SNMP Trap

Push

Synopsis

Creates a receiver that listens for SNMP trap messages. Supports SNMPv2c and SNMPv3 with various authentication and privacy protocols, MIB integration, and High-Volume message processing.

Schema

- id: <numeric>
  name: <string>
  description: <string>
  type: snmptrap
  status: <boolean>
  properties:
    address: <string>
    port: <numeric>
    reuse: <boolean>
    workers: <numeric>
    community: <string>
    authentication:
      status: <boolean>
      protocol: <numeric>
      password: <string>
    privacy:
      protocol: <numeric>
      passphrase: <string>
    username: <string>
    batch_size: <numeric>
    queue:
      interval: <numeric>

Configuration

The following are the minimum requirements to define the device.

Device

Field	Required	Default	Description
`id`	Y		Unique identifier
`name`	Y		Device name
`description`	N	-	Optional description
`type`	Y		Must be `snmptrap`
`status`	N	`true`	Enable/disable the device

Network

Field	Required	Default	Description
`address`	N	`"0.0.0.0"`	Listen address
`port`	Y	`162`	Listen port for SNMP traps
`community`	Y		Community string for SNMPv2c (required if not using v3)

Authentication

Field	Required	Default	Description
`authentication.status`	N	`false`	Enable SNMPv3 authentication
`authentication.protocol`	N	`1`	Authentication protocol ID. See table below
`authentication.password`	Y		Authentication password (required if auth enabled)
`username`	Y		SNMPv3 username

Authentication Protocols

ID	Protocol	Description
`1`	`NoAuth`	No authentication
`2`	`MD5`	HMAC-MD5-96 authentication
`3`	`SHA`	HMAC-SHA-96 authentication
`4`	`SHA224`	HMAC-SHA-224 authentication
`5`	`SHA256`	HMAC-SHA-256 authentication
`6`	`SHA384`	HMAC-SHA-384 authentication
`7`	`SHA512`	HMAC-SHA-512 authentication

Privacy

Field	Required	Default	Description
`privacy.protocol`	N	`1`	Privacy protocol ID. See table below
`privacy.passphrase`	Y		Privacy passphrase (required if protocol > 1)

Privacy Protocols

ID	Protocol	Description
`1`	`NoPriv`	No privacy
`2`	`DES`	DES privacy
`3`	`AES`	AES-128 privacy
`4`	`AES192`	AES-192 privacy
`5`	`AES256`	AES-256 privacy
`6`	`AES192C`	AES-192 with 3DES key padding
`7`	`AES256C`	AES-256 with 3DES key padding

MIB Configuration

The SNMP trap receiver automatically loads and integrates Management Information Base (MIB) files for translating SNMP trap messages. MIB files are essential for proper interpretation of vendor-specific or custom SNMP traps.

MIB File Locations

The system looks for MIB files in two locations under <vm_root>:

User directory, i.e. /user/mibs/: Primary location for custom MIB files. Supports nested directory structure. All user-specific MIB files should be placed here.

Package directory, i.e. /package/mibs/: Contains default/standard MIB files. Bundled with the installation. Should not be modified directly.

note

Custom MIB files in the user directory take precedence over similarly named files in the package directory.

MIB Loading Process

The system will recursively scan both MIB directories, load all discovered MIB modules, automatically resolve MIB dependencies, and use loaded MIBs for trap translation.

warning

If MIB loading fails, the system will still receive traps but may not translate vendor-specific OIDs correctly.

Advanced Configuration

To enhance performance and achieve better data handling, the following settings are used:

Field	Required	Default	Description
`reuse`	N	`false`	Enable socket address reuse
`workers`	N	`<dynamic>`	Number of worker processes when reuse enabled
`batch_size`	N	`1000`	Number of messages to batch before processing

Examples

The following are commonly used configuration types.

Basic

A basic trap requires a default listening address, a standard SNMP trap port, and a public community string.

Creating a simple SNMPv2c trap receiver...

- id: 1
  name: basic_trap
  type: snmptrap
  properties:
    port: 162
    community: "public"

MIBs

This requires standard SNMP trap listening, a custom MIB file integration, and basic trap handling.

Basic trap receiver with custom MIB support...

- id: 5
  name: mib_enabled_trap
  type: snmptrap
  description: "Trap receiver with custom MIB support"
  properties:
    port: 162
    community: "public"

note

Place your custom MIB files in the <vm_root>/user/mibs/ directory before starting the trap receiver. The system will automatically load and use them for trap translation.

Secure

For enhanced security, use SHA256 authentication, AES-256 privacy, and a secure credential store.

warning

When using SNMPv3 with privacy, ensure that both the authentication and privacy passwords meet the minimum length requirements for the selected protocols.

SNMPv3 with authentication and privacy...

- id: 2
  name: secure_trap
  type: snmptrap
  properties:
    port: 162
    authentication:
      status: true
      protocol: 5
      password: "${SNMP_AUTH_PASS}"
    privacy:
      protocol: 5
      passphrase: "${SNMP_PRIV_PASS}"
    username: "trapuser"

High-Volume

Performance can be enhanced for high message volumes using multiple worker processes, a larger batch size, optimized queues, and basic SHA authentication.

Optimizing for high message volumes...

- id: 3
  name: performant_trap
  type: snmptrap
  properties:
    port: 162
    reuse: true
    workers: 4
    batch_size: 5000
    queue:
      interval: 2
    authentication:
      status: true
      protocol: 3
    username: "trapuser"

Synopsis​

Schema​

Configuration​

Device​

Network​

Authentication​

Authentication Protocols​

Privacy​

Privacy Protocols​

MIB Configuration​

MIB File Locations​

MIB Loading Process​

Advanced Configuration​

Examples​

Basic​

MIBs​

Secure​

High-Volume​