graylog-plugin-snmp icon indicating copy to clipboard operation
graylog-plugin-snmp copied to clipboard

Published 20 hours ago verified publisher icon graylog-labs

set SNMPTrap community string (feature request)

Open doctore74 opened this issue 8 years ago • 8 comments

Hi,

in reference to Jochens reply to my Mailing List entry: https://groups.google.com/forum/?hl=en#!searchin/graylog2/snmp/graylog2/0eX-OTXuouw/806cNHLDCQAJ

As Jochen wrote the community string "public" is hardcoded in the plugin.

The plugin is working well with Graylog 2.0.1 on CentOS 6.7 but only with the default community string "public".

It is needed to set the community string.

In a first step it would be ok to configure it in /etc/graylog/server/server.conf or in a another file. Best solution would be in the configuration window in Graylog Web as shown here: https://github.com/Graylog2/graylog-plugin-snmp/blob/master/images/snmp-input-1.png

Thanks for the good work

Chris

doctore74 avatar Jun 01 '16 08:06 doctore74

Could you please at least describe in the documentation that only one community string can be used at this moment?

mvhconsult avatar Dec 05 '16 09:12 mvhconsult

@mvhconsult done in the README!

mariussturm avatar Dec 05 '16 12:12 mariussturm

This request seems like a no-brainer...

dstones avatar Dec 14 '16 14:12 dstones

@dstones Your pull request is welcome!

joschi avatar Dec 14 '16 15:12 joschi

Any progress on this one, are we anywhere near a realease with custom community strings?

MP-blue avatar Jan 12 '17 16:01 MP-blue

Was any progress made on this?

filegaiters avatar Aug 10 '18 13:08 filegaiters

Any update on allowing other (or wildcard all) communities? We have a system where there are no way to change them... :|

thefreakquency avatar Apr 10 '19 17:04 thefreakquency

@joschi - Any idea why the limitation exists?

I'm not stunningly familiar with Java or SNMP4J, but it seems like a CommandResponder would accept any inbound message, and expect your code to filter it out by comparing the desired value with event.getSecurityName(), which you don't appear to do.

There are references in the SNMP4J documentation for creating a CommunityTarget (SNMPv1/v2c) or UserTarget (v3) object and setting its values, but that only seems to apply to sending a PDU, not receiving one.

So where is the hard-coded reference to "public"? I'm not seeing it in this codebase; the only ones I can find in SNMP4J are in the Snmp and SnmpConfigurator classes, a console application implementation and a test class (none of which I can see you using).

The only potential place I can thight it might be, is https://github.com/graylog-labs/graylog-plugin-snmp/blob/8a82989fb3cd9b76576cfdb289e5a76b8a3d83b0/src/main/java/org/graylog/snmp/codec/SnmpCodec.java#L78, where you pass null to the constructor of TransportStateReference, but I can't quite follow where that is used, either.

jimbobmcgee avatar May 13 '20 18:05 jimbobmcgee