SNMP traps being sent via SNMPv3

Can Firescope process SNMP Traps sent via SNMPv3?  My initial configurations were unsuccessful so I am curious - is the prerequisite for receiving traps that they are sent v1 and v2 only?

  • In order to consume SNMP traps, you'll need to do 2 things. First, the device generating the trap messages needs to direct those traps to a FireScope Edge device. Next, Stratis needs to have a CI with an SNMP Traps attribute. From there, you can define events around specific message contents.

    FYI, as the Edge device receives SNMP Trap messages, it checks to see if a CI is in the system that matches the name of the device in the message, and then checks for an SNMP Trap attribute. If neither of these is present, the Edge will discard the trap message.
  • I did verify that the CI name matched exactly to the host sending trap - and only after I switched from SNMPv3 to v2 did I receive the trap. So, again, my question is - does the SNMP trap attribute support SNMPv3?
  • In reply to drafn:

    Are you using an SNMP Poll attribute type or an SNMP Trap attribute type? In the case of consuming SNMP Traps, this should be just SNMP Trap; versioning only applies to Polling attributes where we also have to send community strings for authentication.
  • In reply to rcounts:

    I am using SNMP Trap attribute but some newer third party systems will only send traps via SNMPv3 which utilizes USM (User Security Model) and affords cryptograhpic security.
    In my example, initial configuration of OEM trap alerts was set to send SNMPv3 trap to Firescope using No Auth, No Priv and the v3 USM user that matched on both sides - nothing shown in SNMP trap log.
    Once OEM alert method was changed to use SNMPv2 trap, the trap was received and showed in Firescope SNMP trap log.