Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

set SNMPTrap community string (feature request) #13

Open
doctore74 opened this issue Jun 1, 2016 · 8 comments
Open

set SNMPTrap community string (feature request) #13

doctore74 opened this issue Jun 1, 2016 · 8 comments

Comments

@doctore74
Copy link

Hi,

in reference to Jochens reply to my Mailing List entry:
https://groups.google.com/forum/?hl=en#!searchin/graylog2/snmp/graylog2/0eX-OTXuouw/806cNHLDCQAJ

As Jochen wrote the community string "public" is hardcoded in the plugin.

The plugin is working well with Graylog 2.0.1 on CentOS 6.7 but only with the default community string "public".

It is needed to set the community string.

In a first step it would be ok to configure it in /etc/graylog/server/server.conf or in a another file.
Best solution would be in the configuration window in Graylog Web as shown here:
https://github.com/Graylog2/graylog-plugin-snmp/blob/master/images/snmp-input-1.png

Thanks for the good work

Chris

@mvhconsult
Copy link

Could you please at least describe in the documentation that only one community string can be used at this moment?

@mariussturm
Copy link

@mvhconsult done in the README!

@dstones
Copy link

dstones commented Dec 14, 2016

This request seems like a no-brainer...

@joschi
Copy link
Contributor

joschi commented Dec 14, 2016

@dstones Your pull request is welcome!

@MP-blue
Copy link

MP-blue commented Jan 12, 2017

Any progress on this one, are we anywhere near a realease with custom community strings?

@filegaiters
Copy link

Was any progress made on this?

@AnythingOverIP
Copy link

Any update on allowing other (or wildcard all) communities? We have a system where there are no way to change them... :|

@jimbobmcgee
Copy link

@joschi - Any idea why the limitation exists?

I'm not stunningly familiar with Java or SNMP4J, but it seems like a CommandResponder would accept any inbound message, and expect your code to filter it out by comparing the desired value with event.getSecurityName(), which you don't appear to do.

There are references in the SNMP4J documentation for creating a CommunityTarget (SNMPv1/v2c) or UserTarget (v3) object and setting its values, but that only seems to apply to sending a PDU, not receiving one.

So where is the hard-coded reference to "public"? I'm not seeing it in this codebase; the only ones I can find in SNMP4J are in the Snmp and SnmpConfigurator classes, a console application implementation and a test class (none of which I can see you using).

The only potential place I can thight it might be, is

new TransportStateReference(transport, ipAddress, null, SecurityLevel.undefined, SecurityLevel.undefined, false, null)
, where you pass null to the constructor of TransportStateReference, but I can't quite follow where that is used, either.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

9 participants