Configuration Parameters

The component uses configuration parameters which are specified in [SNMPD] section of the integrated configuration file of Dr.Web for UNIX File Servers.

The section contains the following parameters:

LogLevel = {logging level}

Logging level for Dr.Web SNMP agent.

If the parameter is not specified, the DefaultLogLevel parameter value from [Root] section is used.

Default value:

LogLevel = Notice

Log = {log type}

Logging method for Dr.Web SNMP agent.

Default value:

Log = Auto

ExePath = {path to file}

Path to the executable of Dr.Web SNMPD.

Default value:

ExePath = <opt_dir>/bin/drweb-snmpd

For Linux:

ExePath = /opt/drweb.com/bin/drweb-snmpd

For FreeBSD:

ExePath = /usr/local/libexec/drweb.com/bin/drweb-snmpd

For Solaris:

ExePath = /opt/drweb.com/bin/drweb-snmpd

Start = {Boolean}

The component must be run by the configuration daemon Dr.Web ConfigD.

Default value:

Start = Yes

ListenAddress = {address}

Address (IP address and port) listened by Dr.Web SNMPD, which is waiting for client connections (SNMP managers).

Note that interaction with snmpd requires a specified port, different from the standard port (161), and snmpd must be configured for proxying.

Default value:

ListenAddress = 127.0.0.1:161

SnmpVersion = {V2c | V3}

The used SNMP protocol version (SNMPv2c or SNMPv3).

Default value:

SnmpVersion = V2c

V3EngineId = {string}

Identifier (string) of Engine ID for SNMPv3 (according to RFC3411)

Default value:

V3EngineId = 800073FA044452574542

TrapReceiver = {address list}

List of addresses (IP address and port) where Dr.Web SNMPD sends SNMP trap after Dr.Web for UNIX File Servers components detected a threat.

Addresses must be separated with commas.

Default value:

TrapReceiver =

V2cCommunity = {string}

The string "SNMP read community" for authentication of SNMP managers (SNMPv2c protocol) when Dr.Web MIB variables are accessed for reading.

The parameter is used if SnmpVersion = V2c

Default value:

V2cCommunity = public

V3UserName = {string}

The user name for authentication of SNMP managers (SNMPv2c protocol) when Dr.Web MIB variables are accessed for reading.

The parameter is used if SnmpVersion = V3

Default value:

V3UserName = noAuthUser

V3Auth = {SHA(<pwd>) | MD5(<pwd>) | None}

Method to authenticate SNMP managers (SNMPv2c protocol) when Dr.Web MIB variables are accessed for reading.

Allowed values:

SHA(<PWD>) — SHA hash of the password is used (<PWD> strings).

MD5(<PWD>) — MD5 hash of the password is used (<PWD> strings).

None — authentication is disabled.

where <PWD> is a plain text password.

The parameter is used if SnmpVersion = V3

When specifying the parameter value from the command line, you may need to escape the brackets by using the slash mark \ in some shells.

Example:

1.Value of the parameter in the configuration file:

V3Auth = MD5(123456)

2.Specifying the parameter value from the command line via command drweb-ctl cfset:

drweb-ctl cfset SNMPD.V3Auth MD5\(123456\)

Default value:

V3Auth = None

V3Privacy = {DES(<secret>) | AES128(<secret>) | None}

Method to encrypt SNMP messages (SNMPv3 protocol).

Allowed values:

DES(<secret>) — DES encryption algorithm is used.

AES128(<secret>) — AES128 encryption algorithm is used.

None — SNMP-messages are not encrypted.

where <secret> is a secret key shared by the manager and the agent (plain text).

The parameter is used if SnmpVersion = V3

When specifying the parameter value from the command line, you may need to escape the brackets by using the slash mark \ in some shells.

Example:

1.Value of the parameter in the configuration file:

V3Privacy = AES128(supersecret)

2.Specifying the parameter value from the command line via command drweb-ctl cfset:

drweb-ctl cfset SNMPD.V3Privacy AES128\(supersecret\)

Default value:

V3Privacy = None