SNMP GUIDE
BeyondTrust SNMP reference guide
The BeyondTrust Appliance B Series supports Simple Network Management Protocol (SNMP) for monitoring the availability of the B Series Appliance and network statistics. This feature enables users to monitor the B Series Appliance using SNMP monitoring tools.
Customers typically use system monitoring tools to gather information from network devices using SNMP. The read-only requests validate availability and general health and do not negatively impact the performance of the BeyondTrust Appliance B Series. Users can enable and disable SNMP access to the B Series Appliance.
Availability
SNMP Monitoring is available on B Series Appliances running Base version 3.1.10 and later. BeyondTrust supports SNMPv2 and SNMPv3 of the Simple Network Management Protocol, a Draft Internet Standard, defined in RFCs 1902 through 1907.
Logging and reporting
Any change in SNMP administrative settings generates a Syslog event in the /login interface. See the BeyondTrust Syslog Message Reference Guide for more detailed Syslog information. Specific Syslog events include:
- Syslog event to note Enabling/Disabling of SNMP feature
- Syslog event to note the Setting/Changing of SNMP Community Name
- Syslog event to note the Setting/Changing of System Location
User configuration settings
Appropriately credentialled users configure SNMP from the /appliance interface. To enable SNMP for your B Series Appliance, go to /appliance > Networking > SNMP.
If using SNMPv2, check the box beside Enable SNMPv2.
Enabling SNMPv2 allows the B Series Appliance to be available for SNMP queries.
Next, enter a Read-Only Community Name value, a System Location value, and IP Restrictions in the corresponding free text fields.
IP Restrictions are those IP addresses permitted to query your B Series Appliance using SNMP.
Note
If you enter NO IP addresses in the field for IP Restrictions, you will grant access to ALL hosts.
If using SNMPv3:
- Enter a Username and Password.
- Select the Authentication Method of your choice from the dropdown menu
- Check SNMPv3 Enable Privacy if you want to encrypt communications to the client.
- Enter a Privacy Password and select a Privacy Method.
Click Save Changes when done.
Field | Explanation |
---|---|
Enable SNMPv2 | Check to prepare the B Series Appliance availability for queries. |
Read-Only Community Name | The community name to which the SNMPv2 Server should respond. |
Enable SNMPv3 | Check to prepare the B Series Appliance availability for queries. |
SNMPv3 Username | Enter a username. |
SNMPv3 Authentication Password | Enter a password, or leave blank to use current password. |
SNMPv3 Authentication Method | Use the dropdown menu to select an authentication method. |
SNMPv3 Enable Privacy | Check this box to encrypt communications to the client. |
SNMPv3 Privacy Password | Enter a password, or leave blank to use current password. |
SNMPv3 Privacy Method | Use the dropdown menu to select an authentication method. |
System Location | The location of this B Series Appliance for the SNMP MIB. |
IP Restrictions | The list of IP addresses allowed to access SNMP on this B Series Appliance. |
Supported MIB objects
The complete listing of MIB objects that are made available on the B Series Appliance can be discovered by performing an SNMP walk against the B Series Appliance by specifying ".1" as the OID to start walking.
Executing an SNMP walk at this level will show both the MIB-2 and UCD MIB objects that are available. An example command line SNMP walk would look like the following:
# usage:
# snmpwalk [options] <host> [OID]
$ snmpwalk -v2c -cMyCommunity appliance.host.name.or.IP .1
Or, if you are interested only in the UCD portion of the tree, specify ".1.3.6.1.4.1.2021" as the root OID:
$ snmpwalk -v2c -cMyCommunity appliance.host.name.or.IP .1.3.6.1.4.1.2021
If you perform a full SNMP walk you will see a large set of available MIBs that are made available. The following SNMP parent MIB OIDs will yield the most useful information concerning your B Series Appliance. If you would like to retrieve all of the available child OIDs for each of the parent MIBs listed below, modify your SNMP walk to start at the parent MIB. For example, to SNMP walk the parent "interfaces" MIB, specify the OID ".1.3.6.1.2.1.2", and it will list all of the child OIDs available:
$ snmpwalk -v2c -cMyCommunity appliance.host.name.or.IP .1.3.6.1.2.1.2
SNMP parent MIB information
network:
interfaces: .1.3.6.1.2.1.2
ethers: .1.3.6.1.2.1.3
IP: .1.3.6.1.2.1.4
ICMP: .1.3.6.1.2.1.5
TCP: .1.3.6.1.2.1.6
UDP: .1.3.6.1.2.1.7
memory: .1.3.6.1.4.1.2021.4
disk:
devices: .1.3.6.1.4.1.2021.9
cpu:
load average: .1.3.6.1.4.1.2021.10
other vm stats: .1.3.6.1.4.1.2021.11
Updated 9 days ago