snmp-group-entry
The snmp-group-entry element is used by an SNMPv3 agent to create a group of users that belong to a particular security model who can read, write, and add SNMP objects and receive trap notifications.
Note:
This element must be configured in order for an SNMPv3 agent to work.Parameters
- name
- Use this required
parameter to enter the SNMPv3 group name.
- Default: none
- Values: <group-name-string> that is 1 to 24 characters.
- mp-model
- Use this required parameter to enter the message processing model
- Default: v3
- Values: v2 | v3
- security-level
- Use this required parameter to enter the security level of the
SNMP group.
- Default: authPriv
- Values:
- noAuthNoPriv—This value specifies that the user group is authenticated by a string match of the user name and requires no authorization and no privacy similar to SNMPv1 and SNMPv2. This value is specified with the sec-model parameter and its v1v2 value and can only be used with the community-string parameter not specified.
- authNoPriv—This
value specifies that the user group is authenticated by using either the
HMAC-SHA2-256 or HMAC-SHA2-512 authentication protocols without privacy.
Note:
If the sec-model parameter is specified to the v1v2 value, the community-string parameter (not configured) defines a coexistence configuration where SNMP version 1 and 2 messages with the community string from the hosts indicated by the user-list parameter and the corresponding snmp-user-entry and snmp-address-entry elements are accepted. - authPriv—This default value specifies that the user group is authenticated by using either the HMAC-SHA2-256 or HMAC-SHA2-512 authentication protocols and provided privacy by using AES128 authentication. This value is specified with the SNMP sec-model parameter and its v3 value.
- community-string
- Use this optional parameter to allow the co-existence of multiple
SNMP message version types for this security group.
- Value:
<community-string> that is 1 to 24 characters.
Note:
If a community-string is configured, the sec-model parameter value can be only v1v2.
- Value:
<community-string> that is 1 to 24 characters.
- user-list
- Use this required parameter to configure host names.
- Value:
<string> that is 1 to 24 characters and must match the name of the
user-name parameter
of the
snmp-user-entry
element.
Note:
This parameter is configured with the sec-model and sec-level parameters.If the user-list value does not match an existing user name, the snmp-group-entry element configuration is invalid when verifying your configuration.
- Value:
<string> that is 1 to 24 characters and must match the name of the
user-name parameter
of the
snmp-user-entry
element.
- read-view
- Use this required parameter to specify a name for the SNMP
group's read view for a collection of MIB subtrees.
- Value: <group-read-view-string> that is 1 to 24 characters.
- write-view
- Use this required parameter to specify a name for the SNMP group's write view for a collection of MIB subtrees.
- Value: <name-token> write view that is 1 to 24 characters.
- notify-view
- Use this required parameter to specify a name for the SNMP
group's notification view for a collection of MIB subtrees.
- Value: <group-notify-view-string> that is 1 to 24 characters.
Path
snmp-view-entry is an element under the system path. The full path from the topmost ACLI prompt is: