1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
2 .. http://creativecommons.org/licenses/by/4.0
7 **trapd** configuration is controlled via a single JSON 'transaction'.
8 This transaction can be:
10 - a reply from Config Binding Services
11 - a locally hosted JSON file
13 The format of this message is described in the SNMPTRAP package, under:
17 <base install dir>/spec/snmptrap-collector-component-spec.json
19 There will also be a template JSON file with example/default values found at:
23 <base install dir>/etc/snmptrapd.json
25 If you are going to use a local file, the env variable below must be defined before SNMPTRAP runs. There is a default value set in the SNMPTRAP startup script (bin/snmptrapd.sh):
29 export CBS_SIM_JSON=../etc/snmptrapd.json
31 In either scenario, the format of the config message/transaction *is the same*. An example is described below.
33 JSON CONFIGURATION EXPLAINED
34 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
36 Variables of interest (e.g. variables that should be inspected/modified for a specific runtime environment) are listed below for convenience. The entire file is provided later in this page for reference.
38 Potential Config Changes in your environment
39 """"""""""""""""""""""""""""""""""""""""""""
45 "ipv4_interface": "0.0.0.0", # IPv4 address of interface to listen on - "0.0.0.0" == "all"
46 "ipv4_port": 6162, # UDP port to listen for IPv4 traps on (6162 used in docker environments when forwarding has been enabled)
47 "ipv6_interface": "::1", # IPv6 address of interface to listen on - "::1" == "all"
48 "ipv6_port": 6162 # UDP port to listen for IPv6 traps on (6162 used in docker environments when forwarding has been enabled)
52 "dns_cache_ttl_seconds": 60 # number of seconds trapd will cache IP-to-DNS-name values before checking for update
56 "minimum_severity_to_log": 2 # minimum message level to log; 0 recommended for debugging, 3+ recommended for runtime/production
58 in snmpv3_config section:
60 (see detailed snmpv3_config discussion below)
65 SNMPv3 added significant authorization and privacy capabilities to the SNMP standard. As it relates to traps, this means providing the proper privacy, authorization, engine and user criteria for each agent that would like to send traps to a particular trapd instance.
67 This is done by adding blocks of valid configuration data to the "snmpv3_config" section of the JSON config/transaction. These blocks are recurring sets of:
73 "engineId": "<engineId>",
74 "<authProtocol>": "<authorizationKeyValue>",
75 "<privProtocol>": "<privacyKeyValue>"
78 Valid values for authProtocol in JSON configuration:
82 usmHMACMD5AuthProtocol
83 usmHMACSHAAuthProtocol
84 usmHMAC128SHA224AuthProtocol
85 usmHMAC192SHA256AuthProtocol
86 usmHMAC256SHA384AuthProtocol
87 usmHMAC384SHA512AuthProtocol
90 Valid values for privProtocol in JSON configuration:
94 usm3DESEDEPrivProtocol
97 usmAesBlumenthalCfb192Protocol
99 usmAesBlumenthalCfb256Protocol
103 User and engineId values are left up to the administrator, and must conform to SNMPv3 specifications as explained at `https://tools.ietf.org/html/rfc3414` .
