SKYHIGHSECURITY-SWG-MIB DEFINITIONS ::= BEGIN

    -- Title:         SKYHIGHSECURITY-SWG-MIB
    --
    -- Version:       2.0 Jun 15, 2021
    -- Author:        Skyhigh Security GmbH
    --
    -- Comments:      MIB for Skyhigh Secure Web Gateway 
    --                - MIB-II  ( RFC1213 )
    
    IMPORTS
        MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32,
		Gauge32, Counter32, Counter64, IpAddress, mib-2, NOTIFICATION-TYPE
        FROM SNMPv2-SMI
        enterprises FROM RFC1155-SMI
        OBJECT-TYPE
        FROM RFC-1212
        DisplayString, PhysAddress
        FROM RFC1213-MIB
        TRAP-TYPE
        FROM RFC-1215
		swgGATEWAY
        FROM SKYHIGHSECURITY-SMI;


swg MODULE-IDENTITY
        LAST-UPDATED	"202106150000Z" -- Jun 15, 2021
        ORGANIZATION
                "Skyhigh Security LLC"
        CONTACT-INFO
                "email: support@skyhighsecurity.com"
        DESCRIPTION
                "Skyhigh Secure Web Gateway MIB definitions"
        REVISION "202106150000Z" -- Jun 15, 2021
		DESCRIPTION
				"Add http/2 support"
		    REVISION "201411100000Z" -- Nov 10, 2014
		DESCRIPTION
				"Add memory consumption value"
        REVISION "201410070000Z" -- Oct 07, 2014
		DESCRIPTION
				"Fix trap notification enums"
        REVISION "201305210000Z" -- May 22, 2013
		DESCRIPTION
				"Add values for performance measurement"
        REVISION "201112010000Z" -- Dec 01, 2011
		DESCRIPTION
				"Mark stBadReputation as obsolete"
        REVISION "201101110000Z" -- Jan 11, 2011
		DESCRIPTION
				"Add some more statistical values and descriptions"
        REVISION "201004260000Z" -- Apr 26, 2010
		DESCRIPTION
				"Add build number to version information"
        REVISION "201002190000Z" -- Feb 29, 2010
        DESCRIPTION
                "Minor RFC related compatiblility changes in the mib"
        REVISION     "200910130000Z" -- Oct 13, 2009
        DESCRIPTION
                "Initial version"
        ::= { swgGATEWAY 7 }

  
    -- groups for swg
    
	swgInfo          OBJECT IDENTIFIER ::= { swg 1 }
	swgStatistics    OBJECT IDENTIFIER ::= { swg 2 }
	swgTraps         OBJECT IDENTIFIER ::= { swg 4 }
	swgContent       OBJECT IDENTIFIER ::= { swgStatistics 1 }
	swgHttp          OBJECT IDENTIFIER ::= { swgStatistics 2 }
	swgHttps         OBJECT IDENTIFIER ::= { swgStatistics 3 }
	swgFTP           OBJECT IDENTIFIER ::= { swgStatistics 4 }
	swgMiscellaneous OBJECT IDENTIFIER ::= { swgStatistics 5 }
	swgHttp2         OBJECT IDENTIFIER ::= { swgStatistics 6 }
    
    -- the swgInfo group
    
	kProductName OBJECT-TYPE
        SYNTAX  DisplayString (SIZE (0..128))
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "Product name"
        ::= { swgInfo 1 }
    
    kCompanyName OBJECT-TYPE
        SYNTAX  DisplayString (SIZE (1..20))
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "Company holding the copyright on this product"
        ::= { swgInfo 2 }

	kProductVersion OBJECT-TYPE
        SYNTAX  DisplayString (SIZE (1..64))
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
			"String representation of the product version"
        ::= { swgInfo 3 }

	kMajorVersion  OBJECT-TYPE
		SYNTAX  Integer32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION	
			"Major version number"
		::= { swgInfo 4 }
	
	kMinorVersion  OBJECT-TYPE
		SYNTAX  Integer32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Minor version number"
		::= { swgInfo 5 }
	
