Home » HP Manuals » Servers » HP 6125XLG » Manual Viewer

HP 6125XLG R2306-HP 6125XLG Blade Switch Network Management and Monitoring Con - Page 79

Configuring SNMP logging

Add to My Manuals
Save this manual to your list of manuals

Page 79 highlights

Step 10. (Optional.) Convert a plaintext key to an encrypted key. 11. Create an SNMPv3 user. 12. (Optional.) Configure the maximum SNMP packet size (in bytes) that the SNMP agent can handle. Command • In non-FIPS mode: snmp-agent calculate-password plain-password mode { md5 | sha } { local-engineid | specified-engineid engineid } • In FIPS mode: snmp-agent calculate-password plain-password mode sha { local-engineid | specified-engineid engineid } • In non-FIPS mode: snmp-agent usm-user v3 user-name group-name [ remote { ip-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ] ] [ { cipher | simple } authentication-mode { md5 | sha } auth-password [ privacy-mode { aes128 | des56 } priv-password ] ] [ acl acl-number | acl ipv6 ipv6-acl-number ] * • In FIPS mode: snmp-agent usm-user v3 user-name group-name [ remote { ip-address | ipv6 ipv6-address } [ vpn-instance vpn-instance-name ] ] { cipher | simple } authentication-mode sha auth-password [ privacy-mode aes128 priv-password ] [ acl acl-number | acl ipv6 ipv6-acl-number ] * snmp-agent packet max-size byte-count Remarks N/A If the cipher keyword is specified, the arguments auth-password and priv-password are used as encrypted keys. To send informs to an SNMPv3 NMS, you must configure the remote ip-address option to specify the IP address of the NMS. The default is 1500 bytes. Configuring SNMP logging Disable SNMP logging in normal cases to prevent a large amount of SNMP logs from decreasing device performance. The SNMP agent logs Get requests, Set requests, and Set responses, but does not log Get responses. • Get operation-The agent logs the IP address of the NMS, name of the accessed node, and node OID. • Set operation-The agent logs the NMS' IP address, name of accessed node, node OID, variable value, and error code and index for the Set operation. The SNMP module sends these logs to the information center as informational messages. You can configure the information center to output these messages to certain destinations, such as the console 73

