SlideShare a Scribd company logo

Weblogic snmp

Aditya Bhuyan
Aditya Bhuyan

SNMP In Weblogic

Technology
1 of 14
Download to read offline
SNMP
Overview of SNMP ● With SNMP, a manager sends a request for information about managed resources to an agent. The agent gathers the requested data and returns a response. You can also configure agents to issue unsolicited reports (notifications) to managers when they detect predefined thresholds or conditions on a managed resource. ● To request data about a specific managed resource, a manager must be able to uniquely identify the resource. In SNMP, each type of managed resource is described in a Management Information Base (MIB) as a managed object with a unique object identifier (OID). Individual organizations define their specific managed objects in MIB modules. Both manager and agent must have access to the same MIB module to communicate about specific managed resources.
WebLogic Server SNMP Agents WebLogic Server SNMP agentsquery theWebLogic Server managementsystemand communicatetheresultstomanagersover theSNMP protocol. TheWebLogic Server managementsystemexposesmanagementdatathroughacollectionof managedbeans(MBeans). WhenaWebLogic Server SNMP agentreceivesarequestfromamanager, itdetermineswhich MBeancorrespondstotheOID inthemanager'srequest. Thenitretrievesthedataandwrapsitin anSNMP response. YoucanuseWebLogic Server SNMP agentsto: RespondtosimpleGET requestsfromanSNMP manager for thecurrentvalueof WebLogic Server MBeanattributes. ■UseJMX monitorstopoll WebLogic Server MBeansperiodically andsendnotificationsto SNMP managerswhentheMBeanattributeschangeinaway thatyouspecify. ■SendnotificationstoSNMP managerswhentheAdministrationServer or any ManagedServer startsor shutsdown. ■Listenfor specific logmessagesandsendnotificationstoSNMP managerswhenWebLogic Server generatesthem. ■Actasaproxy agentthatpassesrequestsfromanSNMP manager toother (non-WebLogic) SNMP agents(suchasanOracledatabaseagent) onthesamemachine.
Organizing SNMP Agents in a Domain IneachWebLogicServer domain, youcancreatemultipleSNMP agentsandorganize themintoade-centralizedor centralizedmodel for SNMP monitoringand communication: ■Inade-centralizedmodel, youcreateSNMP agentsoneachManagedServer. SNMP managerscommunicatewiththeagentsonindividual ManagedServers. ■Inacentralizedmodel, youcreateanSNMP agentonly ontheAdministrationServer. SNMP managerscommunicateonly withtheSNMP agentontheAdministrationServer andtheagentgathersmonitoringdatafromall ManagedServersinthedomain.
Configuring SNMP Protocols A WebLogicServer SNMP agentcanalwayscommunicatewith managersusingtheSNMPv3protocol. Youcanconfigurewhether theagentalsosupportstheSNMPv1andSNMPv2protocols. While youcannotpreventanagentfromreceivingSNMPv3requests, an agentprocessesonly requestsfromknownusersthatyouconfigure throughtheWebLogicServer security realm.
Configuring UDP and TCP Ports ● AnSNMP agentcommunicatesthroughaportthatacceptsUDP trafficandanother portthatacceptsTCP traffic. ● By default, all TCP trafficusesthehostserver'slistenport. For example, if youtargetthisagenttoaserver namedManagedServer1 andManagedServer1listensfor requestsonport7001, thentheSNMP agentlistensfor TCP requestsonport7001. ● WhencommunicatingthroughaTCP port, WebLogicServer protects SNMP communicationfromdenial of service(DOS) attacks. If you wanttoseparateSNMP TCP trafficfrombusinesstraffic, youcan createacustomnetwork channel.
