SNMP for ArcSight Appliances

Summary:

This document explains how to set up Simple Network Management Protocol (SNMP) for monitoring appliances and loggers in the ArcSight platform, including configuring SNMP traps for system health monitoring and MIB polling for hardware status from sensor data. It covers setting up multiple destinations for SNMP messages within a connector appliance, as well as configuring audit forwarding to send audit events like user configurations or upgrades via SNMP to designated destinations. The document is intended for use with HP Logger appliances and provides detailed instructions on configuring SNMPv1/v2 support, managing audit logs, setting real-time alerts, and more. It includes information about the appliance's features such as MIB for health monitoring, multiple SNMP destination support, alerting for both appliance and application audit logs, a GUI configuration, online help, and technical specifications. The document also offers references to additional resources for further study.

Details:

This document provides an overview of Simple Network Management Protocol (SNMP), discussing its use in network management and detailing how to configure SNMP for monitoring connector appliances and loggers using the ArcSight platform. SNMP is a protocol used for managing devices on IP networks, enabling remote management of various network-attached devices such as routers, switches, firewalls, and more. The document outlines two deployment scenarios: one utilizing SNMP traps for system health monitoring and another employing SNMP MIB (management information base) polling for hardware status from sensor data. It also explains the process of configuring multiple destinations for SNMP messages within the connector appliance setup. Additionally, it covers the configuration of audit forwarding to send audit events such as user configurations or appliance upgrades via SNMP to designated destinations. This document outlines the steps for configuring and managing audit logs and real-time alerts using SNMP in a Logger appliance from Hewlett-Packard (HP). It includes instructions on how to configure multiple SNMP destinations, set up real-time alerts with filters, enable appliance health event sending, and configure SNMPv1 and v2 support. Additionally, it provides information about the features of the Logger appliance, including its MIB for appliance health monitoring, multiple SNMP destination support, SNMP alerting for both appliance and application audit logs, a graphical user interface (GUI) setting configuration, on-line help, and technical specifications. The document also includes references to additional resources and documentation for further information.