SNMP - BlueCat Integrity - 9.6.0

VM Installation Guide

Locale
English
Product name
BlueCat Integrity
Version
9.6.0

Simple Network Management Protocol (SNMP) allows a polling workstation or trap server to obtain data about devices on the network. This may include the almost real-time status of services, server functionality, and the security and service settings on the device.

Configuring SNMP service on DNS/DHCP Server

Example

#cloud-config
bluecat_service_config:
    payload: |
        {
            "version": "1.0.0",
            "services": {
                "snmp": {
                    "configurations": [
                        {
                            "snmpConfiguration": {
                                "enable": true,
                                "agentService": {
                                    "loglevel": "debug",
                                    "pollingPeriod": 156,
                                    "system": {
                                        "contact": "test@bluecatnetworks.com",
                                        "description": "Cloudinit - SNMPv1 test",
                                        "location": "Ontario",
                                        "name": "Cloudinit"
                                    },
                                    "v1": {
                                        "enable": true,
                                        "community": "bcnCommunityV1Test"
                                    },
                                    "v2c": {
                                        "enable": true,
                                        "community": "bcnCommunityV2Test"
                                    },
                                    "v3": {
                                        "enable": true,
                                        "securityLevel": "noauthNopriv",
                                        "username": "admin"
                                    }
                                }
                            }
                        }
                    ]
                }
            }
        }
Parameters
  • enable—set to true to enable SNMP service or SNMP trap service; set to false to disable SNMP service or SNMP trap service.
  • agentService—enter the configuration information to enable SNMP on DNS/DHCP Server.
    • loglevel—enter logging level of SNMP service. The value must be debug, info, warning, error, or critical.
    • pollingPeriod—specify the SNMP polling period in seconds. This value determines the frequency with which the SNMP daemon polls the DHCP service for updates to DHCP lease information.
    • system—enter the configuration information of the system.
      • contact—enter an e-mail address for the system contact to be reported through SNMP.
      • description—enter a brief description of the system to be reported through SNMP.
      • location—enter a description of the system’s location to be reported through SNMP.
      • name—enter the system name to be reported through SNMP.
    • v1—enter the configuration information to enable SNMPv1 protocol.
      • enable—set to true to enable SNMPv1 service; set to false to disable SNMPv1 service.
      • community—type the SNMP community string. This string is used to authenticate the polling request.
    • v2c—enter the configuration information to enable SNMPv2c protocol.
      • enable—set to true to enable SNMPv2c service; set to false to disable SNMPv2c service.
      • community—type the SNMP community string. This string is used to authenticate the polling request.
    • v3—enter the configuration information to enable SNMPv3 protocol.
      • enable—set to true to enable SNMPv3 service; set to false to disable SNMPv3 service.
      • securityLevel—select an SNMP security level. The value must be noauthNopriv, authNopriv, or authPriv.
      • username—type the SNMP username.
      • authtype—enter the authentication type. The value must be either MD5 or SHA. This field is only configured when using SNMP version 3 and authPriv or authNopriv as the security level.
      • authphrase—enter the authentication password for the SNMP user. This field is only configured when using SNMP version 3 and authPriv or authNopriv as the security level.
      • privtype—enter the encryption type. The value must be either DES or AES-128. This field is only configured when using SNMP version 3 and authPriv as the security level.
      • privphrase—enter the privacy authentication password used to encrypt the data. This field is only configured when using SNMP version 3 and authPriv as the security level.

Configuring SNMP Trap Service on DNS/DHCP Server

The trap server is the server to which DNS/DHCP Server communicates specified changes in its status by sending SNMP traps. Multiple trap servers can be configured to use SNMP version 1, 2c, or 3. This may be a different address from the SNMP polling server or manager address that's set up when enabling the service. In SNMPv3, trap messages must be authenticated with a trap server username and password.

Example
#cloud-config
bluecat_service_config:
    payload: |
        {
            "version": "1.0.0",
            "services": {
                "snmp": {
                    "configurations": [
                        {
                            "snmpConfiguration": {
                                "enable": true,
                                "trapService": {
                                    "trapServers": [
                                        {
                                            "address": 10.0.0.5,
                                            "port": 162,
                                            "enable": true,
                                            "v1": {
                                                "enable": true,
                                                "community": "bcnCommunityV1Test"
                                            },
                                            "v2c": {
                                                "enable": true,
                                                "community": "bcnCommunityV2Test"
                                            },
                                            "v3": {
                                                "enable": true,
                                                "securityLevel": "authPriv",
                                                "username": "admin",
                                                "authtype": "SHA",
                                                "authphrase": "authPassword",
                                                "privtype": "DES",
                                                "privphrase": "privPassword"
                                            }
                                        }
                                    ]
                                }
                            }
                        }
                    ]
                }
            }
        }
Parameters
  • trapService—enter the configuration information to enable SNMP trap service on DNS/DHCP Server.
    • trapServers—enter the configuration information for each SNMP trap server.
      • address—enter the IPv4 or IPv6 address of the SNMP trap server.
        Attention: Each SNMP trap server must have a unique IP address.
      • port—enter the value of the SNMP trap server port. By default, SNMP trap servers listen on port 162.
        Attention: The port value must be between 1 and 65534.
      • enable—set to true to enable the specific SNMP trap server; set to false to disable the specific SNMP trap server.
      • v1—enter the configuration information to enable SNMPv1 protocol.
        • enable—set to true to enable SNMPv1 service; set to false to disable SNMPv1 service.
        • community—type the SNMP community string. This string is used to authenticate the polling request.
      • v2c—enter the configuration information to enable SNMPv2c protocol.
        • enable—set to true to enable SNMPv2c service; set to false to disable SNMPv2c service.
        • community—type the SNMP community string. This string is used to authenticate the polling request.
      • v3—enter the configuration information to enable SNMPv3 protocol.
        • enable—set to true to enable SNMPv3 service; set to false to disable SNMPv3 service.
        • securityLevel—select an SNMP security level. The value must be noauthNopriv, authNopriv, or authPriv.
        • username—type the SNMP username.
        • authtype—enter the authentication type. The value must be either MD5 or SHA. This field is only configured when using SNMP version 3 and authPriv or authNopriv as the security level.
        • authphrase—enter the authentication password for the SNMP user. This field is only configured when using SNMP version 3 and authPriv or authNopriv as the security level.
        • privtype—enter the encryption type. The value must be either DES or AES-128. This field is only configured when using SNMP version 3 and authPriv as the security level.
        • privphrase—enter the privacy authentication password used to encrypt the data. This field is only configured when using SNMP version 3 and authPriv as the security level.