Moogsoft Docs

SNMP Overview

Simple Network Management Protocol (SNMP) is an application-layer protocol used to manage and monitor network devices and their behaviour.

You can use SNMP, along with an associated Management Information Base (MIB), to send and receive trap-directed notifications. Moogsoft AIOps can use a Trap LAM to ingest Trap messages as alerts. This is beneficial for an operator responsible for a network with a large number of devices with multiple objects when it would be time consuming to poll each object on each device for an update.

SNMP Key Concepts

Some key concepts to understand when using SNMP include:

  • Trap - an SNMP message sent from one device to another, normally a remote host, when a change of state occurs. The issue with traps is there is no way to know if the remote host received the message.
  • Inform - an acknowledgement Trap message. Informs were added as part of SNMPv2. When a remote application receives an Inform, it sends back a response to acknowledge it was received.
  • MIB - A Management Information Base (MIB) is a virtual database of variables that describe conditions at an SNMP device.
  • SNMP user and engineID - The SNMPv3 database is referenced using a combination of the user's name and an engineID, a unique identifier for a given SNMP application.

SNMP Version Differences

There are three versions of SNMP. The differences between these protocols is as follows:

  • SNMPv1 - the original version of the SNMP protocol. It only supports 32-bit counters, trap messages and uses a simple authentication scheme with little security.
  • SNMPv2 - the second, improved version of SNMP is nearly identical to v1 but includes support for 64-bit counters and the addition of Inform messages.
  • SNMPv3 - the latest version of SNMP has enhanced security features with the additions of both authentication and encryption. Traps are rejected if the user does not exist in the user database. See SNMPv3 for information on configuration.

SNMPv3 Security Combinations

SNMPv3 supports three authentication and privacy combinations:

  • noAuthNoPriv - You not need to authenticate or encrypt SNMP messages.
  • authNoPriv - You must authenticate but not encrypt SNMP messages.
  • authPriv - You must authenticate and encrypt SNMP messages.