Skip to main content
Version: 7.4

Device File Encryption Settings

The SNMP collector can be configured to securely encrypt the SNMP device definition files using industry standard AGE encryption.

EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_ENABLE

Specifies whether the device definition files will be encrypted.

  • Valid Values
    • true, false
  • Default
    • false

EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_CREATE

If device file encryption is enabled (EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_ENABLE is true) this setting specifies that a keystore will automatically be created if one does not already exist.

  • Valid Values
    • true, false
  • Default
    • false

EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_TYPE

If device file encryption is enabled (EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_ENABLE is true) this setting specifies that the type of encryption manager the user wants to utilize. The two options are sops and standard. sops is the default option, it will only encrypt the configuration values of the configuration file, leaving the file structure intact. standard will simply encrypt the entire configuration file using AGE encryption.

  • Valid Values
    • sops, standard
  • Default
    • sops

EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_PASSWORD

The file specified in EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_PRIVATE_KEY_FILE_PATH can be encrypted for added security. If used in conjunction with EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_CREATE, then the keystore will be configured with a password protected private key.

  • Default
    • ''

EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_PRIVATE_KEY_FILE_PATH

Sets the filepath location of the private key file. If used in conjunction with EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_CREATE, then the private key used in the keystore will be generated at this location.

  • Default
    • ''
  • Recommended
    • /etc/elastiflow/snmp/.age/key.age

EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_PUBLIC_KEY_FILE_PATH

Sets the filepath location of the public key file. If used in conjunction with EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_CREATE, then the public key used in the keystore will be generated at this location.

  • Default
    • ''
  • Recommended
    • /etc/elastiflow/snmp/.age/public-age-keys.txt

EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_PUBLIC_KEY

This setting can be used in place of EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_PUBLIC_KEY_FILE_PATH to directly assign the public key. Cannot be used in conjunction with EF_INPUT_SNMP_DEVICE_DEFINITIONS_SECURE_STORE_CREATE.

  • Default
    • ''