Handling SNMPv3 Traps Using Events

The SNMPTrapMgr and SNMPTCPTrapMgr components support decoding SNMPv3 traps using either the AddUser method or event-driven handling. This article focuses on the event-based approach, where security credentials are supplied dynamically during trap processing. Although examples use SNMPTrapMgr, the same logic applies to SNMPTCPTrapMgr.

To process SNMPv3 traps correctly, you must maintain user-specific security information, including security level and authentication/encryption passwords. These credentials can be stored using any structure (e.g., hash tables, dictionaries). The example below demonstrates one approach:

Tuple<string,string> userMatt = Tuple.Create<string,string>("matt", "mattengine");
securityLevelCache = new Hashtable();
securityLevelCache.Add(userMatt, 2); // userMatt has security level 2 (AuthPriv)
Tuple<string, string> mattPasswords = Tuple.Create<string,string>("authpass", "encryptpass");
passwordCache = new Hashtable();
passwordCache.Add(userMatt, mattPasswords);

GetUserSecurityLevel Event

This is the first event triggered when a secure SNMPv3 trap is received. It determines the user’s security level:

  • 1 – Authentication only (Auth)
  • 2 – Authentication and encryption (AuthPriv)

The selected value controls how many times the password event will fire.

static void on_GetUserSecurityLevel(object sender, SnmptrapmgrGetUserSecurityLevelEventArgs e)
{
    Tuple<string,string> user = Tuple.Create<string,string>(e.User, e.EngineId);
    if (securityLevelCache.Contains(user))
    {
        e.SecurityLevel = (int)securityLevelCache[user];
    }
    else
    {
        e.SecurityLevel = -1;
    }
}

GetUserPassword Event

This event supplies credentials based on the requested password type:

  • 1 – Authentication password
  • 2 – Encryption (privacy) password (only if AuthPriv is used)
static void on_GetUserPassword(object sender, SnmptrapmgrGetUserPasswordEventArgs e)
{
    Tuple<string,string> user = Tuple.Create<string,string>(e.User, e.EngineId); 
    if (passwordCache.Contains(user))
    {
        switch (e.PasswordType)
        {
          case 1:
            e.Password = ((Tuple<string, string>)passwordCache[user]).Item1;
            break;
        }
    }
    else
    {
        e.Password = "";
    }
}

For more details, see the official documentation

Trap Event Fires

The Trap event now fires, where the trap's OID and other properties can be accessed. A list of the properties available in the Trap event can be found in the documentation.

We appreciate your feedback. If you have any questions, comments, or suggestions about this article please contact our support team at support@nsoftware.com.

Copyright © 2026 /n software, Inc.
Contact
Terms of Use
Privacy Statement