TECHZEN Zenoss User Community ARCHIVE  
FORUMS / Configuration & Administration / DISCUSSION

Zenoss 4.2.5 - Receive SNMPv3 traps

Subject: Zenoss 4.2.5 - Receive SNMPv3 traps
Author: Sam Urai
Posted: 2022-02-04 14:11

Trying to migrate various devices to SNMPv3 from v2c. These devices are not being monitored by Zenoss but instead simply send traps to Zenoss. 

Following the documentation - Zenoss Resource Manager
Zenoss remove preview
Zenoss Resource Manager
Zenoss Cloud can receive SNMP v3 traps from your devices, but there are some prerequisites: The device sending the traps must be added as a monitored device The zSnmpEngineId configuration property must be set to match the value from the device To receive SNMP v3 traps for a device, follow these steps: If you are not already monitoring the device, add it to an appropriate device class.
View this on Zenoss >

I did the test on an Linux host and it seems working with authPriv and authNoPriv.   I only added the EngineID in Zenoss for that host.
Followed the similar steps but traps from other devices ( non-Linux ) setup to use V3 authPriv not seen in Zenoss.   I do see the packets sent to Zenoss in tcpdump . Perhaps I need to enable debug in Zenoss to see what's going on I guess but not sure how?

Comparing the packet dumps, the difference I see is the following.  Is that the problem?

Simple Network Management Protocol
    msgVersion: snmpv3 (3)
    msgGlobalData
        msgID: 421871805
        msgMaxSize: 65507
        msgFlags: 03
            .... .0.. = Reportable: Not set
            .... ..1. = Encrypted: Set
            .... ...1 = Authenticated: Set
        msgSecurityModel: USM (3)
    msgAuthoritativeEngineID: 8971899337
        1... .... = Engine ID Conformance: RFC3411 (SNMPv3)
        Engine Enterprise ID: Unknown (158435731)
        Engine ID Format: Reserved/Enterprise-specific (55)
        Engine ID Data: <MISSING>
    msgAuthoritativeEngineBoots: 1
    msgAuthoritativeEngineTime: 762465
    msgUserName: public
    msgAuthenticationParameters: 1761f0776beb3a876d6272de
    msgPrivacyParameters: 0000000130599c8c
    msgData: encryptedPDU (1)
        encryptedPDU: 7b59adf85c0af7a5fc3074afffd8031ce13e4847fcc24b9e1f87df5a41dc3c3ebb8684f6…
​

Any idea?

Thanks

------------------------------
Sam
------------------------------

Subject: RE: Zenoss 4.2.5 - Receive SNMPv3 traps
Author: Sam Urai
Posted: 2022-02-04 20:53

Arr.. The document link seems valid for Zenoss Cloud. 

I removed/re-added the same linux host in Zenoss, no EngineID.  I tested both authPriv and authNoPriv from the linux host  and I could see the traps.

So it looks like.. for receiving traps from clients configured with V3, no changes needed on Zenoss side as long as the client is in Zenoss.

I think this should apply to non-linux devices as well like wireless / networking devices. 


------------------------------
Sam
------------------------------


< Previous
Strange issues with new installation 		  Next
Zenoss 4.2.5 - Not able to set device production state 		>