- Find Answers
- :
- Using Splunk
- :
- Splunk Search
- :
- SNMPTrap setup - no trap written in snmptrapd.log
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SNMPTrap setup - no trap written in snmptrapd.log
Hello,
I know it is not a direct Splunk question, but I'm trying to SNMP Traps into Splunk and hope someone could help with it.
I followed the Splunk documentation to setup the NET-SNMP on my windows server (http://docs.splunk.com/Documentation/Splunk/latest/Data/SendSNMPeventstoSplunk). However, no trap is written in the snmptrap.log.
I have configured the snmptrapd.conf as documented. I don't get any errors in the log, just "NET-SNMP version 5.6.1.1" everytime I restart it.
I tried to remove "snmpTrapdAddr [System IP]:162" to listen to all interfaces.
I have checked that the snmptrapd is listening on 162.
I have installed Wireshark and saw that trap are indeed arriving on the server.
But still nothing in the log.
The only time I managed to have something is when I run a dummy trap (snmptrap -v 2c -c public xxx.xxx.xxx.xxx "" ucdStart sysContact.0 s "Dave") from the server to itself. The same trap from another server don't work.
Any idea anyone?
Regards,
Olivier
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
Same problem here can you assist me? how i can install net-snmp on my windows 7?
Thanks
Cris
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Problem solved: it was the Windows Firewall which was blocking the snmptrapd.exe. Adding it to the exception list, and everything is working as described.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I followed the document to configure SNMPTRAP and I got the log file, but it does not show anything except "NET-SNMP version 5.5". I tried to unblock the file, but still didn't work. Do you have any idea what else reason can it be? Thank you very much.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, I have exact the same problem (rhel not windows system)
I just follow instructions from http://docs.splunk.com/Documentation/Splunk/latest/Data/SendSNMPeventstoSplunk
but I can not receive anything in /var/log/snmp-traps. If I start tcpdump -i eth0 'port 162' I can see snmp events arriving my server, but looks like snmptrapd can not write them into file.
Anyone could give me a hint to advance? no iptables or any other firewall is running.
Thanks in advance
Index This | Divide 100 by half. What do you get?
Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!
Splunk and Fraud
