SNMP view is a group of MIB OIDs that limits viewing and configuring access within SNMP. SNMP communities and SNMP users can be configured to use a view. When accessing SNMP through a community or users, access will be limited to OIDs included in the view. By default, communities and users can use default efav3View view of XCO.
| Identify Drift | Reconcile Configuration | Idempotency |
|---|---|---|
| Yes | Yes | Yes |
efa inventory device snmp view create [ --ip device-ips | --name view-name | --mib-tree mib-oid | --mib-tree-access access --ip device-ips Comma separated range of device IP addresses. Example: 1.1.1.1-3,1.1.1.2,2.2.2.2 --name view-name View name --mib-tree mib-oid MIB subtree in the form of Object identifier. Example: 1.3.6.1 --mib-tree-access access Mib-tree access. Valid values are: included, excluded
The following example creates a view on a specified device:
efa inventory device snmp view create --ip 10.139.44.153-154 --name view1 --mib-tree 1.3.6.1 --mib-tree-access included +---------------+-------+----------+-----------------+---------+--------+ | IP Address | Name | MIB-Tree | MIB-Tree-Access | Status | Reason | +---------------+-------+----------+-----------------+---------+--------+ | 10.139.44.153 | view1 | 1.3.6.1 | included | Success | | +---------------+-------+----------+-----------------+---------+--------+ | 10.139.44.154 | view1 | 1.3.6.1 | included | Success | | +---------------+-------+----------+-----------------+---------+--------+ Snmp view details
efa inventory device snmp view delete [ --ip device-ips | --name view-name | --mib-tree mib-oid | --ip device-ips Comma separated range of device IP addresses. Example: 1.1.1.1-3,1.1.1.2,2.2.2.2 --name view-name View name --mib-tree mib-oid MIB subtree in the form of Object identifier. Example: 1.3.6.1
The following example deletes a view on a specified device:
efa inventory device snmp view delete --ip 10.139.44.153-154 --name view1 --mib-tree 1.3.6.1 +---------------+-------+----------+---------+--------+ | IP Address | Name | MIB-Tree | Status | Reason | +---------------+-------+----------+---------+--------+ | 10.139.44.153 | view1 | 1.3.6.1 | Success | | +---------------+-------+----------+---------+--------+ | 10.139.44.154 | view1 | 1.3.6.1 | Success | | +---------------+-------+----------+---------+--------+ Snmp view details
efa inventory device snmp view list [ --ip device-ips | --ip device-ips Comma separated range of device IP addresses. Example: 1.1.1.1-3,1.1.1.2,2.2.2.2
The following example shows the current SNMP view for the specified device:
efa inventory device snmp view list --ip 10.139.44.153-154 +---------------+-------+----------+-----------------+----------+ | IP Address | Name | MIB-Tree | MIB-Tree_Access | AppState | +---------------+-------+----------+-----------------+----------+ | 10.139.44.153 | view1 | 1.2.3.4 | included | | + +-------+----------+-----------------+----------+ | | view2 | 1.2.3.4 | included | | +---------------+-------+----------+-----------------+----------+ | 10.139.44.154 | view3 | 1.2.3.5 | excluded | | +---------------+-------+----------+-----------------+----------+ Snmp view details
efa inventory device snmp community create [ --ip device-ips | --name community | --group group | --enable-read-access | --enable-write access | --enable-notify-access | --view view-name ] --ip device-ip Specifies a comma-separated range of device IP addresses. Example: 1.1.1.1-3,1.1.1.2,2.2.2.2. --name community Specifies an SNMP community name. --group group Specifies an SNMP group name. --enable-read-access Sets read access for the view. --enable-write-access Sets write access for the view. --enable-notify-access Sets notify access for the view. --view Optionally specify a SNMP view name. Default view efav3View.used when not specified.
The following example creates a community using a specified device:
efa inventory device snmp community create --ip 10.139.44.153 --name community1 --group group1 --enable-read-access --view view1 +---------+----------------+-------+------+------+--------+------+--------+-------+ | IP | Community |Group |Read |Write | Notify |View |Status |Reason | | Address| Name | |view |view | view | | | | +---------+----------------+-------+------+------+--------+------+--------+-------+ | 10.139 | $9$smklvisSghO |group1 |view1 | | |view1 |Success | | | .44.153 | ZEQvXJKBDeA== | | | | | | | | +---------+----------------+-------+------+------+--------+------+--------+-------+ Snmp community details
efa inventory device snmp community list [--ip device-ip ] --ip device-ip Specifies a comma-separated range of device IP addresses. Example: 1.1.1.1-3,1.1.1.2,2.2.2.2
The following example creates a community using a specified device:
efa inventory device snmp community list --ip 10.139.44.153 +---------+----------------+-------+-------+------+--------+------+------------+ | IP | Community |Group | Read |Write | Notify |View | AppState | | Address | Name | | view |view | view | | | +---------+----------------+-------+-------+------+--------+------+------------+ | 10.139 | $9$smklvisSghO |group1 | view1 | | |view1 | cfg-in-sync| | .44.153 | ZEQvXJKBDeA== | | | | | | | +---------+----------------+-------+-------+------+--------+------+------------+
efa inventory device snmp user create [--ip device-ip | --name community | --group group | --enable-read-access | --enable-write-access | -- enable-notify-access | --auth-protocol md5 | sha | --auth-pass authphrase | --priv-protocol AES128 | DES | --priv-pass privphrase | --view view-name] Parameters --ip device-ip Specifies a comma-separated range of device IP addresses. Example: 1.1.1.1-3,1.1.1.2,2.2.2.2. --name community Specifies an SNMP community name. --group group Specifies an SNMP group name. --enable-read-access Sets read access for the view. --enable-write-access Sets write access for the view. --enable-notify-access Sets notify access for the view. --auth-protocol md5 | sha Sets notify access for the view. This parameter is set to off, by default. --auth-pass passphrase Authentication password. --priv-protocol AES128 | DES Privacy protocol. --priv-pass privphrase Privacy password. --view view-name Optionally specify a SNMP view name. Default view efav3View.used when not specified.
