TUT:snmpd notification filtering

From Net-SNMP Wiki
Revision as of 16:27, 9 March 2010 by Rstory (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Note: This page still under construction!

By default snmpd will send all traps to all configured trapsinks/informsinks. While there is not yet a way to configure notification filtering via snmpd.conf, it can be configured via sets to the notification filtering MIB. See SNMP_notification_processing for an overview of notification processing.

notification destinations

configuring notification destinations

First lets take a quick refresher on configuring notification destinations.

trapsink

You can send SNMPv1 traps using the trapsink token. A non-standard port can be specified by adding the port after the host name or IP address. 

trapsink 127.0.0.1:1127 trapComm

trap2sink

You can send SNMPv2 traps using the trapsink token. A non-standard port can be specified by adding the port after the host name or IP address. 

trap2sink 192.168.1.99:1199 trapComm

informsink

You can send SNMPv2 informs, which the remote side should confirm, using the informsink token. A non-standard port can be specified by adding the port after the host name or IP address. 

informsink 192.1.68.88:1188 trapComm

trapsess

You can send SNMPv3 informs with full SNMPv3 security using the trapsess token. 

trapsess -r 0 -Ci -v 3 -u myuser -n "" -l authPriv -a MD5 -A myauthpass -x DES -X myencrpass 192.168.1.77:1177

snmpNotifyTable

Give the 4 configuration lines above, lets take a peek at the snmpNotifyTable: 

$ snmptable -Cb -Ci -v2C -c public localhost snmpNotifyTable

  index            Tag             Type
'internal0'     internal0           trap
'internal0'     internal1           trap
'internal0'     internal2         inform
'internal0'     internal3         inform

Each configured destination has a unique tag associated with it. This tag is used as an index into the snmpTargetAddrTable, which specifies the destination for the associated tag, along with a few other parameters.

snmpTargetAddrTable

The snmpTargetAddrTable contains a column for a parameter tag. This tag is used to index into the snmpTargetParamsTable for additional parameters. 

$ snmptable -Cb -Ci -v2C -c public localhost snmpTargetAddrTable

  index     TDomain        TAddress             Timeout RetryCount TagList    Params
'internal0' SnmpUDPAddress "7F 00 00 01 04 67 "   0        0      internal0  internal0
'internal1' SnmpUDPAddress "C0 A8 01 63 04 AF "   0        0      internal1  internal1
'internal2' SnmpUDPAddress "C0 A8 01 4D 04 99 "  1000      0      internal2  internal2
'internal3' SnmpUDPAddress "C0 01 44 58 04 A4 "  1000      5      internal3  internal3

snmpTargetParamsTable

$ snmptable -Cb -Ci -v2c -c public localhost snmpTargetParamsTable

   index    MPModel SecurityModel SecurityName SecurityLevel
'internal0'    0          1       trapComm     noAuthNoPriv
'internal1'    1          2       trapComm     noAuthNoPriv
'internal2'    3          3        myuser         authPriv
'internal3'    1          2       trapComm     noAuthNoPriv

notification filtering

snmpNotifyFilterProfileTable

Retrieved from "https://net-snmp.sourceforge.io/wiki/index.php?title=TUT:snmpd_notification_filtering&oldid=4207"