Splunk Search
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
- Find Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- SNMPTrap setup - no trap written in snmptrapd.log
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SNMPTrap setup - no trap written in snmptrapd.log
OL
Communicator
05-23-2012
08:45 AM
Hello,
I know it is not a direct Splunk question, but I'm trying to SNMP Traps into Splunk and hope someone could help with it.
I followed the Splunk documentation to setup the NET-SNMP on my windows server (http://docs.splunk.com/Documentation/Splunk/latest/Data/SendSNMPeventstoSplunk). However, no trap is written in the snmptrap.log.
I have configured the snmptrapd.conf as documented. I don't get any errors in the log, just "NET-SNMP version 5.6.1.1" everytime I restart it.
I tried to remove "snmpTrapdAddr [System IP]:162" to listen to all interfaces.
I have checked that the snmptrapd is listening on 162.
I have installed Wireshark and saw that trap are indeed arriving on the server.
But still nothing in the log.
The only time I managed to have something is when I run a dummy trap (snmptrap -v 2c -c public xxx.xxx.xxx.xxx "" ucdStart sysContact.0 s "Dave") from the server to itself. The same trap from another server don't work.
Any idea anyone?
Regards,
Olivier
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
christantoy
Path Finder
11-07-2012
11:15 PM
Hi
Same problem here can you assist me? how i can install net-snmp on my windows 7?
Thanks
Cris
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
OL
Communicator
05-23-2012
09:33 AM
Problem solved: it was the Windows Firewall which was blocking the snmptrapd.exe. Adding it to the exception list, and everything is working as described.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
cqian02
Explorer
08-20-2012
01:16 PM
I followed the document to configure SNMPTRAP and I got the log file, but it does not show anything except "NET-SNMP version 5.5". I tried to unblock the file, but still didn't work. Do you have any idea what else reason can it be? Thank you very much.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
jbueso
Path Finder
10-05-2015
04:29 AM
Hi, I have exact the same problem (rhel not windows system)
I just follow instructions from http://docs.splunk.com/Documentation/Splunk/latest/Data/SendSNMPeventstoSplunk
but I can not receive anything in /var/log/snmp-traps. If I start tcpdump -i eth0 'port 162' I can see snmp events arriving my server, but looks like snmptrapd can not write them into file.
Anyone could give me a hint to advance? no iptables or any other firewall is running.
Thanks in advance
Get Updates on the Splunk Community!
Splunk at Cisco Live 2025: Learning, Innovation, and a Little Bit of Mr. Brightside
Pack your bags (and maybe your dancing shoes)—Cisco Live is heading to San Diego, June 8–12, 2025, and Splunk ...
Splunk App Dev Community Updates – What’s New and What’s Next
Welcome to your go-to roundup of everything happening in the Splunk App Dev Community! Whether you're building ...
The Latest Cisco Integrations With Splunk Platform!
Join us for an exciting tech talk where we’ll explore the latest integrations in Cisco + Splunk! We’ve ...