106 Sample JSON configuration
107 """""""""""""""""""""""""
109 The format of the JSON configuration that drives all behavior of SNMPTRAP is probably best described using an example:
116 "title": "ONAP SNMP Trap Receiver"
120 "ipv4_interface": "0.0.0.0",
122 "ipv6_interface": "::1",
127 "dns_cache_ttl_seconds": 60
130 "http_timeout_milliseconds": 1500,
132 "http_milliseconds_between_retries": 750,
133 "http_primary_publisher": "true",
134 "http_peer_publisher": "unavailable",
135 "max_traps_between_publishes": 10,
136 "max_milliseconds_between_publishes": 10000
138 "streams_publishes": {
139 "sec_fault_unsecure": {
140 "type": "message_router",
141 "aaf_password": null,
146 "topic_url": "http://localhost:3904/events/ONAP-COLLECTOR-SNMPTRAP"
152 "runtime_base_dir": "/opt/app/snmptrap",
156 "arriving_traps_log": "snmptrapd_arriving_traps.log",
157 "snmptrapd_diag": "snmptrapd_prog_diag.log",
158 "traps_stats_log": "snmptrapd_stats.csv",
159 "perm_status_file": "snmptrapd_status.log",
160 "eelf_base_dir": "/opt/app/snmptrap/logs",
161 "eelf_error": "error.log",
162 "eelf_debug": "debug.log",
163 "eelf_audit": "audit.log",
164 "eelf_metrics": "metrics.log",
165 "roll_frequency": "hour",
166 "minimum_severity_to_log": 3
171 "engineId": "8000000000000001",
173 "usmDESPrivProtocol": "privkey1",
174 "usmHMACMD5AuthProtocol": "authkey1"
177 "engineId": "8000000000000002",
179 "usm3DESEDEPrivProtocol": "privkey2",
180 "usmHMACMD5AuthProtocol": "authkey2"
183 "engineId": "8000000000000003",
185 "usmAesCfb128Protocol": "privkey3",
186 "usmHMACMD5AuthProtocol": "authkey3"
189 "engineId": "8000000000000004",
191 "usmAesBlumenthalCfb192Protocol": "privkey4",
192 "usmHMACMD5AuthProtocol": "authkey4"
195 "engineId": "8000000000000005",
197 "usmAesBlumenthalCfb256Protocol": "privkey5",
198 "usmHMACMD5AuthProtocol": "authkey5"
201 "engineId": "8000000000000006",
203 "usmAesCfb192Protocol": "privkey6",
204 "usmHMACMD5AuthProtocol": "authkey6"
207 "engineId": "8000000000000007",
209 "usmAesCfb256Protocol": "privkey7",
210 "usmHMACMD5AuthProtocol": "authkey7"
213 "engineId": "8000000000000009",
215 "usmDESPrivProtocol": "privkey9",
216 "usmHMACSHAAuthProtocol": "authkey9"
219 "engineId": "8000000000000010",
221 "usm3DESEDEPrivProtocol": "privkey10",
222 "usmHMACSHAAuthProtocol": "authkey10"
225 "engineId": "8000000000000011",
227 "usmAesCfb128Protocol": "privkey11",
228 "usmHMACSHAAuthProtocol": "authkey11"
231 "engineId": "8000000000000012",
233 "usmAesBlumenthalCfb192Protocol": "privkey12",
234 "usmHMACSHAAuthProtocol": "authkey12"
237 "engineId": "8000000000000013",
239 "usmAesBlumenthalCfb256Protocol": "privkey13",
240 "usmHMACSHAAuthProtocol": "authkey13"
243 "engineId": "8000000000000014",
245 "usmAesCfb192Protocol": "privkey14",
246 "usmHMACSHAAuthProtocol": "authkey14"
249 "engineId": "8000000000000015",
251 "usmAesCfb256Protocol": "privkey15",
252 "usmHMACSHAAuthProtocol": "authkey15"
255 "engineId": "8000000000000017",
257 "usmDESPrivProtocol": "privkey17",
258 "usmHMAC128SHA224AuthProtocol": "authkey17"
261 "engineId": "8000000000000018",
263 "usm3DESEDEPrivProtocol": "privkey18",
264 "usmHMAC128SHA224AuthProtocol": "authkey18"
267 "engineId": "8000000000000019",
269 "usmAesCfb128Protocol": "privkey19",