Section	Page
Title Page	1
Contents	3
Using ping, tracert, and system debugging	7
Ping	7
Using a ping command to test network connectivity	7
Ping example	7
Network requirements	7
Configuration procedure	8
Tracert	9
Prerequisites	10
Using a tracert command to identify failed or all nodes in a path	10
Tracert example	10
Network requirements	10
Configuration procedure	11
System debugging	11
Debugging information control switches	12
Debugging a feature module	12
Configuring NTP	14
Overview	14
How NTP works	14
NTP architecture	15
Association modes	16
NTP security	18
NTP access control	18
NTP authentication	18
Protocols and standards	19
Configuration restrictions and guidelines	19
Configuration task list	19
Enabling the NTP service	19
Configuring NTP association modes	19
Configuring NTP in client/server mode	20
Configuring NTP in symmetric active/passive mode	20
Configuring NTP in broadcast mode	21
Configuring a broadcast client	21
Configuring the broadcast server	21
Configuring NTP in multicast mode	22
Configuring a multicast client	22
Configuring the multicast server	22
Configuring access control rights	23
Configuring NTP authentication	23
Configuring NTP authentication in client/server mode	23
Configuring NTP authentication in symmetric active/passive mode	25
Configuring NTP authentication in broadcast mode	27
Configuring NTP authentication in multicast mode	29
Configuring NTP optional parameters	31
Specifying the source interface for NTP messages	31
Disabling an interface from receiving NTP messages	32
Configuring the maximum number of dynamic associations	32
Configuring the local clock as a reference source	33
Displaying and maintaining NTP	33
NTP client/server mode configuration example	34
Network requirements	34
Configuration procedure	34
IPv6 NTP client/server mode configuration example	35
Network requirements	35
Configuration procedure	35
NTP symmetric active/passive mode configuration example	36
Network requirements	36
Configuration procedure	37
IPv6 NTP symmetric active/passive mode configuration example	38
Network requirements	38
Configuration procedure	39
NTP broadcast mode configuration example	40
Network requirements	40
Configuration procedure	41
NTP multicast mode configuration example	42
Network requirements	42
Configuration procedure	43
IPv6 NTP multicast mode configuration example	45
Network requirements	45
Configuration procedure	46
Configuration example for NTP client/server mode with authentication	48
Network requirements	48
Configuration procedure	49
Configuration example for NTP broadcast mode with authentication	50
Network requirements	50
Configuration procedure	51
Configuring SNTP	54
Configuration restrictions and guidelines	54
Configuration task list	54
Enabling the SNTP service	54
Specifying an NTP server for the device	54
Configuring SNTP authentication	55
Displaying and maintaining SNTP	56
SNTP configuration example	56
Network requirements	56
Configuration procedure	56
Configuring the information center	58
Overview	58
Log types	58
Log levels	58
Log destinations	59
Default log output rules	59
Log format	59
Information center configuration task list	61
Outputting logs to the console	62
Outputting logs to the monitor terminal	62
Outputting logs to a log host	63
Outputting logs to the log buffer	63
Saving logs to the log file	64
Managing security logs	65
Saving security logs into the security log file	66
Managing the security log file	66
Enabling synchronous information output	67
Enabling duplicate log suppression	67
Disabling an interface from generating link up/down logging information	68
Displaying and maintaining information center	68
Configuration example for outputting logs to the console	69
Network requirements	69
Configuration procedure	69
Configuration example for outputting logs to a UNIX log host	69
Network requirements	69
Configuration procedure	70
Configuration example for outputting logs to a Linux log host	71
Network requirements	71
Configuration procedure	71
Configuring SNMP	73
Overview	73
FIPS compliance	73
SNMP framework	73
MIB and view-based MIB access control	73
SNMP operations	74
Protocol versions	74
Configuring SNMP basic parameters	74
Configuring SNMPv1 or SNMPv2c basic parameters	75
Configuring SNMPv3 basic parameters	76
Configuring SNMP logging	79
Configuring SNMP notifications	80
Enabling SNMP notifications	80
Configuring the SNMP agent to send notifications to a host	81
Configuration guidelines	81
Configuration prerequisites	81
Configuration procedure	81
Displaying the SNMP settings	82
SNMPv1/SNMPv2c configuration example	83
Network requirements	83
Configuration procedure	83
SNMPv3 configuration example	84
Network requirements	84
Configuration procedure	85
Configuring NQA	87
Overview	87
Collaboration	87
Threshold monitoring	88
NQA client configuration task list	88
Enabling the NQA client	88
Configuring the ICMP echo operation	89
Configuring the UDP echo operation	90
Configuring optional parameters for the NQA operation	91
Configuring the collaboration function	91
Configuring threshold monitoring	92
Threshold types	92
Triggered actions	92
Reaction entry	92
Configuration procedure	93
Configuring the NQA statistics collection function	93
Configuring the saving of NQA history records	94
Scheduling the NQA operation on the NQA client	94
Displaying and maintaining NQA	95
NQA configuration examples	96
ICMP echo operation configuration example	96
Network requirements	96
Configuration procedure	96
UDP echo operation configuration example	97
Network requirements	97
Configuration procedure	98
NQA collaboration configuration example	99
Network requirements	99
Configuration procedure	99
Verifying the configuration	100
Configuring sFlow	102
Protocols and standards	102
sFlow configuration task list	102
Configuring the sFlow agent and sFlow collector information	103
Configuring flow sampling	103
Configuring counter sampling	104
Displaying and maintaining sFlow	104
sFlow configuration example	105
Network requirements	105
Configuration procedure	105
Verifying the configurations	106
Troubleshooting sFlow configuration	106
The remote sFlow collector cannot receive sFlow packets	106
Symptom	106
Analysis	106
Solution	106
Monitoring and maintaining processes	107
Displaying and maintaining processes	107
Displaying and maintaining user processes	107
Monitoring kernel threads	108
Configuring kernel thread deadloop detection	108
Configuring kernel thread starvation detection	108
Displaying and maintaining kernel threads	109
Configuring port mirroring	110
Overview	110
Terminology	110
Mirroring source	110
Mirroring destination	110
Mirroring direction	110
Mirroring group	110
Reflector port, egress port, and remote probe VLAN	110
Port mirroring classification and implementation	111
Local port mirroring	111
Remote port mirroring	111
Configuring local port mirroring	112
Local port mirroring configuration task list	112
Creating a local mirroring group	112
Configuring source ports for the local mirroring group	113
Configuration restrictions and guidelines	113
Configuration procedure	113
Configuring the monitor port for the local mirroring group	113
Configuration restrictions and guidelines	113
Configuration procedure	114
Using the remote probe VLAN to enable local port mirroring to support multiple monitor ports	114
Configuration restrictions and guidelines	115
Configuration procedure	115
Configuring Layer 2 remote port mirroring	116
Layer 2 remote port mirroring configuration task list	116
Configuring a remote destination group on the destination device	116
Creating a remote destination group	117
Configuring the monitor port for a remote destination group	117
Configuring the remote probe VLAN for a remote destination group	117
Assigning the monitor port to the remote probe VLAN	118
Configuring a remote source group on the source device	118
Creating a remote source group	118
Configuring source ports for a remote source group	118
Configuring the egress port for a remote source group	119
Configuring the remote probe VLAN for a remote source group	120
Displaying and maintaining port mirroring	120
Local port mirroring configuration example	120
Network requirements	120
Configuration procedure	121
Verifying the configuration	121
Local port mirroring with multiple monitor ports configuration example	122
Network requirements	122
Configuration procedure	122
Layer 2 remote port mirroring configuration example	123
Network requirements	123
Configuration procedure	123
Verifying the configuration	125
Configuring traffic mirroring	126
Traffic mirroring configuration task list	126
Configuring match criteria	126
Configuring a traffic behavior	127
Configuring a QoS policy	127
Applying a QoS policy	127
Applying a QoS policy to an interface	127
Applying a QoS policy to a VLAN	128
Applying a QoS policy globally	128
Applying a QoS policy to the control plane	128
Traffic mirroring configuration example	129
Network requirements	129
Configuration procedure	129
Verifying the configuration	130
Support and other resources	131
Contacting HP	131
Subscription service	131
Related information	131
Documents	131
Websites	131
Conventions	132
Command conventions	132
GUI conventions	132
Symbols	132
Network topology icons	133
Port numbering in examples	133

