SNMPv3
You can enable Moogsoft Onprem to receive SNMP Traps by configuring a Trap LAM to monitor SNMP-enabled devices.
Moogsoft Onprem uses a MIB (management information base) file to process SNMP Traps sent from your SNMP application. The latest version of SNMP is SNMPv3.
Before You Begin
Before you enable SNMPv3, ensure you have met the following requirements:
You have generated the engine ID of your SNMP application in hexadecimal format.
Ensure port 162, the default SNMP Trap/UDP port, is available and open to any firewalls.
You have parsed any MIB files into JSON format using the
mibparserutility from$MOOGSOFT_HOME/bins/utils. Each MIB file defines what data can be retrieved from each SNMP device.
Enable SNMPv3 in the Trap LAM Configuration
Enable SNMPv3 and its associated security features as follows:
Edit
$MOOGSOFT_HOME/config/trapd_lam.conf.Configure the parameters to meet your requirements:
Parameter
Value
Description
usm_fileString
Path to your User-based Security Model (USM) file, the mechanism that allows you to authenticate and encrypt messages. Uncomment and enter the path if you want to use SNMPv3. The default location is
$MOOGSOFT_HOME/config/trapd_usm.confmib_db_fileString
Path to your MIB database file. Uncomment and enter the path of your parsed MIB file. This is optional. If not provided, the Trap LAM parses the MIBs in
$MOOGSOFT_HOME/etc/mibs/at startup.local_engine_idHexadecimal String
Engine ID of the SNMP monitor that sends Inform messages to your Trap LAM . If you do not provide a value for this, SNMP v3 support will not be enabled. You must provide a value for this parameter in order to enable SNMP v3 support.
Save the changes and close the file.
See the example of a trapd_lam.conf file with SNMPv3 enabled:
{
config :
{
monitor:
{
name : "Trap Monitor",
class : "CTrapMonitor",
trap_port : 162,
concurrency : 5,
name_resolution : true,
event_ack_mode : "queued_for_processing",
mib_db_file : "$MOOGSOFT_HOME/etc/precompiledMibs.json",
usm_file: "$MOOGSOFT_HOME/config/trapd_usm.conf",
local_engine_id: "56e8663492"
},Configure the SNMPv3 Users
You can configure the authentication and privacy combination, as well as the security protocols of your users, as follows:
Edit
$MOOGSOFT_HOME/config/trapd_usm.conf.Create your users. Use the
noAuthNoPriv-user,authNoPriv-user,authPriv-userandinform-userexamples as a template.Enter values for the available security parameters:
Parameter
Value
Description
engine-idInteger
Unique identifier for the SNMP application.
This is optional. If no value is entered it uses the
local_engine_idfrom the Trap LAM configuration file.auth-protocolString
Identifier of the authentication protocol.
Available options are MD5 or SHA-1. See MD5 and SHA-1 for information.
auth-passphraseString
Password for the authentication protocol.
priv-protocolString
Identifier of the privacy protocol.
Available options are DES, 3DES, AES-128, AES-192 and AES-256. See DES, 3DES and AES for information.
Note: AES-192 and AES-256 need to be based on Blumenthal key localization.
priv-passphraseString
Password for the privacy protocol.
Save the changes and close the file.
The Trap LAM monitors the configured USM file and picks up any changes automatically. You do not need to restart the LAM to add or remove users.
SNMPv3 User Security Options
SNMPv3 supports three authentication and privacy combinations:
noAuthNoPriv - You not need to authenticate or encrypt SNMP messages.
authNoPriv - You must authenticate but not encrypt SNMP messages.
authPriv - You must authenticate and encrypt SNMP messages.