	kMicroVersion  OBJECT-TYPE
		SYNTAX  Integer32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Micro version number"
		::= { swgInfo 6 }
	
	kHotfixVersion  OBJECT-TYPE
		SYNTAX  Integer32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Hotfix version number"
		::= { swgInfo 7 }
	
	kCustomVersion  OBJECT-TYPE
		SYNTAX  Integer32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Custom  version number"
		::= { swgInfo 8 }
	
	kRevision  OBJECT-TYPE
        SYNTAX  DisplayString (SIZE (1..20))
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"SVN revision number"
		::= { swgInfo 9 }

	kBuildNumber  OBJECT-TYPE
        SYNTAX  Integer32
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"BUILD number"
		::= { swgInfo 10 }

-- EngineVersions

	swgEngineVersions OBJECT IDENTIFIER ::= { swgInfo 20 }

	pAMEngineVersion OBJECT-TYPE
        SYNTAX  DisplayString (SIZE (1..20))
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Version of the Skyhigh Secure Anti-Malware Engine for Gateway"
		::= { swgEngineVersions 1 }

	pAMSignatureVersion OBJECT-TYPE
        SYNTAX  DisplayString (SIZE (1..20))
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Version of the Skyhigh Secure Anti-Malware Signature File (obsolete)"
		::= { swgEngineVersions 2 }

	pMFEEngineVersion OBJECT-TYPE
        SYNTAX  DisplayString (SIZE (1..20))
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Version of the Skyhigh Secure Anti-Malware Engine"
		::= { swgEngineVersions 3 }

	pMFEDATVersion OBJECT-TYPE
        SYNTAX  DisplayString (SIZE (1..20))
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Version of the Skyhigh Security DATs"
		::= { swgEngineVersions 4 }


	pAMProactiveVersion OBJECT-TYPE
        SYNTAX  DisplayString (SIZE (1..20))
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Version of the ProActive database"
		::= { swgEngineVersions 5 }

	pTSDBVersion OBJECT-TYPE
        SYNTAX  DisplayString (SIZE (1..20))
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Version of TrustedSource"
		::= { swgEngineVersions 6 }

-- Statistics

	stBadReputation  OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS obsolete
		DESCRIPTION
				"This statistic value is obsolete and should no longer be used"
		::= { swgContent 1 }

	stMalwareDetected OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
				"Number of infections detected by the Skyhigh Secure Gateway Antimalware Engine"
		::= { swgContent 2 }

	stConnectionsLegitimate	OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of connections that not have been blocked"
		::= { swgContent 3 }

	stBlockedByAntiMalware	OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of connections blocked by Anti-Malware"
		::= { swgContent 4 }

	stConnectionsBlocked	OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of blocked connections"
		::= { swgContent 5 }

	stBlockedByMediaFilter	OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of connections that have been blocked by the Media-Type filter"
		::= { swgContent 6 }

	stBlockedByURLFilter	OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of connection that have been blocked by the URL filter"
		::= { swgContent 7 }

	stMimeType  OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
				"Number of media types detected by the Media Type filter"
		::= { swgContent 8 }

	stCategories   OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
				"Number of categories detected by the URL filter"
		::= { swgContent 9 }

	stCategoriesTable OBJECT-TYPE
    	SYNTAX     SEQUENCE OF StCategoriesEntry
    	MAX-ACCESS not-accessible
    	STATUS     current
    	DESCRIPTION
           "A table containing the categories detected by the URL filter"
    	::= { swgContent 10 }

	stCategoriesEntry OBJECT-TYPE
    	SYNTAX     StCategoriesEntry
    	MAX-ACCESS not-accessible
    	STATUS     current
    	DESCRIPTION
           "An entry containing information about a categorys name and counter."
    	INDEX   { stCategoryName }
		::= { stCategoriesTable 1 }

