I'm trying to capture traps from a Cisco router with SNMP Modular Input add-on. Here's what I did so far:
writecommand. Though tcpdump does see a trap message coming, the Splunk doesn't capture it and I see no data in the Search app.
Also, python did complain about "more than 255 arguments" in CISCO-TC.py, so I had to comment IfOperStatusReason class' inner code. This shouldn't had an effect on my particular situation, though.
What should I do? Thanks in advance!
I have configured the same as above . but still i cannot see traps in splunk search.
have done netstat -au - 162 port is listening.
host name i have set to exact IP of the search head as i given in the device.
rest other configs also done.
but still seeing no events 😞
1) are there any errors ? Search in "index=_internal ExecProcessor error snmp.py"
2) have you set the correct bind host for the trap listener ?
3) is the SNMP stanza you setup opening the port and listening ?
4) Have you specified the correct SNMP version ?
1) I see only one error about "more than 255 arguments" there. After I (sort of) fixed it there were no more errors, and the snmp.py process started up successfully.
2) Yes, it's localhost
netstat -lnp | grep 162 confirms it