Simple Network Management Protocol (SNMP) Settings
The Simple Network Management Protocol is an Internet Standard protocol widely used for network monitoring.
On the Next Generation Hardware Appliance Services page, the section SNMP Settings allows you to grant access to an external monitoring system. You can configure SNMP access using version SNMPv2c with Community string authentication, or version SNMPv3 with various authentication options, including password and encryption.
The following describes how to configure these versions. You will also find information on the MIB file that is used for interfacing with SNMP.
Configure SNMPv2c Settings
To configure SNMPv2c settings:
Log in to your Next Generation Hardware Appliance.
Open the Services page.
In the section SNMP Settings, click SNMPv2c.
The Configuration section opens.In the field Community String, enter the desired string. The entry is mandatory.
Community String rules are the following:Minimum 4 and maximum 64 characters
Lower case letters [a-z]
Upper case letters e.g. [A-Z]1.3.6.1.4.1.22408.1.4.1.5.3.3.0
Digits [0-9]
Click Save SNMP Configuration to confirm your changes and enable the SNMPv2c access.
Configure SNMPv3 Settings
To configure SNMPv3 settings:
Log in to your Next Generation Hardware Appliance.
Open the Services page.
In the section SNMP Settings, click SNMPv3.
The Configuration section opens.Select the desired Authentication Method. You have the following options:
Username only
Username + Password (HMAC-MD5-96)
Username + Password (HMAC-SHA-96)
For the Username + Password options you will see the additional option Encryption. The minimum requirement for authentication is Username. Combining it with Password and Encryption increases security.
Enter the Username. The entry is mandatory.
Username rules are the following:Minimum 4 and maximum 64 characters
Lower case letters [a-z]
Upper case letters [A-Z]
Digits [0-9]
Enter the Password and repeat it. The entry is mandatory for the Username + Password options.
Password rules are the following:Minimum 8 and maximum 64 characters
ASCII characters only
No double quotation marks: “
No single quotation marks: '
Select the Encryption Method for the Username + Password authentication. You have these options:
None
CBC-DES
CBC-AES
Enter the Secret for CBC-DES/CBC-AES encryption. Secret rules are the same as Password rules.
Interfacing with SNMP
All possible statuses, that can be reported by SNMP are defined in file and in the following table.
Name/OID | Numeric OID | Description |
---|---|---|
pk-SAV2-component-readyness | .1.3.6.1.4.1.22408.1.4.1.1.0 | This subtree contains the status/readyness of the Software Appliance's components. |
pk-SAV2-authentication-service-status | .1.3.6.1.4.1.22408.1.4.1.1.1.0 | Authentication service status. Possible values: |
pk-SAV2-crs-status | .1.3.6.1.4.1.22408.1.4.1.1.2.0 | Container runtime system status. Possible values: |
pk-SAV2-documentation-status | .1.3.6.1.4.1.22408.1.4.1.1.3.0 | Documentation service status. Possible values: |
pk-SAV2-monitoring-status | .1.3.6.1.4.1.22408.1.4.1.1.4.0 | Monitoring service status. Possible values: |
pk-SAV2-persistence-status | .1.3.6.1.4.1.22408.1.4.1.1.5.0 | Persistent data storage service status. Possible values: |
