Mapping Of Cli Operations To Snmp - Cisco MDS 9000 Series Configuration Manual
Security
Hide thumbs
Also See for MDS 9000 Series:
- Command reference manual (1464 pages) ,
- Configuration manual (344 pages) ,
- Troubleshooting manual (161 pages)
Table of Contents
Advertisement
Common Roles
You can create new roles or modify existing roles using SNMP or the CLI.
• SNMP—Use the CISCO-COMMON-ROLES-MIB to configure or modify roles. Refer to the Cisco MDS
• CLI—Use the role name command.
Mapping of CLI Operations to SNMP
SNMP has only three possible operations: GET, SET, and NOTIFY. The CLI has five possible operations:
DEBUG, SHOW, CONFIG, CLEAR, and EXEC.
Note
NOTIFY does not have any restrictions like the syslog messages in the CLI.
The following table explains how the CLI operations are mapped to the SNMP operations.
Table 1: CLI Operation to SNMP Operation Mapping
CLI Operation
DEBUG
SHOW
CONFIG
CLEAR
EXEC
The following example shows the privileges and rules mapping CLI operations to SNMP operations for a role
named my_role.
Displays CLI Operation to SNMP Operation Mapping
switch# show role name my_role
Role:my_role
vsan policy:permit (default)
---------------------------------------------
Rule
---------------------------------------------
Note
Although CONFIG is denied for NTP in rule 4, rule 9 allows the SET to NTP MIB objects because EXEC
also maps to the SNMP SET operation.
9000 Family MIB Quick Reference.
SNMP Operation
Ignored
GET
SET
SET
SET
Type
Command-type
1.
permit
clear
2.
deny
clear
3.
permit
config
4.
deny
config
5.
permit
debug
6.
deny
debug
7.
permit
show
8.
deny
show
9.
permit
exec
Feature
*
ntp
*
ntp
*
ntp
*
ntp
*
Cisco MDS 9000 Series Security Configuration Guide, Release 8.x
Mapping of CLI Operations to SNMP
23
Advertisement
Chapters
Table of Contents
