I’m currently working on configuring a SNMPv3 trap receiver using Python. Below are the relevant configuration files and Python script:
#
# EXAMPLE-trap.conf:
# An example configuration file for configuring the Net-SNMP snmptrapd agent.
#
###############################################################################
#
# This file is intended to only be an example.
# When the snmptrapd agent starts up, this is where it will look for it.
#
# All lines beginning with a '#' are comments and are intended for you
# to read. All other lines are configuration commands for the agent.
#
# PLEASE: read the snmptrapd.conf(5) manual page as well!
#
# Create SNMPv3 user
createUser -e 0x5072697374696E65 rberbato SHA "Pristine" AES "Pristine"
snmpTrapdAddr udp:0.0.0.0:1162,udp6:[::]:1162
authUser log,execute,net rberbato
authCommunity log,execute,net PUBLIC
#authCommunity log,execute,net public
#
## send mail when get any events
traphandle default /home/rberbato/Pristine/receiveSNMPTraps.py
#traphandle default /home/rberbato/Pristine/receiveSNMPTrapsv3.py
#
## send mail when get linkDown
#traphandle .1.3.6.1.6.3.1.1.5.3 /usr/bin/traptoemail -s smtp.example.org [email protected]
#doNotLogTraps yes
#doNotFork yes
#disableAuthorization yes
receiveSNMPTraps.py:
# Python SNMP trap receiver
from pysnmp.entity import engine, config
from pysnmp.carrier.asyncore.dgram import udp
from pysnmp.entity.rfc3413 import ntfrcv
import logging
snmpEngine = engine.SnmpEngine()
user = 'rberbato'
AuthPass = 'AuthPass'
EncPass = 'EncPass'
TrapAgentAddress='0.0.0.0'; # Trap listener address
Port=162; # Trap listener port
logging.basicConfig(filename='received_traps.log', filemode='w', format='%(asctime)s - %(message)s', level=logging.INFO)
logging.info("Agent is listening SNMP Trap on "+TrapAgentAddress+" , Port : " +str(Port))
logging.info('--------------------------------------------------------------------------')
print("Agent is listening SNMP Trap on "+TrapAgentAddress+" , Port : " +str(Port))
config.addTransport(
snmpEngine,
udp.domainName + (1,),
udp.UdpTransport().openServerMode((TrapAgentAddress, Port))
)
# Configure community here
config.addV1System(snmpEngine, 'PUBLIC', 'PUBLIC')
# Configure SNMPv3 user
config.addV3User(
snmpEngine, user, config.usmHMACSHAAuthProtocol,
AuthPass, config.usmAesCfb128Protocol, EncPass,
)
def cbFun(snmpEngine, stateReference, contextEngineId, contextName,
varBinds, cbCtx):
print("Received new Trap message")
logging.info("Received new Trap message")
for name, val in varBinds:
logging.info('%s = %s' % (name.prettyPrint(), val.prettyPrint()))
print('%s = %s' % (name.prettyPrint(), val.prettyPrint()))
logging.info("==== End of Incoming Trap ====")
ntfrcv.NotificationReceiver(snmpEngine, cbFun)
snmpEngine.transportDispatcher.jobStarted(1)
try:
snmpEngine.transportDispatcher.runDispatcher()
except:
snmpEngine.transportDispatcher.closeDispatcher()
raise
I can successfully receive SNMPv1 traps, but SNMPv3 traps are not being processed. The receiveSNMPTraps.py script receives SNMPv3 traps but does not process them.
I’ve tried changing encryption and authentication passphrases and protocols, as well as including Engine ID and context, but I still encounter this issue.
Any insights or suggestions on how to resolve this would be greatly appreciated. Thank you!
New contributor
Rilind I. Berbatovci is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.