Brocade Communications Systems 6650 manual Snmp version 3 traps

6 SNMP version 3 traps

Brocade(config)#snmp-server view admin 1.3.6.1.4.1.1991 included

You can exclude portions of the MIB within an inclusion scope. For example, if you want to exclude the snAgentSys objects, which begin with 1.3.6.1.4.1.1991.1.1.2 object identifier from the admin view, enter a second command such as the following.

Brocade(config)#snmp-server view admin 1.3.6.1.4.1.1991.1.1.2 excluded

NOTE

Note that the exclusion is within the scope of the inclusion.

To delete a view, use the no parameter before the command.

SNMP version 3 traps

Brocade devices support SNMP notifications in SMIv2 format. This allows notifications to be encrypted and sent to the target hosts in a secure manner.

Defining an SNMP group and specifying which view is notified of traps

The SNMP group command allows configuration of a viewname for notification purpose, similar to the read and write view. The default viewname is "all", which allows access to the entire MIB.

To configure an SNMP user group, first configure SNMP v3 views using the snmp-server view command.Refer to “SNMP v3 configuration examples” on page 169. Then enter a command such as the following.

Brocade(config)#snmp-server group admin v3 auth read all write all notify all

Syntax: [no] snmp-server group <groupname> v1 v2 v3

auth noauth priv

[access <standard-ACL-id>] [read <viewstring> write <viewstring> notify <viewstring>]

The group <groupname> parameter defines the name of the SNMP group to be created.

The v1, v2, or v3 parameter indicates which version of SNMP to use. In most cases, you will use v3, since groups are automatically created in SNMP versions 1 and 2 from community strings.

The auth noauth parameter determines whether or not authentication will be required to access the supported views. If auth is selected, then only authenticated packets are allowed to access the view specified for the user group. Selecting noauth means that no authentication is required to access the specified view. Selecting priv means that an authentication password will be required from the users.

The access <standard-ACL-id>parameter is optional. It allows incoming SNMP packets to be filtered based on the standard ACL attached to the group.

The read <viewstring> write <viewstring> parameter is optional. It indicates that users who belong to this group have either read or write access to the MIB.

The notify view allows administrators to restrict the scope of varbind objects that will be part of the notification. All of the varbinds need to be in the included view for the notification to be created.