Configuring SNMP traps

The passive end-user experience Real User Analyzer and Collector use SNMP trap protocol operations to send information to your managing system. 

BMC Real End User Experience Monitoring Software Edition uses SNMP traps to send alerts to an SNMP manager (if incident-detection rules and error-detection rules are enabled and triggered)

Consult the following topics to enable an agent to send SNMP traps:

Before you begin

Obtain the required configuration settings from the server administrator of the SNMP manager hosting the trap receiver. The end-user experience component requires the port number and the address of the trap receiver, and it must use the same protocol level as that of the trap receiver to send traps. End-user experience components support the SNMPv1, SNMPv2c, and SNMPv3 versions of the SNMP protocol. You can send SNMP traps to an IPv4 or IPv6 SNMP manager.

If you want to configure SNMPv3-compatible traps, use the following table to determine which security level to use.

Security levels for SNMPv3-compatible traps

Security level

Description

No authentication or privacy (noAuthNoPriv )

Use noAuthNoPriv when the trap receiver will receive unsecured traps without authentication.

To use this level of security, configure the user account name that will be used to validate the trap on the trap receiver.

Authentication but no privacy (authNoPriv)

Use authNoPriv when the trap receiver requires authentication but the trap data will not be encrypted (no privacy).

In addition to the user name for authentication, the following information must be configured:

  • Authentication password — The password for the user account that will be used to authenticate the trap receiver. The value must be alphanumeric and a minimum of eight characters.
  • Authentication protocol — The hashing algorithm used to encrypt the authentication password before sending it in the trap to the trap receiver. The system supports the MD5 and SHA protocols.

Authentication and privacy (authPriv)

Use authPriv when the trap receiver requires authentication and requires the trap data to be encrypted (privacy).

In addition to the authentication user name and password, you must specify a privacy password. The privacy password uses the DES algorithm to encrypt and decrypt trap data.

The value must be alphanumeric and must contain a minimum of eight characters.

To send SNMPv3 traps, you must configure the engine ID when you configure the local SNMP agent.

To configure SNMP traps from a Real User Analyzer or Collector

To perform this procedure, you must have Operator-level access, or higher.

  1. In the Real User Analyzer or Collector interface, point to Administration > Integration, and click Network management (SNMP).

  2. From the Action menu for the Traps section, select Edit.
  3. If you selected SNMPv1- or SNMPv2c-compatible traps, enter the community string that the recipient uses in the Trap manager community string box.
  4. If you selected SNMPv3-compatible traps, select one of the following options in the Trap security level list and enter the required information:
    • For an unauthenticated connection with no privacy, click No Authentication or Privacy (noAuthNoPriv), and in the User name box, type the user name for the account that will be used to validate the trap on the trap receiver.
    • For an authenticated connection with no privacy, click Enable Authentication and no Privacy (authNoPriv), and perform the following steps:


      1. In the User name box, type the user name of the account provided by the administrator of the Trap Manager (receiver).
      2. In the Authentication protocol field, click either MD5 or SHA to select the hashing algorithm used to encrypt the authentication password. The resulting hash will be sent as part of the trap to the Trap Manager (receiver).
      3. In the Authentication password box, type the corresponding password, which must be alphanumeric and contain at least eight characters.
    • For an authenticated and private connection, click Enable Authentication and Privacy (authPriv), and perform the following steps:


      1. In the User name box, type the user name of the account provided by the administrator of the Trap Manager (receiver).
      2. In the Authentication protocol field, click either MD5 or SHA to select the hashing algorithm used to encrypt the authentication password. The resulting hash will be sent as part of the trap to the Trap Manager (receiver).
      3. In the Authentication password box, type the corresponding password. The password must contain at least eight alphanumeric characters.

      4. In the Privacy password box, type the password to encrypt and decrypt trap data. The password must contain at least eight alphanumeric characters.

        Note

        SNMPv3 authPriv supports symmetric encryption through the AES and DES encryption algorithms. However, BMC Real End User Experience Monitoring Software Edition supports only DES for privacy. To communicate with end-user experience components with SNMPv3 authPriv enabled, your SNMP management console account must be configured to use DES for encryption of trap data.

  5. In the Trap manager address box, enter the IP address of the server hosting the trap receiver. You can enter the IP address in IPv4, or IPv6, or both. 
  6. In the Trap manager port box, enter the port number that the trap receiver server uses.
  7. In the Trap queue size box, enter a value from 1,000 to 10,000 to specify the queue size.
    Increasing the size of the trap queue provides more buffering when the device generates a large number of alerts. The default queue size is 1,000.
  8. In the Trap drain rate text box, enter a number from 1 to 1,000 to limit the number of traps sent per second.
    This mechanism protects the trap manager from being overwhelmed. Set the trap drain rate based on the capacity of the receiving host and network. The default value is 10 traps per second.
  9. Click Save.

To enable SNMP traps in a Real User Analyzer or Collector

  1. In the Real User Analyzer or Collector interface, point to Administration > Integration, and click Network management (SNMP).

  2. In the Traps section, click ON.

    The system sends traps whenever trap-enabled conditions occur. If the ON and OFF buttons are both unavailable, it means that the Security role has not enabled the use of the SNMP service for this system.

Related topics

Enabling the SNMP service for end-user experience monitoring

Configuring trap-based alerts through SNMP

Configuring email or SNMP alerts for system monitoring

 

Was this page helpful? Yes No Submitting... Thank you

Comments