search

graylog-labs / graylog-plugin-snmp

Graylog plugin to receive SNMP traps
Other
27 stars 7 forks source link

set SNMPTrap community string (feature request) #13

Open doctore74 opened 8 years ago

doctore74 commented 8 years ago

Hi,

in reference to Jochens reply to my Mailing List entry: https://groups.google.com/forum/?hl=en#!searchin/graylog2/snmp/graylog2/0eX-OTXuouw/806cNHLDCQAJ

As Jochen wrote the community string "public" is hardcoded in the plugin.

The plugin is working well with Graylog 2.0.1 on CentOS 6.7 but only with the default community string "public".

It is needed to set the community string.

In a first step it would be ok to configure it in /etc/graylog/server/server.conf or in a another file. Best solution would be in the configuration window in Graylog Web as shown here: https://github.com/Graylog2/graylog-plugin-snmp/blob/master/images/snmp-input-1.png

Thanks for the good work

Chris

mvhconsult commented 7 years ago

Could you please at least describe in the documentation that only one community string can be used at this moment?

mariussturm commented 7 years ago

@mvhconsult done in the README!

dstones commented 7 years ago

This request seems like a no-brainer...

joschi commented 7 years ago

@dstones Your pull request is welcome!

MP-blue commented 7 years ago

Any progress on this one, are we anywhere near a realease with custom community strings?

filegaiters commented 6 years ago

Was any progress made on this?

thefreakquency commented 5 years ago

Any update on allowing other (or wildcard all) communities? We have a system where there are no way to change them... :|

jimbobmcgee commented 4 years ago

@joschi - Any idea why the limitation exists?

I'm not stunningly familiar with Java or SNMP4J, but it seems like a CommandResponder would accept any inbound message, and expect your code to filter it out by comparing the desired value with event.getSecurityName(), which you don't appear to do.

There are references in the SNMP4J documentation for creating a CommunityTarget (SNMPv1/v2c) or UserTarget (v3) object and setting its values, but that only seems to apply to sending a PDU, not receiving one.

So where is the hard-coded reference to "public"? I'm not seeing it in this codebase; the only ones I can find in SNMP4J are in the Snmp and SnmpConfigurator classes, a console application implementation and a test class (none of which I can see you using).

The only potential place I can thight it might be, is https://github.com/graylog-labs/graylog-plugin-snmp/blob/8a82989fb3cd9b76576cfdb289e5a76b8a3d83b0/src/main/java/org/graylog/snmp/codec/SnmpCodec.java#L78, where you pass null to the constructor of TransportStateReference, but I can't quite follow where that is used, either.