Configuring SNMP
The Simple Network Management Protocol (SNMP) is an application-layer protocol that provides a message format for communication between SNMP managers and agents. SNMP provides a standardized framework and a common language used for the monitoring and management of devices in a network.
This section contains payload examples and CLIs to demonstrate how to use the NX-API REST API to configure SNMP on Cisco Nexus 3000 and 9000 Series switches and to show how the REST APIs correspond to the CLI commands.
For more information, see the Cisco Nexus 9000 Series NX-OS System Management Configuration Guide, Release 7.x.
Configuring Local SNMP Users
Configuring Local SNMP Users
POST http://<IP_Address>/api/mo/sys/snmp/inst.json
{
"snmpInst": {
"children": [
{
"snmpLocalUser": {
"attributes": {
"authpwd": "Cisco@123",
"authtype": "md5",
"isenforcepriv": "yes",
"islocalizedkey": "no",
"privpwd": "Cisco@123",
"privtype": "des",
"userName": "user1"
},
"children": [
{
"snmpUserGroup": {
"attributes": {
"groupName": "network-admin"
}}}]}}]}}
{
imdata:[]
}
<System>
<snmp-items>
<inst-items>
<lclUser-items>
<LocalUser-list>
<userName>user1</userName>
<authpwd>Cisco@123</authpwd>
<authtype>md5</authtype>
<isenforcepriv>true</isenforcepriv>
<islocalizedkey>false</islocalizedkey>
<privpwd>Cisco@123</privpwd>
<privtype>des</privtype>
<group-items>
<UserGroup-list>
<groupName>network-admin</groupName>
</UserGroup-list>
</group-items>
</LocalUser-list>
</lclUser-items>
</inst-items>
</snmp-items>
</System>
Configures an SNMP user with authentication and privacy parameters.
CLI Commands
The CLI commands and options listed below are the equivalent to the payload examples displayed in the pane on the right.
snmp-server user user1 auth md5 Cisco@123 priv Cisco@123 localizedkey
snmp-server user user1 enforcePriv
snmp-server user user1 network-admin
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Configuring Remote SNMP Users
Configuring Remote SNMP Users
POST http://<IP_Address>/api/mo/sys/snmp/inst.json
{
"snmpInst": {
"children": [
{
"snmpRemoteUser": {
"attributes": {
"authpwd": "Cisco@123",
"authtype": "md5",
"islocalizedkey": "yes",
"privpwd": "Cisco@123",
"privtype": "des",
"userName": "user2",
"usrengineId": "1:2:3:4:5:6:7:8",
"usrengineIdlen": "15"
}}}]}}
{
imdata:[]
}
<System>
<snmp-items>
<inst-items>
<rmtUser-items>
<RemoteUser-list>
<userName>user2</userName>
<usrengineId>1:2:3:4:5:6:7:8</usrengineId>
<authpwd>Cisco@123</authpwd>
<authtype>md5</authtype>
<islocalizedkey>true</islocalizedkey>
<privpwd>Cisco@123</privpwd>
<privtype>des</privtype>
<usrengineIdlen>15</usrengineIdlen>
</RemoteUser-list>
</rmtUser-items>
</inst-items>
</snmp-items>
</System>
Configures an SNMP user.
CLI Commands
The CLI commands and options listed below are the equivalent to the payload example displayed in the pane on the right.
snmp-server user user2 auth md5 Cisco@123 priv Cisco@123 localizedkey engineID 1:2:3:4:5:6:7:8
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Creating SNMP Communities
You can create SNMP communities for SNMPv1 or SNMPv2c.
Setting SNMP Community Access Rights to Read Only
Setting SNMP Community Access Rights to Read Only
POST http://<IP_Address>/api/mo/sys/snmp/inst.json
{
"snmpInst": {
"children": [
{
"snmpCommSecP": {
"attributes": {
"commAcess": "ro",
"grpName": "",
"name": "comm1"
}}}]}}
{
imdata:[]
}
<System>
<snmp-items>
<inst-items>
<community-items>
<CommSecP-list>
<name>comm1</name>
<commAcess>ro</commAcess>
<grpName></grpName>
</CommSecP-list>
</community-items>
</inst-items>
</snmp-items>
</System>
Sets the access rights to read-only.
