1.5.4 Configure SNMP Traps

Information

SNMP relies on an architecture which consists of a manager and an agent. SNMP Managers can be any machine on the network that is running SNMP to collect and process information from the devices on either the LAN or WAN.

Rationale:

Utilizing traps can alert the user of issues or compromises in advance. For example if the device is overheating or if an admin users account is being utilized during odd hours.

Solution

Examples of traps
All notifications

switch(config)##switch(config)#snmp-server enable traps

CISCO-AAA-SERVER-MIB

switch(config)#switch(config)#snmp-server enable traps aaa

ENITY-MIB, CISCO-ENTITY-FRU-CONTROL-MIB, CISCO-ENTITY-SENSOR-MIB

switch(config)#switch(config)#snmp-server enable traps entity
switch(config)#switch(config)#snmp-server enable traps entity fru

CISCO-LICENSE-MGR-MIB

switch(config)#switch(config)#snmp-server enable traps license

IF-MIB

switch(config)#switch(config)#snmp-server enable traps link
switch(config)#CISCO-PSM-MIB
switch(config)#switch(config)#snmp-server enable traps port-security
switch(config)#snmpv2-MIB
switch(config)#switch(config)#snmp-server enable traps switch(config)#snmp
switch(config)#switch(config)#snmp-server enable traps switch(config)#snmp authentication

CISCO-FCC-MIB

switch(config)##switch(config)#snmp-server enable traps fcc

CISCO-DM-MIB

switch(config)#snmp-server enable traps fcdomain

CISCO-NS-MIB

switch(config)#snmp-server enable traps fcns

CISCO-FCS-MIB

switch(config)#snmp-server enable traps fcs discovery-complete
switch(config)#snmp-server enable traps fcs request-reject

CISCO-FDMI-MIB

switch(config)#snmp-server enable traps fdmi

CISCO-FSPF-MIB

switch(config)#snmp-server enable traps fspf

CISCO-PSM-MIB

switch(config)#snmp-server enable traps port-security

CISCO-RSCN-MIB

switch(config)#snmp-server enable traps rscn
switch(config)#snmp-server enable traps rscn els
switch(config)#snmp-server enable traps rscn ils

CISCO-ZS-MIB

switch(config)#snmp-server enable traps zone
switch(config)#snmp-server enable traps zone default-zone-behavior-change
switch(config)#snmp-server enable traps zone merge-failure
switch(config)#snmp-server enable traps zone merge-success
switch(config)#snmp-server enable traps zone request-reject
switch(config)#snmp-server enable traps zone unsupp-mem

Default Value:

Not configured

See Also

https://workbench.cisecurity.org/benchmarks/6524

Item Details

Category: CONFIGURATION MANAGEMENT, MAINTENANCE, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|CM-7, 800-53|MA-4, 800-53|SI-4, 800-53|SI-4(4), CSCv7|5.1

Plugin: Cisco

Control ID: 7e239d8d7271c1b4a35fb3beb8e39d6ed8bf344fd8d21b033e157f3f9e0252d1