SNMP monitoring agent
This appendix describes the Simple Network Management Protocol (SNMP) monitoring agent. The SNMP monitoring agent provides you with components that you can add to your (third-party) SNMP manager application.
SNMP was developed in 1988 and revised in 1996.
It is currently regarded as the standard method of network management.
It is widely supported and offers greater interoperability than traditional network management tools (for example, rsh
or netstat
). This makes it ideal for use for the large array of platforms that we support and also avoids the overhead of remote login and execution, helping to reduce network congestion and improve performance.
SNMP defines a collection of network management functions allowing management stations to gather information from, and transmit commands to, remote machines on the network. Agents running on the remote machines can take information gathered from the system and relay this information to the manager application. Such information is either requested from the underlying operating system or gained by interrogating the hardware.
Every SNMP manager adds monitor components differently. Consult the documentation supplied with your SNMP Manager application for details on how to add the MIB files. |
SNMP defines the following SNMP messages:
Message | Description |
---|---|
|
This message is sent by a manager to retrieve the value of an object at the agent. |
|
This message is sent by a manager to set the value of an object at the agent. |
|
This message is sent by an agent to notify a management station of significant events. |
The SNMP monitoring agent is based on the open-source Net-SNMP project, version 5.7.3. More information on SNMP in general, and the data structures used to support SNMP installations, is available from the NET-SNMP project Web site: https://net-snmp.sourceforge.io/.
This site includes some support information and offers access to discussion e-mail lists. You can use the discussion lists to monitor subjects that might affect the operation or security of the SNMP agent or command-line utilities.
Discuss any enquiries arising from information on the NET-SNMP Web site with Support before posting potentially sensitive information to the NET-SNMP Web site. |
Using the SNMP agent with a manager application
The nShield SNMP monitoring agent provides MIB files that can be added to your (third-party) SNMP manager application. |
Manager configuration
The manager application is the interface through which the user is able to perform network management functions.
A manager communicates with agents using SNMP primitives (get
, set
, trap
) and is unaware of how data is retrieved from, and sent to, managed devices.
This form of encapsulation creates the following:
-
The manager is hidden from all platform specific details
-
The manager can communicate with agents running on any IP-addressable machine.
As a consequence, manager applications are generic and can be bought off the shelf. You may already be running SNMP managers, and if so, you can use them to query the SNMP agent.
The manager is initially unaware of the MIB tree structure at a particular node. Managed objects can be retrieved or modified, but only if their location in the tree is known. |
It is more useful if the manager can see the MIB tree present at each managed node. The MIB module descriptions for a particular node must be parsed by a manager-specific MIB compiler and converted to configuration files. These files are read by the manager application at run time.
The SNMP agent is designed to monitor all current nShield modules, working with all supported versions of nShield firmware (contact Support for details of supported firmware).
MIB module overview
A large proportion of the SNMP system is fully specified by the structure of the MIB; the behavior of the agent depends on relaying information according to the layout of the MIB.
The MIB module resides at a registered location in the MIB tree determined by the Internet Assigned Numbers Authority (IANA). The private enterprise number of 7682 designated by the IANA corresponds to the root of the branch, and by convention this (internal) node is the company name.
The MIB module groups logically related data together, organizing itself into a classification tree, with managed objects present at leaf nodes.
The nC-series node (enterprises.nCipher.nC-series
) is placed as a sub-tree of the root (enterprises.nCipher
); this allows future product lines to be added as additional sub-trees.
The structure of the tree underneath the registered location is vendor-defined, and this specification defines the structure chosen to represent Security World Software-specific data.
The MIB file can be found in the following location:
MIB functionality
The MIB module separates module information into the following categories:
-
Retrieval of status and information about installed nC-series modules
-
Retrieval of live statistics of performance of installed nC-series modules
These categories form the top-level nodes of the sub-tree; the functionality of the first category is in the administration sub-tree, and the second category is in the statistics sub-tree. The top-level tree also contains three items that it would be useful to check at-a-glance:
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
TruthValue |
|
|
R |
TruthValue |
|
|
R |
Unsigned32 |
Percentage of total available capacity currently utilized. |
Traps
The traps sub-tree (enterprises.nCipher.nC-series.nC-traps
) contains traps that the SNMP agent sends when certain events occur.
