Traps

In the Traps tab you can define an SNMP trap server to which notifications of relevant events occurring on Sophos UTM can be sent as SNMPClosed Simple Network Message Protocol traps. Note that special SNMP monitoring software is needed to display those traps.

The messages that are sent as SNMP traps contain so-called object identifiers (OID), for example, .1.3.6.1.4.1.9789, which belong to the private enterprise numbers issued by IANA. Note that .1.3.6.1.4.1 is the iso.org.dod.internet.private.enterprise prefix, while 9789 is Astaro's Private Enterprise Number. The OID for notification events is 1500, to which are appended the OIDs of the type of the notification and the corresponding error code (000-999). The following notification types are available:

  • DEBUG = 0
  • INFO = 1
  • WARN = 2
  • CRIT = 3

Example: The notification "INFO-302: New firmware Up2Date installed" will use the OID .1.3.6.1.4.1.9789.1500.1.302 and has the following string assigned:

[<HOST>][INFO][302]

Note that <HOST> is a placeholder representing the hostname of the system and that only type and error code from the notification's subject field are transmitted.

To select an SNMP v2c trap server, proceed as follows:

  1. Click New SNMP Trap Sink.

    The Add SNMP Trap Sink dialog box opens.

  2. Specify the following settings:

    SNMP version: Select SNMP v2c from the drop-down list.

    Host: The host definition of the SNMP trap server.

    Community: An SNMP community string acts as a password that is used to protect access to querying SNMP messages. By default, the SNMP community string is set to "public". Change it to the string that is configured on the remote SNMP trap server.

    Note – Allowed characters for the community string are: (a-z), (A-Z), (0-9), (+), (_), (@), (.), (-), (blank).

    Comment (optional): Add a description or other information.

  3. Click Save.

    The new SNMP trap server will be listed on the Traps tab.

The SNMP version 3 requires authentication. To select an SNMP v3 trap server, proceed as follows:

  1. Click New SNMP Trap Sink.

    The Add SNMP Trap Sink dialog box opens.

  2. Specify the following settings:

    SNMP version: Select SNMP v3 from the drop-down list.

    Host: The host definition of the SNMP trap server.

    Username: Enter username for authentication.

    Authentication type: Select authentication type from the drop-down list.

    Password: Enter password for authentication.

    Repeat: Repeat password for authentication.

    Encryption type: Select encryption type from the drop-down list.

    Password: Enter password for encryption.

    Repeat: Repeat password for encryption.

    Engine ID: Enter the Engine ID.

    Comment (optional): Add a description or other information.

  3. Click Save.

    The new SNMP trap server will be listed on the Traps tab.