==================================== Tamper Monitor ==================================== .. sidebar:: Contents .. contents:: :depth: 2 :local: This chapter covers some aspects related to the :osdx:cfg:`service tamper-monitor`, which allows you to configure the **tamper monitor** service in OSDx. The tamper monitor detects physical intrusion events on the device enclosure and SIM tray. When a tamper event is detected (e.g., the enclosure lid is opened or the SIM tray is removed), the service logs the event and can send SNMP traps to notify a remote management system. When the tamper condition is resolved (e.g., the lid is closed again), a restoration event is logged and reported. This feature is currently available on the **H5-Auto** and **H5-Rail** platforms. Configuration ============= To enable the tamper monitor, use the :osdx:cfg:`service tamper-monitor` command: .. code-block:: none set service tamper-monitor Log level --------- This command selects the logging level of the tamper monitor daemon through the journal. `By default, it is set to notice level.` This is the syntax to change the logging level for the :osdx:cfg:`service tamper-monitor log-level *` configuration in OSDx: .. code-block:: none set service tamper-monitor log-level Being one of the following options: * **emerg**, emergency messages * **alert**, urgent messages * **crit**, critical messages * **err**, error messages * **warning**, warning messages * **notice**, messages for further investigation * **info**, informational messages * **debug**, debug messages For example, this command will change the logging level to info: .. code-block:: none set service tamper-monitor log-level info SNMP management --------------- .. important:: To better understand how to configure the **Simple Network Management Protocol (SNMP)** service, see :doc:`SNMP documentation `. For the OSDx device to be able to send traps, you will first need to create an SNMP community or user and establish the ``tamper-monitor`` service as target. After the SNMP service is configured, the sending of traps must be enabled by executing the following command in OSDx: .. code-block:: none set service tamper-monitor enable-snmp-trap When enabled, the device sends SNMP traps for the following tamper events: * **detected** — a tamper event has been detected on one of the monitored channels * **restored** — the tamper condition has been resolved on a previously triggered channel Examples ======== To enable the ``tamper-monitor`` service with default settings: .. code-block:: none set service tamper-monitor In this case, the expected behaviour is that, when a tamper event is detected (for example, the enclosure lid is opened), the service logs the event. When the tamper condition is resolved (for example, the lid is closed), a restoration event is logged. To enable the ``tamper-monitor`` service with the following settings: * Logging level set to info messages. * SNMP traps enabled (SNMP service previously configured). .. code-block:: none set service tamper-monitor log-level info set service tamper-monitor enable-snmp-trap In this case, the expected behaviour is that, when a tamper event is detected, the service prints info level logs indicating which channel has been triggered and sends an SNMP trap (``detected``). When the tamper condition is resolved, a log message is printed and a second SNMP trap is sent (``restored``). Command Summary =============== .. osdx:cmdtree:: cfg service tamper-monitor