Generic SNMP adapter

IBM® QRadar® Risk Manager supports appliances that run an SNMP agent with the generic SNMP adapter.

This adapter interacts with the SNMP agent by using SNMP queries.

The object identifiers (OIDs) are contained in SNMP MIB-2, and you can expect all SNMP agents to expose these OIDs.

The following are adapter limitations:

  • Collects basic interface and basic system information only. Rules and routing information are not collected.
  • Even though displayed in Configuration Monitor, with SNMPv3, the adapter does not support AES encryption.
  • The adapter does not support AES encryption with SNMPv3, even though it might appear to support it in the Configuration Monitor window.

The integration requirements for the generic SNMP adapter are described in following table:

Integration Requirement Description
Version SNMPv1, SNMPv2c, SNMPv3
Neighbor data support No
SNMP discovery No
Required credential parameters

To add credentials in QRadar, log in as an administrator and use Configuration Monitor on the Risks tab.

SNMPv1 and SNMPv2c require

SNMP Get Community

SNMPv3 requires

SNMPv3 Authentication Username

SNMPv3 can have either one of the following credentials:

SNMPv3 Authentication Password

SNMPv3 Privacy Password

Supported connection protocols

To add protocols in QRadar, log in as an administrator and use Configuration Monitor on the Risks tab.

Use any one of the following supported connection protocols:

SNMPv1

SNMPv2c

SNMPv3 using MD5

SHA with DES

Commands that the adapter requires to log in and collect data

SNMP Get commands

.1.3.6.1.2.1.1.1.0

.1.3.6.1.2.1.1.2.0

.1.3.6.1.2.1.1.3.0

.1.3.6.1.2.1.1.4.0

.1.3.6.1.2.1.1.5.0

.1.3.6.1.2.1.1.6.0

SNMP Walk commands

.1.3.6.1.2.1.2.2.1.2

.1.3.6.1.2.1.2.2.1.3

.1.3.6.1.2.1.2.2.1.4

.1.3.6.1.2.1.2.2.1.5

.1.3.6.1.2.1.2.2.1.6

.1.3.6.1.2.1.2.2.1.7

.1.3.6.1.2.1.4.20