Cannot set SNMPv3 parameters on host via REST API

tkdpython · May 19, 2021, 9:01pm

Hi

I am trying to create a host using the REST API (testing via Postman but will use python for production) and setting SNMPv3 attributes at the same time. I’ve manually configured a host with example config and then used the API to read the JSON representation of the attributes and then replicated the json list in a create host API request - eg below

POST https://checkmk/localsite/check_mk/api/v0/domain-types/host_config/collections/all
header: Accept: application/json
Body:
{
“folder”: “/”,
“host_name”: “example8.com”,
“attributes”: {
“ipaddress”: “192.168.0.18”,
“snmp_community”: [
“authPriv”,
“SHA-256”,
“SNMPV3USER”,
“authpass123”,
“DES”,
“privpass123”
],
“tag_snmp_ds”: “snmp-v2”
}
}

The result is as follows (it seems that the snmp_community field is string only and doesn’t accept a list of SNMPv3 parameters as is displayed when you do a fetch of a preconfigured host).

{
"title": "Bad Request",
"status": 400,
"detail": "These fields have problems: attributes",
"fields": {
    "attributes": {
        "snmp_community": [
            "Not a valid string."
        ]
    }
}

}

Is it possible to configure SNMPv3 via the new REST API?
If so, what is the correct format for the parameters please?

Thanks

Paul

r.sander · May 20, 2021, 4:48am

The REST API currently has a data type issue where lists cannot be processed. The developers already work to fix that. You need to wait for a next patch release.

tkdpython · May 20, 2021, 7:56am

Ok thanks for the update. Much appreciated.

nickjwest1 · May 11, 2022, 10:21am

is this fixed now i want to use this specific use case?

thl-cmk · May 11, 2022, 5:19pm

for me it works if I put the snmp settings in a dictionary not a list.

Sample SNMPv3

'snmp_community': {
    'auth_password': 'removed',
    'auth_protocol': 'SHA-1-96',
    'privacy_password': 'removed',
    'privacy_protocol': 'AES-128',
    'security_name': 'snmpv3username',
    'type': 'v3_auth_privacy'
}

Sample SNMPv2

'snmp_community': {
    'community': 'public',
    'type': 'v1_v2_community'
},

BiloxiGeek · November 3, 2022, 7:54pm

@thl-cmk

Can you hellp with a curl command line for adding a host that uses just snmpV3, authNopriv? I’ve been trying but can’t seem to figure out the precise syntax. I can get an agent host added but an snmp only host doesn’t work for me yet.

BiloxiGeek · November 4, 2022, 10:36am

Guess what I’m looking for would be the webapi command line version of setting this:

I’ve tried this and variations so far with no luck:

curl "cmkhost/cmksite/check_mk/webapi.py?action=add_host&_username=automation&_secret=SECRETSTRING" -d 'request={"hostname":"snmponlyhost","folder":"folder/subfolder","attributes":{"site":"cmksite","tag_agent":"snmp-v3"},"snmp_community":{"auth_password":"password","auth_protocol":"SHA-1-96","security_name":"secname_here","type":"v3_auth_noprivacy"}}'

thl-cmk · November 4, 2022, 11:40am

@BiloxiGeek I thik you are using the wrong url. you sould use the CMK REST API. See Help in your site for more information about the REST API

There is an interactive playground to try it out Here you find also code samples for cURL.

curl -X 'POST' \
  'http://your.cmk.server/your_site/check_mk/api/1.0/domain-types/host_config/collections/all' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer automation_user automation_user_secret' \
  -H 'Content-Type: application/json' \
  -d '{
        "folder": "/",
        "host_name": "your_host_name",
        "attributes": {
		"ipaddress": "192.168.10.10",
		"tag_agent": "no-agent",
		"tag_snmp_ds": "snmp-v2",
		"snmp_community": {
		    "auth_password": "removedremoved",
		    "auth_protocol": "SHA-1-96",
		    "privacy_password": "removedremoved",
		    "privacy_protocol": "AES-128",
		    "security_name": "snmpv3username",
		    "type": "v3_auth_privacy"
		}
	}
    }'

“tag_agent”: “no-agent”, → for SNMP only hosts
"“tag_snmp_ds”: “snmp-v2”, → activate SNMP v2/v3

and here the host created in CMK by this.

BiloxiGeek · November 4, 2022, 12:35pm

@thl-cmk Thanks, I think I managed to start with an old script from a previous check_mk setup, more than few version old most likely.

I’m fiddling around with the rest api interactive now and making progress.

system · November 4, 2023, 12:36pm

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.