CLI Commands
The CLI commands and options listed below are the equivalent to the payload example displayed in the pane on the right.
snmp-server community comm1 ro
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Setting SNMP Community Access Rights of the Specified Group
Setting SNMP Community Access Rights of the Specified Group
POST http://<IP_Address>/api/mo/sys/snmp/inst.json
{
"snmpInst": {
"children": [
{
"snmpCommSecP": {
"attributes": {
"commAcess": "unspecified",
"grpName": "group1",
"name": "comm1"
}}}]}}
{
imdata:[]
}
<System>
<snmp-items>
<inst-items>
<community-items>
<CommSecP-list>
<name>comm1</name>
<commAcess>unspecified</commAcess>
<grpName>group1</grpName>
</CommSecP-list>
</community-items>
</inst-items>
</snmp-items>
</System>
Uses the access rights of the specified group.
CLI Commands
The CLI commands and options listed below are the equivalent to the payload example displayed in the pane on the right.
snmp-server community comm1 group group1
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Assigning an ACL to Filter SNMP Requests
Assigning an ACL to Filter SNMP Requests
POST http://<IP_Address>/api/mo/sys/snmp/inst.json
{
"snmpInst": {
"children": [
{
"snmpCommSecP": {
"attributes": {
"name": "ComName1"
},
"children": [
{
"snmpAcl": {
"attributes": {
"useAclName": "",
"useIpv4AclName": "IPV4Name1",
"useIpv6AclName": "IPV6Name1"
}}}]}}]}}
{
imdata:[]
}
<System>
<snmp-items>
<inst-items>
<community-items>
<CommSecP-list>
<name>ComName1</name>
<acl-items>
<useAclName>ACLName1</useAclName>
<useIpv4AclName>IPV4Name1</useIpv4AclName>
<useIpv6AclName>IPV6Name1</useIpv6AclName>
</acl-items>
</CommSecP-list>
</community-items>
</inst-items>
</snmp-items>
</System>
Assigns an ACL to filter SNMP requests.
CLI Commands
The CLI commands and options listed below are the equivalent to the payload example displayed in the pane on the right.
snmp-server community ComName1 use-ipv4acl IPV4Name1 use-ipv6acl IPV6Name1
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Configuring a Source Interface for SNMP Notifications
You can configure SNMP to use the IP address of an interface as the source IP address for notifications. When a notification is generated, its source IP address is based on the IP address of this configured interface.
You can configure a source interface as follows:
- All notifications sent to all SNMP notification receivers.
- All notifications sent to a specific SNMP notification receiver. This configuration overrides the global source interface configuration.
Configuring a Source Interface for SNMP Notifications
POST http://<IP_Address>/api/mo/sys/snmp/inst/globals.json
{
"snmpGlobals": {
"children": [
{
"snmpSourceInterfaceInforms": {
"attributes": {
"ifname": "eth1/1"
}}}]}}
{
imdata:[]
}
<System>
<snmp-items>
<inst-items>
<globals-items>
<srcInterfaceInforms-items>
<ifname>eth1/1</ifname>
</srcInterfaceInforms-items>
</globals-items>
</inst-items>
</snmp-items>
</System>
Configures a source interface for sending out SNMPv2 informs.
CLI Commands
The CLI commands and options listed below are the equivalent to the payload example displayed in the pane on the right.
snmp-server source-interface inform ethernet 1/1
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Configuring a Source Interface for Sending SNMPv2 Traps
Configuring a Source Interface for Sending SNMPv2 Traps
POST http://<IP_Address>/api/mo/sys/snmp/inst/globals.json
{
"snmpGlobals": {
"children": [
{
"snmpSourceInterfaceTraps": {
"attributes": {
"ifname": "eth1/1"
}}}]}}
{
imdata:[]
}
<System>
<snmp-items>
<inst-items>
<globals-items>
<srcInterfaceTraps-items>
<ifname>eth1/1</ifname>
</srcInterfaceTraps-items>
</globals-items>
</inst-items>
</snmp-items>
</System>
Configures a source interface for sending out SNMPv2 informs.
CLI Commands
The CLI commands and options listed below are the equivalent to the payload example displayed in the pane on the right.
snmp-server source-interface traps ethernet 1/1
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Configuring SNMP Global Settings
Configuring SNMP Global Settings
POST http://<IP_Address>/api/mo/sys/snmp/inst/globals.json
{
"snmpGlobals": {
"attributes": {
"aaaUserCacheTimeout": "86400",
"counterCacheTimeout": "10",
"protocolEnable": "no",
"tcpSessionAuth": "no"
}
}
}
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Configuring SNMP System Information
Configuring SNMP System Information
POST http://<IP_Address>/api/mo/sys/snmp/inst.json
{
"snmpInst": {
"children": [
{
"snmpSysInfo": {
"attributes": {
"sysContact": "Admin",
"sysLocation": "Lab-7"
}}}]}}
{
imdata:[]
}
<System>
<snmp-items>
<inst-items>
<sysinfo-items>
<sysContact>Admin</sysContact>
<sysLocation>Lab-7</sysLocation>
</sysinfo-items>
</inst-items>
</snmp-items>
</System>
Assigns the device contact information.
