This page applies only to Luna SA which, as a closed system, has its own agent. This contrasts with other SafeNet Luna HSMs that are installed inside a host computer, or USB-connected to a host, and therefore require you to provide an SNMP agent and configure for use with our subagent.
Various Lunash (Luna Shell, command line) commands govern the setup and use of SNMP with the Luna appliance. You provide your own SNMP application – a standard, open-source tool like net-snmp, or a commercial offering, or one that you develop yourself – and use the commands described below (and on the following pages) to enable and adjust the SNMP agent on-board the Luna appliance.
Please refer to the Lunash Appliance Commands in the Reference Section of this Help for syntax and usage descriptions of the following:
The sysconf snmp command has subcommands "enable", "disable", "notification", "show", "trap", and "user".
The service list command reports a service: "snmpd - SNMP agent service".
The service status, service stop, service start and service restart commands accept the value "snmp" as a <servicename> parameter (that is, you can start, stop or restart the snmp service – this represents some overlap with the sysconf enable and disable commands, but is provided for completeness).
The following are some points of interest, with regard to our reporting.
Swap usage - Covered by UCD-SNMP-MIB under memTotalSwap, memAvailSwap and memMinimumSwap OID
Physical Memory usage - Covered by UCD-SNMP-MIB under memTotalRea, memAvailReal, memTotalFree OID
Errors - Covered by UCD-SNMP-MIB under memSwapError and memSwapErrorMsg OID
Size of page file - Not covered
Page file usage - Not covered
Paging errors - Not covered
Note: UCD-SNMP-MIB/memory will report all the data that we get from the "free" command.
% Utilization Threads - Not covered
%user time - Covered by UCD-SNMP-MIB under ssCpuUsr OID
%system time - Covered by UCD-SNMP-MIB under ssCpuSystem OID
Top running processes - Not covered
Interface status - Covered
% utilization - Covered
Bytes in - Not covered
Bytes Out - Not covered
Errors - Covered
Note: All of the above are already covered by the RFC1213-MIB.
We do not currently keep any status on hardware failure.
We support only CPU and mother board temperature.
The above concerns status of various elements of the appliance, outside the contained HSM.
HSM status is separately handled by the SAFENET-HSM-MIB.
In the current implementation, the object ntlsCertExpireNotification has no value. If you query this object, the response is "Snmp No Such Object.
Information about the HSM, retrievable via SNMP, is similar to executing the following commands:
From Luna SA (lunash:> commands)
From the Client (lunacm:> commands)
LM-SENSORS-MIB
RFC1213-MIB
SNMP-FRAMEWORK-MIB
SNMP-MPD-MIB
SNMP-TARGET-MIB
SNMP-USER-BASED-SM-MIB
SNMPv2-MIB
SNMP-VIEW-BASED-ACM-MIB
The above MIBs are not supplied as part of the Luna SA build, but can be downloaded from a number of sources. How they are implemented depends on your MIB utility. Support is restricted to active queries (trap captures only reboots, until further notice).
In addition, the SAFENET-APPLIANCE-MIB is included within the Luna SA appliance, to report Software Version.
Because this MIB relates to appliance only, it does not exist in the Luna Client SNMP installation.
SAFENET-HSM-MIB.mib