This file configures the trap receiver built into the M&C server. The trap receiver is used to call PROC ASYNC TRAP procedures in selected devices / device drivers on every received SNMP trap. The trap receiver is started if this file is present and can be parsed successfully.
File Syntax
The file uses JSON syntax to define the traprec configuration in a structured way. The elements of the JSON document are explained best by example:
{
"comment": "sat-nms SNMP trap receiver configuration",
"general": {
"listenPort": 2162,
"logToStdOut": true,
"logToEdb": false,
"trapCommunity": "public"
},
"snmpv1": {
"enabled": true
},
"snmpv2c": {
"enabled": true
},
"snmpv3": {
"enabled": true,
"users": [
{
"name": "secretname",
"authpass": "AuthPassword",
"authentication": "MD5",
"privacy": "NONE",
"privpass": "PrivPassword"
}
]
}
}general
The general section defines some general properties of the trap receiver. The definitions in this section are:
| name | type | default | description |
|---|---|---|---|
| listenPort | integer | 2162 | The port number to listen at. The valid range for this is 1024 to 65535. If you require the trap receiver listen at the standard port 162, you should setup a port forwarding to 2162 for this. |
| logToStdOut | bool | false | If enabled, every received trap gets logged to stdout (to the .panic.log file). The complete trap information as available in the PROC ASYNC TRAP procedures ist logged. This is useful for debugging which traps are sent by a device. |
| logToEdb | bool | false | If enabled, every received trap gets logged in the M&C event log. |
| trapCommunity | string | null | If set, the trap receiver accepts only traps which match the given trap community (SNMPv1 and SNMPv2c only) |
snmpv1
The snmpv1 section contains a flag to enable or disable SNMPv1 at the trap receiver.
| name | type | default | description |
|---|---|---|---|
| enable | bool | false | true enables SNMPv1 |
If disabled, the trapreceiver ignores all SNMPv1 traps it receives.
snmpv2c
The snmpv2c section contains a flag to enable or disable SNMPv2c at the trap receiver.
| name | type | default | description |
|---|---|---|---|
| enable | bool | false | true enables SNMPv2c |
If disabled, the trapreceiver ignores all SNMPv2c traps or inform messages it receives. SNMPv2c inform messages are not acknowledged by the trap receiver if SNMPV2c is disabled.
snmpv3
The snmpv3 section contains a flag to enable or disable SNMPv3 at the trap receiver and the list of authenticaed users the trap receiver accepts.
| name | type | default | description |
|---|---|---|---|
| enable | bool | false | true enables SNMPv3 |
| users | array | - | a list of user definitions (see below for details) |
If disabled, the trapreceiver ignores all SNMPv3 traps or inform messages it receives. SNMPv3 inform messages are not acknowledged by the trap receiver if SNMPV3 is disabled.
users
If SNMPv3 is enabled, the snmpv3 section must contain a users array with at least one element. SNMPv3 does not work without a user definition, even in noAuthNoPriv mode. The definitions for one user are:
| name | type | default | description |
|---|---|---|---|
| name | string | - | The secret name of the user. |
| authpass | string | - | The user's pass phrase, this is required if authentication is not "NONE" |
| authentication | string | "NONE" | The authentication mode, one of "NONE", MD5" or "SHA". "NONE" implies noAuthNoPriv mode, privacy is ignored in this case. |
| privacy | string | "NONE" | The privacy mode, one of "NONE", "AES" or "DES". |
| privpass | string | - | The privacy pass phrase, this is required if privacy is not "NONE" |
The name definition is mandatory for a user as well as the authentication and privacy definitions. The pass phrase definitions are only required if authentication and/or privacy are enabled.