CLI Commands
The CLI commands and options listed below are the equivalent to the payload example displayed in the pane on the right.
snmp-server contact Adminsnmp-server location Lab-7
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Configuring RMON Events
Configuring RMON Events
POST http://<IP_Address>/api/mo/sys/snmp/inst/rmon.json
{
"snmpRmon": {
"children": [
{
"snmpEvent": {
"attributes": {
"description": "",
"log": "no",
"num": "1",
"owner": "",
"trap": "trap1"
}}}]}}
{
imdata:[]
}
<System>
<snmp-items>
<inst-items>
<rmon-items>
<event-items>
<Event-list>
<num>1</num>
<description></description>
<log>no</log>
<owner></owner>
<trap>trap1</trap>
</Event-list>
</event-items>
</rmon-items>
</inst-items>
</snmp-items>
</System>
Configures an RMON event. Ensure that you have configured an SNMP user and enabled SNMP notifications.
CLI Commands
The CLI commands and options listed below are the equivalent to the payload example displayed in the pane on the right.
rmon event 1 trap trap1
For other CLI options, see the Cisco Nexus 9000 Series NX-OS Command Reference: http://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-command-reference-list.html
See the NX-API DME Model Reference for detailed information about classes and attributes described in the payload: https://developer.cisco.com/site/nx-os/docs/nexus-model-reference/
For information about using the payloads, see the Cisco Nexus 9000 Series NX-OS Programmability Guide https://www.cisco.com/c/en/us/support/switches/nexus-9000-series-switches/products-programming-reference-guides-list.html
Querying a Pattern to Match (RMON)
Querying a Pattern to Match (RMON)
GET http://<IP_Address>/api/mo/sys/snmp/inst/rmon.json?rsp-subtree=full&rsp-prop-include=config-only
{
"totalCount": "1",
"imdata": [
{
"snmpRmon": {
"attributes": {
"dn": "sys/snmp/inst/rmon",
"persistentOnReload": "true"
},
"children": [
{
"snmpEvent": {
"attributes": {
"description": "CRITICAL(2)",
"log": "yes",
"num": "2",
"owner": "PMON@CRITICAL",
"persistentOnReload": "true",
"rn": "event-2",
"trap": "public"
}}},{
"snmpEvent": {
"attributes": {
"description": "INFORMATION(5)",
"log": "yes",
"num": "5",
"owner": "PMON@INFO",
"persistentOnReload": "true",
"rn": "event-5",
"trap": "public"
}}},{
"snmpEvent": {
"attributes": {
"description": "WARNING(4)",
"log": "yes",
"num": "4",
"owner": "PMON@WARNING",
"persistentOnReload": "true",
"rn": "event-4",
"trap": "public"
}}},{
"snmpEvent": {
"attributes": {
"description": "FATAL(1)",
"log": "yes",
"num": "1",
"owner": "PMON@FATAL",
"persistentOnReload": "true",
"rn": "event-1",
"trap": "public"
}}},{
"snmpEvent": {
"attributes": {
"description": "ERROR(3)",
"log": "yes",
"num": "3",
"owner": "PMON@ERROR",
"persistentOnReload": "true",
"rn": "event-3",
"trap": "public"
}}}]}}]}
GET http://<IP_Address>/restconf/data/Cisco-NX-OS-device:System/snmp-items/inst-items/rmon-items
<rmon-items>
<deleteAlarms/>
<deleteEvents/>
<event-items>
<Event-list>
<num>2</num>
<description>CRITICAL(2)</description>
<log>yes</log>
<owner>PMON@CRITICAL</owner>
<trap>public</trap>
</Event-list>
<Event-list>
<num>5</num>
<description>INFORMATION(5)</description>
<log>yes</log>
<owner>PMON@INFO</owner>
<trap>public</trap>
</Event-list>
<Event-list>
<num>4</num>
<description>WARNING(4)</description>
<log>yes</log>
<owner>PMON@WARNING</owner>
<trap>public</trap>
</Event-list>
<Event-list>
<num>1</num>
<description>FATAL(1)</description>
<log>yes</log>
<owner>PMON@FATAL</owner>
<trap>public</trap>
</Event-list>
<Event-list>
<num>3</num>
<description>ERROR(3)</description>
<log>yes</log>
<owner>PMON@ERROR</owner>
<trap>public</trap>
</Event-list>
</event-items>
</rmon-items>
| CLI Output |
|---|
|