Fortanix DSM for Adding SNMP Trap Handler on Sensu Server

1.0 Introduction

The purpose of this guide is to describe procedure to add a Simple Network Management Protocol (SNMP) trap handler to forward the traps from Sensu virtual machine (VM) to an SNMP Server.

2.0 Terminology References

SNMP - Simple Network Management Protocol
TCP - Transport Layer Security
UDP - User Datagram Protocol

3.0 Prerequisites

Before proceeding with the SNMP handler configuration, ensure the following:

The Sensu server is already set up and monitoring the Fortanix DSM targets.
The SNMP server is properly configured.
The Sensu VM has network connectivity to the SNMP server over the required TCP or UDP ports.

3.1 List of Required Ports

The following ports must be accessible from the Sensu VM to the SNMP server (one way):

Protocol	Port Number	Purpose
TCP	162	To receive Sensu Traps over TCP
UDP	161	To receive Sensu Traps over UDP

4.0 Configure SNMP Trap Handler on Sensu VM

This section explains how to configure the SNMP trap handler on the Sensu VM for forwarding alerts to the SNMP server.

4.1 Setting Up SNMP Asset

Perform the following steps:

Run the following command to navigate to the Monitoring-Server-Artifacts folder on the Sensu VM created in “Section 5.1: Setting Up Sensu Server” in the Fortanix DSM with Sensu Monitoring and Alerting guide:
```
cd Monitoring-Server-Artifacts
```

Run the following command to execute the add_handlers.sh script to add an SNMP handler:

./add_handlers.sh

When prompted, select Y for SNMP handler:

./add_handlers.sh
Do you want to create email handler ? (Y/N): N
Do you want to create snmp-trap handler ? (Y/N): Y
Creating SNMP trap handler
Specify the snmp host : <SNMP_HOST_IP>
Specify the snmp port: <SNMP_HOST_PORT>

Run the following command to check the SNMP trap handler asset details:

sensuctl asset info sensu-snmp-trap-handler

The output may resemble as follows:

=== sensu-snmp-trap-handler
Name:  sensu-snmp-trap-handler
Namespace: default
URL: http://10.197.188.16/sensu-snmp-trap-handler_0.2.2_linux_amd64.tar.gz
SHA-512 Checksum: c350ec73cee0a38fbe05e8a11e217aae4cc77ced1f2f1c8ba31d287005e34e7f33b09850a4c810d6f1e0309cc569c7ae6ddfd686313e06aa73b2e44b885da61f
Filters: entity.system.os == 'linux', entity.system.arch == 'amd64'

Verify the SNMP handler configuration from Sensu Web user interface (UI):
Figure 1: Select SNMP handler
Figure 2: SNMP handler specification

4.2 Verification of SNMP Traps

Verify the SNMP traps are received on the SNMP server:

tcpdump -i any src host <snmp-server-ip> -vv

The Sensu SNMP traps are received in the following format:

5.0 Configure Keepalive Handler

This section explains how the keepalive handler monitors the status of the sensu-agent service on each node.

5.1 Configure Keepalive Handler on Sensu VM

Perform the following steps on the Sensu VM:

Run the following command to navigate to the Monitoring-Server-Artifacts folder in the Sensu VM created in “Section 5.1: Setting Up Sensu Server” in the Fortanix DSM with Sensu Monitoring and Alerting guide:
```
cd Monitoring-Server-Artifacts
```
Run the following command to create the keepalive-handler.yml file:
```
vi keepalive-handler.yml
```

Add the following configuration to the keepalive-handler.yml file:

type: Handler
api_version: core/v2
metadata:
  name: keepalive
  namespace: default
spec
  handlers:
  - snmp-handler
  type: set
  filters:
  - is_incident
  - not_silenced

Run the following command to create the keepalive handler:
```
sensuctl create -f keepalive-handler.yml
```
Run the following commands to start and enable the sensu-agent service:
```
sudo systemctl daemon-reload
sudo systemctl restart sensu-agent
```
Run the following command to check the status of the sensu-agent service:
```
sudo systemctl status sensu-agent
```

5.2 Configuration Changes on Fortanix DSM Node

Perform the following steps on each Fortanix DSM node where the sensu-agent service is configured:

Add the following values in the agent.yaml file present in the /etc/sensu/ directory:
```
keepalive-warning-timeout: 60
keepalive-critical-timeout: 90
```

Run the following commands to restart the sensu-agent service:

sudo systemctl daemon-reload
sudo systemctl restart sensu-agent
sudo systemctl status sensu-agent

5.3 Verification of SNMP Traps

Run the following command to verify that SNMP traps are being received on the SNMP server:

tcpdump -i any src host <snmp-server-ip> -vv

The SNMP traps in Sensu appears in the following format:

Fortanix DSM for Adding SNMP Trap Handler on Sensu Server

1.0 Introduction

2.0 Terminology References

3.0 Prerequisites

3.1 List of Required Ports

4.0 Configure SNMP Trap Handler on Sensu VM

4.1 Setting Up SNMP Asset

4.2 Verification of SNMP Traps

5.0 Configure Keepalive Handler

5.1 Configure Keepalive Handler on Sensu VM

5.2 Configuration Changes on Fortanix DSM Node

5.3 Verification of SNMP Traps

PLATFORM

Key Insight

Data Security Manager™

Confidential Computing Manager

Enclave Development Platform®

Request A demo

Contact Us

Free Trial

SOLUTIONS

AWS KMS External Key Store (XKS)

Google External Key Manager

Bring Your Own Key (BYOK)

HSM Modernization

Multicloud Key Management

Post Quantum Cryptography

Code Signing

Secrets Management

Tokenization Transparent

Database Encryption

Filesystem Encryption

Confidential Data Search

Confidential AI

Healthcare

Banking & Financial Services

Fintech

Manufacturing

Web 3.0

Federal Government

RESOURCES

Blog

Whitepapers

Datasheets

Solution Briefs

Ebooks

Reports

Case Studies

Webinars

University

Media Kit

Newsletters

COMPANY

About

Careerswe’re hiring

Customers

Partners

Awards

Events

Press

News

Services

Support

FAQ

4.6