Configuring SNMP Traps on Linux

Here is an example of installing SNMP and catching SNMP traps in Ubuntu Server.

Let’s install:

sudo apt-get install snmpd snmptt snmptrapd libnet-ip-perl

In the configuration file /etc/default/snmpd, change the value of the TRAPDRUN parameter from no to yes and add -On to TRAPDOPTS:

TRAPDRUN=yes
TRAPDOPTS='-On -Lsd -p /var/run/snmptrapd.pid'

In the configuration file /etc/snmp/snmptrapd.conf, we indicate the community and that the traps must be transferred to snmptt:

authCommunity log,execute,net COMMUNITY
traphandle default snmptthandler

In the configuration file /etc/snmp/snmptt.ini we specify the parameters:

mode = daemon
net_snmp_perl_enable = 1
mibs_environment = ALL
unknown_trap_log_enable = 1

Restart snmpd and snmptt to apply the changes:

sudo /etc/init.d/snmpd restart
sudo /etc/init.d/snmptt restart

Check if snmpd(udp 161) and snmptrapd(udp 162) started:

netstat -tulanp|grep snmp
netstat -tulanp|grep 162

You can temporarily stop snmpd and start it manually to see in real time which snmp traps are coming to the server:

sudo service snmpd stop
sudo snmptrapd -f -L o

If iptables is used in the system, then we will allow the following command to accept udp packets on port 162 and save the added rule so that it does not reset after the system restarts:

sudo iptables -A INPUT -p udp -m udp -s 192.168.0.0/24 --dport 162 -j ACCEPT
sudo service iptables save

If everything is configured correctly, then snmp traps should be written in the directory /var/log/snmptt/.

UPD: In Ubuntu 22.04, I still had to change the directory permissions and restart snmptrapd:

chmod 777 /var/spool/snmptt
sudo /etc/init.d/snmpd restart
sudo /etc/init.d/snmptt restart
sudo /etc/init.d/snmptrapd restart
sudo /etc/init.d/snmptrapd status

And also I commented out the daemon_uid:

sudo nano /etc/snmp/snmptt.ini
#daemon_uid = snmptt

See also my article:
Configuring SNMP Traps on D-Link