pk-SAV2-snmp-status | .1.3.6.1.4.1.22408.1.4.1.1.6.0 | SNMP service status. Possible values: |
pk-SAV2-spc-status | .1.3.6.1.4.1.22408.1.4.1.1.7.0 | Support package creator service status. Possible values: |
pk-SAV2-vs-status | .1.3.6.1.4.1.22408.1.4.1.1.8.0 | Valuestore service status. Possible values: |
pk-SAV2-vsapi-status | .1.3.6.1.4.1.22408.1.4.1.1.9.0 | Valuestore API service status. Possible values: |
pk-SAV2-webconf-status | .1.3.6.1.4.1.22408.1.4.1.1.10.0 | Webconf service status. Possible values: |
pk-SAV2-vault-status | .1.3.6.1.4.1.22408.1.4.1.1.11.0 | Vault service status. Possible values: |
pk-SAV2-network-subtree | .1.3.6.1.4.1.22408.1.4.1.2.0 | This subtree contains the networking related information of the Software Appliance. |
pk-SAV2-networkLink-status | .1.3.6.1.4.1.22408.1.4.1.2.1.0 | Network link status. Possible values: OBSOLETE |
pk-SAV2-networkIpv4 | .1.3.6.1.4.1.22408.1.4.1.2.2.0 | Network IPV4 address. Possible values: |
pk-SAV2-networkIpv4Prefix | .1.3.6.1.4.1.22408.1.4.1.2.3.0 | Network IPV4 Prefix (CIDR notation of subnet mask). Possible values: |
pk-SAV2-networkIpv6 | .1.3.6.1.4.1.22408.1.4.1.2.4.0 | Network IPV6 address. Possible values: |
pk-SAV2-networkIpv6Prefix | .1.3.6.1.4.1.22408.1.4.1.2.5.0 | Network IPV6 Prefix (CIDR notation of subnet mask). Possible values: |
pk-SAV2-systemHostname | .1.3.6.1.4.1.22408.1.4.1.2.6.0 | Hostname, that is currently in use by the Software Appliance. Possible values: |
pk-SAV2-database-subtree | .1.3.6.1.4.1.22408.1.4.1.3.0 | This subtree contains all database related information of the Software Appliance. |
pk-SAV2-internal-database | .1.3.6.1.4.1.22408.1.4.1.3.1.0 | This subtree contains all information about the internal database of the Software Appliance. |
pk-SAV2-internal-database-status | .1.3.6.1.4.1.22408.1.4.1.3.1.1.0 | Status of the database service. Possible values: |
pk-SAV2-internal-databaseAvailableStorage | .1.3.6.1.4.1.22408.1.4.1.3.1.2.0 | Available storage reported by the database in MB. Possible values: |
pk-SAV2-internal-databaseTotalStorage | .1.3.6.1.4.1.22408.1.4.1.3.1.3.0 | Available total storage reported by the database in MB. Possible values: |
pk-SAV2-internal-databaseUsage | .1.3.6.1.4.1.22408.1.4.1.3.1.4.0 | Used storage reported by the database as percentage. Possible values: |
pk-SAV2-version-subtree | .1.3.6.1.4.1.22408.1.4.1.4.0 | This subtree contains all information about important version related information of the Software Appliance. |
pk-SAV2-systemVersion | .1.3.6.1.4.1.22408.1.4.1.4.1.0 | Software Appliance version. Possible values: |
pk-SAV2-application-subtree | .1.3.6.1.4.1.22408.1.4.1.5.0 | This subtree contains all information about customer facing applications on the Software Appliance. |
pk-SAV2-ejbca | .1.3.6.1.4.1.22408.1.4.1.5.1.0 | This subtree contains all the information from EJBCA. |
pk-SAV2-ejbca-status | .1.3.6.1.4.1.22408.1.4.1.5.1.1.0 | EJBCA application status. Possible values: |
pk-SAV2-ejbcaVersion | .1.3.6.1.4.1.22408.1.4.1.5.1.2.0 | EJBCA version string. Possible values: |
pk-SAV2-ejbcaHealthCheck | .1.3.6.1.4.1.22408.1.4.1.5.1.3.0 | Boolean interpretation of the EJBCA health check output. Possible values: |
pk-SAV2-signserver | .1.3.6.1.4.1.22408.1.4.1.5.2.0 | This subtree contains all the information from SignSever. |
