How to receive snmp v3 traps without specific enginedID?
It took a long time to figure this out to be able to use snmptrapd without needing the engineID. This works with a brand new Cisco Nexus switch (nx-os) and hoping this will help someone else:
format2 %V\n% Agent Address: %A \n Agent Hostname: %B \n Date: %H - %J - %K - %L - %M - %Y \n Enterprise OID: %N \n Trap Type: %W \n Trap Sub-Type: %q \n Community/Infosec Context: %P \n Uptime: %T \n Description: %W \n PDU Attribute/Value Pair Array:\n%v \n -------------- \n
/etc/snmp/snmptrapd.conf:
traphandle default /etc/snmp/send_to_email_script # make sure it is executable
traphandle default /etc/snmp/snmp-traphandle_script # can be any program
doNotLogTraps no
authUser log,execute,net ${snmp_user} # username variable
createUser ${snmp_user} MD5 ${snmp_auth} AES-128 ${snmp_auth}
Example user could be:
# createUser networkmonitor MD5 cisco1234! AES-128 cisco1234!
On cisco switch make sure this user exists with same username/password and priv/auth. Also add snmp host (which is the how you send the trap to snmptrapd):
# snmp-server host ip_address traps version 3 priv networkmonitor
Make sure ip_address
is not switch ip, but the snmptrapd receiver's ip
Related videos on Youtube
user339597
Updated on September 18, 2022Comments
-
user339597 over 1 year
I'm using snmptrapd on linux from net-snmp package. I'm trying to make some perl script to handle snmp traps. I'm already have such script and it works with snmp v1, v2c traps and with snmpv3 traps but only when I specify engineID explicitly both in config and in command sending trap. But when I configure cisco router to send me linkDown trap it uses MAC address with some extra bytes as engineID. And I can see trap arrives on interface in wireshark, but snmptrapd does nothing. Is it possible to configure snmptrapd to accept all traps by authenticated users without specifying engineID?
Here is my snmptrapd.conf
# Example configuration file for snmptrapd # # No traps are handled by default, you must edit this file! # createUser -e 0x0102030405 myuser MD5 mypassword DES myotherpassword createUser -e 0x0102030405 myuser2 MD5 mypassword DES myotherpassword createUser -e 0x0102030406 myuser2 MD5 mypassword DES myotherpassword createUser cisco SHA cisco123 DES cisco123 authUser log,execute myuser authUser log,execute myuser2 authUser log,execute cisco authCommunity log,execute public perl do "/usr/local/share/snmp/snmptrapdhandler.pl";
I'm using Fedora 21 linux,
$ uname -a Linux 4.1.13-100.fc21.x86_64 #1 SMP Tue Nov 10 13:13:20 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
and net-snmp version is
net-snmp-5.7.2-23.fc21.x86_64
-
Colyn1337 almost 8 yearsPlease consider noting what flavor of linux you're using and it's version.
-
-
user339597 over 7 yearsCan you show your snmptrapd.conf?