Cisco Intercompany Media Engine Installation and Configuration Guide, Release 9.0(1)
Cisco IME Server SNMP configuration
Downloads: This chapterpdf (PDF - 461.0KB) The complete bookPDF (PDF - 3.19MB) | Feedback

Cisco IME Server SNMP configuration

Cisco IME Server SNMP configuration

SNMP version 3 provides security features such as authentication (verifying that the request comes from a genuine source), privacy (encryption of data), authorization (verifying that the user allows the requested operation), and access control (verifying that the user has access to the objects requested.) To prevent SNMP packets from being exposed on the network, you can configure encryption with SNMPv3.

This chapter describes how to configure SNMP v3, so the network management system can monitor Cisco IME.

Set up SNMP

The following procedure outlines the steps that you must complete to set up the SNMP.

Procedure
    Step 1   Install and configure the SNMP NMS.
    Step 2   In the CLI, check that the system started the SNMP services, including:
    • SNMP Master Agent
    • Native Agent
    • System Application Agent
    • Cisco Syslog Agent
    • MIB2 Agent
    • Host Resources Agent

    To list all the services enter the following command at the Cisco IME command line:

    utils service list

    Step 3   Configure the SNMP user.
    Step 4   Configure the notification destination for traps or informs.
    Step 5   Configure the system contact and location for the MIB2 system group.
    Step 6   Configure trap settings for CISCO-SYSLOG-MIB.

    Use the following guidelines to configure CISCO-SYSLOG-MIB trap settings on your system:

    • Set clogsNotificationEnabled (1.3.6.1.4.1.9.9.41.1.1.2) to true by using the SNMP Set operation; for example, use the net-snmp set utility to set this OID to true from the linux command line using: snmpset -c <community string> -v2c <transmitter ipaddress> 1.3.6.1.4.1.9.9.41.1.1.2.0 i 1 You can also use any other SNMP management application for the SNMP Set operation.
    • Set clogMaxSeverity (1.3.6.1.4.1.9.9.41.1.1.3) value by using the SNMP Set operation; for example, use the net-snmp set utility to set this OID value from the linux command line using: snmpset -c public -v2c 1<transmitter ipaddress> 1.3.6.1.4.1.9.9.41.1.1.3.0 i <value> Enter a severity number for the value setting. Severity values increase as severity decreases. A value of 1 (Emergency) indicates highest severity, and a value of 8 (Debug) indicates lowest severity. Syslog agent ignores any messages greater than the value that you specify; for example, to trap all syslog messages, use a value of 8.
    Step 7   Restart the SNMP Master Agent service.

    The system automatically restarts the SNMP Master Agent after you execute the utils snmp config commands.

    To manually restart the service, enter the following command at the Cisco IME command line:

    utils service start SNMP Master Agent

    Step 8   On the NMS, configure the Cisco IME trap parameters.

    SNMP user settings

    The following table shows the commands that you need to work with SNMP users on the Cisco IME server:

    Table 1 Trace CLI commands

    Task

    Command

    List the SNMP users.

    utils snmp config user 3 list

    Add an SNMP user

    utils snmp config user 3 add

    The system prompts you for the parameters. See the SNMP user parameter settings table for parameter names and descriptions.

    Update an SNMP user

    utils snmp config user 3 update

    The system prompts you for the parameters. See the SNMP user parameter settings table for parameter names and descriptions.

    Delete an SNMP user.

    utils snmp config user 3 delete

    The system prompts you for the parameters. See the SNMP user parameter settings table for parameter names and descriptions.

    SNMP user CLI parameters

    The following table describes the SNMP user parameter settings for V3.

    Table 2 SNMP user parameter settings for V3

    Field

    Description

    username

    The name of the user for which you want to provide access. The name can contain up to 32 characters and can contain any combination of alphanumeric characters, hyphens (-), and underscore characters (_).