pk-SAV2-signserver-status | .1.3.6.1.4.1.22408.1.4.1.5.2.1.0 | SignServer application status. Possible values: |
pk-SAV2-signserverVersion | .1.3.6.1.4.1.22408.1.4.1.5.2.2.0 | SignServer version string. Possible values: |
pk-SAV2-signserverHealthCheck | .1.3.6.1.4.1.22408.1.4.1.5.2.3.0 | Boolean interpretation of the SignServer health check output. Possible values: |
pk-SAV2-license-valid | .1.3.6.1.4.1.22408.1.4.1.5.4.1.0 | License is valid. Possible values: |
pk-SAV2-license-active-certificates | .1.3.6.1.4.1.22408.1.4.1.5.4.2.0 | Number of active certificates (EJBCA only) |
pk-SAV2-hsm-subtree | .1.3.6.1.4.1.22408.1.4.1.6.0 | This subtree contains all the information about the HSM components on the Software Appliance. |
pk-SAV2-hsm-driver-luna7-status | .1.3.6.1.4.1.22408.1.4.1.6.2.0 | Luna7 HSM service status. Possible values: |
pk-SAV2-hsm-driver-softhsm-status | .1.3.6.1.4.1.22408.1.4.1.6.1.0 | Soft HSM service status. Possible values: |
pk-SAV2-hsm-utimaco-subtree | .1.3.6.1.4.1.22408.1.4.1.6.3.0 | This subtree contains all information regarding the Utimaco CryptoServer LAN |
pk-SAV2-hsm-driver-utimaco-status | .1.3.6.1.4.1.22408.1.4.1.6.3.1.0 | The Utimaco CryptoServer LAN service status. Possible values: |
pk-SAV2-hsm-driver-utimaco-serialNumber | .1.3.6.1.4.1.22408.1.4.1.6.3.2.0 | The Utimaco CryptoServer LAN serial number. Possible values: |
pk-SAV2-hsm-driver-utimaco-model | .1.3.6.1.4.1.22408.1.4.1.6.3.3.0 | The Utimaco CryptoServer LAN model. Possible values: |
pk-SAV2-hsm-driver-utimaco-state | .1.3.6.1.4.1.22408.1.4.1.6.3.4.0 | The Utimaco CryptoServer LAN state. Possible values: |
pk-SAV2-hsm-driver-utimaco-mode | .1.3.6.1.4.1.22408.1.4.1.6.3.5.0 | The Utimaco CryptoServer LAN mode of operation. Possible values: |
pk-SAV2-hsm-driver-ncipher | .1.3.6.1.4.1.22408.1.4.1.6.4.0 | Entrust nCipher HSM service status. Possible values: |
pk-SAV2-hsm-driver-dpod | .1.3.6.1.4.1.22408.1.4.1.6.5.0 | Thales DPoD service status. Possible values: |
pk-SAV2-hsm-driver-bull | .1.3.6.1.4.1.22408.1.4.1.6.6.0 | Trustway Proteccio netHSM service status. Possible values: |
pk-SAV2-hsm-driver-securosys | .1.3.6.1.4.1.22408.1.4.1.6.7.0 | Securosys HSM service status. Possible values: |
pk-SAV2-hsm-driver-utimaco-pci-status | .1.3.6.1.4.1.22408.1.4.1.6.8.1.0 | The Utimaco UTrust PCI service status. Possible values: |
pk-SAV2-hsm-driver-utimaco-pci-serialNumber | .1.3.6.1.4.1.22408.1.4.1.6.8.2.0 | The Utimaco UTrust PCI serial number. Possible values: |
pk-SAV2-hsm-driver-utimaco-pci-model | .1.3.6.1.4.1.22408.1.4.1.6.8.3.0 | The Utimaco UTrust PCI model. Possible values: |
pk-SAV2-hsm-driver-utimaco-pci-state | .1.3.6.1.4.1.22408.1.4.1.6.8.4.0 | The Utimaco UTrust PCI state. Possible values: |
pk-SAV2-hsm-driver-utimaco-pci-alarm | .1.3.6.1.4.1.22408.1.4.1.6.8.5.0 | The Utimaco UTrust PCI alarm state. Possible values: |
pk-SAV2-hsm-driver-utimaco-pci-mode | .1.3.6.1.4.1.22408.1.4.1.6.8.6.0 | The Utimaco UTrust PCI mode of operation. Possible values: |
pk-SAV2-hsm-driver-utimaco-pci-temperature | .1.3.6.1.4.1.22408.1.4.1.6.8.7.0 | The Utimaco UTrust PCI processor temperature. Possible values: |
pk-SAV2-hsm-driver-utimaco-pci-temperature-sensor | .1.3.6.1.4.1.22408.1.4.1.6.8.8.0 | The Utimaco UTrust PCI temperature from sensory controller. Possible values: |
