Applies to:
All versions of Venafi Encryption Director
Summary:
SNMP is a protocol for monitoring network devices, including switches, routers, and servers. Venafi Encryption Director supports sending information using SNMP traps, either to a remote system or locally on the Director server. To send logs to the local server, do the following through either the Windows Administration Console, or the Web Administration Console:
- Navigate to the Logging tree
- Select the Notification Rules container
- Create a new notification by selecting "Add" > "Notification"
- Set a rule for "Severity" "is between" "Emergency" "Debug"
- Add a Target Channel of "SNMP Channel"
- Save or Apply the notification rule
- Expand the Channels container
- Click on the SNMP Channel object
- Verify the Target Host is set to 127.0.0.1
- Verify SNMP v1 and verify the Trap OID is "1.3.6.1.4.1.28783.1.2"
- Verify the community is set to public
After setting this, Director will start sending all log events to SNMP. No restart of services is necessary to start receiving these traps, and the Notification Rule may be disabled or enabled as needed.
Any program that captures SNMP traps can be used to monitor it, like the freeware program SNMP Trap Watcher: http://www.bttsoftware.co.uk/snmptrap.html.
Please note that SNMP v1 is not secure, and these instructions are primarily useful for lab environments to see real-time events, thus reducing frequent 'click to refresh' requests in the Director logging areas. For a production environment, Venafi recommends using SNMP v2c or v3 for greatest security.
More Information:
For more information on logging and Notification Rules, see chapter 7.1, "Setting Up Certificate Notification and Logging", in the Director Certificate Management Guide. https://support.venafi.com/entries/23283968-Info-Venafi-Encryption-Director-8-0-0-Documentation contains this and other documentation for Director 8.0.
Comments