Difference between revisions of "Snmptrapd"

From Net-SNMP Wiki
Jump to: navigation, search
(document sql trap logging)
Line 16: Line 16:
  
 
will let any incoming notification with a community name of ''myInsecureCommunity'' be logged to it's output file/syslog/etc.
 
will let any incoming notification with a community name of ''myInsecureCommunity'' be logged to it's output file/syslog/etc.
 +
 +
== MySQL Logging ==
 +
The ability to log received traps to a MySQL database was added in Release 5.5. The ''--with-mysql'' option must be specified when configuring the package. e.g.
 +
 +
./configure --with-defaults --with-mysql
 +
 +
The database schema must be loaded into MySQL:
 +
 +
cd ~/net-snmp-5.7.1
 +
mysql -u USER -p PASSWORD < dist/schema-snmptrapd.sql
 +
 +
The user that runs snmptrapd (usually root) needs a MySQL configuration file with
 +
user credentials configured. e.g. ~/.my.cnf
 +
 +
[snmptrapd]
 +
host=localhost
 +
password=sql
 +
# user may also be configured, if using a MySQL user besides root
 +
 +
Then ''snmptrapd.conf'' must be modified to indicate how often received traps should be written to the database:
 +
 +
# maximum number of traps to queue before forced flush
 +
# set to 1 to immediately write to the database
 +
sqlMaxQueue 140
 +
 +
# seconds between periodic queue flushes
 +
sqlSaveInterval 9
 +
 +
No traphandler is needed. If MySQL support is configured in a handler will be registered automatically. Loggin to the database is disabled by setting sqlSaveInterval to 0.

Revision as of 12:38, 29 August 2012

Net-SNMP Tool
snmptrapd
Manual: snmptrapd
Code: apps/snmptrapd.c

The snmptrapd application typically listens to port 162 (and maybe 10162) and logs or acts upon any notifications (TRAPs or INFORMs) that it receives.

Configuring snmptrapd

snmptrapd is configured through its snmptrapd.conf file.

Access Control

snmptrapd, at a minimum, needs access control settings to allow notifications using various SNMP protocols access to its logging and execution framework.

Example snmptrapd.conf line:

 authCommunity log myInsecureCommunity

will let any incoming notification with a community name of myInsecureCommunity be logged to it's output file/syslog/etc.

MySQL Logging

The ability to log received traps to a MySQL database was added in Release 5.5. The --with-mysql option must be specified when configuring the package. e.g.

./configure --with-defaults --with-mysql

The database schema must be loaded into MySQL:

cd ~/net-snmp-5.7.1
mysql -u USER -p PASSWORD < dist/schema-snmptrapd.sql

The user that runs snmptrapd (usually root) needs a MySQL configuration file with user credentials configured. e.g. ~/.my.cnf

[snmptrapd]
host=localhost
password=sql
# user may also be configured, if using a MySQL user besides root

Then snmptrapd.conf must be modified to indicate how often received traps should be written to the database:

# maximum number of traps to queue before forced flush
# set to 1 to immediately write to the database
sqlMaxQueue 140

# seconds between periodic queue flushes
sqlSaveInterval 9

No traphandler is needed. If MySQL support is configured in a handler will be registered automatically. Loggin to the database is disabled by setting sqlSaveInterval to 0.