For details on configuring traps, see
The following table gives details of the individual traps:
Node name | Description |
---|---|
|
This trap is sent when the hardserver fails or is shut down. |
|
This trap is sent when the hardserver restarts. |
|
This trap is sent when a module fails. |
|
This trap is sent when a module is restarted after a failure. |
|
This trap is sent when a PSU fails. |
|
This trap is sent when a previously-failed PSU is working again. |
|
This trap is sent when a fan fails. |
|
This trap is sent when a previously-failed fan is working again. |
|
This trap is sent when the HSM memory usage high threshold has been reached or exceeded by an HSM. See section on Memory usage monitoring below for more details. |
|
This trap is sent when the memory usage for an HSM falls below the HSM memory usage ok threshold. See section on Memory usage monitoring below for more details. |
Some traps can take up to five minutes to be received. |
Other generic Net-SNMP traps may also be received. These include the two below, see Net-SNMP project website for more details. |
Net-SNMP trap name | Description |
---|---|
|
This trap is sent when the SNMP agent is started |
|
This trap is sent when the SNMP agent is stopped |
Memory usage monitoring
The HSM memory usage thresholds and memory usage traps provide a mechanism to monitor HSM memory usage for HSMs in which the SNMP agent’s client computer are enrolled.
With memory usage monitoring enabled, there will be a memoryUsageHighAlert
trap sent each time the currently in-use memoryUsageHighThreshold
is reached or exceeded by an HSM.
With memory usage monitoring enabled, a memoryUsageHighAlert
trap is also sent:
-
If the SNMP agent starts up and recognises that there are HSMs in a high memory usage state or,
-
If HSMs in a high memory usage state are enrolled or,
-
If the SNMP agent loses and then re-gains contact with the local hardserver which is connected to HSMs in a high memory usage state or,
-
If failed HSMs in a high memory usage state then recover.
For each of the four scenarios above, one memoryUsageHighAlert
trap will be sent for each HSM in a high memory usage state.
With memory usage monitoring enabled, there will be a memoryUsageOkAlert
trap sent each time the memory usage for an HSM falls below the currently in-use memoryUsageOkThreshold
.
The value for memoryUsageOkThreshold
is read from the snmpd.conf file on starting the SNMP agent and is used provided it contains an integer value in the range 0 to 100 (inclusive); otherwise, the default value of 0 is used.
The value for memoryUsageHighThreshold
is processed in the same way.
Memory usage monitoring is enabled unless the in-use values for memoryUsageOkThreshold
and memoryUsageHighThreshold
are both 0 or the in-use values are such that memoryUsageOkThreshold
> memoryUsageHighThreshold
.
For example, in snmpd.conf
, if memoryUsageOkThreshold
is assigned an invalid value and memoryUsageHighThreshold
is assigned a valid value of say 75%, then memory usage monitoring will be enabled and the values 0% and 75% will be used respectively.
An example of memory usage monitoring by an SNMP agent on a client computer enrolled with 2 HSMs is given below:
Administration sub-tree overview
The administration sub-tree (enterprises.nCipher.nC-series.administration
) contains information about the permanent state of the hardserver and the connected modules.
It is likely that most of the information in this branch rarely changes over time, unlike the statistics
branch.
The information given in the administration sub-tree is mostly acquired by the NewEnquiry
command and is supplied both per-module and (where appropriate) aggregated over all modules.
