Configure settings to send notifications to an SNMP manager

The state of the network can be monitored through the Simple Network Management Protocol (SNMP). SNMP collects information by polling devices on the network or SNMP enabled devices send alerts to SNMP management stations. SNMP communities define the group that devices and management stations running SNMP belong to, which specifies where information is sent. The community name identifies the group.

Note:Most organizations have an established system for collecting and displaying SNMP traps in a central location that can be monitored by their operations teams. For example, SNMP traps are sent to an SNMP manager, and the SNMP management console displays them.
  1. Log in to the Administration settings on the ExtraHop system through https://<extrahop-hostname-or-IP-address>/admin.
  2. In the Network Settings section, click Notifications.
  3. Under Notifications, click SNMP.
  4. On the SNMP Settings page, in the SNMP Monitor field, type the hostname for the SNMP trap receiver. Multiple names can be entered, separated by commas.
  5. In the SNMP Community field, enter the SNMP community name.
  6. In the SNMP Port field, type the SNMP port number for your network that is used by the SNMP agent to respond back to the source port on the SNMP manager.
    The default response port is 162.
  7. Click Test Settings to verify that your SNMP settings are correct. If the settings are correct, you should see an entry in the SNMP log file on the SNMP server similar to the following:
    Connection from UDP: [192.0.2.0]:42164->[ 192.0.2.255]:162

    Where 192.0.2.0 is the IP address of your ExtraHop system and 192.0.2.255 is the IP address of the SNMP server.

  8. Click Save.

Download the ExtraHop SNMP MIB

SNMP does not provide a database of information that an SNMP-monitored network reports. SNMP information is defined by third-party management information bases (MIBs) that describe the structure of the collected data.

  1. Log in to the Administration settings on the ExtraHop system through https://<extrahop-hostname-or-IP-address>/admin.
  2. Go to the Network Settings section and click Notifications.
  3. Under Notifications, click SNMP.
  4. Under SNMP MIB, click the Download ExtraHop SNMP MIB.
    The file is typically saved to the default download location for your browser.

Extract the ExtraHop vendor object OID

Before you can monitor a device with SNMP, you need the sysObjectID, which contains an OID that is the vendor-reported identity of the device.

The SNMP vendor object ID (OID) for the ExtraHop system is iso.3.6.1.4.1.32015. You can also extract this value with snmpwalk.
  1. Log in to the command-line interface on your management workstation.
  2. Extract the OID, where ip-address is the IP address for your ExtraHop system:
    In this example, you query with sysObjectID:

    snmpwalk -v 2c -c public <ip-address> SNMPv2-MIB::sysObjectID

    A response similar to this example displays:

    SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.32015
    In this example, you query with the OID:

    snmpwalk -v 2c -c public <ip-address> 1.3.6.1.2.1.1.2

    A response similar to this example displays:

    SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.32015 
Last modified 2024-04-02