Narrowing the Scope of a Request WhenanSNMP manager sendsarequesttoanagentontheAdministrationServer, theagent'sresponsecan potentially containdatathatdescribesmultipleinstancesof theobject. For example, theobject serverUptime existsfor eachWebLogicServer instanceinadomain. If amanager sendsarequestfor serverUptime toanagentonanAdministrationServer, theresponsecontainsoneserverUptime instancefor eachserver inthedomain. Youcannarrow thescopeof arequestby encodingadditional informationinthemanager'srequest. The informationthatyouencodedependsonwhichSNMP protocol youuse: InarequestthatusestheSNMPv1or SNMPv2protocol, appendthenameof theserver instancetothe SNMP community namethatitsendswiththerequestasfollows: community_prefix@server_name wherecommunity_prefix istheSNMP community nameandserver_name isthenameof the targetedManagedServer. Thecommunity_prefix valuesentby themanager mustmatchthevaluethat yousetintheCommunity Prefix fieldwhenyouconfiguretheSNMP agent. Torequestamanagedobjectfor all server instancesinadomain, sendacommunity nametotheWebLogic SNMP agentwiththefollowingform: community_prefix InarequestthatusestheSNMPv3protocol, encodethenameof theManaged Server intherequest'scontextnamefield.
MonitoringSNMPAgents For eachSNMP agentinadomain, theSNMP: Monitoringtabof theWebLogicServer AdministrationConsoleprovidessuch informationashow many notificationstheagenthassentto managersandhow many authenticationattemptshavefailed. YoucanalsoaccessthismonitoringinformationusingWebLogic ScriptingTool (WLST) or aJMX clienttoaccessthenew SNMPAgentRuntimeMBean.
Security for SNMP ● Community Names for SNMPv1 and SNMPv2 ● Disabling SNMPv1 and SNMPv2 ● Configuring Security for SNMPv3 ● Invalidating the SNMPv3 Credential Cache
Community Names for SNMPv1 and SNMPv2 ● ToensurethatanSNMP manager requestingdatafromtheWebLogic SNMP agenthaspermissiontoobtainthedata, andtoverify thatthe agenthaspermissiontosendnotificationstoatargetmanager, SNMPv1andSNMPv2useclear-textpasswordscalledcommunity names. ● WhenyoucreateanSNMP agent, youspecify thecommunity name thattheagentexpectsfromtheSNMP manager.
Disabling SNMPv1 and SNMPv2 ● BecauseSNMPv1andSNMPv2useclear-text passwords, thelevel of security isweak. If youcan useSNMPv3tocommunicatewithmanagers, consider disablingSNMPv1andSNMPv2by disablingcommunity basedaccessfor eachSNMP agent.
Configuring Security for SNMPv3 ● IntheSNMPv3protocol, bothSNMP agentandmanager mustencodeidentical credentialsintheir PDUsfor thecommunicationtosucceed. Thecredentialsinclude several tokens: auser name, anSNMP engineID, anauthorizationprotocol, andan optional privacy password, all of whichareencryptedbeforebeingtransportedover thenetwork. ● InWebLogicServer, SNMP agentswork withthedomain'ssecurity realmtosecure communication. TheSNMP agentdecodesSNMP credentialsinrequestsandpasses theSNMP user nametothesecurity realm. Thesecurity realmmapstheSNMP user nametoaWebLogicServer user, authenticatestheuser, andauthorizesaccessto monitoringdatainthedomain. TomaptheSNMP credentialstoauser ina WebLogicServer security realm, youcreateacredential map.
Invalidating the SNMPv3 Credential Cache ● Tooptimizeperformance, anSNMP agentcachesthecredential mapsthat correlateWebLogicServer userswithSNMP credentials. Tomakesurethat thecachecontainsthelatestsetof SNMP credentials, anagentperiodically invalidatesitscache. After thecacheisinvalidated, thenexttimetheagent requestscredentials, itregeneratesitscache. ● Notethatmakingachangetothecredential mapdoesnotautomatically updatethecachefor SNMP agents. Instead, thecacheisupdatedonly after it hasbeeninvalidated. For example, if youupdateaprivacy passwordinan existingentry intheSNMP credential map, SNMP agentsarenotawareof thenew passworduntil their cachesareinvalidatedandregenerated. An SNMP user withtheoldsecurity passwordcanstill usetheagentstoaccess WebLogicServer datauntil thecacheisinvalidated. ● After youmodify acredential map, youcaneither waitfor eachSNMP agent toinvalidateitscache, or youcaninvalidateitimmediately.
Weblogic snmp