The following table gives details of the individual nodes in the administration sub-tree:
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
Enum 1: Running 2: NotRunning |
This variable reflects the current state of the hardserver ( |
|
R |
Gauge32 |
Number of nC-series modules. |
|
R |
DisplayString |
Hardserver version string. |
|
R |
Gauge32 |
Number of 1024-bit signatures each second. |
|
R |
Gauge32 |
Minimum recommended queue. |
|
R |
Gauge32 |
Maximum recommended queue. |
|
R |
TruthValue |
|
|
R |
DisplayString |
Security World display flags, as reported by |
|
R/W |
Integer 1: none 2: all 3: query 4: resetquery |
Controls the behavior of the key table (switch off, display all keys, enable individual attribute queries, clear the query fields). Displaying all keys can result in a very long list. |
|
R |
DisplayString |
Supported hardserver facilities (the |
|
R |
Gauge32 |
TCP port on which the hardserver is listening. |
|
R |
DisplayString |
Security World’s generation time. |
|
R |
DisplayString |
ESN of the module that generated the Security World. |
listKeys
can be preset using the keytable
config directive in snmpd.conf
file
Security World hash sub-tree
The following table gives details of the nodes in the Security World hash sub-tree (enterprises.nCipher.nC-series.administration.swHashes
):
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
MHash |
Hash of the Security Officer’s key. |
|
R |
MHash |
Hash of the Security World key. |
|
R |
MHash |
Hash of the recovery authorization key. |
|
R |
MHash |
Hash of the recovery key pair. |
|
R |
MHash |
Hash of the FIPS authorization key. |
|
R |
MHash |
Hash of the module certification key. |
|
R |
MHash |
Hash of the passphrase replacement key. |
|
R |
MHash |
Hash of the nonvolatile memory (NVRAM) authorization key. |
|
R |
MHash |
Hash of the Real Time Clock authorization key. |
|
R |
MHash |
Hash of the SEE Debugging authorization key. |
|
R |
MHash |
Hash of the Foreign Token Open authorization key. |
Security World quorums sub-tree
The following table gives details of the nodes in the Security World quorums sub-tree (enterprises.nCipher.nC-series.administration.swQuorums
):
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
Gauge32 |
The default quorum of Administrator cards. |
|
R |
Gauge32 |
The total number of cards in the ACS. |
|
R |
Gauge32 |
The quorum required for module reprogramming. |
|
R |
Gauge32 |
The quorum required to transfer keys for OCS replacement. |
|
R |
Gauge32 |
The quorum required to recover the passphrase for an Operator card. |
|
R |
Gauge32 |
The quorum required to access nonvolatile memory (NVRAM). |
|
R |
Gauge32 |
The quorum required to update the Real Time Clock. |
|
R |
Gauge32 |
The quorum required to view full SEE debug information. |
|
R |
Gauge32 |
The quorum required to use a Foreign Token Open Delegate Key. |
Module administration table
The following table gives details of the nodes in the module administration table (enterprises.nCipher.nC-series.administration.moduleAdminTable
):
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
Gauge32 |
Module number of this row in the table. |
|
R |
Integer 1: Operational 2: Pre-init 3: Init 4: Pre-maint 5: Maint 6: AccelOnly 7: Failed 8: Unknown |
Current module state. |
|
R |
DisplayString |
Firmware version string. |
|
R |
Gauge32 |
Speed index (approximate number of 1024-bit modulo exponentiation operations possible per second) of module |
|
R |
Gauge32 |
Module minimum recommended queue length |
|
R |
Gauge32 |
Module maximum recommended queue length |
|
R |
DisplayString |
Module Electronic Serial Number (ESN). |
|
R |
DisplayString |
|
|
R |
DisplayString |
Hardware bus/slot info (such as PCI slot number). |
|
R |
TruthValue |
Indicates whether or not the module is in the current SW. |
|
R |
DisplayString |
Description of smart card in slot (empty, unknown card, admin/operator card from current SW, failed). N/A for acceleration only modules. |
|
R |
Integer 1: Unknown 2: Usable 3: MaintMode 4: Uninitialized 5: Factory 6: Foreign 7: AccelOnly 8: Failed 9: Unchecked 10: InitMode 11: PreInitMode 12: Unverified 13: UnusedTableEntry |
Current module and Security World state. |
|
R |
DisplayString |
Security World flags for this module. |
|
R |
MHash |
Hash of the module’s secret key. |
|
R |
DisplayString |
Features enabled on this module. |
|
R |
DisplayString |
Like |
|
R |
Gauge32 |
Firmware Version Security Number (VSN); see Version Security Number (VSN). |