	StCategoriesEntry ::= SEQUENCE {
		stCategoryName   DisplayString,
		stCategoryCount  Counter64
		}

	stCategoryName   OBJECT-TYPE
		SYNTAX  DisplayString (SIZE (0..128))
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
				"Name of the category"
		::= { stCategoriesEntry 1 }

	stCategoryCount   OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
				"Number of times the URL filter detected this category"
		::= { stCategoriesEntry 2 }


-- HTTP

	stHttpRequests  OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of HTTP requests"
		::= { swgHttp 1 }

	stHttpTraffic OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"Number of bytes transferred between proxy and server(s) using the HTTP protocol"
		::= { swgHttp 2 }

	stHttpBytesFromClient OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from client to proxy using the HTTP protocol"
		::= { swgHttp 3 }

	stHttpBytesFromServer OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from server to proxy using the HTTP protocol"
		::= { swgHttp 4 }

	stHttpBytesToClient OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from proxy to client(s) using the HTTP protocol"
		::= { swgHttp 5 }

	stHttpBytesToServer OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from proxy to server(s) using the HTTP protocol"
		::= { swgHttp 6 }

-- HTTPS

	stHttpsRequests  OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of HTTPS requests"
		::= { swgHttps 1 }

	stHttpsTraffic OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred between proxy and server(s) using the HTTPS protocol"
		::= { swgHttps 2 }

	stHttpsBytesFromClient OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from client(s) to proxy using the HTTPS protocol"
		::= { swgHttps 3 }

	stHttpsBytesFromServer OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from server(s) to proxy using the HTTPS protocol"
		::= { swgHttps 4 }

	stHttpsBytesToClient OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from proxy to client(s) and proxy using the HTTPS protocol"
		::= { swgHttps 5 }

	stHttpsBytesToServer OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from proxy to server(s) and proxy using the HTTPS protocol"
		::= { swgHttps 6 }

	-- HTTP/2
	stHttp2Requests  OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of HTTP2 requests"
		::= { swgHttp2 1 }

	stHttp2Traffic OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred between proxy and server(s) using the HTTP2 protocol"
		::= { swgHttp2 2 }

	stHttp2BytesFromClient OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from client(s) to proxy using the HTTP2 protocol"
		::= { swgHttp2 3 }

	stHttp2BytesFromServer OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from server(s) to proxy using the HTTP2 protocol"
		::= { swgHttp2 4 }

	stHttp2BytesToClient OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from proxy to client(s) and proxy using the HTTP2 protocol"
		::= { swgHttp2 5 }

	stHttp2BytesToServer OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from proxy to server(s) and proxy using the HTTP2 protocol"
		::= { swgHttp2 6 }

-- FTP

	stFtpTraffic OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transmitted between proxy and server(s) using the FTP protocol"
		::= { swgFTP 1 }

	stFtpBytesFromClient OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from proxy to client(s) using the FTP protocol"
		::= { swgFTP 2 }

	stFtpBytesFromServer OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from server(s) to proxy using the FTP protocol"
		::= { swgFTP 3 }

	stFtpBytesToClient OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from proxy to client(s) using the FTP protocol"
		::= { swgFTP 4 }

	stFtpBytesToServer OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
			"Number of bytes transferred from proxy to server(s) using the FTP protocol"
		::= { swgFTP 5 }

-- Miscellaneous
		
	stCPULoad OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"Current overall CPU usage in percent"
		::= { swgMiscellaneous 1 }
	
	stClientCount  OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"Currently connected clients"
		::= { swgMiscellaneous 2 } 
		
	stConnectedSockets OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"Number of open network sockets in use by the proxy"
		::= { swgMiscellaneous 3 } 

