SNMPv3 Trap processing
search cancel

SNMPv3 Trap processing

book

Article ID: 315755

calendar_today

Updated On:

Products

VMware Smart Assurance

Issue/Introduction

Symptoms:

How to configure a Trap Receiver to Process SNMPv3 Traps?
The current documentation to create a seedfile for the Smarts Trap Adapter, for use with SNMPv3 traps does not specify the fact that each seedfile entry must be on a single line.


Environment

Smarts - 10.1.x

Cause

SNMPv3 traps require additional authentication steps to process it internally.  The document shows a multi-line entry in the seedfile in the example for readability, however the trap adapter requires each seedfile entry to be on a single line to avoid parsing the seedfile incorrectly.

Resolution

Step 1.  Use sm_edit to make entry in seedfile located in <SAMBase>/smarts/conf/icoi

      (IP Address)
     SNMPVERSION=V3
     USER=<username>
     AUTHPROTOCOL=SHA
     AUTHPASS=<Authpassword>
     PRIVPROTOCOL=AES
     PRIVPASS=<Privpassword>
     ENGINEID=

NOTE: Format of the seed file must have a host IP, or Name and the information above as needed on a single line.
 
Opening the seed file with sm_edit, the seed file should look like this example before saving, after saving the AUTHPASS and the PRIVPASS will be encrypted as a function of the first line in the seed file that is required for encryption.

#<encrypted seed>:1.0:AUTHPASS,PRIVPASS
172.155.100.148 USER=CISCO16 SNMPVERSION=V3 AUTHPROTOCOL=SHA AUTHPASS=ovb+14u PRIVPROTOCOL=DES PRIVPASS=cisco200k ENGINEID=0000A3D10864C000386DED7F
172.155.101.134 SER=CISCO10 SNMPVERSION=V3 AUTHPROTOCOL=SHA AUTHPASS=ovb+24u PRIVPROTOCOL=DES PRIVPASS=cisco201k ENGINEID=0000A3D10864C000386DAAAF

NOTE: You cannot use the "=" in the password field, currently testing what special characters are allow in the password field.
Also, the seedfile uses the colon ' : " as a a delimiter for specifying multiple host IP/ host names, hence : is not allowed in password field.

 

Step 2. Create a trap definition, enable DEBUG and LOGGING (for treoubleshooting) in trap_mgr.conf:
    

    BEGIN_TRAP .1.3.6.1.4.1.41263.1 6 1
     EventName: TestTrap
     ClassName: Host
     InstanceName: $SYS$
     SysNameOrAddr: $SYS$
     Expiration: 60
     State: NOTIFY
     UnknownAgent: CREATE
     EventType: MOMENTARY
     ClearOnAcknowledge: TRUE
     LogFile: TestTrap.log
     EventText: $V1$, $V2$, $V3$
    END_TRAP

 

Step 3. Adjust the <Basedir>/smarts/conf/trapd/trapd.conf file to forward traps to trap adapter or respective trap receiver.
     FORWARD: * .1.3.6.1.4.1.41263.* * * -nosmtrapaddr localhost:9101

Optional - (Force seed file to be loaded)
Step 4. Start Trap Receiver/Exploder (ensure that OI is running before starting TA) and subscribe SAM to OI.

      ./sm_trapd --name=TRAP-EXPLODER --config=trapd --port=1602 --rules=default --output=TRAP-EXPLODER.log --daemon --loglevel=Critical --loglevel=Alert --seed=seedfile 
     ./sm_trapd --name=TRAP-RECEIVER --server= OI --config=icoi --port=9101 --model=sm_actions --daemon --output=TRAP- RECEIVER.log --rules=icoi-trapd/trap_mgr_parse.asl --seed=seedfile 

  

Step 5. Import the seedfile into the Local Credentials Database.

     ./sm_adapter -s TRAP-EXPLODER -D seed=seedfile trapd/importSeedFile.asl
     ./sm_adapter -s TRAP-RECEIVER -D seed=seedfile trapd/importSeedFile.asl


Step 6. Send test trap:

     ./sm_snmp -d (TE IP address) -p 1602 -s 3 -u <username> -e 1234567890ABCDEF -a SHA -b AES -x (authpass password) -y (privpass password) trap (IP address of source device as in step 1)  .1.3.6.1.4.1.41263.1 6 1 0 .1.3.6.1.4.1.41263.1.1.1 s "Varbind_1" .1.3.6.1.4.1.41263.1.1.2 s "Varbind_2" .1.3.6.1.4.1.41263.1.1.3 s "Varbind_3"

Attachments

SAM Patform adapter guide.pdf get_app
Powered by Wolken Software