|
R |
MHash |
KNETI hash, if present. |
|
R |
Gauge32 |
Max. rec. long queue. |
|
R |
DisplayString |
Connection status (for imported modules). |
|
R |
DisplayString |
Connection information (for imported modules). |
|
R |
DisplayString |
SEE machine type. |
Slot administration table
The following table gives details of the nodes in the slot administration table (enterprises.nCipher.nC-series.administration.slotAdminTable
):
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
Integer32 |
Module number of the module containing the slot. |
|
R |
Integer32 |
Slot number (1-based, unlike nCore which is 0-based). |
|
R |
Integer 1: Datakey 2: Smart card 3: Emulated 4: Soft token 5: Unconnected 6: Out of range 7: Unknown |
Slot type. |
|
R |
DisplayString |
Flags referring to the contents of the slot (from |
|
R |
Integer 1: Unused 2: Empty 3: Blank 4: Administrator 5: Operator 6: Unidentified 7: Read error 8: Partial 9: Out of range |
|
|
R |
DisplayString |
Flags referring to attributes of the slot (from |
|
R |
Gauge32 |
Share number of card currently in slot, if present. |
|
R |
DisplayString |
Names of shares present in card currently in slot. |
Card set administration table
The following table gives details of the nodes in the card set administration table (enterprises.nCipher.nC-series.administration.cardsetAdminTable
):
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
MHash |
Hash of the token protected by the card set. |
|
R |
DisplayString |
|
|
R |
Gauge32 |
Required number of cards in the card set. |
|
R |
Gauge32 |
Total number of cards in the card set. |
|
R |
DisplayString |
Other attributes of the card set. |
|
R |
DisplayString |
Names of individual cards, if set. |
|
R |
Gauge32 |
Token time-out period, in seconds, or 0 if none. |
|
R |
DisplayString |
Generation time of card set. |
Key administration table
The key administration table is visible as long as the listKeys
node in the administration sub-tree is set to a value other than none
.
The following table gives details of the nodes in the key administration table (enterprises.nCipher.nC-series.administration.keyAdminTable
):
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
DisplayString |
Application name. |
|
R |
DisplayString |
Name of key, as generated by the application. |
|
R |
MHash |
|
|
R |
Integer 1: Enabled 2: Disabled 3: No key 4: Unknown 5: Invalid 6: Unset |
The value |
|
R |
Integer 1: Module 2: Cardset 3: No key 4: Unknown 5: Invalid 6: Unset |
The value |
|
R |
MHash |
Hash of the card set protecting the key, if applicable. |
|
R |
DisplayString |
Certificate and public key flags. |
|
R |
Gauge32 |
Number of extra key attributes. |
|
R |
DisplayString |
SEE integrity key, if present. |
|
R |
DisplayString |
ESN of the module that generated the key, if present. |
|
R |
Gauge32 |
Time limit for the key, if set. |
|
R |
Gauge32 |
Per-authentication use limit for the key. |
Key query sub-tree
The key query sub-tree is used if the listKeys
node in the administration sub-tree is set to query
.
If these values are set, they are taken as required attributes for filtering the list of available keys; if multiple attributes are set, the filters are combined (AND rather than OR).
The following table gives details of the nodes in the key query sub-tree (enterprises.nCipher.nC-series.administration.keyQuery
):
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R/W |
DisplayString |
Application name. |
|
R/W |
DisplayString |
Name of key, as generated by the application. |
|
R/W |
DisplayString |
|
|
R/W |
Integer 1: Enabled 2: Disabled 3: No key 4: Unknown 5: Invalid 6: Unset |
The value |
|
R/W |
Integer 1: Module 2: Cardset 3: No key 4: Unknown 5: Invalid 6: Unset |
The value |
|
R/W |
DisplayString |
Hash of the card set protecting the key, if applicable. |
|
R/W |
DisplayString |
Certificate and public key flags. |
|
R/W |
Gauge32 |
Number of extra key attributes. |
|
R/W |
DisplayString |
SEE integrity key, if present. |
|
R/W |
DisplayString |
ESN of the module that generated the key, if present. |
|
R/W |
Gauge32 |
Time limit for the key, if set (0 for no limit). |
|
R/W |
Gauge32 |
Per-authentication use limit for the key (0 for no limit). |
Statistics sub-tree overview
The statistics sub-tree (enterprises.nCipher.nC-series.statistics
) contains rapidly changing information about such topics as the state of the nShield modules, the work they are doing, and the commands being submitted.
