The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
SNMP version 3 provides security features such as authentication (verifying that the request comes from a genuine source), privacy (encryption of data), authorization (verifying that the user allows the requested operation), and access control (verifying that the user has access to the objects requested). To prevent SNMP packets from being exposed on the network, you can configure encryption with SNMPv3.
This chapter, which describes how to configure SNMP v3 so the network management system can monitor Cisco HCM-F, contains the following topics:
•SNMP Trap Notification Destinations
Table 11-1 provides an overview of the steps for configuring SNMP.
|
|
|
---|---|---|
Step 1 |
Install and configure the SNMP NMS. |
SNMP product documentation that supports the NMS |
Step 2 |
In the CLI, verify that the system started the SNMP services, including: •SNMP Master Agent •Native Agent •System Application Agent •Cisco Syslog Agent •MIB2 Agent •Host Resources Agent |
In the command line interface, enter the following command: utils service list |
Step 3 |
Configure the SNMP user. |
|
Step 4 |
Configure the notification destination for traps or informs. |
•SNMP Trap Notification Destinations |
Step 5 |
Configure the system contact and location for the MIB2 system group. |
|
Step 6 |
Configure trap settings for CISCO-SYSLOG-MIB. |
Use these guidelines to configure CISCO-SYSLOG-MIB trap settings on your system: •Set clogsNotificationEnabled (1.3.6.1.4.1.9.9.41.1.1.2) to true by using the SNMP Set operation; for example, use the net-snmp set utility to set this OID to true from the linux command line using: snmpset -c <community string> -v2c <transmitter ipaddress> 1.3.6.1.4.1.9.9.41.1.1.2.0 i 1 You can also use any other SNMP management application for the SNMP Set operation. •Set clogMaxSeverity (1.3.6.1.4.1.9.9.41.1.1.3) value by using the SNMP Set operation; for example, use the net-snmp set utility to set this OID value from the linux command line using: snmpset -c public -v2c 1<transmitter ipaddress> 1.3.6.1.4.1.9.9.41.1.1.3.0 i <value> Enter a severity number for the <value> setting. Severity values increase as severity decreases. A value of 1 (Emergency) indicates highest severity, and a value of 8 (Debug) indicates lowest severity. Syslog agent ignores any messages greater than the value that you specify; for example, to trap all syslog messages, use a value of 8. |
Step 7 |
Restart the SNMP Master Agent service. (Optional) |
At the command line, enter the following command: utils service start SNMP Master Agent |
Step 8 |
On the NMS, configure the Cisco HCM-F trap parameters. |
•SNMP Management Information Base (MIB) •SNMP product documentation that supports the NMS |
Additional Information
See the "Related Topics" section.
Table 11-2 shows the commands that you need to work with SNMP users on the Cisco HCM-F platform:
|
|
---|---|
List the SNMP users. |
utils snmp config user 3 list |
Add an SNMP user. |
utils snmp config user 3 add The system prompts you for the parameters. See Table 11-3 for parameter names and descriptions. |
Update an SNMP user. |
utils snmp config user 3 update The system prompts you for the parameters. See Table 11-3 for parameter names and descriptions. |
Delete an SNMP user. |
utils snmp config user 3 delete The system prompts you for the parameters. See Table 11-3 for parameter names and descriptions. |
SNMP User CLI Parameters
Table 11-3 describes the SNMP user parameter settings for V3.
Additional Information
See the "Related Topics" section.
An SNMP agent sends notifications to NMS in the form of traps or informs to identify important system events. Traps do not receive acknowledgments from the destination whereas informs do receive acknowledgments.
The following section applies to SNMP V3 notification destination configuration.
Table 11-4 shows the commands that you need to work with SNMP trap notification destinations on the Cisco HCM-F platform:
|
|
---|---|
List trap notification destinations. |
utils snmp config trap 3 list |
Add a v3 trap notification destination that is associated with a configured v3 username. |
utils snmp config trap 3 add The system prompts you for the parameters. See Table 11-5 for parameter names and descriptions. |
Update a trap notification destination. |
utils snmp config trap 3 update The system prompts you for the parameters. See Table 11-5 for parameter names and descriptions. |
Delete a trap notification destination. |
utils snmp config trap 3 delete The system prompts you for the parameters. See Table 11-5 for parameter names and descriptions. |
Trap Notification Destination Parameter Settings
Table 11-5 describes the trap notification destination parameter settings for V3.
Additional Information
See the "Related Topics" section.
An SNMP agent sends notifications to NMS in the form of traps or informs to identify important system events. Traps do not receive acknowledgments from the destination whereas informs do receive acknowledgments.