Recommended

Message Queue (MQ) Testing
Message Queue (MQ) TestingMessage Queue (MQ) Testing
Message Queue (MQ) TestingUjjwal Gupta
 
Arun prjct dox
Arun prjct doxArun prjct dox
Arun prjct doxBaig Mirza
 
Unified log-meetup-20160420
Unified log-meetup-20160420Unified log-meetup-20160420
Unified log-meetup-20160420Oli Deakin
 
Naqab kushai pir muhammad chishti ki
Naqab kushai pir muhammad chishti kiNaqab kushai pir muhammad chishti ki
Naqab kushai pir muhammad chishti kiMuhammad Tariq
 
2 Rooted in Time: Dalene Matthee's Knysna forest novels
2 Rooted in Time: Dalene Matthee's Knysna forest novels2 Rooted in Time: Dalene Matthee's Knysna forest novels
2 Rooted in Time: Dalene Matthee's Knysna forest novelsCape Coastal Route
 
letter - Mr. Balducci.PDF
letter - Mr. Balducci.PDFletter - Mr. Balducci.PDF
letter - Mr. Balducci.PDFAureliano Balducci
 
8 Rooted in Time: Dal van Varings
8 Rooted in Time: Dal van Varings8 Rooted in Time: Dal van Varings
8 Rooted in Time: Dal van VaringsCape Coastal Route
 
EWL Programme flyer April final-2-2-2
EWL Programme flyer April final-2-2-2EWL Programme flyer April final-2-2-2
EWL Programme flyer April final-2-2-2Denise Wright, CCPC
 

Recommended

Message Queue (MQ) Testing
Message Queue (MQ) TestingMessage Queue (MQ) Testing
Message Queue (MQ) TestingUjjwal Gupta
 
Arun prjct dox
Arun prjct doxArun prjct dox
Arun prjct doxBaig Mirza
 
Unified log-meetup-20160420
Unified log-meetup-20160420Unified log-meetup-20160420
Unified log-meetup-20160420Oli Deakin
 
Naqab kushai pir muhammad chishti ki
Naqab kushai pir muhammad chishti kiNaqab kushai pir muhammad chishti ki
Naqab kushai pir muhammad chishti kiMuhammad Tariq
 
2 Rooted in Time: Dalene Matthee's Knysna forest novels
2 Rooted in Time: Dalene Matthee's Knysna forest novels2 Rooted in Time: Dalene Matthee's Knysna forest novels
2 Rooted in Time: Dalene Matthee's Knysna forest novelsCape Coastal Route
 
letter - Mr. Balducci.PDF
letter - Mr. Balducci.PDFletter - Mr. Balducci.PDF
letter - Mr. Balducci.PDFAureliano Balducci
 
8 Rooted in Time: Dal van Varings
8 Rooted in Time: Dal van Varings8 Rooted in Time: Dal van Varings
8 Rooted in Time: Dal van VaringsCape Coastal Route
 
EWL Programme flyer April final-2-2-2
EWL Programme flyer April final-2-2-2EWL Programme flyer April final-2-2-2
EWL Programme flyer April final-2-2-2Denise Wright, CCPC
 
Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management ProtocolPrasenjit Gayen
 
CCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokCCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokAhmed Gad
 
SNMP.pptx
SNMP.pptxSNMP.pptx
SNMP.pptxTanzeelGill
 
Snmp chapter7
Snmp chapter7Snmp chapter7
Snmp chapter7jignash
 
Snmp
SnmpSnmp
Snmphetaljadav
 
SNMP AT a GLANCE
SNMP AT a GLANCESNMP AT a GLANCE
SNMP AT a GLANCEassinha
 
Snmp vulnerability assessment
Snmp vulnerability assessmentSnmp vulnerability assessment
Snmp vulnerability assessmentSupriya G
 