    Tip    Enter users that you have already configured for the network management system (NMS).

    authprotocol

    Authentication protocol. To specify HMAC-SHA, enter SHA.

    authpassphrase

    Specifies the authentication protocol password. The password must contain at least 8 characters.

    privprotocol

    Specifies the privacy protocol, either AES128, AES192, or AES256

    privpassphrase

    Specifies the privacy protocol password. The password must contain at least 8 characters.

    accessprivilege

    Enter one of the following options for the access level:

    • ReadOnly - The user can only read the values of MIB objects.
    • ReadWrite - The user can read and write the values of MIB objects.
    • ReadWriteNotify - The user can read and write the values of MIB objects and send MIB object values for a trap and inform messages.
    • NotifyOnly - The user can only send MIB object values for trap and inform messages.
    • ReadNotifyOnly - The user can read values of MIB objects and also send the values for trap and inform messages.
    • None - The user cannot read, write, or send trap information.
      Tip    To change the trap configuration parameters, you need to configure a user with NotifyOnly, ReadNotifyOnly, or ReadWriteNotify privileges.

    ipaddress1

    Specify an IP address from which to accept packets. The default specifies to accept packets from all hosts.

    ipaddress2

    Specify an IP address from which to accept packets. The default specifies to accept packets from all hosts.

    SNMP trap notification destination settings

    The following section applies to SNMP V3 notification destination configuration.

    The following table shows the commands that you need to work with SNMP trap notification destinations on the Cisco IME server:

    Table 3 SNMP trap notification destinations CLI commands

    Task

    Command

    List trap notification destinations.

    utils snmp config trap 3 list

    Add a v3 trap notification destination that is associated with a configured v3 username.

    utils snmp config trap 3 add

    The system prompts you for the parameters. See the trap notification destination parameter settings table for parameter names and descriptions.

    Update a trap notification destination.

    utils snmp config trap 3 update

    The system prompts you for the parameters. See the trap notification destination parameter settings table for parameter names and descriptions.

    Delete a trap notification destination.

    utils snmp config trap 3 delete

    The system prompts you for the parameters. See the trap notification destination parameter settings table for parameter names and descriptions.

    Trap notification destination parameter settings

    The following table describes the trap notification destination parameter settings for V3.

    Table 4 Trap notification destination parameter settings for V3

    Field

    Description

    ipaddress

    The host IP address of the notification destination.

    portno

    The notification-receiving port number on the destination server.

    oldportno

    The notification-receiving port number on the destination server that is currently configured.

    newportno

    The notification-receiving port number on the destination server that you want to use when updating the trap notification destination.

    username

    Specifies the SNMP user associated to the notification destination.

    SNMP inform notification destination settings

    The following tables describe the inform notification destination configuration and parameter settings for V3.

    Table 5 SNMP inform notification destination CLI commands

    Task

    Command

    List inform notification destinations.

    utils snmp config inform 3 list

    Add a v3 inform notification destination.

    utils snmp config inform 3 add

    The system prompts you for the parameters. See the inform notification destination parameter settings table for parameter names and descriptions.

    Update an inform notification destination.

    utils snmp config inform 3 update

    The system prompts you for the parameters. See the inform notification destination parameter settings table for parameter names and descriptions.

    Delete an inform notification destination.

    utils snmp config inform 3 delete

    The system prompts you for the parameters. See the inform notification destination parameter settings table for parameter names and descriptions.

    Inform notification destination parameter settings

    Table 6 Inform notification destination parameter settings for V3

    Field

    Description

    ipaddress

    The host IP address of the notification destination.

    portno

    The notification-receiving port number on the destination server.

    oldportno

    The notification-receiving port number on the destination server that is currently configured.

    newportno

    The notification-receiving port number on the destination server that you want to use when updating the inform notification destination.

    username

    Specifies the SNMP user associated to the notification destination.

    oldusername

    Specifies the v3 username that is currently associated with the inform.

    newusername

    Specifies the v3 username that you want to associate with the inform.

    deleteuserconf

    Specifies confirmation for deleting the old user, either Y or N.

    authprotocol

    Authentication protocol. To specify HMAC-SHA, enter SHA.

    authpassphrase

    Specifies the authentication protocol password. The password must contain at least 8 characters.

    privprotocol

    Specifies the privacy protocol, either AES128, AES192, or AES256

    privpassphrase

    Specifies the privacy protocol password. The password must contain at least eight characters.

    accessprivilege

    Enter one of the following options for the access level:

    • ReadWriteNotify - The user can read and write the values of MIB objects and send MIB object values for a trap and inform messages.
    • NotifyOnly - The user can only send MIB object values for trap and inform messages.
    • ReadNotifyOnly - The user can read values of MIB objects and also send the values for trap and inform messages.

    engineId

    Specifies the remote engine ID of the server to which to send inform messages.

