Python SNMPv3 traps

Question

im trying to send traps over snmpv3, this is my first attempt:

#!/usr/bin/python

from pysnmp.hlapi import *

TARGET="localhost"
TARGET_PORT=162
COMMUNITY_STR="PASSWORD"
IDENTIFIER="1.3.6.1.2.1.xxx"
USER="trapadm"
KEY="PASSWORD"



# OID NODE : MESSAGE

values = { ".100.5": "LOL",
            ".100.6": "ROFL",
        }

def notification(   
                    NODE,
                    MESSAGE,
                    TARGET=TARGET, 
                    TARGET_PORT=TARGET_PORT, 
                    #COMMUNITY_STR=COMMUNITY_STR, 
                    IDENTIFIER=IDENTIFIER

                ):
    errorIndication, errorStatus, errorIndex, varBinds = next(
        sendNotification(
            SnmpEngine(),
            UsmUserData(userName=USER, privKey=KEY, authKey=KEY
                        #authProtocol=usmHMACMD5AuthProtocol,
                        #privProtocol=usmDESPrivProtocol
                        #authProtocol=(1, 3, 6, 1, 6, 3, 10, 1, 1, 2),
                        #privProtocol= (1, 3, 6, 1, 6, 3, 10, 1, 2, 2)
                        ),
        #CommunityData(COMMUNITY_STR, mpModel=0),
            UdpTransportTarget((TARGET, TARGET_PORT)),
            ContextData(),
            'trap',
            NotificationType(
                ObjectIdentity(IDENTIFIER)
            ).addVarBinds(
                (IDENTIFIER+NODE, OctetString(MESSAGE)))
        )
    )

    if errorIndication:
        print(errorIndication)



CASE = True

def main():

    for key in values: 
        if CASE is True:
            notification(key, values[key])



if __name__ == '__main__':
    main()

I have tested the functionality of my trap receiver with the following command (which worked right away)

snmptrap -Ci -v 3 -a MD5 -A PASSWORD -x DES -X PASSWORD -l authPriv -u trapadm localhost 0 linkUp.0

Now with the python script above, i can see via tcpdump, that it was sended, but it does not appear in the trapd logfile. i suspect that it depends somehow on auth-/privProtocol. Btw the commented lines (auth-/privProtocol). were tested, too.

Anyone ideas here?

Answer 1

Your code looks good to me (here is the working example).

One important thing is that with SNMPv3 TRAP you have to manually pass SNMP engine ID value of your TRAP emitter to your TRAP receiver. This is due to one-way nature of TRAP that leaves no way for automated synchronization procedure to occur (e.g. unlike it's with SNMP commands).

I am guessing that with snmptrap it happens so that both snmptrap and snmpd have the same SNMP engine ID value right from the start.

The solution can be to add -e <snmp-engine-id> parameter to snmptrap and have it configured as context-snmp-engine-id to trapadm user entry on snmpd side.