Credential configurations
Credential configurations are named, reusable bundles of SNMP or WMI credentials. Define a bundle once, then point many monitors at it — change the credential in one place and every monitor that references it follows.
Without credential configurations, every SNMP or WMI monitor carries its own copy of a community string or Windows password. That is tedious to rotate and multiplies the number of places a secret lives. A credential configuration replaces those copies with a single reference: monitors store only the configuration’s ID, and the sensitive fields are encrypted at rest and pushed to the probes that need them.
SNMP credential configurations
An SNMP credential configuration is referenced by SNMP monitors via a snmpConfigId.
| Field | Applies to | Description |
|---|---|---|
| Name | all | Unique, human-readable name for the bundle |
| Version | all | v2c or v3 |
| Community | v2c |
Community string (sensitive) |
| Username | v3 |
SNMPv3 security name |
| Security level | v3 |
noAuthNoPriv, authNoPriv, or authPriv |
| Context name | v3 |
SNMPv3 context |
| Auth protocol | v3 |
Authentication protocol (e.g. SHA) |
| Auth password | v3 |
Authentication password (sensitive) |
| Priv protocol | v3 |
Privacy/encryption protocol (e.g. AES) |
| Priv password | v3 |
Privacy password (sensitive) |
WMI credential configurations
A WMI credential configuration is referenced by WMI devices via a wmiConfigId.
| Field | Description |
|---|---|
| Name | Unique, human-readable name for the bundle |
| Username | Windows account used for WMI queries |
| Password | Account password (sensitive) |
| Auth level | WMI authentication level (default unless a stricter level is required) |
Sensitive fields are encrypted at rest
Manage credential configurations
Create, edit, and delete bundles from the SNMP and WMI credential sections of the Web UI, or through the API:
| Method | Endpoint | Purpose |
|---|---|---|
GET |
/snmpConfigs / /wmiConfigs |
List credential configurations |
GET |
/getSnmpConfigDetails/:id / /getWmiConfigDetails/:id |
Read one configuration |
POST |
/addSnmpConfig / /addWmiConfig |
Create a configuration |
POST |
/updateSnmpConfig / /updateWmiConfig |
Update a configuration |
DELETE |
/snmpConfig/:id / /wmiConfig/:id |
Delete a configuration |
Names are unique — creating or renaming a bundle to a name already in use is rejected.
How changes reach the probes
When you add or update a credential configuration, the Webserver cascades the change to every probe that runs a monitor referencing it, so the probes always hold the current secret. If a probe is unreachable at the time, the pending sync is recorded and retried automatically once the probe comes back — you do not need to re-save the bundle.
Editing a bundle updates every monitor that uses it
Troubleshooting
| Symptom | Cause | Fix |
|---|---|---|
| Cannot save — name already exists | Another bundle uses the same name | Choose a unique name |
| A monitor authenticates with an old credential | The cascade to that probe has not completed | Confirm the probe is reachable; failed syncs retry automatically |
| SNMPv3 monitor fails to authenticate | Security level or auth/priv protocol mismatch | Verify version, security level, and protocols match the device |
See also
- Monitor operations — create SNMP and WMI monitors that reference a bundle
- Monitor configuration — monitor-level settings
- Secret vaults — retrieve monitor secrets from an external vault instead
- Security model — encryption of sensitive data at rest