Skip to content

SNMP v3 support

Resource Manager provides support for SNMP v3 data collection.

The following configuration properties control the authentication and privacy of these requests:

  • *zSnmpAuthType *- Use "MD5" or "SHA" signatures to authenticate SNMP requests. If only zSnmpAuthType and zSnmpAuthPassword are set, then the message is sent with authentication but no privacy.
  • *zSnmpAuthPassword *- Shared private key used for authentication. Must be at least 8 characters long.
  • *zSnmpPrivType *- "DES" or "AES" cryptographic algorithms. If zSnmpPrivType and zSnmpPrivPassword are set, then the message is sent with privacy and authentication. You cannot set a PrivType and PrivPassword without also setting an AuthType and AuthPassword. If neither Priv nor Auth values are set, then the message is sent with no authentication or privacy.
  • *zSnmpPrivKey *- Shared private key used for encrypting SNMP requests. Must be at least 8 characters long.
  • *zSnmpSecurityName *- Security Name (user) to use when making SNMPv3 requests.

If monitoring SNMPv3 devices, make sure that msgAuthoritativeEngineID (also known as snmpEngineID or Engine ID) is not shared by two devices. It must be unique for each device.

Advanced Encryption Standard

SNMPv3 encryption using the Advanced Encryption Standard (AES) algorithm is supported only if the host platform net-snmp library supports it.

You can determine whether your platform supports AES by using the following test:

$ snmpwalk -x AES 2>&1 | head -1

If the response is:

"Invalid privacy protocol specified after -x flag: AES"

then your platform does not support AES encryption for SNMPv3.

If the response is:

"No hostname specified."

Then your platform supports AES.