[SNMP4J] SNMPv3 Notifications
I have a device that hard codes a UsmUser name nameB and sends it with SNMPv3 notifications noAuthNoPriv (can't change the level). I did configure the device for SNMPv3 with a different user name nameA and the passphrases for priv and auth. I can poll the device using nameA. But I cannot send a notification from the device using SNMPv3. which uses nameB. Is this because with SNMPv3 notifications there must be a UsmUser for nameB registered in the USM UsmUserTable associated with the snmp instance (I have one instance for traps and polls)? Of course I can send a V1 trap using a trap community string of anything and it is delivered. But the SNMP4J library will not deliver the SNMPv3 notification with nameB to processPdu(CommandResponderEvent evt). I configured the SNMP manager (my code) with nameB using the same authPriv as for nameA and set up the same user on the target device with the same security parameters. Now when the device sends an SNMPv3 notification USM, name=nameB, noAuthNoPriv the SNMP4J software forwards the notification to me whereas it did not before. Do I need to add a nameB UsmUser noAuthNoPriv to the UsmUserTable just to receive SNMPv3 traps from the device which hard codes the nameB for the UsmUser name? Ron ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
[SNMP4J] Set USM security parameters per request
I have code which calls USM.removeEngineTime(engineID) that I use to enable the re-discovery process again for a device with which my SNMP manager has lost communications. This works for several devices. But one device has problems. If I call USM.removeEngineTime(engineID) for this device before it comes back up, when it does come back up the requests go out with a reboots parameter of 0 but with a time parameter > 0 indicating the time since the call to removeEngineTime. The device does not respond to this. If I do another removeEngineTime after the device comes back up the time security parameter is 0 as well as the reboots parameter and it works. The problem is that I don't know when the device comes back up since it does not send a trap or notification indicating this. When I call my function (resetUsmUser(securityName)) it resets all TimeTableEntries with securityName even if the entry is not the localized one for the device having the problem. I have a number of like devices using the same USM security name and passphrases. I would prefer the ones still up not have to go through the discovery process as well.I would like to be able to set the reboots, time for the request to 0 just for a particular request going to the particular device. Is there a way to do this with SNMP4J?Is there a away in the SNMP4J API to tell which localized UserTableEntry belongs to a particular device (USM discovery process enabled)? Ron ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
[SNMP4J] Issue using AES 192
I have successfully configured a USM user on a Cisco 2960-XR device with 'auth SHA KEY' and 'priv AES 128 KEY'. (the KEY is a placeholder in this email to represent the pass phrase) This works fine. However, when I use 'auth SHA KEY' and 'priv AES 192 KEY' I get the following error: 1. In onResponse(ResponseEvent evt): evt.getError() -> Exception: 'Message processing model 3 returned error: Encryption error' This is due to the report response from the target device to a get-request from the manager. I am attaching a file from a Wireshark export showing two instances of this behavior. Note that after the initial get-request and report response, each invocation of snmp.send() simply returns the 'Message processing model 3 returned error: Encryption error' without sending a new get-request. I suspect that this is an issue with the target device with AES 192 and AES 256. But I am wondering if there might be something that I might try on the manager side. Ron ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
[SNMP4J] snmp4j-smi-pro issue
I am trying to use the SmiModule::getImports() to get the imports for a module. Then I want to use the SmiImport::getImportedObjectNames() and SmiImport::getSourceModuleName() methods for each import. Here is the import clause for XUPS-MIB: IMPORTS TimeTicks, Gauge32, Counter32, Integer32 FROM SNMPv2-SMI DisplayString FROM SNMPv2-TC MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP FROM SNMPv2-CONF eaton, xupsEnvironment FROM EATON-OIDS -- Need to import these EMP objects to support PowerMIB-style traps for EMP xupsContactIndex, xupsContactType, xupsContactState, xupsContactDescr, xupsEnvRemoteTemp, xupsEnvRemoteTempLowerLimit, xupsEnvRemoteTempUpperLimit, xupsEnvRemoteHumidity, xupsEnvRemoteHumidityLowerLimit, xupsEnvRemoteHumidityUpperLimit FROM EATON-EMP-MIB; Issues: The source module names I get from this module are: RFC1155-SMI RFC1213-MIB RFC-1212 RFC-1215 List moduleImports = smiModule.getImports(); List importedModules = moduleImports.stream().map( i -> i.getSourceModuleName() ).collect(Collectors.toList()); importedModules.stream().forEach(System.out::println); Am I doing something wrong? Yet, smiModule.getObjectNames() does include the objects imported from the EATON-EMP-OID (e.g. xupsEnvRemoteTemp) but the imported objects do not have all fields populated (e.g. units) whereas the EATON-EMP-MIB objects do have all fields populated (according to the MIB. Why would I not see EATON-EMP-MIB in the list of SmiImport for the XUPS-MIB module? Ron ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
