Tamper Monitor
This chapter covers some aspects related to the service tamper-monitor,
which allows you to configure the tamper monitor service in OSDx.
The tamper monitor detects physical intrusion events on the device enclosure and SIM tray. When a tamper event is detected (e.g., the enclosure lid is opened or the SIM tray is removed), the service logs the event and can send SNMP traps to notify a remote management system. When the tamper condition is resolved (e.g., the lid is closed again), a restoration event is logged and reported.
This feature is currently available on the H5-Auto and H5-Rail platforms.
Configuration
To enable the tamper monitor, use the
service tamper-monitor command:
set service tamper-monitor
Log level
This command selects the logging level of the tamper monitor daemon through the journal. By default, it is set to notice level.
This is the syntax to change the logging level for the
service tamper-monitor log-level <txt> configuration in OSDx:
set service tamper-monitor log-level <level>
Being <level> one of the following options:
emerg, emergency messages
alert, urgent messages
crit, critical messages
err, error messages
warning, warning messages
notice, messages for further investigation
info, informational messages
debug, debug messages
For example, this command will change the logging level to info:
set service tamper-monitor log-level info
SNMP management
Important
To better understand how to configure the Simple Network Management Protocol (SNMP) service, see SNMP documentation.
For the OSDx device to be able to send traps, you will first need to create an SNMP community or user
and establish the tamper-monitor service as target.
After the SNMP service is configured, the sending of traps must be enabled by executing the following command in OSDx:
set service tamper-monitor enable-snmp-trap
When enabled, the device sends SNMP traps for the following tamper events:
detected — a tamper event has been detected on one of the monitored channels
restored — the tamper condition has been resolved on a previously triggered channel
Examples
To enable the tamper-monitor service with default settings:
set service tamper-monitor
In this case, the expected behaviour is that, when a tamper event is detected (for example, the enclosure lid is opened), the service logs the event. When the tamper condition is resolved (for example, the lid is closed), a restoration event is logged.
To enable the tamper-monitor service with the following settings:
Logging level set to info messages.
SNMP traps enabled (SNMP service previously configured).
set service tamper-monitor log-level info
set service tamper-monitor enable-snmp-trap
In this case, the expected behaviour is that, when a tamper event is detected, the
service prints info level logs indicating which channel has been triggered and sends
an SNMP trap (detected). When the tamper condition is resolved, a log message
is printed and a second SNMP trap is sent (restored).