How to correctly use SNMPv3 credentials for Discovery?

Darth Jed
Tera Guru

‎02-23-2018 09:01 AM

I'm trying to discover Isilon storage servers and other equipment that use SNMPv3 for monitoring. For the storage servers, the admin can give me a v3 credential that is simply a username and password with read only access. Sounds simple, except that when you look at the credential form in ServiceNow, there are fields for username, authentication protocol, authentication key, privacy protocol, and privacy key. The password field isn't even on the form. After adding the password field, I saved the username and password in the credential record without setting any of the protocol or key fields because the storage admin didn't have any of that information. It turns out that there aren't any options for setting the authentication or privacy protocols. The documentation states that it uses AuthNoPriv for SNMPv3. So, in theory, there should be an authentication protocol somewhere and a key. My storage admin is going to reach out to the vendor for information, so there's hope that they will give us a solution.

I'm using a horizontal discovery pattern provided in this post's solution, but it only works with SNMPv2 because the v3 credential fails to authenticate.

Does anyone have experience with setting up SNMPv3 credentials for Discovery? 

Labels:
0 Helpfuls
  • 4,332 Views
6 REPLIES 6

sethivarun
Kilo Guru

‎02-23-2018 01:12 PM

have you tried using the community string?

 

 

0 Helpfuls

Darth Jed
Tera Guru
In response to sethivarun

‎02-27-2018 11:50 AM

There isn't a community string for SNMP v3.

0 Helpfuls

Chatarina Lyth
ServiceNow Employee
ServiceNow Employee

‎02-24-2018 10:44 PM

Hi! 

 

If the device is using authNoPriv you should set the Authentication protocol and the Authentication key, and you can leave the Privacy protocol and Privacy Key blank.

The authentication protocol is the encryption used for the communication between the devices, and you can use any of the following:

None, MD5 or SHA.

If your storage admin did not provide details about that I assume the device is not using any encryption so you can try to set it to 'None'.

And then try to add your the password you got as the authentication key.

BR
Chatarina 

Darth Jed
Tera Guru
In response to Chatarina Lyth

‎02-27-2018 11:49 AM

Thank you for the suggestion! 

I've tried all the permutations for your suggestion.

Username, empty password field (though the form just puts asterisks back into the field), MD5 protocol, provided password entered in the auth key field. The credential test failed.

Username, empty password, SHA protocol, provided password entered in the auth key field. The credential test failed.

Username, provided password entered in the password field, no protocol. The credential test failed.

 

I'm reaching out to other resources for help, but I don't know what else to try. 

0 Helpfuls