Do not rely on information returned from the agent to change instantaneously on re-reading the value. To avoid loading the nShield module with multiple time-consuming statistics commands, the agent can choose to cache the values over a specified period. You can configure this period in the agent configuration file see |
Statistics sub-tree
The following table gives details of the nodes in the statistics sub-tree, and the module statistics table (enterprises.nCipher.nC-series.statistics.moduleStatsTable
):
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
Integer |
Module number of this row (for |
|
R |
Counter32 |
Uptime of the hardserver. |
|
R |
Counter32 |
Returned aggregated for all modules and all commands. |
|
R |
Counter32 |
|
|
R |
Counter32 |
Returned as for |
|
R |
Counter32 |
|
|
R |
Counter32 |
|
|
R |
Counter32 |
See notes above for |
|
R |
Gauge32 |
|
|
R |
Counter32 |
|
|
R |
Counter32 |
|
|
R |
Counter32 |
|
|
R |
Counter32 |
Total number of outstanding commands over all modules. |
|
R |
Counter32 |
Module statistics table
The following table gives details of the nodes in the module statistics table (enterprises.nCipher.nC-series.statistics.moduleStatsTable
):
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
Integer |
Module number of this row (for |
|
R |
Counter32 |
Uptime of the module. |
|
R |
Counter32 |
Returned aggregated for all commands. |
|
R |
Counter32 |
|
|
R |
Counter32 |
Returned as for |
|
R |
Counter32 |
|
|
R |
Counter32 |
|
|
R |
Counter32 |
See notes above for |
|
R |
Counter32 |
|
|
R |
Counter32 |
|
|
R |
Gauge32 |
|
|
R |
DisplayString |
Depending on the module settings, this can require KNSO permissions to read (and therefore depend on the installation parameters of the agent). |
|
R |
Gauge32 |
|
|
R |
Gauge32 |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
DisplayString |
|
|
R |
Counter32 |
Free space available on the HSM’s NVRAM, in bytes |
|
R |
DisplayString |
Wear level of the HSM’s NVRAM |
|
R |
DisplayString |
Worn blocks in the HSM’s NVRAM |
nShield HSM statistics table
The following table gives details of the nodes in the nShield HSM statistics table (enterprises.nCipher.nC-series.statistics.netHSMStatsTable
):
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
Integer |
Table index (not module number). |
|
R |
Counter32 |
Host system uptime. |
|
R |
Gauge32 |
CPU usage of unit host processor. |
|
R |
Gauge32 |
Total user memory of unit. |
|
R |
Gauge32 |
Total kernel memory of unit. |
|
R |
DisplayString |
Internal unit temperature (sensor 1). |
|
R |
DisplayString |
Maximum recorded temperature (sensor 1). |
|
R |
DisplayString |
Internal unit temperature (sensor 2). |
|
R |
DisplayString |
Maximum recorded temperature (sensor 2). |
|
R |
DisplayString |
unit 5V power reading. |
|
R |
DisplayString |
unit 12V power reading. |
|
R |
Gauge32 |
Fan 1 speed (RPM). |
|
R |
Gauge32 |
Fan 2 speed (RPM). |
|
R |
Gauge32 |
Fan 3 speed (RPM). |
|
R |
IpAddress |
IP address of unit. |
|
R |
DisplayString |
Textual description of module (for example, |
|
R |
Gauge32 |
Fan 4 speed (RPM). |
|
R |
DisplayString |
3.3V Supply Rail Voltage |
|
R |
DisplayString |
3.3V Supply Rail Current |
|
R |
DisplayString |
5V Supply Rail Current |
|
R |
DisplayString |
12V Supply Rail Current |
|
R |
DisplayString |
5V Supply Rail Voltage (Standby) |
|
R |
DisplayString |
5V Supply Rail Current (Standby) |
|
R |
DisplayString |
Voltage of Tamper Battery 1 |
|
R |
DisplayString |
Voltage of Tamper Battery 2 |
|
R |
TruthValue |
Power Supply failure status |
Per connection statistics table
The following table gives details of the nodes in the per connection statistics table (enterprises.nCipher.nC-series.statistics.connStatsTable
):
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
Integer32 |
Index of this entry. |
|
R |
Integer32 |
Hardserver connection number. |
|
R |
Counter32 |
Uptime of the connection. |
|
R |
Counter32 |
Number of commands submitted through this connection. |
|
R |
Counter32 |
Number of bytes submitted through this connection. |
|
R |
Counter32 |
Number of marshalling errors on commands through this connection. |
|
R |
Counter32 |
Number of replies received by this connection. |
|
R |
Counter32 |
Number of bytes received by this connection. |
|
R |
Counter32 |
Number of marshalling errors on replies through this connection. |
|
R |
Gauge32 |
Number of commands outstanding on this connection. |
|
R |
Gauge32 |
Number of commands outstanding in the hardserver queue. |
|
R |
Gauge32 |
Number of long jobs outstanding for this connection. |
|
R |
IpAddress |
IP Address of connection client. |
|
R |
Integer32 |
Process identifier reported by connection client. |
|
R |
DisplayString |
Process name reported by connection client. |
|
R |
Gauge32 |
The total object count for a connection |
Module/connection statistics table
The following table gives details of the nodes in the per module, per connection statistics table (enterprises.nCipher.nC-series.statistics.connModuleStatsTable
).