    MIB2 system group settings

    You can use the CLI to configure the system contact and system location objects for the MIB-II system group. For example, you could enter Administrator, 555-121-6633, for the system contact and San Jose, Bldg 23, 2nd floor, for the system location.

    The following table shows the commands that you need to work with MIB2 system groups on the Cisco IME server:

    Table 7 MIB2 CLI commands

    Task

    Command

    List the MIB2 system group configuration

    utils snmp config mib2 list

    Add a MIB2 system group

    utils snmp config mib2 add

    The system prompts you for the parameters. See the MIB2 system group parameter settings table for parameter names and descriptions.

    Update a MIB2 system group

    utils snmp config mib2 update

    The system prompts you for the parameters. See the MIB2 system group parameter settings table for parameter names and descriptions.

    Delete a MIB2 system group

    utils snmp config mib2 delete

    The system prompts you for the parameters. See the MIB2 system group parameter settings table for parameter names and descriptions.

    MIB2 system group CLI parameters

    The following table describes the MIB2 System Group parameter settings.

    Table 8 MIB2 system group parameter settings

    Field

    Description

    Server

    The server for which you want to configure contacts.

    SysContact

    Specifies a person to notify when problems occur.

    SysLocation

    Specifies the location of the person that is identified as the system contact.

    SNMP Management Information Base

    The SNMP interface provides these Cisco Standard MIBs:

    • CISCO-CDP-MIB
    • CISCO-SYSLOG-MIB

    The Simple Network Management Protocol (SNMP) extension agent resides in the server and exposes the CISCO-CCM-MIB, which provides detailed information about devices that are known to the server. In the case of a cluster configuration, the SNMP extension agent resides in each server in the cluster. The CISCO-CCM-MIB provides device information such as device registration status, IP address, description, and model type for the server (not the cluster, in a configuration that supports clusters).

    The SNMP interface also provides these Industry Standard MIBs:

    • SYSAPPL-MIB
    • MIB-II (RFC 1213)
    • HOST-RESOURCES-MIB

    For vendor-specific supported hardware MIBS, see the vendor-specific information,

    Cisco IME SNMP Interface supports the following MIBs.

    CISCO-CDP-MIB
    CISCO-CDP-MIB enables Cisco IME to advertise itself to other Cisco devices on the network. Use the Cisco Unified Communications Manager CDP subagent to read the Cisco Discovery Protocol MIB, CISCO-CDP-MIB.

    The CDP subagent implements the CDP-MIB. The CDP-MIB contains the following objects:

    • cdpInterfaceIfIndex
    • cdpInterfaceMessageInterval
    • cdpInterfaceEnable
    • cdpInterfaceGroup
    • cdpInterfacePort
    • cdpGlobalRun
    • cdpGlobalMessageInterval
    • cdpGlobalHoldTime
    • cdpGlobalLastChange
    • cdpGobalDeviceId
    • cdpGlobalDeviceIdFormat
    • cdpGlobalDeviceIdFormatCpd
    SYSAPPL-MIB
    Use the System Application Agent to get information from the SYSAPPL-MIB, such as installed applications, application components, and processes that are running on the system.

    System Application Agent supports the following object groups of SYSAPPL-MIB:

    • sysApplInstallPkg
    • sysApplRun
    • sysApplMap
    • sysApplInstallElmt
    • sysApplElmtRun
    MIB-II
    Use MIB2 agent to get information from MIB-II. The MIB2 agent provides access to variables that are defined in RFC 1213, such as interfaces, IP, and so on, and supports the following groups of objects:
    • system
    • interfaces
    • at
    • ip
    • icmp
    • tcp
    • udp
    • snmp
    HOST-RESOURCES MIB
    The Host Resources Agent provides SNMP access to host information, such as storage resources, process tables, device information, and installed software base. Use Host Resources Agent to get values from HOST-RESOURCES-MIB.

