WebsiteBlogLogin

Collect data using SNMP

Most recent version: v0.0.1

See the changelog of this Listener type here.

Overview

Onum supports integration with SNMP.

SNMP (Simple Network Management Protocol) is a standard protocol for monitoring and managing network devices. It operates on a client-server model where:

  • SNMP Agents (devices) send traps (asynchronous notifications) to SNMP Managers.

  • Traps contain information about events like system failures, security alerts, or performance issues.

  • OIDs (Object Identifiers) uniquely identify each piece of information in the trap.

The SNMP Trapd Listener is a powerful and intelligent Listener that receives SNMP traps from network devices, parses them using embedded MIB (Management Information Base) files, and converts them into structured Onum events. It supports all major SNMP versions (v1, v2c, v3) with comprehensive authentication and privacy options.

What are MIBs?

MIBs (Management Information Bases) are hierarchical databases that define:

  • OID structure and relationships

  • Data types for each OID

  • Human-readable names for OIDs

  • Units and ranges for values

Example OID: 1.3.6.1.2.1.1.1.0sysDescr (System Description)

Architecture & MIB Strategy

The SNMP Trapd Listener includes essential MIBs for comprehensive SNMP support:

MIB
Purpose
Dependencies

SNMPv2-SMI

Base SMI definitions

None

SNMPv2-TC

Base TC definitions

SNMPv2-SMI

SNMPv2-MIB

Core SNMP MIB

SNMPv2-SMI, SNMPv2-TC

IF-MIB

Interface monitoring

SNMPv2-SMI

IP-MIB

IP protocol

SNMPv2-SMI, IF-MIB

TCP-MIB

TCP protocol

SNMPv2-SMI, IP-MIB

UDP-MIB

UDP protocol

SNMPv2-SMI, IP-MIB

HOST-RESOURCES-MIB

Host resources

SNMPv2-SMI

ENTITY-MIB

Entity monitoring

SNMPv2-SMI

Prerequisites

In order to use this Listener, you must

  • Enable SNMP on the device itself.

  • Specifically enable the sending of SNMP traps.

  • Configure the device to send traps to the IP address and port of the receiving SNMP management system.

  • For SNMPv3, configure the correct authentication and/or privacy settings to be used when sending traps.

Onum Setup

1

Log in to your Onum tenant and click Listeners > New listener.

2

Double-click the SNMP Trapd Listener.

3

Enter a Name for the new Listener. Optionally, add a Description and some Tags to identify the Listener.

4

In the Version* section, select the required SNMP protocol version between v1, v2c, and v3.

For v1 and v2c, you'll be prompted to enter the required Community*. The community string acts like a simple password to authenticate communication between the SNMP manager and the SNMP agent.

For v3, you must choose a security level between:

  • noAuthNoPriv - Choose this option if no authentication is required:

    • Enter your username in the User* field that appears.

  • authNoPriv - Choose this option to set basic authentication:

    • Enter your username in the User* field

    • Select the required authentication protocol (MD5 or SHA). Then, choose your Authentication Password* from your Secrets or click New secret to create a new one.

  • authPriv - Choose this option to set authentication + encryption:

    • Enter your username in the User* field.

    • Select the required authentication protocol (MD5 or SHA). Then, choose your Authentication Password* from your Secrets or click New secret to create a new one.

    • Select the required privacy protocol (DES or AES). Then, choose your Privacy Password* from your Secrets or click New secret to create a new one.

5

To create a new secret:

  • Give the secret a Name.

  • Turn off the Expiration date option.

  • Click Add new value and paste the secret corresponding to the user/password.

  • Click Save.

Learn more about secrets in Onum in this article.

6

Enter the UDP port to listen for traps.

7

Finally, click Create labels. Optionally, you can set labels to be used for internal Onum routing of data. By default, data will be set as Unlabeled. Click Create listener when you're done.

Learn more about labels in this article.

Click Create listener when you're done.

Output data

The listener converts SNMP traps into structured Onum events with the following generated fields:

Field
Description

_raw

Complete trap data as JSON

sourceIp

Source IP address

sourcePort

Source port number

version

SNMP version used

mibName

MIB name if parsing is successful, none otherwise

This is an output event example:

{
  "_raw": "{\"agent_addr\":\"10.123.54.210\",\"generic_trap\":6,\"specific_trap\":1,\"enterprise\":\"1.3.6.1.4.1.18494.2\",\"variable_bindings\":{\"1.3.6.1.4.1.18494.2.1.1\":\"ACCESS\"}}",
  "sourceIp": "10.123.54.210",
  "sourcePort": 12345,
  "version": "v1",
  "mibName": "SWIFT-MIB"
}
PreviousCollect data using OpenTelemetryNextCollect data using Syslog

Last updated

Was this helpful?