NetXMS Support Forum

We are in the process of making some SNMP changes and during the process many devices will continue responding on v2 as well as v3 (new).  What we have discovered is that since NetXMS discovered them with v2 it just continues to chug along using that which for the most part is fine until we turn v2 off which is the plan.  HOWEVER, once we enabled v3 on the devices they started sending out SNMP Traps using v3 and NetXMS just blindly ignored them because it did not have SNMP v3 setup for the devices.

So, we were looking to mass update these under the Properties -> Communications -> SNMP section of the node.  We are talking 1000's of devices and looked to automate this through a NXSL script.  However, those properties do not appear exposed from what we have been able to discern and therefore cannot be updated. 

Looking for thoughts on how to accomplish this without adjusting the settings 1 by one on each of the nodes.  Thanks!

Hi,

you should be able to do that using nxshell script as it provides access to full Java API.

This is sample script that should change SNMP settings to V3, SHA1/AES for all nodes:

for node in [o for o in session.getAllObjects() if isinstance(o, objects.Node)]:
   print 'Node: ', node.getObjectName()
   try:
      md = NXCObjectModificationData(node.getObjectId())
      md.setSnmpVersion(SnmpVersion.V3)
      # Auth/priv set to SHA1/AES, change first number to:
      # 0 for none
      # 1 for MD5
      # 3 for SHA224
      # 4 for SHA256
      # 5 for SHA384
      # 6 for SHA512
      # Change second number to:
      # 0 for none
      # 1 for DES
      md.setSnmpAuthentication("login", 2, "authPassword", 2, "privPassword")
      session.modifyObject(md)
   except:
      print "Cannot change node configuration"


Best regards,
Victor

This will work, thanks!  Now I just need to figure out how to pattern match on the node name in that language to filter the nodes, but assuming that should be trivial. 

I would still vote for making NXSL capable of fully managing the system as that is of course what we spend most of our time writing with for all of the other processing.

Thanks as always for the solution!

While the scripting did indeed work to set the settings, NetXMS would report the SNMP agent as not responding until we did a Poll -> Configuration (Full) on the node.  Can this be triggered from the script as well?  Is this interface documented somewhere we can look to see what is all available?

Also, only partially related but with Cambium ePMP radios if we used SHA / AES combination NetXMS would not ever talk to the device.  It works fine with SHA / DES.  However, running the command line snmpget from the NetXMS box has no issues with the SHA / AES setup.  Almost seems an issue in either NetXMS or Cambium AES implementation?  Thoughts?

Forced poll is described here: https://www.netxms.org/documentation/javadoc/stable/org/netxms/client/NXCSession.html#pollObject(long,org.netxms.client.constants.ObjectPollType,org.netxms.client.TextOutputListener)

For Cambium - the fastest way to debug might be if you can provide remote access to a Cambium device for our developers. Is it possible?

Thanks for the link.  I tried calling this function a million different ways and it always caused my script to crash.

It would be very difficult to provided access to the Cambium devices as they are all private IP space.  However, we have determined that it is firmware version related and so therefore definitely on the Cambium side.  Version 4.6.1 works with AES (though you must set R/W enabled) but 4.6.2 / 4.7-RC14 do not work.  I have submitted this to Cambium.