Configuring SNMP Traps on Linux

Here is an example of installing SNMP and catching SNMP traps in Ubuntu Server.

Let’s install:

sudo apt-get install snmpd snmptt snmptrapd libnet-ip-perl

In the configuration file /etc/default/snmpd, change the value of the TRAPDRUN parameter from no to yes and add -On to TRAPDOPTS:

TRAPDOPTS='-On -Lsd -p /var/run/'

In the configuration file /etc/snmp/snmptrapd.conf, we indicate the community and that the traps must be transferred to snmptt:

authCommunity log,execute,net COMMUNITY
traphandle default snmptthandler

In the configuration file /etc/snmp/snmptt.ini we specify the parameters:

mode = daemon
net_snmp_perl_enable = 1
mibs_environment = ALL
unknown_trap_log_enable = 1

Restart snmpd and snmptt to apply the changes:

sudo /etc/init.d/snmpd restart
sudo /etc/init.d/snmptt restart

Check if snmpd(udp 161) and snmptrapd(udp 162) started:

netstat -tulanp|grep snmp
netstat -tulanp|grep 162

You can temporarily stop snmpd and start it manually to see in real time which snmp traps are coming to the server:

sudo service snmpd stop
sudo snmptrapd -f -L o

If iptables is used in the system, then we will allow the following command to accept udp packets on port 162 and save the added rule so that it does not reset after the system restarts:

sudo iptables -A INPUT -p udp -m udp -s --dport 162 -j ACCEPT
sudo service iptables save

If everything is configured correctly, then snmp traps should be written in the directory /var/log/snmptt/.

UPD: In Ubuntu 22.04, I still had to change the directory permissions and restart snmptrapd:

chmod 777 /var/spool/snmptt
sudo /etc/init.d/snmpd restart
sudo /etc/init.d/snmptt restart
sudo /etc/init.d/snmptrapd restart
sudo /etc/init.d/snmptrapd status

And also I commented out the daemon_uid:

sudo nano /etc/snmp/snmptt.ini
#daemon_uid = snmptt

See also my article:
Configuring SNMP Traps on D-Link

Join the Conversation

1 Comment

Leave a Reply

  1. Petit ajout

    Pour tester les traps entrants, j’ai fait comme dit dans le tuto :

    sudo service snmpd stop
    sudo snmptrapd -f -L o

    ça marche parfaitement, par contre si on redémarre le service par
    sudo service snmpd start
    Ça ne fonctionne pas, il faut bien relancer :
    sudo service snmptrapd start
    Et ça repart en daemon

    Juste pour éviter quelques minutes d’énervement aux prochains :-)

    Sinon, très bon tuto, merci !