Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1539
Views
0
Helpful
0
Replies

Need Help Dissecting SNMPv3 configuration

UT_games
Level 1
Level 1

‎06-23-2020 08:12 AM - edited ‎06-23-2020 08:13 AM

Here is the SNMP configuration I need to make sense of.

 

1) mac address-table notification change interval 0
2) mac address-table notification change
3) snmp-server enable traps mac-notification change move threshold
4) snmp-server queue-length 30
5) snmp-server group TestGroup1 v3 priv
6) snmp-server user TestUser1 TestGroup1 v3 auth sha Password123 priv aes 128 EncryptionKey123
7) snmp-server group TestGroup1 v3 priv context vlan-545
8) snmp-server group TestGroup1 v3 priv context vlan-546
9) snmp-server engineID remote 192.201.5.113 udp-port 162 80001F8880E9630000D61FF4
10) snmp-server user TestUser1 TestGroup1 remote 192.201.5.113 udp-port 162 v3 auth sha Password123 priv aes 128 EncryptionKey123
11) snmp-server host 192.201.5.113 informs version 3 priv TestUser1

 

Here is what I "understand" about the configuration.

 

1 and 2) Any mac address change in the mac address table is logged - not sure where this is logged....

3) Any mac address that moves in the mac address table is logged to SNMP

4) The number of trap events that can be held before the queue must be emptied

5) Specifying a SNMP group. This make managing views easier if views are used....is my understanding, could be wrong

6) Specifying SNMP user TestUser1 assigned to TestGroup1. This is a user that can be logged in via something like PRTG via port 161? Also specifies encryption type, key and user password

7) Not sure what the point of configuring a SNMP context name is - 545 is our access vlan - exposes this VLAN to the MIB?

8) Not sure what the point of configuring a SNMP context name is - 546 is our SNMP only vlan - exposes this VLAN to the MIB?

9) What is the purpose of configuring the SNMP Engine ID? Is this an arbitrary value?

10) Specifying SNMP user TestUser1 assigned to TestGroup1. This is a user that can be logged in via something like PRTG via port 162? Also specifies encryption type, key and user password

11) This configures where the SNMP traps will be sent

 

Questions:

 

Are my assumptions about the configuration right? Anything I missed?

 

Would anyone recommend any ways to optimize the configuration?

 

Thanks in advance

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents