Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

not receiving log SNMP traps

sec_team_albara
New Member
‎03-07-2019 01:54 AM

1- We have configured the router with the following commands
snmp-server enable traps
snmp-server host 192.168.1.111 version 2c albaraka

2-We have installed on the INDEXER net-snmp-5.6.1.1-1.x86 with the following config on windows server 2016.
C:\usr\etc\snmp

mibdirs C:/usr/share/snmp/mibs
persistentDir C:/usr/snmp/persist
tempFilePattern C:/usr/temp/snmpdXXXXXX
snmpTrapdAddr 192.168.1.111:162 (IP ADDR INDEXER)
authCommunity log albaraka

3-We also configured snmptrapd file under C:\usr\log in order that splunk monitor the file snmptrapd

However, we still not receiving log SNMP traps to file from cisco router/switch. we only receive the following errors.

c:/usr/etc/snmp/snmp.conf: line 6: Warning: Unknown token: snmpTrapdAddr.
c:/usr/etc/snmp/snmp.conf: line 7: Warning: Unknown token: authCommunity.
Warning: no access control information configured.
(Config search path: c:/usr/etc/snmp;c:/usr/share/snmp;c:/usr/lib)
This receiver will NOT accept any incoming notifications.
NET-SNMP version 5.6.1.1
No access configuration - dropping trap.
No access configuration - dropping trap.
2019-03-07 09:25:07 NET-SNMP version 5.6.1.1 Stopped.
Stopping snmptrapd

Tags (2)
0 Karma
Reply

nickhills
Ultra Champion
‎03-07-2019 07:17 AM

The listening snmpTrapAddr and authCommnity should be in snmpd.conf - not snmp.conf

If my comment helps, please give it a thumbs up!
0 Karma
Reply

sec_team_albara
New Member
‎03-07-2019 07:41 AM

The listening snmpTrapAddr and authCommnity are already in snmpd.conf

0 Karma
Reply

nickhills
Ultra Champion
‎03-07-2019 07:44 AM

hmm ok, are they also in snmp.conf. I went straight to the error lines, and it seems perhaps you have them in both?
c:/usr/etc/snmp/snmp.conf: line 6: Warning: Unknown token: snmpTrapdAddr.
c:/usr/etc/snmp/snmp.conf: line 7: Warning: Unknown token: authCommunity.

If my comment helps, please give it a thumbs up!
0 Karma
Reply
Get Updates on the Splunk Community!

Observability Unveiled: Navigating OpenTelemetry's Framework and Deployment Options

Observability Unveiled: Navigating OpenTelemetry's Framework and Deployment Options A recent Tech Talk, ...

Observability | How to Think About Instrumentation Overhead (White Paper)

Novice observability practitioners are often overly obsessed with performance. They might approach ...

Cloud Platform | Get Resiliency in the Cloud Event (Register Now!)

IDC Report: Enterprises Gain Higher Efficiency and Resiliency With Migration to Cloud  Today many enterprises ...