hello again,
i'm trying to generate snmp traps via syslog messages with an upm profile.
in this example the switch should send a trap when an authentication fails.
"
create upm profile authfail
in the profile:
create snmp trap severity notice event authFAIL "INFO:fehlerhafter Anmeldeversuch"
create log filter authfail-filter
configure log filter authfailfilter add event "AAA.authFail"
create log target upm "authfail"
configure log target upm "authfail" filter "authfailfilter"
enable log target upm "authfail"
"
but i get only this error logs:
10/11/2018 06:59:54.73
Msg from Master : Did password authentication for user citadmin (10.2.110.177)
10/11/2018 06:59:54.73 Login passed for user citadmin through ssh (10.2.110.177)
10/10/2018 11:17:51.34 Administrative account (citadmin) logout from ssh (10.2.110.177)
10/10/2018 10:46:52.97 Profile execution returned FAIL on event log-message, profile authfail
10/10/2018 10:46:52.91 Launched profile authfail for the event log-message
10/10/2018 10:46:52.87 Login failed due to invalid username/password for user citadmin through ssh (10.95.1.198)
10/10/2018 10:46:52.04 Profile execution returned FAIL on event log-message, profile authfail
maybe ive to configure a target for snmp traps?
this is my actual snmp config:
configure snmpv3 engine-id 03:00:04:96:9d:xx:xx
configure snmpv3 add user "citget" engine-id 80:00:07:7c:03:00:04:96:9d:xx:xx authentication sha auth-encrypted localized-key 23:24:70:34:4b:42:33:67:42:77:65:61:68:48:33:45:62:xx:xx:73:4c:30:72:45:66:54:57:32:79:74:77:68:4c:4a:4b:30:4a:46:37:4a:34:xx:33:6a:53:43:69:44:xx:4f:6a:38:34:3d privacy privacy-encrypted localized-key 23:24:75:30:42:67:45:52:65:6b:xx:54:74:41:43:48:50:33:6a:57:69:32:5a:61:66:38:51:6c:52:58:79:6d:6f:4f:49:78:36:4d:49:76:31:xx:77:xx:20:35:49:63:6c:5a:57:74:6f:3d
configure snmpv3 add user "xytset" engine-id 80:00:07:7c:03:00:04:93:9e:xy:98 authentication sha auth-encrypted localized-key 23:24:77:4b:48:34:23:74:38:4a:51:57:45:31:4f:44:79:43:58:57:6b:54:57:42:73:45:46:6f:47:59:6a:6e:2b:57:56:77:52:43:64:4a:38:6f:49:4a:38:31:4e:42:69:4e:41:53:6f:3d privacy privacy-encrypted localized-key 23:24:75:57:4a:6c:65:56:4a:47:31:50:42:51:32:46:6b:49:6d:44:66:46:64:6e:61:61:59:34:41:39:62:4d:71:75:59:4a:2b:a2:52:a2:4e??38:68:58:41:6d:42:7a:51:6f:42:67:3d
configure snmpv3 add group "v3group" user "xxget" sec-model usm
configure snmpv3 add group "v3group" user "xxset" sec-model usm
configure snmpv3 add access "v3group" sec-model usm sec-level priv read-view "defaultAdminView" write-view "defaultAdminView" notify-view "defaultAdminView"
configure snmpv3 add target-addr "TVsnmpuser" param "TV1snmpuser" ipaddress 10.xx.xx.200 transport-port 172 tag-list "TVInformTag"
enable snmp access
disable snmp access snmp-v1v2c
enable snmp access snmpv3