Snmp
SnmpSnmp
Snmpjignash
 
Ccna notes
Ccna notesCcna notes
Ccna notesMubeen Chughtai
 
TelScale SNMP and JMX management - Mobicents Summit 2011
TelScale SNMP and JMX management - Mobicents Summit 2011TelScale SNMP and JMX management - Mobicents Summit 2011
TelScale SNMP and JMX management - Mobicents Summit 2011telestax
 
Network Management Security NS8
Network Management Security NS8Network Management Security NS8
Network Management Security NS8koolkampus
 
001 implementation nms_software
001 implementation nms_software001 implementation nms_software
001 implementation nms_softwareHamdamboy (함담보이)
 
Snmp
SnmpSnmp
SnmpMd. Asifur Rahman Siddiki
 
Unit 5.1 network 2.pptx
Unit 5.1 network 2.pptxUnit 5.1 network 2.pptx
Unit 5.1 network 2.pptxLilyMkayula
 
Protocol snmp
Protocol snmpProtocol snmp
Protocol snmpNzava Luwawa
 
(Snmp) simple network management protocol
(Snmp) simple network management protocol(Snmp) simple network management protocol
(Snmp) simple network management protocolGouasmia Zakaria
 
Snmp protocol
Snmp protocolSnmp protocol
Snmp protocolEM Kautsar
 
Network Management System and Protocol usibility
Network Management System and Protocol usibilityNetwork Management System and Protocol usibility
Network Management System and Protocol usibilityHamdamboy (함담보이)
 
Centralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructureCentralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructureMOHD ARISH
 
Remoting and serialization
Remoting and serializationRemoting and serialization
Remoting and serializationChathurangi Shyalika
 
Weblogic Cluster Security
Weblogic Cluster SecurityWeblogic Cluster Security
Weblogic Cluster SecurityAditya Bhuyan
 
Weblogic Plugin
Weblogic PluginWeblogic Plugin
Weblogic PluginAditya Bhuyan
 

More Related Content

Similar to Weblogic snmp

Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management ProtocolPrasenjit Gayen
 
CCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokCCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokAhmed Gad
 
Snmp chapter7
Snmp chapter7Snmp chapter7
Snmp chapter7jignash
 
SNMP AT a GLANCE
SNMP AT a GLANCESNMP AT a GLANCE
SNMP AT a GLANCEassinha
 
Snmp vulnerability assessment
Snmp vulnerability assessmentSnmp vulnerability assessment
Snmp vulnerability assessmentSupriya G
 
TelScale SNMP and JMX management - Mobicents Summit 2011
TelScale SNMP and JMX management - Mobicents Summit 2011TelScale SNMP and JMX management - Mobicents Summit 2011
TelScale SNMP and JMX management - Mobicents Summit 2011telestax
 
Network Management Security NS8
Network Management Security NS8Network Management Security NS8
Network Management Security NS8koolkampus
 
Unit 5.1 network 2.pptx
Unit 5.1 network 2.pptxUnit 5.1 network 2.pptx
Unit 5.1 network 2.pptxLilyMkayula
 
(Snmp) simple network management protocol
(Snmp) simple network management protocol(Snmp) simple network management protocol
(Snmp) simple network management protocolGouasmia Zakaria
 
Network Management System and Protocol usibility
Network Management System and Protocol usibilityNetwork Management System and Protocol usibility
Network Management System and Protocol usibilityHamdamboy (함담보이)
 
Centralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructureCentralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructureMOHD ARISH
 

Similar to Weblogic snmp (20)

Simple Network Management Protocol
Simple Network Management ProtocolSimple Network Management Protocol
Simple Network Management Protocol
 
CCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the NetwokCCNA4v5 Chapter 8 - Monitoring the Netwok
CCNA4v5 Chapter 8 - Monitoring the Netwok
 
SNMP.pptx
SNMP.pptxSNMP.pptx
SNMP.pptx
 
Snmp chapter7
Snmp chapter7Snmp chapter7
Snmp chapter7
 
Snmp
SnmpSnmp
Snmp
 
SNMP AT a GLANCE
SNMP AT a GLANCESNMP AT a GLANCE
SNMP AT a GLANCE
 
Snmp vulnerability assessment
Snmp vulnerability assessmentSnmp vulnerability assessment
Snmp vulnerability assessment
 
Snmp
SnmpSnmp
Snmp
 
Ccna notes
Ccna notesCcna notes
Ccna notes
 
TelScale SNMP and JMX management - Mobicents Summit 2011
TelScale SNMP and JMX management - Mobicents Summit 2011TelScale SNMP and JMX management - Mobicents Summit 2011
TelScale SNMP and JMX management - Mobicents Summit 2011
 
Network Management Security NS8
Network Management Security NS8Network Management Security NS8
Network Management Security NS8
 
001 implementation nms_software
001 implementation nms_software001 implementation nms_software
001 implementation nms_software
 
Snmp
SnmpSnmp
Snmp
 
Unit 5.1 network 2.pptx
Unit 5.1 network 2.pptxUnit 5.1 network 2.pptx
Unit 5.1 network 2.pptx
 
Protocol snmp
Protocol snmpProtocol snmp
Protocol snmp
 
(Snmp) simple network management protocol
(Snmp) simple network management protocol(Snmp) simple network management protocol
(Snmp) simple network management protocol
 
Snmp protocol
Snmp protocolSnmp protocol
Snmp protocol
 
Network Management System and Protocol usibility
Network Management System and Protocol usibilityNetwork Management System and Protocol usibility
Network Management System and Protocol usibility
 
Centralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructureCentralized monitoring station for it computing and network infrastructure
Centralized monitoring station for it computing and network infrastructure
 
Remoting and serialization
Remoting and serializationRemoting and serialization
Remoting and serialization
 

More from Aditya Bhuyan

Weblogic Cluster Security
Weblogic Cluster SecurityWeblogic Cluster Security
Weblogic Cluster SecurityAditya Bhuyan
 
Weblogic Cluster advanced performance tuning
Weblogic Cluster advanced performance tuningWeblogic Cluster advanced performance tuning
Weblogic Cluster advanced performance tuningAditya Bhuyan
 
Weblogic Cluster performance tuning
Weblogic Cluster performance tuningWeblogic Cluster performance tuning
Weblogic Cluster performance tuningAditya Bhuyan
 
Weblogic Server Plugin
Weblogic Server PluginWeblogic Server Plugin
Weblogic Server PluginAditya Bhuyan
 
Weblogic Cluster Introduction
Weblogic Cluster IntroductionWeblogic Cluster Introduction
Weblogic Cluster IntroductionAditya Bhuyan
 
Weblogic Cluster Installation
Weblogic Cluster InstallationWeblogic Cluster Installation
Weblogic Cluster InstallationAditya Bhuyan
 
Weblogic Cluster Domain
Weblogic Cluster DomainWeblogic Cluster Domain
Weblogic Cluster DomainAditya Bhuyan
 
Weblogic Cluster Console
Weblogic Cluster ConsoleWeblogic Cluster Console
Weblogic Cluster ConsoleAditya Bhuyan
 
Weblogic Cluster monitoring
Weblogic Cluster monitoringWeblogic Cluster monitoring
Weblogic Cluster monitoringAditya Bhuyan
 
Weblogic Cluster Installation and Upgradation
Weblogic Cluster Installation and UpgradationWeblogic Cluster Installation and Upgradation
Weblogic Cluster Installation and UpgradationAditya Bhuyan
 
Weblogic cluster console
Weblogic cluster consoleWeblogic cluster console
Weblogic cluster consoleAditya Bhuyan
 
Weblogic Cluster Application deployment
Weblogic Cluster Application deploymentWeblogic Cluster Application deployment
Weblogic Cluster Application deploymentAditya Bhuyan
 
