Configuring Snmptrapd on Linux Systems
To setup Snmptrapd on Linux, do the following:
- Key shell scripts essential for Snmptrapd configuration are bundled with the eG agent package for Linux. Installing the eG agent therefore, will automatically create the /opt/egurkha/agent/snmptrapd directory containing the check_trapd, start_trapd, and cron_trapd files and a sub-directory named log.
Next, execute the shell script defined within the cron_trapd file by issuing the command crontab cron_trapd from the /opt/egurkha/agent/snmptrapd directory. This command will invoke the check_trapd script.
If the SetUI operation not permitted error appears while executing the crontab cron_trapd command, do the following:
- Verify whether the root-user is the owner of crontab. If not, issue the command - chown root:root crontab - to change the ownership of crontab.
- Then, execute the command: chmod +s crontab to give the appropriate execution privileges to the user running the crontab command. .
- The primary responsibility of the check_trapd script is to start the Snmptrapd process using the start_trapd file. Additionally, the check_trapd will check if the snmptrapd.log file has reached a size of 1MB. If so, it will delete the file and restart the Snmptrapd process so as to prevent the log from growing excessively.
The start_trapd file will contain the port at which the Snmptrapd process listens for SNMP traps from SNMP agents. The default SNMP trap port is 162. However, in Unix environments, a default Snmptrapd process already runs at this port. Therefore, for Unix environments, the port has been set to 6667. This default port setting can be modified by editing the port parameter of the start_trapd file. Similarly, you can change the default –c public specification in the file to reflect the community string that snmptrapd should use in your environment. If more than one community strings are available in your environment, then, you can specify the same as a comma-separated list. For example, if you have two community strings named public and private, then can specify -c public, private in the file to reflect the community strings that the snmptrad should use.
Ensure that the port number and community string (default: public) specified in the start_trapd file is the same as the SNMP port of the application or network device from which the SNMP traps originate.
To configure the SNMP Trap Receiver with SNMP v3 support, follow the steps discussed below:
- Edit the start_trapd file in the /opt/egurkha/agent/snmptrapd directory.
- Ensure that -v parameter is set to 3 to support SNMP version 3. Also, since SNMP v3 does not support a community string, make sure that the -c parameter is set to none.
Then, ensure that valid values are provided for the following parameters in the start_trapd file:
Security level; this can be noAuthNoPriv, authNoPriv, or authPriv
Security name or user name; where multiple Security name or user names are available in an environment, you can specify a comma-separated list of Security names or user names
Authentication protocol; this can be MD5 (for Message Digest Algorithm) or SHA (for Secure Hash Algorithm) - you can specify a comma-separated list of Authentication protocols
Authentication protocol pass phrase; you can specify a comma-separated list of Authentication protocol pass phrase if a comma-separated list of Authentication protocols were specified
Privacy protocol; this can be des (for Data Encryption Standard or AES (for Advanced Encryption Standard) or AES256; you can specify a comma -separated list of Privacy protocols if multiple Privacy protocols are supported in your environment
Privacy protocol pass phrase; you can specify a comma-separated list of Privacy protocol pass phrase if a comma-separated list of Privacy protocols were specified
A sample entry has been provided below:
-p 6667 -v 3 -c none -e 80.00.08.1c.04.46.64 -l authNoPriv -u Kevin,John -a MD5,SHA -A kvn1234,john@1234 -x DES,AES -X kvn12345,john@2341
- Finally, save the file.