Configuration Parameters

 Top  Previous  Next

The component uses configuration parameters which are specified in the [SNMPD] section of the integrated configuration file of Dr.Web for UNIX.

The section contains the following parameters:

LogLevel = {logging level}

Logging level.

If the parameter value is not specified, the DefaultLogLevel parameter value from the [Root] section is used.

Default value:

LogLevel = Notice

Log = {log type}

Logging method.

Default value:

Log = Auto

ExePath = {path to file}

Path to the executable file of the component.

Default value:

ExePath = <opt_dir>/bin/drweb-snmpd

For Linux:

ExePath = /opt/drweb.com/bin/drweb-snmpd

For FreeBSD:

ExePath = /usr/local/libexec/drweb.com/bin/drweb-snmpd

For Solaris:

ExePath = /opt/drweb.com/bin/drweb-snmpd

Start = {boolean}

The component must be launched by the configuration daemon Dr.Web ConfigD.

When you specify the Yes value for this parameter, it instructs the configuration daemon to start the component immediately; and when you specify the No value, it instructs the configuration daemon to terminate the component immediately.

Default value:

Start = No

RunAsUser = {UID | user name}

The parameter determines under which user name the component should be run. The user name can be specified either as the user’s number UID or as the user’s login. If the user name consists of numbers (i.e. similar to number UID), it is specified with the “name:” prefix, for example: RunAsUser = name:123456.

When a user name is not specified, the component operation terminates with an error after the startup.

Default value:

RunAsUser = drweb

ListenAddress = {address}

Address (IP address and port) listened by Dr.Web SNMPD, which is waiting for client connections (SNMP managers).

Note that interaction with snmpd requires a specified port, different from the standard port (161), and snmpd must be configured for proxying.

Default value:

ListenAddress = 127.0.0.1:161

SnmpVersion = {V2c | V3}

The used SNMP protocol version (SNMPv2c or SNMPv3).

Default value:

SnmpVersion = V2c

V3EngineId = {string}

Identifier (string) of Engine ID for SNMPv3 (according to RFC 3411).

Default value:

V3EngineId = 800073FA044452574542

TrapReceiver = {address list}

List of addresses (IP address and port) where Dr.Web SNMPD sends SNMP trap notifications after Dr.Web for UNIX components detected a threat.

Addresses must be separated with commas.

Default value:

TrapReceiver =

V2cCommunity = {string}

The string “SNMP read community” for authentication of SNMP managers (SNMPv2c protocol) when Dr.Web MIB variables are accessed for reading.

The parameter is used if SnmpVersion = V2c.

Default value:

V2cCommunity = public

V3UserName = {string}

The user name for authentication of SNMP managers (SNMPv3 protocol) when Dr.Web MIB variables are accessed for reading.

The parameter is used if SnmpVersion = V3.

Default value:

V3UserName = noAuthUser

V3Auth = {SHA(<pwd>) | MD5(<pwd>) | None}

Method to authenticate SNMP managers (SNMPv3 protocol) when Dr.Web MIB variables are accessed for reading.

Allowed values:

SHA(<PWD>)—SHA hash of the password is used (<PWD> strings).

MD5(<PWD>)—MD5 hash of the password is used (<PWD> strings).

None—authentication is disabled.

where <PWD> is a plain text password.

When specifying the parameter value from the command line, you may need to escape the brackets by using the slash mark \ in some shells.

Examples:

1.Parameter value in the configuration file:

V3Auth = MD5(123456)

2.Specifying the same parameter value from the command line via command drweb-ctl cfset:

drweb-ctl cfset SNMPD.V3Auth MD5\(123456\)

The parameter is used if SnmpVersion = V3.

Default value:

V3Auth = None

V3Privacy = {DES(<secret>) | AES128(<secret>) | None}

Method to encrypt SNMP messages (SNMPv3 protocol).

Allowed values:

DES(<secret>)—DES encryption algorithm is used.

AES128(<secret>)—AES128 encryption algorithm is used.

None—SNMP-messages are not encrypted.

where <secret> is a secret key shared by the manager and the agent (plain text).

When specifying the parameter value from the command line, you may need to escape the brackets by using the slash mark \ in some shells.

Examples:

1.Parameter value in the configuration file:

V3Privacy = AES128(supersecret)

2.Specifying the same parameter value from the command line via command drweb-ctl cfset:

drweb-ctl cfset SNMPD.V3Privacy AES128\(supersecret\)

The parameter is used if SnmpVersion = V3.

Default value:

V3Privacy = None