Weblogic Cluster command line
Weblogic Cluster command lineWeblogic Cluster command line
Weblogic Cluster command lineAditya Bhuyan
 
Weblogic Cluster configuration
Weblogic Cluster configurationWeblogic Cluster configuration
Weblogic Cluster configurationAditya Bhuyan
 
Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)Aditya Bhuyan
 
September 2013 lok kalyan setu
September 2013 lok kalyan setuSeptember 2013 lok kalyan setu
September 2013 lok kalyan setuAditya Bhuyan
 
October 2013 lok kalyan setu
October 2013 lok kalyan setuOctober 2013 lok kalyan setu
October 2013 lok kalyan setuAditya Bhuyan
 
November 2013 lok kalyan setu
November 2013 lok kalyan setuNovember 2013 lok kalyan setu
November 2013 lok kalyan setuAditya Bhuyan
 

More from Aditya Bhuyan (20)

Weblogic Cluster Security
Weblogic Cluster SecurityWeblogic Cluster Security
Weblogic Cluster Security
 
Weblogic Plugin
Weblogic PluginWeblogic Plugin
Weblogic Plugin
 
Weblogic Cluster advanced performance tuning
Weblogic Cluster advanced performance tuningWeblogic Cluster advanced performance tuning
Weblogic Cluster advanced performance tuning
 
Weblogic Cluster performance tuning
Weblogic Cluster performance tuningWeblogic Cluster performance tuning
Weblogic Cluster performance tuning
 
Weblogic Server Plugin
Weblogic Server PluginWeblogic Server Plugin
Weblogic Server Plugin
 
Weblogic Cluster Introduction
Weblogic Cluster IntroductionWeblogic Cluster Introduction
Weblogic Cluster Introduction
 
Weblogic Cluster Installation
Weblogic Cluster InstallationWeblogic Cluster Installation
Weblogic Cluster Installation
 
Weblogic Cluster Domain
Weblogic Cluster DomainWeblogic Cluster Domain
Weblogic Cluster Domain
 
Weblogic Cluster Console
Weblogic Cluster ConsoleWeblogic Cluster Console
Weblogic Cluster Console
 
Weblogic Cluster monitoring
Weblogic Cluster monitoringWeblogic Cluster monitoring
Weblogic Cluster monitoring
 
Weblogic Cluster Installation and Upgradation
Weblogic Cluster Installation and UpgradationWeblogic Cluster Installation and Upgradation
Weblogic Cluster Installation and Upgradation
 
Weblogic cluster console
Weblogic cluster consoleWeblogic cluster console
Weblogic cluster console
 
Weblogic Cluster Application deployment
Weblogic Cluster Application deploymentWeblogic Cluster Application deployment
Weblogic Cluster Application deployment
 
Weblogic Cluster command line
Weblogic Cluster command lineWeblogic Cluster command line
Weblogic Cluster command line
 
Weblogic Cluster configuration
Weblogic Cluster configurationWeblogic Cluster configuration
Weblogic Cluster configuration
 
Weblogic cluster
Weblogic clusterWeblogic cluster
Weblogic cluster
 
Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)Code-Review-Principles-Process-and-Tools (1)
Code-Review-Principles-Process-and-Tools (1)
 
September 2013 lok kalyan setu
September 2013 lok kalyan setuSeptember 2013 lok kalyan setu
September 2013 lok kalyan setu
 
October 2013 lok kalyan setu
October 2013 lok kalyan setuOctober 2013 lok kalyan setu
October 2013 lok kalyan setu
 
November 2013 lok kalyan setu
November 2013 lok kalyan setuNovember 2013 lok kalyan setu
November 2013 lok kalyan setu
 

Recently uploaded

H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 

Recently uploaded (20)

