7.4.4 Collecting logs of unauthorized community names
When the community name of the SNMP request reported by the manager does not match the community name defined at SNMP Agent, you can display the community name and sending source IP address for that SNMP request.
The output example indicated below is for an instance in which the community name sent by the SNMP request at community name bad-comm from the 10.111.98.36 node is invalid.
- Note:
-
When the community name consists of more than 255 characters, a message telling the user to limit it to 255 characters will be displayed.
2012/02/26 19:05:11 Authentication failure, bad community string Message from 10.111.98.36:2869, community = bad-comm.
The following indicates the configuration method used to acquire the sending source IP address and community name for SNMP requests when the community name is invalid. You must be logged in as a superuser to execute the following tasks. The default setting does not permit SNMP Agent to acquire this log.
Procedure
-
Edit the files shown below using an editor such as vi.
/etc/rc.config.d/SnmpMaster (For Solaris) /usr/CM2/ESA/opt/SnmpMaster (For AIX) /opt/CM2/ESA/opt/SnmpMaster (for HP-UX (IPF), Linux)
-
Add the following rows to the final rows of the file.
SNMP_HTC_AUTH_LOG=1 export SNMP_HTC_AUTH_LOG
-
Save the file.
-
Restart SNMP Agent.
Execute the following command:
/opt/CM2/ESA/bin/snmpstart (For systems other than AIX) /usr/CM2/ESA/bin/snmpstart (For AIX)
- Important
-
The snmpstart command starts SNMP Agent after stopping it for a short period of time. If the OS being used is Solaris or AIX, and you do not want to restart the native agent, execute the snmpstart command with the -n option.