Configuring SNMP trap receiver

This topic describes how to configure an SNMP receiver environment.

You can run the snmptrapd service on a workstation, or in a docker container. This topic concerns the first option, which allows you to set up a single receiver serving traps from multiple agents. You can also read Running snmptrapd on a host allocated to receive snmp traps. Part 2 of 2 to learn about the other option, which allows you to set up multiple receivers on a single workstation.

Procedure

  1. On a receiver node, create a directory ~/.snmp/mibs and copy IIAS-MIB.txt from the appliance to it.
    [root@hqa-mpv1-3 ~]# mkdir ~/.snmp/mibs -p
    [root@hqa-mpv1-3 ~]# scp <IIAS_IP>:/usr/share/snmp/mibs/IIAS-MIB.txt ~/.snmp/mibs
  2. On a receiver node, create a file snmptrapd.conf with the following content:
    
    snmpTrapdAddr                udp:162  # (1)
    doNotFork                    yes  # (2)
    doNotRetainNotificationLogs  yes  # (3)
    createUser -e "0x1123581321" usm-sha-aes SHA sha.auth.pass.10 AES aes.enc.pass.11  # (4)
    authUser          log        usm-sha-aes  # (5)
    authCommunity     log        public  # (6)
    format1 \n%V\n  %02.2h:%02.2j:%02.2k %y/%02.2m/%02.2l TRAP %A\nPDU INFO:\n  receivedfrom:      %a\n  agent hostname:    %A\n  community:         %P\n  enterprise OID:    %N\n  trap type:         %W\n  trap sub-type:     %q\nVARBINDS:\n  %v\n  # (7)
    format2 \n%V\n  %02.2h:%02.2j:%02.2k %y/%02.2m/%02.2l TRAP %B\nPDU INFO:\n  receivedfrom:      %b\n  community:         %P\nVARBINDS:\n  %v\n  # (8)

    The SNMP protocol uses UDP and traps destination port is 162 by default. Detailed description of these three options are available in man snmptrapd.

    Line 4 shows how to define the user and assign credentials.

    In line 4, the required Engine ID -e "0x1123581321", user name usm-sha-aes, authentication protocol and password SHA sha.auth.pass.10 are provided as well as an encryption protocol and a password AES aes.enc.pass.11. By specifying the protocols, you set up the Security Level. When you omit Encryption and Authentication, you reduce the level of security from the highest authPriv to the lowest authNoPriv and noAuthNoPriv respectively.

    Line 5 sets the type of processing. Because the aim is just logging to file, log is provided. For more advanced processing, check other available options in man snmptrapd.conf 5.

    Line 6 allows to receive and log SNMPv1 and SNMPv2c formatted traps with a community string public. Since it is a default and commonly used pattern, change it to a less obvious one.

    Lines 7 and 8 provide formatting for logging, this provides plenty of possibilities to adjust the output format. A full description is available in man snmptrapd.

  3. On a receiver node, run the following command:
    snmptrapd -f -C -c /opt/ibm/appliance/platform/snmptrapd.conf -Le -OQ -d -m
          +IIAS-MIB
    Note: When specifying the MIB file in snmptrapd, do not provide the .txt extension.

    Read command help for available options.

    Leave the terminal as is, it will be open to receive SNMP traps from sender.