Table 11-6 describes the inform notification destination configuration settings for V3.
|
|
---|---|
List inform notification destinations. |
utils snmp config inform 3 list |
Add a v3 inform notification destination. |
utils snmp config inform 3 add The system prompts you for the parameters. See Table 11-7 for parameter names and descriptions. |
Update an inform notification destination. |
utils snmp config inform 3 update The system prompts you for the parameters. See Table 11-7 for parameter names and descriptions. |
Delete an inform notification destination. |
utils snmp config inform 3 delete The system prompts you for the parameters. See Table 11-7 for parameter names and descriptions. |
Inform Notification Destination Parameter Settings
Additional Information
See the "Related Topics" section.
You can use the CLI to configure the system contact and system location objects for the MIB-II system group. For example, you could enter Administrator, 555-121-6633, for the system contact and San Jose, Bldg 23, 2nd floor, for the system location.
Table 11-8 shows the commands that you need to work with MIB2 system groups on the Cisco IME server:
|
|
---|---|
List the MIB2 system group configuration. |
utils snmp config mib2 list |
Add a MIB2 system group. |
utils snmp config mib2 add The system prompts you for the parameters. See Table 11-9 for parameter names and descriptions. |
Update a MIB2 system group. |
utils snmp config mib2 update The system prompts you for the parameters. See Table 11-9 for parameter names and descriptions. |
Delete a MIB2 system group. |
utils snmp config mib2 delete The system prompts you for the parameters. See Table 11-9 for parameter names and descriptions. |
MIB2 System Group CLI Parameters
Table 11-9 describes the MIB2 System Group parameter settings.
Additional Information
See the "Related Topics" section.
SNMP allows access to Management Information Base (MIB), which is a collection of information that is organized hierarchically. MIBs comprise managed objects, which are identified by object identifiers. A MIB object, which contains specific characteristics of a managed device, comprises one or more object instances (variables).
The SNMP interface provides these Cisco Standard MIBs:
•CISCO-CDP-MIB
•CISCO-SYSLOG-MIB
The Simple Network Management Protocol (SNMP) extension agent resides in the server. The SNMP interface also provides these Industry Standard MIBs:
•SYSAPPL-MIB
•MIB-II (RFC 1213)
•HOST-RESOURCES-MIB
Cisco HCM-F SNMP Interface supports the following MIBs.
CISCO-CDP-MIB
Use the CDP subagent to read the Cisco Discovery Protocol MIB, CISCO-CDP-MIB. This MIB enables Cisco HCM-F to advertise itself to other Cisco devices on the network.
The CDP subagent implements the CDP-MIB. The CDP-MIB contains the following objects:
•cdpInterfaceIfIndex
•cdpInterfaceMessageInterval
•cdpInterfaceEnable
•cdpInterfaceGroup
•cdpInterfacePort
•cdpGlobalRun
•cdpGlobalMessageInterval
•cdpGlobalHoldTime
•cdpGlobalLastChange
•cdpGobalDeviceId
•cdpGlobalDeviceIdFormat
•cdpGlobalDeviceIdFormatCpd
SYSAPPL-MIB
Use the System Application Agent to get information from the SYSAPPL-MIB, such as installed applications, application components, and processes that are running on the system.
System Application Agent supports the following object groups of SYSAPPL-MIB:
•sysApplInstallPkg
•sysApplRun
•sysApplMap
•sysApplInstallElmt
•sysApplElmtRun
MIB-II
Use MIB2 agent to get information from MIB-II. The MIB2 agent provides access to variables that are defined in RFC 1213, such as interfaces, IP, and so on, and supports the following groups of objects:
•system
•interfaces
•at
•ip
•icmp
•tcp
•udp
•snmp
HOST-RESOURCES MIB
Use Host Resources Agent to get values from HOST-RESOURCES-MIB. The Host Resources Agent provides SNMP access to host information, such as storage resources, process tables, device information, and installed software base. The Host Resources Agent supports the following groups of objects:
•hrSystem
•hrStorage
•hrDevice
•hrSWRun
•hrSWRunPerf
•hrSWInstalled
CISCO-SYSLOG-MIB
Syslog tracks and logs all system messages, from informational through critical. With this MIB, network management applications can receive syslog messages as SNMP traps:
The Cisco Syslog Agent supports trap functionality with the following MIB objects:
•clogNotificationsSent
•clogNotificationsEnabled
•clogMaxSeverity
•clogMsgIgnores
•clogMsgDrops
•SNMP Trap Notification Destinations
•SNMP Inform Notification Destination