Moogsoft Docs

SNMPv3

You can enable Moogsoft AIOps to receive SNMP Traps by configuring a Trap LAM to monitor SNMP-enabled devices.

Moogsoft AIOps uses a MIB (management information base) file to process SNMP Traps sent from your SNMP application . The latest version of SNMP is SNMPv3. See SNMP Overview for more information .

Before You Begin

Before you enable SNMPv3, ensure you have met the following requirements:

  • You have generated the engine ID of your SNMP application in hexadecimal format.
  • Ensure port 162, the default SNMP Trap/UDP port, is available and open to any firewalls.
  • You have parsed any MIB files into JSON format using the mibparser utility from $MOOGSOFT_HOME/bins/utils . Each MIB file defines what data can be retrieved from each SNMP device.

Enable SNMPv3 in the Trap LAM Configuration

Enable SNMPv3 and its associated security features as follows :

  1. Edit $MOOGSOFT_HOME/config/trapd_lam.conf .
  2. Configure the parameters to meet your requirements:

    Parameter Value Description
    usm_fi le String Path to your User-based Security Model (USM) file, the mechanism that allows you to authenticate and encrypt messages. Uncomment and enter the path if you want to use SNMPv3. The default location is $MOOGSOFT_HOME/config/trapd_usm.conf
    mib_db_file String Path to your MIB database file. Uncomment and enter the path of your parsed MIB file. This is optional. If not provided, the Trap LAM parses the MIBs in $MOOGSOFT_HOME/etc/mibs/ at startup.
    local_engine_id Hexadecimal String Engine ID of the SNMP monitor that sends Inform messages to your Trap LAM . This is optional. If not provided, the Trap LAM uses the default 6D6F6F67736F6674 .
  3. Save the changes and close the file.

See the example of a trapd_lam.conf file with SNMPv3 enabled:

{
    config :
    {
        monitor:
        {
            name            : "Trap Monitor",
            class           : "CTrapMonitor",
            trap_port       : 162,
            concurrency     : 5,
            name_resolution : true,
            event_ack_mode : "queued_for_processing",
            mib_db_file : "$MOOGSOFT_HOME/etc/precompiledMibs.json",
			usm_file: "$MOOGSOFT_HOME/config/trapd_usm.conf",
			local_engine_id: "56e8663492"
        },

Configure the SNMPv3 Users

You can configure the authentication and privacy combination, as well as the security protocols of your users, as follows:

  1. Edit $MOOGSOFT_HOME/config/trapd_usm.conf .
  2. Create your users. Use the noAuthNoPriv-user , authNoPriv-user, authPriv-user and inform-user examples as a template.

  3. Enter values for the available security parameters:

    Parameter Value Description
    engine-id

    Integer

    Unique identifier for the SNMP application.

    This is optional. If no value is entered it uses the local_engine_id from the Trap LAM configuration file.

    auth-protocol String

    Identifier of the authentication protocol.

    Available options are MD5 or SHA-1. See MD5 and SHA-1 for information.

    auth-passphrase

    String Password for the authentication protocol.

    priv-protocol

    String

    Identifier of the privacy protocol.

    Available options are DES, 3DES, AES-128, AES-192 and AES-256. See DES , 3DES and AES for information.

    priv-passphrase

    String Password for the privacy protocol.
  4. Save the changes and close the file .

The Trap LAM monitors the configured USM file and picks up any changes automatically. You do not need to restart the LAM to add or remove users.