Match case Limit results 1 per page

Step

Command

Remarks

10.

(Optional.) Convert a plaintext

key to an encrypted key.

•

In non-FIPS mode:

snmp-agent calculate-password

plain-password

mode

{

md5 |

sha

}

{

local-engineid

specified-engineid

engineid

}

•

In FIPS mode:

snmp-agent

calculate-password

plain-password

mode

sha

{

local-engineid

specified-engineid

engineid

}

N/A

11.

Create an SNMPv3 user.

•

In non-FIPS mode:

snmp-agent

usm-user

user-name

group-name

[

remote

{

ip-address

ipv6

ipv6-address

} [

vpn-instance

vpn-instance-name

] ] [ {

cipher

simple

}

authentication-mode

{

md5

sha

}

auth-password

[

privacy-mode

{

aes128

des56

}

priv-password

] ] [

acl

acl-number

acl

ipv6

ipv6-acl-number

] *

•

In FIPS mode:

snmp-agent

usm-user

user-name

group-name

[

remote

{

ip-address

ipv6

ipv6-address

} [

vpn-instance

vpn-instance-name

] ] {

cipher

simple

}

authentication-mode

sha

auth-password

[

privacy-mode

aes128

priv-password

] [

acl

acl-number

acl

ipv6

ipv6-acl-number

] *

If the

cipher

keyword is specified,

the arguments

auth-password

and

priv-password

are used as

encrypted keys.

To send informs to an SNMPv3

NMS, you must configure the

remote

ip-address

option to

specify the IP address of the

NMS.

12.

(Optional.) Configure the

maximum SNMP packet size

(in bytes) that the SNMP agent

can handle.

snmp-agent packet max-size

byte

count

The default is 1500 bytes.

Configuring SNMP logging

Disable SNMP logging in normal cases to prevent a large amount of SNMP logs from decreasing device

performance.

The SNMP agent logs Get requests, Set requests, and Set responses, but does not log Get responses.

•

Get operation

—The agent logs the IP address of the NMS, name of the accessed node, and node

OID.

•

Set operation

—The agent logs the NMS' IP address, name of accessed node, node OID, variable

value, and error code and index for the Set operation.

The SNMP module sends these logs to the information center as informational messages. You can

configure the information center to output these messages to certain destinations, such as the console