Generating Raw MIB OID from a Policy

You can generate a raw MIB OID from a policy. You can also monitor the session number associated with the policy and other policy MIB tables.

For example, consider a policy called test. Monitor the session number associated with the policy.

[edit]from-zone untrust to-zone trust {policy test {match {source-address any;destination-address any;application any;}then {permit;count;}}}

To monitor a session number associated with a policy:

Identify the OID of the policy's session number.
user@host> show snmp mib walk jnxJsPolicyName | match test
```
jnxJsPolicyName.7.117.110.116.114.117.115.116.5.116.114.117.115.116.4.116.101.115.116 = test
```
In the above output, the index of the policy is 7.117.110.116.114.117.115.116.5.116.114.117.115.116.4.116.101.115.116; the policy name is test; and the MIB table name is jnxJsPolicyName.
With the index, verify that both the from-zone and the to-zone match the configuration. Enter the show snmp mib get command.
user@host> show snmp mib get jnxJsPolicyFromZone.7.117.110.116.114.117.115.116.5.116.114.117.115.116.4.116.101.115.116
```
jnxJsPolicyFromZone.7.117.110.116.114.117.115.116.5.116.114.117.115.116.4.116.101.115.116 = untrust
```
user@host> show snmp mib get jnxJsPolicyToZone.7.117.110.116.114.117.115.116.5.116.114.117.115.116.4.116.101.115.116
```
jnxJsPolicyToZone.7.117.110.116.114.117.115.116.5.116.114.117.115.116.4.116.101.115.116 = trust
```
Perform a mandatory from-zone and to-zone match check to avoid a scenario where there is a policy with the same name but the from-zone or the to-zone is different.
After performing both the from-zone and the to-zone match checks, ensure that 7.117.110.116.114.117.115.116.5.116.114.117.115.116.4.116.101.115.116 is the index of the policy called test in various policy MIB tables.
Monitor the session number using the following command:
[edit]
user@host# set system log-vital add jnxJsPolicyStatsNumSessions.7.117.110.116.114.117.115.116.5.116.114.117.115.116.4.116.101.115.116 comment “sess num of policy test”
The output of the configuration is:
```
===========
sess num of policy test				100
===========
```

To monitor other policy MIB tables:

Combine a MIB table’s name with the index.
Monitor the session setup rate for the test policy using the command:
[edit]
set system log-vital add jnxJsPolicyStatsSessionRate.7.117.110.116.114.117.115.116.5.116.114.117.115.116.4.116.101.115.116 comment “sess setup rate of policy test”
The output of the configuration is:
```
===========
sess setup rate of policy test				233
===========
```