Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to integrate SNMP data sources into Splunk Enterprise?

TAE
Engager
‎03-25-2022 10:56 AM

Does anyone have suggestions on integrating a SNMP enabled device into Splunk Enterprise?  I'm very new to Splunk and have been asked to integrate an SNMP enabled device into our Splunk Enterprise.  I think I need to somehow link a Forwarder to the device and have the Forwarder act as a receiver of device's information.  Once that data is in the Forwarder, I think it should be processed by an associated Indexer and then it should be available within Splunk.  Is that correct or do I misunderstand?

Labels (3)
Tags (2)
0 Karma
Reply

PickleRick
SplunkTrust
SplunkTrust
‎03-25-2022 01:55 PM

There are several ready-made apps on splunkbase for polling data with SNMP. You could try one of these.

You can also simply try wrapping simple snmpget/snmpwalk from snmp tools into some kind of script, call it from cron and save results to a file. Then you can easily ingest the data from file.

In case of SNMP traps I think it's easiest to just run snmptrapd and ingest its logs.

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...