pk-SAV2-hsm-driver-utimaco-pci-internal-battery-state | .1.3.6.1.4.1.22408.1.4.1.6.8.9.1.0 | The Utimaco UTrust PCI internal battery state. Possible values: |
pk-SAV2-hsm-driver-utimaco-pci-internal-battery-voltage | .1.3.6.1.4.1.22408.1.4.1.6.8.9.2.0 | The Utimaco UTrust PCI internal battery voltage. Possible values: |
pk-SAV2-hsm-driver-utimaco-pci-external-battery-state | .1.3.6.1.4.1.22408.1.4.1.6.8.9.3.0 | The Utimaco UTrust PCI external battery state. Possible values: |
pk-SAV2-hsm-driver-utimaco-pci-external-battery-voltage | .1.3.6.1.4.1.22408.1.4.1.6.8.9.4.0 | The Utimaco UTrust PCI external battery voltage. Possible values: |
pk-SAV2-backup-lastSuccess | .1.3.6.1.4.1.22408.1.4.1.7.1.0 | Software Appliance last successful backup timestamp. Possible values: |
pk-SAV2-backup-lastBackupStatus | .1.3.6.1.4.1.22408.1.4.1.7.2.0 | Software Appliance last backup status. Possible values: |
pk-SAV2-backup-lastBackupStart | .1.3.6.1.4.1.22408.1.4.1.7.3.0 | Software Appliance last backup start timestamp. Possible values: |
pk-SAV2-backup-schedule | .1.3.6.1.4.1.22408.1.4.1.7.4.0 | Software Appliance backup schedule. Possible values: |
pk-SAV2-raid-active-devices | .1.3.6.1.4.1.22408.1.4.1.8.1.1.0 | Hardware Appliance number of active RAID devices. Possible values: |
pk-SAV2-raid-array-state | .1.3.6.1.4.1.22408.1.4.1.8.1.2.0 | Hardware Appliance array state of RAID device. Possible values: |
pk-SAV2-raid-sync-action | .1.3.6.1.4.1.22408.1.4.1.8.1.3.0 | Hardware Appliance sync action of RAID device. Possible values: |
pk-SAV2-raid-sync-completed | .1.3.6.1.4.1.22408.1.4.1.8.1.4.0 | Hardware Appliance sync completed indicator of RAID device. Possible values: |
pk-SAV2-raid-degraded | .1.3.6.1.4.1.22408.1.4.1.8.1.5.0 | Hardware Appliance degraded RAID devices. Possible values: |
pk-SAV2-raid-status-dev1 | .1.3.6.1.4.1.22408.1.4.1.8.1.6.0 | Hardware Appliance status of first RAID device. Possible values: |
pk-SAV2-raid-status-dev2 | .1.3.6.1.4.1.22408.1.4.1.8.1.7.0 | Hardware Appliance status of second RAID device. Possible values: |
pk-SAV2-sensor-cpu-temp | .1.3.6.1.4.1.22408.1.4.1.8.2.1.0 | Hardware Appliance CPU temperature. Possible values: |
pk-SAV2-sensor-cpufan-speed | .1.3.6.1.4.1.22408.1.4.1.8.2.2.0 | Hardware Appliance CPU fan speed. Possible values: |
pk-SAV2-sensor-sysfan1-speed | .1.3.6.1.4.1.22408.1.4.1.8.2.3.0 | Hardware Appliance system fan 1 speed. Possible values: |
pk-SAV2-sensor-sysfan2-speed | .1.3.6.1.4.1.22408.1.4.1.8.2.4.0 | Hardware Appliance system fan 2 speed. Possible values: |
pk-SAV2-sensor-sysfan3-speed | .1.3.6.1.4.1.22408.1.4.1.8.2.5.0 | Hardware Appliance system fan 3 speed. Possible values: |
pk-SAV2-sensor-sysfan4-speed | .1.3.6.1.4.1.22408.1.4.1.8.2.6.0 | Hardware Appliance system fan 4 speed. Possible values: |
pk-SAV2-cluster-size | .1.3.6.1.4.1.22408.1.4.1.9.1.0 | The cluster size. Possible values: |
pk-SAV2-cluster-status | .1.3.6.1.4.1.22408.1.4.1.9.2.0 | The cluster connection status. Possible values: |
pk-SAV2-cluster-id | .1.3.6.1.4.1.22408.1.4.1.9.3.0 | The cluster id. Possible values: |
pk-SAV2-cluster-last-transaction-id | .1.3.6.1.4.1.22408.1.4.1.9.4.0 | The last database transaction id. Possible values: |