Getting Data In

Sending SNMP to Splunk


Still have some doubts about sending SNMP to Splunk

About this step:
Edit C:\usr\etc\snmp\snmptrapd.conf:

snmpTrapdAddr [System IP]:162

authCommunity log [community string]

Is the system IP the one which Splunk is installed on?
I am able to create the log file on the local machine, but it always states:

couldn't open udp:162 -- errno 2 ("No such file or directory")

Are there any other configuration do I need?
Thanks very much.

Tags (1)


If you're having problems with snmp modular input, may want to give this a try.

0 Karma

New Member


So I have SNMPD running, however no SNMP traps are being written tp snmptrapd.log. I have installed wireshark and can see that the traps have arrived on the correct interface with the correct community.

Any ideas?


0 Karma

Ultra Champion
0 Karma


you can put something like this:

snmpTrapdAddr udp:

authCommunity log,execute,net public
State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!