All Apps and Add-ons

Cisco SNMP Traps forwarding to Splunk

chaitu_kranthi
New Member

Hi Team,

I am completely new to Splunk, Due to one of the project requirement we are trying to send SNMP Traps information from Cisco Devices to Splunk Enterprise directly. But i am not seeing any logs at Splunk side.

Not sure if i have to install any additional tools or any configuration required to perform this element.

0 Karma

maheshsn
Explorer

Hi Chaitu kranthi,
The people who are managing the Cisco network Devices have to configure to send the data from Source IP to Destination IP( splunk server) UDP:162
Configure the remote devices to send their traps directly to the Splunk Enterprise instance IP address. The default port for SNMP traps is udp:162.
You have to configure "Data Input" -> UDP to add port 162 to receive the SNMP data. As Mmodestino mentined this link has all the details. https://docs.splunk.com/Documentation/Splunk/6.5.0/Data/SendSNMPeventstoSplunk

0 Karma

mattymo
Splunk Employee
Splunk Employee

Hi chaitu_kranthi,

Are you the one that would be configuring the Splunk side?

I would recommend starting here: https://docs.splunk.com/Documentation/Splunk/6.5.0/Data/SendSNMPeventstoSplunk

- MattyMo
0 Karma
Get Updates on the Splunk Community!

The Splunk Success Framework: Your Guide to Successful Splunk Implementations

Splunk Lantern is a customer success center that provides advice from Splunk experts on valuable data ...

Splunk Training for All: Meet Aspiring Cybersecurity Analyst, Marc Alicea

Splunk Education believes in the value of training and certification in today’s rapidly-changing data-driven ...

Investigate Security and Threat Detection with VirusTotal and Splunk Integration

As security threats and their complexities surge, security analysts deal with increased challenges and ...