The following example creates users using a specified device:
efa inventory device snmp user create --ip 10.139.44.153 --name user1 --group group1 --view view1 +--------+-----+------+-----+------+-------+-----+------+-----------+------+-----------+--------+-------+ |IP |User |Group |Read |Write |Notify |View |Auth |Auth |Priv |Priv |Status |Reason | |Address | | |view |view |view | |proto |passphrase |proto |passphrase | | | +--------+-----+------+-----+------+-------+-----+------+-----------+------+-----------+--------+-------+ |10.139. |user1|group1| | | |View1| | | | |Success | | |44.153 | | | | | | | | | | | | | +--------+-----+------+-----+------+-------+-----+------+-----------+------+-----------+--------+-------+ Snmp user details
efa inventory device snmp user list [--ip device-ip ] --ip device-ip Specifies a comma-separated range of device IP addresses. Example: 1.1.1.1-3,1.1.1.2,2.2.2.2
The following example list SNMP users:
efa inventory device snmp user list --ip 10.139.44.153 +--------+-----+------+-----+------+-------+------+-----------+------+-----------+-----+------------+ |IP |User |Group |Read |Write |Notify |View |Auth |Auth |Priv |Priv |AppState | |Address | |view |view |view | |proto |passphrase |proto |passphrase | | | +--------+-----+------+-----+------+-------+------+-----------+------+-----------+-----+------------+ |10.139 |user1|group1| | | |View1 | | | | |cfg-in-sync | |.44.153 | | | | | | | | | | | | +--------+-----+------+-----+------+-------+------+-----------+------+-----------+-----+------------+ Snmp user details
efa inventory device snmp host create [--ip device-ip | --host-ip IPv4 | IPv6 | FQDN |--community community | --user user | --version v2c | v3
| --notify-type traps | informs | --engine-id remote_id | --udp-port port]
--ip device-ip Specifies a comma-separated range of device IP
addresses. Example: 1.1.1.1-3,1.1.1.2,2.2.2.2.
--host-ip IPv4 | IPv6 | FQDN Specifies a host IP address.
--community community Specifies a community name. Applicable for v2c
only.
--user user Specifies an SNMP v3 user.
--version v2c | v3 Specifies the SNMP version.
--notify-type traps | informs Specifies the notification type. Informs are
valid for v3 only.
--engine-id remote_id Specifies the remote engine ID of manager.
--udp port Optional port number used to send notifications.
Range: 0-65535, Default=162 (default 162)
The following example creates and lists SNMP host:
efa inventory device snmp host create --ip 10.139.44.153 --host-ip 1.1.1.1 --user user1 --version v3 --notify-type traps --udp-port 163 +--------+-----+-----+----------+-------+-------+----------+---------+----+---------+--------+-------+ |IP |Host |User |Community |Notify |Engine |Source | Vrf |UDP |Severity |Status |Reason | |Address |IP | | |Type |ID |Interface | |port| | | | +--------+-----+-----+----------+-------+-------+----------+---------+----+---------+--------+-------+ |10.139 |1.1 |user1| |traps | |management|mgmt-vrf |163 |None |Success | | |.44.153 |.1.1 | | | | |chassis-ip| | | | | | +--------+-----+-----+----------+-------+-------+----------+---------+----+---------+--------+-------+ Snmp host details efa inventory device snmp host list --ip 10.139.44.153 +--------+-----+-----+----------+-------+---------+----------+---------+-----+---------+------------+ |IP |Host |User |Community |Notify |Remote |Source | Vrf |UDP |Severity |AppState | |Address |IP | | |Type |EngineID |Interface | |port | | | +--------+-----+-----+----------+-------+---------+----------+---------+-----+---------+------------+ |10.139 |1.1 |user1| |traps | |management|mgmt-vrf |163 |None |cfg-in-sync | |.44.153 |.1.1 | | | | |chassis-ip| |163 | | | +--------+-----+-----+----------+-------+---------+----------+---------+-----+---------+------------+ Snmp host details