270 "usmHMAC128SHA224AuthProtocol": "authkey19"
273 "engineId": "8000000000000020",
275 "usmAesBlumenthalCfb192Protocol": "privkey20",
276 "usmHMAC128SHA224AuthProtocol": "authkey20"
279 "engineId": "8000000000000021",
281 "usmAesBlumenthalCfb256Protocol": "privkey21",
282 "usmHMAC128SHA224AuthProtocol": "authkey21"
285 "engineId": "8000000000000022",
287 "usmAesCfb192Protocol": "privkey22",
288 "usmHMAC128SHA224AuthProtocol": "authkey22"
291 "engineId": "8000000000000023",
293 "usmAesCfb256Protocol": "privkey23",
294 "usmHMAC128SHA224AuthProtocol": "authkey23"
297 "engineId": "8000000000000025",
299 "usmDESPrivProtocol": "privkey25",
300 "usmHMAC192SHA256AuthProtocol": "authkey25"
303 "engineId": "8000000000000026",
305 "usm3DESEDEPrivProtocol": "privkey26",
306 "usmHMAC192SHA256AuthProtocol": "authkey26"
309 "engineId": "8000000000000027",
311 "usmAesCfb128Protocol": "privkey27",
312 "usmHMAC192SHA256AuthProtocol": "authkey27"
315 "engineId": "8000000000000028",
317 "usmAesBlumenthalCfb192Protocol": "privkey28",
318 "usmHMAC192SHA256AuthProtocol": "authkey28"
321 "engineId": "8000000000000029",
323 "usmAesBlumenthalCfb256Protocol": "privkey29",
324 "usmHMAC192SHA256AuthProtocol": "authkey29"
327 "engineId": "8000000000000030",
329 "usmAesCfb192Protocol": "privkey30",
330 "usmHMAC192SHA256AuthProtocol": "authkey30"
333 "engineId": "8000000000000031",
335 "usmAesCfb256Protocol": "privkey31",
336 "usmHMAC192SHA256AuthProtocol": "authkey31"
339 "engineId": "8000000000000033",
341 "usmDESPrivProtocol": "privkey33",
342 "usmHMAC256SHA384AuthProtocol": "authkey33"
345 "engineId": "8000000000000034",
347 "usm3DESEDEPrivProtocol": "privkey34",
348 "usmHMAC256SHA384AuthProtocol": "authkey34"
351 "engineId": "8000000000000035",
353 "usmAesCfb128Protocol": "privkey35",
354 "usmHMAC256SHA384AuthProtocol": "authkey35"
357 "engineId": "8000000000000036",
359 "usmAesBlumenthalCfb192Protocol": "privkey36",
360 "usmHMAC256SHA384AuthProtocol": "authkey36"
363 "engineId": "8000000000000037",
365 "usmAesBlumenthalCfb256Protocol": "privkey37",
366 "usmHMAC256SHA384AuthProtocol": "authkey37"
369 "engineId": "8000000000000038",
371 "usmAesCfb192Protocol": "privkey38",
372 "usmHMAC256SHA384AuthProtocol": "authkey38"
375 "engineId": "8000000000000039",
377 "usmAesCfb256Protocol": "privkey39",
378 "usmHMAC256SHA384AuthProtocol": "authkey39"
381 "engineId": "8000000000000041",
383 "usmDESPrivProtocol": "privkey41",
384 "usmHMAC384SHA512AuthProtocol": "authkey41"
387 "engineId": "8000000000000042",
389 "usm3DESEDEPrivProtocol": "privkey42",
390 "usmHMAC384SHA512AuthProtocol": "authkey42"
393 "engineId": "8000000000000043",
395 "usmAesCfb128Protocol": "privkey43",
396 "usmHMAC384SHA512AuthProtocol": "authkey43"
399 "engineId": "8000000000000044",
401 "usmAesBlumenthalCfb192Protocol": "privkey44",
402 "usmHMAC384SHA512AuthProtocol": "authkey44"
405 "engineId": "8000000000000045",
407 "usmAesBlumenthalCfb256Protocol": "privkey45",
408 "usmHMAC384SHA512AuthProtocol": "authkey45"
411 "engineId": "8000000000000046",
413 "usmAesCfb192Protocol": "privkey46",
414 "usmHMAC384SHA512AuthProtocol": "authkey46"
417 "engineId": "8000000000000047",
419 "usmAesCfb256Protocol": "privkey47",
420 "usmHMAC384SHA512AuthProtocol": "authkey47"
Code Review / dcaegen2.git / blob