StyleBook configuration

SNMP configuration StyleBook

A Simple Network Management Protocol (SNMP) application helps you log ADC events in ADM. This application runs on ADM and queries the SNMP agent on an ADC instance. The agent searches the management information base (MIB) for data requested by the network management application and sends the data to the application.

When a configuration change occurs on an instance, an SNMP trap is generated. The traps are then sent to a remote device called a trap destination server or the SNMP trap destination. Citrix ADM is configured as the trap destination. You can query the SNMP agent for system-specific information from a remote device called an SNMP manager. The agent then searches the management information base (MIB) for requested data and sends the data to the SNMP manager.

Do the following steps to deploy SNMP configurations on an ADC instance using StyleBook:

  1. In Citrix ADM, go to Applications > Configuration > StyleBooks. Search for the StyleBook by typing the name as snmp_configuration. Click Create Configuration.

    The StyleBook opens as a user interface page on which you can enter the values for all the parameters defined in this StyleBook.

  2. Specify the following parameters:

    • SNMP MIB configuration - Specify the following instance information:

      • Administrator’s contact: The email address of an administrator.

      • Citrix ADC Name: Name of an ADC instance.

      • Citrix ADC Location: The physical location of an instance.

      • Custom identitfication number: Custom identification number for the Citrix ADC. This number helps to identify an instance.

      • Ownernode: The cluster node ID where you set this MIB. This field is mandatory to set SNMP MIB on CLIP.

      SNMP MIB configuration

    • SNMP Comunity configuration - An SNMP community configuration authenticates SNMP queries from SNMP managers. You can associate this string with any SNMP query types such as GET, GET NEXT, ALL, GET BULK.

      SNMP community configuration

    • SNMP Engine id configuration - The SNMPv3 engine has a unique identification (ID). This ID is used in the communication between SNMPv3 user and SNMPv3 engine. This ID is a hexadecimal value of minimum 10 characters. In this configuration, specify the Ownernode that you mention with the MIB configuration.

      SNMP engineID

    • SNMP Option configuration - You can enable or disable SNMP options for an SNMP manager.

      • SNMP Set Requests: Enable this option that allows SNMP managers to write values to MIB objects.

      • SNMP Trap Logging: This option logs SNMP trap events.

      • SNMP Trap Logging Level: This option sends an audit log level of SNMP trap logs.

      • Send Partition Name: This option sends the partition name.

      SNMP options

    • SNMP Manager configuration - An SNMP manager to query an ADC instance. The manager complies with SNMP V1, V2, and V3. If you specify one or more SNMP managers, the instance does not accept SNMP queries from any hosts except the specified SNMP managers.

      • IP Address: An IP address of the SNMP manager.

      • Netmask: Subnet mask associated with an IPv4 network address.

      • Domain Resolve Retry: If the last DNS query fails to resolve the SNMP manager host name, the ADC instance waits for the specified interval before sending another DNS query.

      SNMP Manager

    • SNMP Alarm configuration - Add SNMP alarms to generate enterprise-specific trap messages. An ADC instance sends the trap messages only to trap listeners of type (class) SPECIFIC. The SNMP alarms are either event based or threshold based.

      • Trap Name: Name of the SNMP alarm.

      • State: An ADC instance generates trap messages only for SNMP alarms that are enabled.

      • Logging: When you enable logging, the ADC instance logs every trap message that is generated for this alarm.

      • High Threshold Value: This value is the maximum limit of an attribute associated with this alarm. When the attribute reaches or exceeds this value, an ADC instance generates an SNMP trap message.

      • Normal Threshold Value: This value is the minimum limit of an attribute associated with this alarm. When the attribute reaches or drops below this value, an ADC instance generates an SNMP trap message.

      • Time (sec): An interval at which the ADC instance generates SNMP trap messages when the specified conditions are met.

      • Severity: The severity level for the trap messages generated by this alarm. This field helps when you want an instance to send trap messages based on severity level.

      SNMP Alarm

    • SNMP Trap configuration - This configuration adds SNMP trap listeners. An ADC instance generates trap messages to report abnormal conditions. The trap messages are sent to a trap listener to help administrators to monitor the instance and respond promptly to any issues.

      • Trap Class: Type of trap messages that an instance sends to a trap listener.

      • Trap Destination: The IPv4 or IPv6 address of the trap listener. An instance sends SNMP trap messages to this IP address.

      • Version: An SNMP version. This version must match the version on the trap listener. Otherwise, the listener drops the trap messages.

      • UDP Destination Port: UDP port at which the trap listener receives for trap messages. This value must match the value on the trap listener. Otherwise, the listener drops the trap messages.

      • Community Name: A string is sent with the trap messages. Trap listener uses this string for authentication.

      • Src IP: Source IP address. The IPv4 or IPv6 address of an ADC instance.

      • Severity: The severity level for the trap messages. An ADC instance sends the trap messages for the specified and above severity levels.

      • Traffic Domain: An integer value that uniquely identifies the traffic domain.

      • All Partitions: If this option is enabled, an instance sends the trap messages of all partitions to the destination IP address.

      SNMP Trap

    • SNMP View configuration - SNMP views are used to implement access control for an SNMPv3 user. The SNMP views restrict the user access to specific portions of MIB.

      • View Name: A name for the SNMPv3 view.

        An instance can have multiple SNMPv3 views with the same name, differentiated by subtree parameter settings. You can add a maximum of 1000 SNMPv3 views.

      • Subtree: A particular branch (subtree) of the MIB tree that you want to associate with this SNMPv3 view. You must specify the subtree as an SNMP OID.

      • Type: This field allows you to include or exclude subtrees from a view.

      SNMP subtree

      SNMP View

    • SNMP Group configuration - The SNMPv3 user groups on an instance. These groups are logical aggregations of SNMPv3 users. SNMPv3 groups are used to implement access control and define the security levels for the users. You can add a maximum of 1000 SNMPv3 groups to an ADC instance.

      SNMP Group

    • SNMP User Configuration - Add SNMPv3 users who can send SNMP queries to an ADC instance. You can add a maximum of 1000 SNMPv3 users.

      • Name: Name of the SNMPv3 user.

      • Group: Name of the configured SNMPv3 group that you want to bind with the SNMPv3 user. The access rights (bound SNMPv3 views) and security level set for this group are assigned to this user.

      • Authype: An algorithm used to authenticate the SNMPv3 user to access the ADC instance. You must specify the same authentication algorithm when you configure the SNMPv3 user in the SNMP manager.

      • Authpassword: A password for authentication. This password uses the specified authentication algorithm type.

      • Privtype: An algorithm that encrypts the communication between a SNMPv3 user and the ADC instance.

      • privpasswd: An encryption key for the encryption algorithm specified in Privtype.

      SNMP User

    • SNMP User Trap binding configuration - SNMPv3 provides security capabilities such as authentication and encryption by using the credentials of SNMP users. An SNMP manager can receive SNMPv3 trap messages only if its configuration includes the password assigned to the SNMP user.

      SNMP User Trap Binding

  3. In Target Instances, select instances or instance groups where you want to run the configuration.

    Note

    You can deploy the configuration on more than one Citrix ADC, by specifying as many target instances as needed.

  4. In Tag Assosiation, associate all present and future StyleBook tags with the configuration.

    This option associates all the StyleBook tags to a configuration pack. It also makes sure to associate the new tags that you might add to the StyleBooks in future.

  5. Click Dry Run.

    The Objects page displays the objects that get created, modified, or removed from the Citrix ADC instances.

  6. Click Create.

    The configuration pack appears in the StyleBook > Configurations page.

SNMP configuration StyleBook