[SNMP4J] SNMP4j-SMI-PRO Question
I want to find out how many components (sub-identifiers) comprise an index some some OID. This info is in the table entry. However, if the table entry augments another table, the indexes are not given but the table entry which is being augmented is available in the augments clause in the table entry that augments it. An example would be the ifXEntry augments ifEntry. In snmp4j-smi-pro, I don't see anything in SmiObjectType or SmiObject that yields the augmented table. Did I overlook this? I want to find out given an arbitrary OID that may be included in a trap how many sub-identifiers make up the prefix. If the last sub-identifier is not 0, then I guess I could remove the last until I get to a type of OBJECT_TYPE_COLUMN. But is this the best way? Ron ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
[SNMP4J] Using localized keys
Hi, I have read about localized keys and understand the concept. I don't yet understand how to implement them and use them with SNMP4J. If anyone has the time to briefly share how to do this I would greatly appreciate it. Ron ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
[SNMP4J] TreeUtils & DefaultPDUFactory
I am attempting to use TreeUtils with a DefaultPDUFactory using GETNEXT (the OID range is small). I have set engine discovery for USM during the initialization of the program to true. The target uses V3 and USM. I have successfully polled the target and have successfully received traps from the target without specifying the engineID when adding the UsmUser. However, when I use TreeUtils as described above, it fails with 'Context engine ID must not be null' at org.snmp4j.ScopedPDU.setContextEngineID() line 69. I am using SNMP4j version 2.5. I notice using wireshark that a get-request is sent to the device to elicit the report PDU from which it can discover the authoritative engine ID. There are two packets sent from the manager to the target and the target responds to each. I would assume that the packets are encrypted getnext packets with the responses appropriate to the requests. When using the DefaultPDUFactory, do I need to specify the authoritative engine for the user when adding the user to USM even though when polling and I specify the PDU this is not necessary? Ron ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
[SNMP4J] snmp4j-smi-pro thread safe?
Are methods on the SmiManager such as 'SmiObject findSmiObject(OID)' for snmp4j-smi-pro 1.8 thread safe? Ron ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
Re: [SNMP4J] Trap Handling Configuration Framework
Thank you. Ron On Thu, Sep 29, 2016 at 3:50 PM, Fabrice Bacchella < fabrice.bacche...@orange.fr> wrote: > I have written two product: > > The first, https://github.com/fbacchella/SmiExtensions integrate in > snmp4j and can help resolve OID, it still in early stage. > > The second, https://github.com/fbacchella/LogHub, can listen for snmp > trap using snmp4j and transform them in java map to be processed. > > > > Le 29 sept. 2016 à 20:32, Frank Fock a écrit : > > > > > > Hi Ron, > > > > There are several existing (mostly commercial) trap receiver > implementations. > > One that uses SNMP4J as protocol implementation is TrapStation. > > All of them provide generic approaches to classify and correlate traps. > > > > My MIB Explorer can do this too on a basic level. > > > > A fully generic approach will fail for many MIBs in the market. You will > need > > some scripting to achieve best integration result for those non-standard > MIBs. > > > > Hope this helps anyway. > > > > Best regards, > > Frank > > > > > >> On 29 Sep 2016, at 02:57, Ronald Braswell wrote: > >> > >> Is there a configuration based framework for which configurations can be > >> specified to properly evaluate all traps from all vendors (or close to > it)? > >> > >> If not, do most people write custom code to handle traps from various > >> vendors? > >> > >> Ron > >> ___ > >> SNMP4J mailing list > >> SNMP4J@agentpp.org > >> https://oosnmp.net/mailman/listinfo/snmp4j > > > > ___ > > SNMP4J mailing list > > SNMP4J@agentpp.org > > https://oosnmp.net/mailman/listinfo/snmp4j > > ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
[SNMP4J] Trap Handling Configuration Framework
Is there a configuration based framework for which configurations can be specified to properly evaluate all traps from all vendors (or close to it)? If not, do most people write custom code to handle traps from various vendors? Ron ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
[SNMP4J] Snmp Instances
Should I use an instance of Snmp for traps and one for polls each with one transport mapping or would it be better to use one instance of Snmp with two transport mappings -- one for port 161 and one for port 162? Ron ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
[SNMP4J] Can't compile RFC1155-SMI
I downloaded RFC1155-SMI and tried to load it with the SmiManager for SNMP4J-SMI-PRO 1.8.0. It failed with:Syntax error: Encountered "EXPORTS internet" at line 3. The reason why I am loading this is because RFC1155-SMI is an import for powernet412.mib which I am having difficulty compiling due to Integer32 and Unsigned32 not being defined. Ron ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j
[SNMP4J] D-TLS Transport Mapping
Hi, Has anyone provided a D-TLS Transport Mapping? Ron ___ SNMP4J mailing list SNMP4J@agentpp.org https://oosnmp.net/mailman/listinfo/snmp4j