Problem Description: CMK cannot find the credentials for SNMP v3!

Troubleshooting
,
1

**CMK version: check-mk-raw-2.2.0b3_0
**OS version: Debian 11

CMK_Problem
CMK_Problem643×621 41.7 KB

I instantiated a CMK site on a VM in order to receive messages from a switch using a SNMP Trap using SNMP v1 and SNMP v3.

I made a test to catch the Traps from the Switch.

The test failed for SNMP V3. The system claimed due to missing credentials.

Of course the credentials for SNMP v3 were provided in the configuration.

The output from CMK is shown below:

"2023-05-25 18:48:38,570 [10] [cmk.mkeventd.EventServer.snmp] prepareDataElements: SM failed, statusInformation {‘errorIndication’: InvalidMsg(‘Invalid SNMP message header parameters encountered’)}

2023-05-25 18:48:38,570 [15] [cmk.mkeventd.EventServer.snmp] Trap (v3) dropped from 172.16.2.50: {‘errorIndication’: InvalidMsg(‘Invalid SNMP message header parameters encountered’)}"

Another problem regarding SNMP v3 occurred during an active monitoring test.

Host was configured to be monitored using SNMP v3 with the same credentials.

The results of the connection test with the host showed that SNMP v1, SNMPv2c and SNMPv2c(without Bulkwalk), but SNMPv3 failed with the following message:

"SNMP Error on 172.16.2.50: Error: passphrase chosen is below the length requirements of the USM (min=8).

snmpbulkwalk: (The supplied password length is too short.)

Error generating a key (Ku) from the supplied authentication pass phrase. (Exit-Code: 1)".

I repeated the same connection test using a new host, but this time SNMP credentials were configured in the folder of the host inheriting the configuration to the host.

In this case the connection tests were successful even with SNMP v3.

I had compared the configurations of both hosts using cmd “cmk -D”.

Both files were exactly the same.

I used the same credentials for “snmpwalk” and for receiving the trap messages from the switches using another tool.

The credential were correct and SNMP v3 functioned.

Have you an idea how to fix the credential problem with SNMP v3?

The credential pattern:

security level: authentication and encryption

Authentication protocol: MD5

Security name: ***

Authentication Password: ***

Privacy protocol: CBC-DES

Privacy pass Phrase: ***

Input_from_CheckMK-D
Input_from_CheckMK-D1845×543 159 KB

CMK_Problem
CMK_Problem643×621 41.7 KB