Header Only - DO NOT REMOVE - Extreme Networks
Question

individual snmptraps via syslog and upm


hello again,

i'm trying to generate snmp traps via syslog messages with an upm profile.
in this example the switch should send a trap when an authentication fails.

"
create upm profile authfail

in the profile:
create snmp trap severity notice event authFAIL "INFO:fehlerhafter Anmeldeversuch"


create log filter authfail-filter
configure log filter authfailfilter add event "AAA.authFail"

create log target upm "authfail"
configure log target upm "authfail" filter "authfailfilter"
enable log target upm "authfail"
"

but i get only this error logs:

10/11/2018 06:59:54.73 [i] Msg from Master : Did password authentication for user citadmin (10.2.110.177)
10/11/2018 06:59:54.73 [i] Login passed for user citadmin through ssh (10.2.110.177)
10/10/2018 11:17:51.34 [i] Administrative account (citadmin) logout from ssh (10.2.110.177)
10/10/2018 10:46:52.97 Profile execution returned FAIL on event log-message, profile authfail
10/10/2018 10:46:52.91 Launched profile authfail for the event log-message
10/10/2018 10:46:52.87 Login failed due to invalid username/password for user citadmin through ssh (10.95.1.198)
10/10/2018 10:46:52.04 Profile execution returned FAIL on event log-message, profile authfail

maybe ive to configure a target for snmp traps?

this is my actual snmp config:

configure snmpv3 engine-id 03:00:04:96:9d:xx:xx
configure snmpv3 add user "citget" engine-id 80:00:07:7c:03:00:04:96:9d:xx:xx authentication sha auth-encrypted localized-key 23:24:70:34:4b:42:33:67:42:77:65:61:68:48:33:45:62:xx:xx:73:4c:30:72:45:66:54:57:32:79:74:77:68:4c:4a:4b:30:4a:46:37:4a:34:xx:33:6a:53:43:69:44:xx:4f:6a:38:34:3d privacy privacy-encrypted localized-key 23:24:75:30:42:67:45:52:65:6b:xx:54:74:41:43:48:50:33:6a:57:69:32:5a:61:66:38:51:6c:52:58:79:6d:6f:4f:49:78:36:4d:49:76:31:xx:77:xx:20:35:49:63:6c:5a:57:74:6f:3d
configure snmpv3 add user "xytset" engine-id 80:00:07:7c:03:00:04:93:9e:xy:98 authentication sha auth-encrypted localized-key 23:24:77:4b:48:34:23:74:38:4a:51:57:45:31:4f:44:79:43:58:57:6b:54:57:42:73:45:46:6f:47:59:6a:6e:2b:57:56:77:52:43:64:4a:38:6f:49:4a:38:31:4e:42:69:4e:41:53:6f:3d privacy privacy-encrypted localized-key 23:24:75:57:4a:6c:65:56:4a:47:31:50:42:51:32:46:6b:49:6d:44:66:46:64:6e:61:61:59:34:41:39:62:4d:71:75:59:4a:2b:a2:52:a2:4e🇧🇪38:68:58:41:6d:42:7a:51:6f:42:67:3d
configure snmpv3 add group "v3group" user "xxget" sec-model usm
configure snmpv3 add group "v3group" user "xxset" sec-model usm
configure snmpv3 add access "v3group" sec-model usm sec-level priv read-view "defaultAdminView" write-view "defaultAdminView" notify-view "defaultAdminView"
configure snmpv3 add target-addr "TVsnmpuser" param "TV1snmpuser" ipaddress 10.xx.xx.200 transport-port 172 tag-list "TVInformTag"
enable snmp access
disable snmp access snmp-v1v2c
enable snmp access snmpv3

0 replies

Be the first to reply!

Reply