H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 

Weblogic snmp

  • 2. Overview of SNMP ● With SNMP, a manager sends a request for information about managed resources to an agent. The agent gathers the requested data and returns a response. You can also configure agents to issue unsolicited reports (notifications) to managers when they detect predefined thresholds or conditions on a managed resource. ● To request data about a specific managed resource, a manager must be able to uniquely identify the resource. In SNMP, each type of managed resource is described in a Management Information Base (MIB) as a managed object with a unique object identifier (OID). Individual organizations define their specific managed objects in MIB modules. Both manager and agent must have access to the same MIB module to communicate about specific managed resources.
  • 3. WebLogic Server SNMP Agents WebLogic Server SNMP agentsquery theWebLogic Server managementsystemand communicatetheresultstomanagersover theSNMP protocol. TheWebLogic Server managementsystemexposesmanagementdatathroughacollectionof managedbeans(MBeans). WhenaWebLogic Server SNMP agentreceivesarequestfromamanager, itdetermineswhich MBeancorrespondstotheOID inthemanager'srequest. Thenitretrievesthedataandwrapsitin anSNMP response. YoucanuseWebLogic Server SNMP agentsto: RespondtosimpleGET requestsfromanSNMP manager for thecurrentvalueof WebLogic Server MBeanattributes. ■UseJMX monitorstopoll WebLogic Server MBeansperiodically andsendnotificationsto SNMP managerswhentheMBeanattributeschangeinaway thatyouspecify. ■SendnotificationstoSNMP managerswhentheAdministrationServer or any ManagedServer startsor shutsdown. ■Listenfor specific logmessagesandsendnotificationstoSNMP managerswhenWebLogic Server generatesthem. ■Actasaproxy agentthatpassesrequestsfromanSNMP manager toother (non-WebLogic) SNMP agents(suchasanOracledatabaseagent) onthesamemachine.
  • 4. Organizing SNMP Agents in a Domain IneachWebLogicServer domain, youcancreatemultipleSNMP agentsandorganize themintoade-centralizedor centralizedmodel for SNMP monitoringand communication: ■Inade-centralizedmodel, youcreateSNMP agentsoneachManagedServer. SNMP managerscommunicatewiththeagentsonindividual ManagedServers. ■Inacentralizedmodel, youcreateanSNMP agentonly ontheAdministrationServer. SNMP managerscommunicateonly withtheSNMP agentontheAdministrationServer andtheagentgathersmonitoringdatafromall ManagedServersinthedomain.
  • 5. Configuring SNMP Protocols A WebLogicServer SNMP agentcanalwayscommunicatewith managersusingtheSNMPv3protocol. Youcanconfigurewhether theagentalsosupportstheSNMPv1andSNMPv2protocols. While youcannotpreventanagentfromreceivingSNMPv3requests, an agentprocessesonly requestsfromknownusersthatyouconfigure throughtheWebLogicServer security realm.
  • 6. Configuring UDP and TCP Ports ● AnSNMP agentcommunicatesthroughaportthatacceptsUDP trafficandanother portthatacceptsTCP traffic. ● By default, all TCP trafficusesthehostserver'slistenport. For example, if youtargetthisagenttoaserver namedManagedServer1 andManagedServer1listensfor requestsonport7001, thentheSNMP agentlistensfor TCP requestsonport7001. ● WhencommunicatingthroughaTCP port, WebLogicServer protects SNMP communicationfromdenial of service(DOS) attacks. If you wanttoseparateSNMP TCP trafficfrombusinesstraffic, youcan createacustomnetwork channel.
