We have a device setup to send out SNMP information to splunk, which is a useid from AD and their client IP address. Is possible to use a script within Splunk that can parse our that relevant information and send it to another device?
thank you
yes, you can forward a subset of your data to a third-party system. information is here:
http://docs.splunk.com/Documentation/Splunk/5.0.2/Deploy/Forwarddatatothird-partysystemsd
yes i did that. I am now setting up Splunk on a Debian box. Windows drives me crazy...
thank you for your input.
For net-snmp support your best shot is to post questions on a net-snmp forum/mailing list or similar.
one other thing, windows services snmp and snmptrap are installed but disabled.
tia
In my c:\usr\etc\snmp\snmp.conf file i have the following
mibdirs C:/usr/share/snmp/mibs
persistentDir C:/usr/snmp/persist
tempFilePattern C:/usr/temp/snmpdXXXXXX
snmpTrapdAddr 10.4.0.7:162
authCommunity log public
thank you for you feedback
thank you. So net-snmp and splunk are on the same box, windows 2003. when I run the command "snmptranslate -IR -Td IF-MIB::linkDown" I get the following
C:\usr\perl>snmptranslate -IR -Td IF-MIB::linkDown
No log handling enabled - using stderr logging
C:/usr/etc/snmp/snmp.conf: line 4: Warning: Unknown token: snmpTrapdAddr.
C:/usr/etc/snmp/snmp.conf: line 5: Warning: Unknown token: authCommunity.
IF-MIB::linkDown
No, what you should do is setup net-snmp and have it listen to port 162, then have Splunk read the files that net-snmp writes to.
OK, so getting our device to send snmp to splunk has been a little challenge.
On a windows box with splunk installed, do I setup a receiver on port 162 for SNMP to access the snmp infor from our device?
I have net-snmp installed as per another post on here.