SNMPv3

You can enable Moogsoft AIOps to receive SNMP Traps by configuring a Trap LAM to monitor SNMP-enabled devices.

Moogsoft AIOps uses a MIB (management information base) file to process SNMP Traps sent from your SNMP application. The latest version of SNMP is SNMPv3.

Before You Begin

Before you enable SNMPv3, ensure you have met the following requirements:

  • You have generated the engine ID of your SNMP application in hexadecimal format.

  • Ensure port 162, the default SNMP Trap/UDP port, is available and open to any firewalls.

  • You have parsed any MIB files into JSON format using themibparserutility from $MOOGSOFT_HOME/bins/utils. Each MIB file defines what data can be retrieved from each SNMP device.

Enable SNMPv3 in the Trap LAM Configuration

Enable SNMPv3 and its associated security features as follows:

  1. Edit $MOOGSOFT_HOME/config/trapd_lam.conf.

  2. Configure the parameters to meet your requirements:

    Parameter

    Value

    Description

    usm_file

    String

    Path to your User-based Security Model (USM) file, the mechanism that allows you to authenticate and encrypt messages. Uncomment and enter the path if you want to use SNMPv3. The default location is$MOOGSOFT_HOME/config/trapd_usm.conf

    mib_db_file

    String

    Path to your MIB database file. Uncomment and enter the path of your parsed MIB file. This is optional. If not provided, the Trap LAM parses the MIBs in $MOOGSOFT_HOME/etc/mibs/ at startup.

    local_engine_id

    Hexadecimal String

    Engine ID of the SNMP monitor that sends Inform messages to your Trap LAM . If you do not provide a value for this, SNMP v3 support will not be enabled. You must provide a value for this parameter in order to enable SNMP v3 support.

  3. Save the changes and close the file.

See the example of a trapd_lam.conf file with SNMPv3 enabled:

{
    config :
    {
        monitor:
        {
            name            : "Trap Monitor",
            class           : "CTrapMonitor",
            trap_port       : 162,
            concurrency     : 5,
            name_resolution : true,
            event_ack_mode : "queued_for_processing",
            mib_db_file : "$MOOGSOFT_HOME/etc/precompiledMibs.json",
                        usm_file: "$MOOGSOFT_HOME/config/trapd_usm.conf",
                        local_engine_id: "56e8663492"
        },

Configure the SNMPv3 Users

You can configure the authentication and privacy combination, as well as the security protocols of your users, as follows:

  1. Edit $MOOGSOFT_HOME/config/trapd_usm.conf.

  2. Create your users. Use the noAuthNoPriv-user, authNoPriv-user,authPriv-user and inform-user examples as a template.

  3. Enter values for the available security parameters:

    Parameter

    Value

    Description

    engine-id

    Integer

    Unique identifier for the SNMP application.

    This is optional. If no value is entered it uses the local_engine_id from the Trap LAM configuration file.

    auth-protocol

    String

    Identifier of the authentication protocol.

    Available options are MD5 or SHA-1. See MD5 and SHA-1 for information.

    auth-passphrase

    String

    Password for the authentication protocol.

    priv-protocol

    String

    Identifier of the privacy protocol.

    Available options are DES, 3DES, AES-128, AES-192 and AES-256. See DES, 3DES and AES for information.

    Note: AES-192 and AES-256 need to be based on Blumenthal key localization.

    priv-passphrase

    String

    Password for the privacy protocol.

  4. Save the changes and close the file.

The Trap LAM monitors the configured USM file and picks up any changes automatically. You do not need to restart the LAM to add or remove users.

SNMPv3 User Security Options

SNMPv3 supports three authentication and privacy combinations:

  • noAuthNoPriv - You not need to authenticate or encrypt SNMP messages.

  • authNoPriv - You must authenticate but not encrypt SNMP messages.

  • authPriv - You must authenticate and encrypt SNMP messages.