  • 7. Narrowing the Scope of a Request WhenanSNMP manager sendsarequesttoanagentontheAdministrationServer, theagent'sresponsecan potentially containdatathatdescribesmultipleinstancesof theobject. For example, theobject serverUptime existsfor eachWebLogicServer instanceinadomain. If amanager sendsarequestfor serverUptime toanagentonanAdministrationServer, theresponsecontainsoneserverUptime instancefor eachserver inthedomain. Youcannarrow thescopeof arequestby encodingadditional informationinthemanager'srequest. The informationthatyouencodedependsonwhichSNMP protocol youuse: InarequestthatusestheSNMPv1or SNMPv2protocol, appendthenameof theserver instancetothe SNMP community namethatitsendswiththerequestasfollows: community_prefix@server_name wherecommunity_prefix istheSNMP community nameandserver_name isthenameof the targetedManagedServer. Thecommunity_prefix valuesentby themanager mustmatchthevaluethat yousetintheCommunity Prefix fieldwhenyouconfiguretheSNMP agent. Torequestamanagedobjectfor all server instancesinadomain, sendacommunity nametotheWebLogic SNMP agentwiththefollowingform: community_prefix InarequestthatusestheSNMPv3protocol, encodethenameof theManaged Server intherequest'scontextnamefield.
  • 8. MonitoringSNMPAgents For eachSNMP agentinadomain, theSNMP: Monitoringtabof theWebLogicServer AdministrationConsoleprovidessuch informationashow many notificationstheagenthassentto managersandhow many authenticationattemptshavefailed. YoucanalsoaccessthismonitoringinformationusingWebLogic ScriptingTool (WLST) or aJMX clienttoaccessthenew SNMPAgentRuntimeMBean.
  • 9. Security for SNMP ● Community Names for SNMPv1 and SNMPv2 ● Disabling SNMPv1 and SNMPv2 ● Configuring Security for SNMPv3 ● Invalidating the SNMPv3 Credential Cache
  • 10. Community Names for SNMPv1 and SNMPv2 ● ToensurethatanSNMP manager requestingdatafromtheWebLogic SNMP agenthaspermissiontoobtainthedata, andtoverify thatthe agenthaspermissiontosendnotificationstoatargetmanager, SNMPv1andSNMPv2useclear-textpasswordscalledcommunity names. ● WhenyoucreateanSNMP agent, youspecify thecommunity name thattheagentexpectsfromtheSNMP manager.
  • 11. Disabling SNMPv1 and SNMPv2 ● BecauseSNMPv1andSNMPv2useclear-text passwords, thelevel of security isweak. If youcan useSNMPv3tocommunicatewithmanagers, consider disablingSNMPv1andSNMPv2by disablingcommunity basedaccessfor eachSNMP agent.
  • 12. Configuring Security for SNMPv3 ● IntheSNMPv3protocol, bothSNMP agentandmanager mustencodeidentical credentialsintheir PDUsfor thecommunicationtosucceed. Thecredentialsinclude several tokens: auser name, anSNMP engineID, anauthorizationprotocol, andan optional privacy password, all of whichareencryptedbeforebeingtransportedover thenetwork. ● InWebLogicServer, SNMP agentswork withthedomain'ssecurity realmtosecure communication. TheSNMP agentdecodesSNMP credentialsinrequestsandpasses theSNMP user nametothesecurity realm. Thesecurity realmmapstheSNMP user nametoaWebLogicServer user, authenticatestheuser, andauthorizesaccessto monitoringdatainthedomain. TomaptheSNMP credentialstoauser ina WebLogicServer security realm, youcreateacredential map.
  • 13. Invalidating the SNMPv3 Credential Cache ● Tooptimizeperformance, anSNMP agentcachesthecredential mapsthat correlateWebLogicServer userswithSNMP credentials. Tomakesurethat thecachecontainsthelatestsetof SNMP credentials, anagentperiodically invalidatesitscache. After thecacheisinvalidated, thenexttimetheagent requestscredentials, itregeneratesitscache. ● Notethatmakingachangetothecredential mapdoesnotautomatically updatethecachefor SNMP agents. Instead, thecacheisupdatedonly after it hasbeeninvalidated. For example, if youupdateaprivacy passwordinan existingentry intheSNMP credential map, SNMP agentsarenotawareof thenew passworduntil their cachesareinvalidatedandregenerated. An SNMP user withtheoldsecurity passwordcanstill usetheagentstoaccess WebLogicServer datauntil thecacheisinvalidated. ● After youmodify acredential map, youcaneither waitfor eachSNMP agent toinvalidateitscache, or youcaninvalidateitimmediately.