RSA Authentication Manager SNMP
RSA Authentication Manager supports using a third-party network management system (NMS) and Simple Network Management Protocol (SNMP) to remotely query management data. The data is exposed in the form of read-only variables. AM does not support SNMP sets.
You configure SNMP using the Security Console. An SNMP agent is embedded in AM, and responds to requests from the NMS. The agent can be enabled or disabled during configuration. To request AM data, you must download the AM management information base objects (MIB) files from the Security Console, and load them in a MIB browser. On the RSA AM hardware appliance, the download includes a separate set of hardware-specific MIB files.
AM supports SNMP v3.
AM Support for SNMP GETS and Traps
You can configure RSA Authentication Manager to accept requests, called GETS, from the NMS, and to send data, called traps, to the NMS. GETS and traps differ in two ways:
A GET requests information, whereas a trap automatically sends information.
A GET contains aggregate data, and can obtain a single value or a tree of values. A trap is an individual piece of data.
Note: AM does not support puts.
For example, suppose AM is configured to send notifications for each successful authentication. If 100 successful authentications occur, 100 trap messages are sent. If you request a GET for successful authentications, you will receive one message showing a value of 100.
SNMP traps allow you to send AM error, warning, or success notifications to the NMS. Notifications can be intercepted and filtered based on the data sent in the trap message (message ID or severity, for example). You can also set traps to monitor disk usage, memory usage, and the CPU system load. You can select an interval at which to check the instance and send a notification to the NMS if too many resources are being used.
The NMS uses the data from traps and GETS to compile statistics for Management Information Base (MIB) objects. You can use a MIB browser to view these statistics.
Interpreting AM SNMP Values and MIB Objects
In AM, SNMP obtains values only from the internal database, not from external identity sources. For example, suppose you have 2000 users in an external identity source but only 1000 users in the AM internal database. If you have a GET for the total number of users, the value returned is 1000.
When SNMP performs a GET to retrieve the total number of policies for a specific type of policy, the system default policy is included in the total, despite the fact that you do not see the default policy in the Security Console. For example, if the Security Console displays three password policies, the GET request returns a total of four policies, because it counts the system default policy.
The PerSec values used in the GETS are calculated over a recent, limited period of time, and not from the time of starting AM. For example, the amApsRateSampleTimeS value defines the number of seconds over which the amApsAuthReqPerSec data is sampled. The amApsAuthReqPerSec value is not calculated since startup, but is a dynamic calculation over the last amApsRateSampleTimeS seconds.
Object Identifier Structure for SNMP Traps
SNMP trap messages sent by AM to the network management filter use a root-level object identifier (OID) structure that describes the cause of the trap notification. You can configure the NMS to filter trap messages based on this data. You do not have to open the trap message to understand details of the notification.
The root-level OID consists of four segments, as shown in the following example.
OID Value | Description |
1.3.6.1.4.1.2197.20 | Indication that this is an AM trap message |
| Log event type |
| Severity level |
Five digit numerical value corresponding to the action that the trap is monitoring | Action ID |
For example, the following root-level OID indicates that a user was successfully deleted:
1.3.6.1.4.1.2197.20.28.3.10054
Where:
1.3.6.1.4.1.2197.20 indicates that this is an AM trap
28 indicates that this trap is for an administrator event
3 indicates that the severity level is Success
10054 is the action ID of the DELETE_PRINCIPAL action key.
Troubleshooting Common Error Messages provides troubleshooting steps for commonly occurring error messages, and a list of all action IDs and corresponding action keys and log messages.
Related Articles
Management Information Base Objects for SNMP GETS for Unreleased Agents Number of Views How to Configure HP OpenView to Accept SNMP Traps Number of Views RSA Authentication Manager 8.1 Virtual Appliance SNMP Reference Guide Number of Views Configure SNMP Number of Views How to Configure Two Network Interface Cards for RSA Authentication Manager 8.x Number of Views
Trending Articles
Passwordless Authentication in Windows MFA Agent for Active Directory – Quick Setup Guide RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Authentication Manager Upgrade Process RSA Authentication Manager 8.7 SP2 Setup and Configuration Guide An example of SSO using SAML and ADFS with RSA Identity Management and Governance 6.9.x
