
+1.3.6.1.4.1.12356.101.9.2.1.1.7.1|65|41994
+1.3.6.1.4.1.12356.101.9.2.1.1.7.5|65|0
+1.3.6.1.4.1.12356.101.9.2.1.1.8.1|65|47376
+1.3.6.1.4.1.12356.101.9.2.1.1.8.5|65|0
+1.3.6.1.4.1.12356.101.9.2.1.1.9.1|65|3105002
+1.3.6.1.4.1.12356.101.9.2.1.1.9.5|65|0
+1.3.6.1.4.1.12356.101.3.2.1.1.2.1|4|root
+1.3.6.1.4.1.12356.101.3.2.1.1.2.5|4|Wifi