-- Additional counters for performance measurement and system monitoring

	stCPULoadRaw OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"Load value 1 minute average"
		::= { swgMiscellaneous 4 } 

	
	stCPUIOWait OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"I/O wait value in percent"
		::= { swgMiscellaneous 5 } 

	
	stResolveHostViaDNS OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"Time to resolve DNS in ms"
		::= { swgMiscellaneous 6 } 
	
	stTimeConsumedByRuleEngine OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"Average time used by the rule engine in ms"
		::= { swgMiscellaneous 7 } 

	stTimeForTransaction OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"Average time for transaction in ms"
		::= { swgMiscellaneous 8 } 

	stHandleConnectToServer OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"Connect to Server"
		::= { swgMiscellaneous 9 } 
	

	stFirstSentFirstReceivedClient OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"First byte received from client until first byte sent back"
		::= { swgMiscellaneous 10 } 
	
	stLastSentLastReceivedClient OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"Last byte received from client until last byte sent back"
		::= { swgMiscellaneous 11 } 
	
	stFirstSentFirstReceivedServer OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"First byte sent to server until first byte received"
		::= { swgMiscellaneous 12 } 
	
	stLastSentLastReceivedServer OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"Last byte sent to server until last byte received"
		::= { swgMiscellaneous 13 } 
	
	stLastSentFirstReceivedServer OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"Last byte sent to server until first byte received"
		::= { swgMiscellaneous 14 } 
	
	stMemConsumed OBJECT-TYPE
		SYNTAX  Counter64
		MAX-ACCESS read-only
		STATUS current
		DESCRIPTION
		"Virtual memory consumption of the main processes divided by RAM + half of SWAP space. Projected to 0-100."
		::= { swgMiscellaneous 15 } 
	

-- Traps
   
	trSystem NOTIFICATION-TYPE
     OBJECTS {
	 		 notifyOrigin,
			 notifyOriginName,
			 notifySeverity,
			 notifyReason,
			 notifyReasonString,
			 notifyAffectedHost,
			 notifyAdditional
             }
     STATUS             current
     DESCRIPTION
        "Traps that are generated by a system event"
     ::= { swgTraps 1 }

	trApplication NOTIFICATION-TYPE
     OBJECTS {
	 		 notifyOrigin,
			 notifyOriginName,
			 notifySeverity,
			 notifyReason,
			 notifyReasonString,
			 notifyAffectedHost,
			 notifyAdditional
             }
     STATUS             current
     DESCRIPTION
        "Traps that are generated by an application system event"
     ::= { swgTraps 2 }

	trUser NOTIFICATION-TYPE
     OBJECTS {
			 notifyReason,
			 notifyReasonString,
			 notifyAffectedHost,
			 notifyAdditional
             }
     STATUS             current
     DESCRIPTION
        "User defined trap that indicates an event connected to a client IP"
     ::= { swgTraps 3 }


	swgTrapVariables    OBJECT IDENTIFIER ::= { swgTraps 10 }

	notifyOrigin OBJECT-TYPE
    SYNTAX Integer32
    MAX-ACCESS read-only
    STATUS current
	DESCRIPTION
		"Origin from where the notification has been send"
    ::= { swgTrapVariables 1 }

	notifyOriginName OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS read-only
    STATUS current
	DESCRIPTION
		"Name of the origin of the trap"
    ::= { swgTrapVariables 2 }

	notifySeverity OBJECT-TYPE
    SYNTAX  INTEGER {
    	    emergency(0),
    	    alert(1),
	    critical(2),
	    error(3),
	    warning(4),
	    notice(5),
      	    info(6),
	    debug(7)	
		}
	MAX-ACCESS read-only
	STATUS current
	DESCRIPTION
		"Severity of this notification"
    ::= { swgTrapVariables 3 }

	notifyReason OBJECT-TYPE
    SYNTAX Integer32
    MAX-ACCESS read-only
    STATUS current
	DESCRIPTION
		"Code to identify the notification"
    ::= { swgTrapVariables 4 }

	notifyReasonString OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS read-only
    STATUS current
	DESCRIPTION
		"Human readable string for the notification"
    ::= { swgTrapVariables 5 }

	notifyAffectedHost OBJECT-TYPE
    SYNTAX IpAddress
    MAX-ACCESS read-only
    STATUS current
	DESCRIPTION
		"Additional information if a remote host was involved in this message"
    ::= { swgTrapVariables 6 }

	notifyAdditional OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS read-only
    STATUS current
	DESCRIPTION
		"Additional information string"
    ::= { swgTrapVariables 7 }

END
    
    
