This section describes the configuration entry parameters. The term target is a target SNMP agent or to an application that receives a trap or inform sent by an SNMP manager application.

targetAddr

IP address (IPv4 dotted decimal format or IPv6 colon hexadecimal format) of the node of the target agent (maximum 19 characters). There is no default value.

targetPort

Port number of the target agent, in the range 1-65535. Use a dash (-) to indicate the default value (161).

version

Specifies the administrative model that is supported by the target agent. The following values are valid:

snmpv1

Community-based SNMPV1 security

snmpv2c

Community-based SNMPV2 security

snmpv3

SNMPV3 user-based security (USM)

There is no default value.

communityName

Specifies the community name for community-based security (SNMPV1 or SNMPV2c). A dash (-) can be used to indicate the default value (public).

userName

Specifies the security name of the principal using this configuration file entry. For USM security, this is the user name. The user must be defined at the target agent. This field is ignored unless SNMPv3 is specified for the version keyword. A valid value is a user name that is 1 - 32 characters in length. There is no default value.

password

Specifies the password that is to be used in generating the authentication and privacy keys for this user. If a password is specified, it is used to automatically generate any needed keys and the authKey and privKey fields are ignored. This field is ignored unless SNMPv3 is specified for the version keyword. If you do not want to specify a password, set the field to a single dash (-). (The minimum number of characters that you can specify is eight, and the maximum number is 64 characters.)

Rule: If you define a password in your configuration entry, the authKey and privKey fields must be set to a dash (-), which specifies no key.

Guideline: You should not use the password instead of keys in this configuration file, because using keys is more secure than storing passwords in this file.

Tip: To use a different password for authentication and privacy, you can overwrite the authPassword or privPassword field in the SnmpConfigEntry structure. By default, both of these password fields contain the value defined in the configuration file.

secLevel

Specifies the security level to be used when communicating with the target SNMP agent when this entry is used. This field is ignored unless SNMPv3 is specified for the version keyword. The following values are valid:

• noAuthNoPriv or none to indicate that no authentication or privacy is requested
• AuthNoPriv or auth to indicate that authentication is requested but privacy is not requested
• AuthPriv or priv to indicate that both authentication and privacy are requested
• Dash (-) to indicate the default value (noAuthNoPriv)

authProto

SNMP authentication protocol to be used when communicating with the target SNMP agent when this entry is used. This field is ignored unless SNMPv3 is specified for the version keyword. The following values are valid:

• HMAC-MD5
• HMAC-SHA
• A single dash (-) for no authentication

authKey

Specifies the SNMP authentication key to be used when communicating with the target SNMP agent when this entry is used. This key must be the non-localized key. This field is ignored if the password keyword is used. This field is ignored unless SNMPv3 is specified for the version keyword and a non-default value is specified for the authProto parameter. The following values are valid:

• 16 bytes (32 hexadecimal digits) when the authProto value is HMAC-MD5
• 20 bytes (40 hexadecimal digits) when the authProto value is HMAC-SHA
• A dash (-) indicates the default value, which is no key

privProto

Specifies the SNMP privacy protocol to be used when communicating with the target SNMP agent when this entry is used. This field is ignored unless SNMPv3 is specified for the version keyword. The following values are valid:

• DES for CBC-DES.
• AESCFB128 for AES 128-bit CFB mode.
  Requirement: For the AES privacy protocol, z/OS® Integrated Cryptographic Service Facility (ICSF) must be active. For detailed information about configuring ICSF, see z/OS Cryptographic Services ICSF Administrator's Guide.
• A dash (-) to indicate the default value, which is no privacy.

privKey

Specifies the SNMP privacy key to be used when communicating with the target SNMP agent when this entry is used. This key must be the non-localized key. This field is ignored if the password keyword is used. The privacy and authentication keys are assumed to have been generated using the same authentication protocol (for example, both with HMAC-MD5 or both with HMAC-SHA). This field is ignored unless the value snmpv3 is specified for the admin keyword and a non-default value is specified for the privProto parameter. The following values are valid:

• 16 bytes (32 hexadecimal digits) when the authProto value is HMAC-MD5
• 20 bytes (40 hexadecimal digits) when the authProto value is HMAC-SHA
• A dash (-) to indicate the default value (no key)

authEngineID

This parameter is valid only for SNMPv2 traps with USM security and is required only when the functionsRequested parameter on the snmpInitialize() call is not 0. If you specify this parameter, it represents the authoritative engine ID to be used to send a trap. A valid authEngineID is a string of 10-64 (must be an even number) hexadecimal digits. By default, the engine identifier is created by using a vendor-specific formula and incorporates the IP address of the manager. However, a customer can choose to use any engine identifier that is consistent with the snmpEngineID definition in RFC 3411 and that is also unique within the administrative domain. A dash (-) indicates the generated default value. See Related protocol specifications for information about accessing RFCs.