sending V3(USM) secure traps from an agent

Thu, 02 Sep 2010 08:32:58 -0700 

Hello, would like to ask for a little help or some pointers in the right 
direction if possible.

I need to send secure V2 traps/notifications from our agent to a 
monitoring station.

Currently we have a script that process the snmpTargetAddrTable and 
snmpTargetParamsTable
looking for trap targets to send traps to.  We use the snmptrap command 
for sending v1 and v2c traps
with something like this

 /usr/sbin/snmptrap -v $version -c $secname $addr:$port  $trap.0 
"${bi...@]}"

My hope was by calling snmptrap with the -u options for the security name 
and perhaps the -l option
for security level that snmptrap  would use my local USM config tables to 
extract the security credentials and send
the trap PDU out to the host.

But this does not seem to be the case from what I can tell.  So I have to 
specify all the credentials on the command line like
any other V3 request.  Such as:

/usr/sbin/snmptrap -v 3 -u default-SHA-DES -l authPriv -a SHA -A 
"password" -x DES -X "password" 147.139.4.133:162 "" 
1.3.6.1.4.1.1556.16.16.0.1 1.3.6.1.4.1.1556.16.16.2.0 i 1234

Problem is that I dont have access to the credential data via the script, 
its inside the USM tables inside the snmpd agent.

Our desire is for the users to configure our agents  USM with a secname 
and credentials to be used for sending
secure traps to their monitoring station, and then for the agent to use 
those credential when sending out
traps to targets that have SNMPv3 specified for the 
snmpTargetParamsMPModel and USM specified for the 
snmpTargetParamsSecurityModel in the snmpTargetParamsTable.

Is this a reasonable plan or am I missing some other method to acheive 
this.

What I am trying to avoid is having an enterprise specific table that the 
user configures with credential very much
like the USM table.  Seems I should be able to use what already exists.

Any help or pointers would be greatly appreciated.


Cheers
tjs

The democracy will cease to exist when you take away 
from those who are willing to work and give to those who would not. 
 
                                        - Thomas Jefferson
------------------------------------------------------------------------------
This SF.net Dev2Dev email is sponsored by:

Show off your parallel programming skills.
Enter the Intel(R) Threading Challenge 2010.
http://p.sf.net/sfu/intel-thread-sfd
_______________________________________________
Net-snmp-coders mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/net-snmp-coders

Reply via email to