SNMPv3 Trap processing
Article ID: 315755
Updated On:
Products
Issue/Introduction
Symptoms:
How to configure a Trap Receiver to Process SNMPv3 Traps?
The current documentation to create a seedfile for the Smarts Trap Adapter, for use with SNMPv3 traps does not specify the fact that each seedfile entry must be on a single line.
Environment
All Supported Smarts versions
Cause
SNMPv3 traps require additional authentication steps to process it internally. The document shows a multi-line entry in the seedfile in the example for readability, however the trap adapter requires each seedfile entry to be on a single line to avoid parsing the seedfile incorrectly.
Resolution
Step 1. Use sm_edit to make entry in seedfile located in <SAMBase>/smarts/conf/icoi
<IP Address>
SNMPVERSION=V3
USER=<username>
AUTHPROTOCOL=SHA
AUTHPASS=<Authpassword>
PRIVPROTOCOL=AES
PRIVPASS=<Privpassword>
ENGINEID=NOTE: Format of the seed file must have a host IP, or Name and the information above as needed on a single line.
NOTE: The seedfile is used to populate sm_trapd with snmp v3 credentials for trap processing, hence the EngineID is needed and is required to be unique as per the RFC standards (external link: rfc3411).
Opening the seed file with sm_edit, the seed file should look like this example before saving, after saving the AUTHPASS and the PRIVPASS will be encrypted as a function of the first line in the seed file that is required for encryption.
#<encrypted seed>:1.0:AUTHPASS,PRIVPASS
<IP Address> USER=<User Name> SNMPVERSION=V3 AUTHPROTOCOL=SHA AUTHPASS=<Authentication Password> PRIVPROTOCOL=DES PRIVPASS=<Previlage Password> ENGINEID=<Engine ID>
<IP Address> USER=<User Name> SNMPVERSION=V3 AUTHPROTOCOL=SHA AUTHPASS=<Authentication Password> PRIVPROTOCOL=DES PRIVPASS=<Previlage Password> ENGINEID=<Engine ID>NOTE: You cannot use the "=" in the password field, currently testing what special characters are allow in the password field.
Also, the seedfile uses the colon ' : " as a a delimiter for specifying multiple host IP/ host names, hence : is not allowed in password field.
Step 2. Create a trap definition, enable DEBUG and LOGGING (for treoubleshooting) in trap_mgr.conf:
BEGIN_TRAP <OID Number> <Generic Type> <Specific Type>
EventName: TestTrap
ClassName: Host
InstanceName: $SYS$
SysNameOrAddr: $SYS$
Expiration: <Numeric Value>
State: NOTIFY
UnknownAgent: CREATE
EventType: MOMENTARY
ClearOnAcknowledge: TRUE
LogFile: <Log file to print output>
EventText: $V1$, $V2$, $V3$
END_TRAP
Step 3. Adjust the <Basedir>/smarts/conf/trapd/trapd.conf file to forward traps to trap adapter or respective trap receiver.
FORWARD: * <OID value> * * -nosmtrapaddr localhost:9101
Optional - (Force seed file to be loaded)
Step 4. Start Trap Receiver/Exploder (ensure that OI is running before starting TA) and subscribe SAM to OI.
./sm_trapd --name=<Trap Exploder Name> --config=trapd --port=<Port Number> --rules=default --output=<Output log file name> --daemon --loglevel=Critical --loglevel=Alert --seed=seedfile
./sm_trapd --name=<Trap Receiver Name> --server=<OI domain name> --config=icoi --port=<Port Number> --model=sm_actions --daemon --output=<Output log file name> --rules=icoi-trapd/trap_mgr_parse.asl --seed=seedfile
Step 5. Import the seedfile into the Local Credentials Database.
./sm_adapter -s <Trap Exploder Name> -D seed=<seedfile name> trapd/importSeedFile.asl
./sm_adapter -s <Trap Receiver Name> -D seed=<seedfile name> trapd/importSeedFile.asl
Step 6. Send test trap:
./sm_snmp -d <Trap Exploder IP address> -p <Port Number -s 3 -u <username> -e 1234567890ABCDEF -a SHA -b AES -x <Authentication Password> -y <Privilage Password) trap <IP address of source device as in step 1> .1.3.6.1.4.1.41263.1 6 1 0 .1.3.6.1.4.1.41263.1.1.1 s "Varbind_1" .1.3.6.1.4.1.41263.1.1.2 s "Varbind_2" .1.3.6.1.4.1.41263.1.1.3 s "Varbind_3"
Attachments
Feedback