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
Integer |
Identity of this connection |
|
R |
Integer |
Index of the module entry |
|
R |
Gauge32 |
The object count on this module for this connection |
Fan table
The fan table provides the speeds of each fan on the remote module (HSM). The following table gives details of the nodes in the fan table (enterprises.nCipher.softwareVersions.netHSMFanTable
):
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
Integer32 |
Module number |
|
R |
Integer32 |
Fan number |
|
R |
Gauge32 |
Fan speed (RPM) |
Software versions table
The following table gives details of the nodes in the software versions table (enterprises.nCipher.softwareVersions.softwareVersionsTable
):
Node name | R/W | Type | Remarks |
---|---|---|---|
|
R |
Integer |
Table index. |
|
R |
DisplayString |
Component name. |
|
R |
Component output name |
Component name. |
|
R |
Gauge |
|
|
R |
Gauge |
|
|
R |
Gauge |
|
|
R |
DisplayString |
Repository name. |
|
R |
Gauge |
SNMP agent command-line
SNMP agent (snmpd) switches
The SNMP agent that binds to a port and awaits requests from SNMP management software is snmpd
. Upon receiving a request, snmpd processes the request, collects the requested information and/or performs the requested operation(s) and returns the information to the sender.
The SNMP agent supports a limited subset of command line switches that can be specified when starting the agent.
Usage
snmpd [-h] [-v] [-f] [-a] [-d] [-V] [-P PIDFILE):] [-q] [-D] [-p NUM] [-L] [-l LOGFILE] [-r]
This command can take the following options:
Option | Description |
---|---|
|
This option displays a usage message. |
|
This option displays the configuration file directives that the agent understands. |
|
This option displays version information. |
|
This option specifies not forking from the calling shell. |
|
This option specifies logging addresses. |
|
This option specifies that warnings and messages should be appended to the log file rather than truncating it. |
|
This option specifies the dumping of sent and received UDP SNMP packets. |
|
This option specifies verbose display. |
|
PIDFILE This option specifies the use of a file (PIDFILE) to store the process ID. |
|
This option specifies that information be printed in a more easily parsed format (quick print). |
|
This option turns on debugging output. |
|
NUM This option specifies running on port NUM instead of the default: 161. |
|
CONFFILE This option specifies reading CONFFILE as a configuration file. |
|
This option specifies that the default configuration files not be read. |
|
This option prints warnings and messages to stdout and err. |
|
This option logs warnings/messages to syslog. |
|
This option specifies not exiting if root-only accessible files cannot be opened. |
|
[-]INITLIST This option specifies a list of MIB modules to initialize (or not). Run |
|
LOGFILE This option prints warnings/messages to a file LOGFILE (by default, |
Using the SNMP command-line utilities
As an alternative to using an SNMP manager application, we supply several command-line utilities to test your SNMP installation and enable you to obtain information about your nShield module from the SNMP agent.
These utilities support the -h
(display a usage message) as described in the table above.
Utility | Description |
---|---|
|
This utility monitors and manages SNMP information. |
|
This utility runs a single GET request to query for SNMP information on a network entity. |
|
This utility runs a single SET request to set SNMP information on a network entity. |
|
This utility runs a single GET NEXT request to query for SNMP information on a network entity. |
|
This utility obtains and prints an SNMP table. |
|
This utility translates SNMP object specifications into human-readable descriptions. |
|
This utility communicates with a network entity using repeated GET NEXT requests. |
|
This utility communicates with a network entity using BULK requests. |
These tools are general purpose SNMP utilities and are configurable for use with other SNMP agents.
For more information on configuring and using these tools, refer to the NET-SNMP project Web site: http://net-snmp.sourceforge.net/ .
|