Configuring SNMP Traps on Linux

Here is an example of installing SNMP and catching SNMP traps in Ubuntu Server.

Let’s install:

sudo apt-get install snmpd snmptt snmptrapd

In the configuration file /etc/default/snmpd.conf, change the value of the TRAPDRUN parameter from no to yes and add -On to TRAPDOPTS:

TRAPDOPTS='-On -Lsd -p /var/run/'

In the configuration file /etc/snmp/snmptrapd.conf, we indicate the community and that the traps must be transferred to snmptt:

authCommunity log,execute,net COMMUNITY
traphandle default snmptthandler

In the configuration file /etc/snmp/snmptt.ini we specify the parameters:

mode = daemon
net_snmp_perl_enable = 1
mibs_environment = ALL
unknown_trap_log_enable = 1

Restart snmpd and snmptt to apply the changes:

sudo /etc/init.d/snmpd restart
sudo /etc/init.d/snmptt restart

Check if snmpd(udp 161) and snmptrapd(udp 162) started:

netstat -tulanp|grep snmp

You can temporarily stop snmpd and start it manually to see in real time which snmp traps are coming to the server:

sudo service snmpd stop
sudo snmptrapd -f -L o

If iptables is used in the system, then we will allow the following command to accept udp packets on port 162 and save the added rule so that it does not reset after the system restarts:

sudo iptables -A INPUT -p udp -m udp -s --dport 162 -j ACCEPT
sudo service iptables save

If everything is configured correctly, then snmp traps should be written in the directory /var/log/snmptt/.

See also my article:
Configuring SNMP Traps on D-Link

Leave a comment

Leave a Reply