    The Host Resources Agent supports the following groups of objects:

    • hrSystem
    • hrStorage
    • hrDevice
    • hrSWRun
    • hrSWRunPerf
    • hrSWInstalled
    CISCO-SYSLOG-MIB
    Syslog tracks and logs all system messages, from informational through critical. With this MIB, network management applications can receive syslog messages as SNMP traps:

    The Cisco Syslog Agent supports trap functionality with the following MIB objects:

    • clogNotificationsSent
    • clogNotificationsEnabled
    • clogMaxSeverity
    • clogMsgIgnores
    • clogMsgDrops

    Vendor-specific MIBs

    The following MIBs exist on various Cisco MCS, depending on vendor and model number. To query these MIBS, you can use the standard MIB browsers that the hardware vendors develop; for example, HP Systems Insight Manager (SIM) and IBM Director Server+Console. For information on using the MIB browsers, refer to the documentation that the hardware vendor provides.

    To review the vendor-specific MIB information, see the IBM MIB and HP MIB tables:

    Table 9 IBM MIBs

    MIB

    OID

    Description

    Supported for browsing only

    IBM-SYSTEM-HEALTH-MIB

    1.3.6.1.4.1.2.6.159.1.1.30

    Provides temperature, voltage, and fan status

    IBM-SYSTEM-ASSETID-MIB

    1.3.6.1.4.1.2.6.159.1.1.60

    Provides hardware component asset data

    IBM-SYSTEM-LMSENSOR-MIB

    1.3.6.1.4.1.2.6.159.1.1.80

    Provides temperature, voltage, and fan details

    IBM-SYSTEM-NETWORK-MIB

    1.3.6.1.4.1.2.6.159.1.1.110

    Provides Network Interface Card (NIC) status

    IBM-SYSTEM-MEMORY-MIB

    1.3.6.1.4.1.2.6.159.1.1.120

    Provides physical memory details

    IBM-SYSTEM-POWER-MIB

    1.3.6.1.4.1.2.6.159.1.1.130

    Provides power supply details

    IBM-SYSTEM-PROCESSOR-MIB

    1.3.6.1.4.1.2.6.159.1.1.140

    Provides CPU asset/status data

    Supported for system traps

    IBM-SYSTEM-TRAP

    1.3.6.1.4.1.2.6.159.1.1.0

    Provides temperature, voltage, fan, disk, NIC, memory, power supply, and CPU details

    IBM-SYSTEM-RAID-MIB

    1.3.6.1.4.1.2.6.167.2

    Provides RAID status

    Table 10 HP MIBs

    MIB

    OID

    Description

    Supported for browsing and system traps

    CPQSTDEQ-MIB

    1.3.6.1.4.1.232.1

    Provides hardware component configuration data

    CPQSINFO-MIB

    1.3.6.1.4.1.232.2

    Provides hardware component asset data

    CPQIDA-MIB

    1.3.6.1.4.1.232.3

    Provides RAID status/events

    CPQHLTH-MIB

    1.3.6.1.4.1.232.6

    Provides hardware components status/events

    CPQSTSYS-MIB

    1.3.6.1.4.1.232.8

    Provides storage (disk) systems status/events

    CPQSM2-MIB

    1.3.6.1.4.1.232.9

    Provides iLO status/events

    CPQTHRSH-MIB

    1.3.6.1.4.1.232.10

    Provides alarm threshold management

    CPQHOST-MIB

    1.3.6.1.4.1.232.11

    Provides operating system information

    CPQIDE-MIB

    1.3.6.1.4.1.232.14

    Provides IDE (CD-ROM) drive status/events

    CPQNIC-MIB

    1.3.6.1.4.1.232.18

    Provides Network Interface Card (NIC) status/events