Home / Certification / CCNA / CCNA Notes: Simple Network Management Protocol (SNMP) & Syslog

CCNA Notes: Simple Network Management Protocol (SNMP) & Syslog

Notes:

  • CCNA Notes - SNMP & SYSLOGSNMP is an application layer protocol that provides a message format for communication between SNMP managers and agents.
  • Information stored in the management information base (MIB)
  • Cisco Prime is a SNMP manager
  • Messages that send data are Get Messages
  • Messages that write data are Set Messages
  • SNMP traps are configured to notify admins of a certain event. They send messages in reaction to an event, SNMP version 2 sends unreliable messages because it simply forwards messages. SNMP v3 can use reliable because it requires an acknowledgement.
  • Community strings are clear text passwords
  • Read-only RO – read only on variables
  • Read-write RW – allows modification of objects
  • Command to enable snmpv2

SNMP-server community string RO\RW enable snmpv2

 

Summary

Simple Network Management Protocol is an application level protocol that defines variables on a given network device. It then stores them in an MIB or management information base. Each device has an agent that reports to a manger that informs the manger of the devices status. NMS network management solutions is a term for a manager and Cisco Prime is considered as a SNMP manager, before SNMPv3 all messages were sent clear text.

 

Configure SNMP Version2c

Configure the community string and access-level

snmp-server community string RO\RW (read only or read write access-level)

Document the location of the device

snmp-server location location description

Document administrator or owner

snmp-contact name

Restrict access to snmp

snmp-server community string acl number of acl

An ACL can be created to filter traffic from certain locations or host to lock down the number of connections that can be made.

 

SNMPv3 & Syslog

Types of Security modes

Level NameKeyword in snmp-server commandAuthentication
Method
Encryption
NoAuthNoPrivnoauthusernamenone
authnoprivauthSHA/MD5none
authprivprivMD5 or SHADES or DES-56

Syslog is a database of device system messages.

By default cisco devices send all levels of messages to the syslog server, logging console, and logging buffered.

Levels of Severity

  • 0 – Emergency
  • 1 – Alert
  • 2 – Critical
  • 3 – Error
  • 4 – Warning
  • 5 – Notification
  • 6 – Informational
  • 7 – Debuging

 

Configure Syslog on Cisco Devices

Configure the host:

R1(config)#logging ip address of syslog server

Set the severity level of sent messages

R1(config)#logging trap 4

Cisco IOS also accepts names for severity level because by using the logging trap 4 it accepts all severity levels above it such as 0,1,2, and 3. However the following command only accepts level 4 logs.

R1(config)#logging warning

 

SNMPv3 & Syslog Summary

SNMPv3 provides security for the messages being sent by using authentication and encryption. Syslog is an application that stores messages to be viewed by a network administrator. It allows these messages to be filtered based on severity level.

 

CCNA Notes: Simple Network Management Protocol (SNMP) & Syslog
Rate this post

About Joshua Duffney

Joshua Duffney is a passionate IT professional who has been working in IT since 2008. He was certified as a CCNA in 2014 and long time contributor of the Spiceworks community. To find out about his most recent work follow him on Twitter @duffn3y.

Check Also

access control list

Understanding Access Control Lists (ACL)

Article Contents1 Why use ACLs2 Types of Access Control Lists3 ACL Configuration Guidelines4 ACL Example Definining …

Leave a Reply

Your email address will not be published. Required fields are marked *