Topic
  • 3 replies
  • Latest Post - ‏2012-04-26T05:37:49Z by kacper-kurowski
SystemAdmin
SystemAdmin
430 Posts

Pinned topic Log all received SNMP traps

‏2012-03-12T13:53:07Z |
Hello,
I am trying to find a way to keep track on a file of all received SNMP traps.

In Netview 6000 product, all traps are stored in a file called trapd.log.

Is there any equivalent method in ITNM (or maybe in Mttprapd Probe) ?

Has any of you already met this requirement?

Thanks in advance for your support

Fabio
Updated on 2012-04-26T05:37:49Z at 2012-04-26T05:37:49Z by kacper-kurowski
  • SystemAdmin
    SystemAdmin
    430 Posts

    Re: Log all received SNMP traps

    ‏2012-03-12T17:26:27Z  
    In Mttrapd probe you can do this using RawCapture property.

    Probe and Gateway Guide
    You can use the raw capture mode to save the complete stream of event data acquired by a probe into a file, without any processing by the rules file. This can be useful for auditing, recording, or debugging the operation of a probe.
    To enable the raw capture mode, use the -raw command-line option or the RawCapture property.
    You can also set the RawCapture property in the rules file, so that you can send the raw event data to a file only when certain conditions are met.

    Hope this helps.
    Abhishek
  • ivb
    ivb
    1 Post

    Re: Log all received SNMP traps

    ‏2012-03-12T17:52:11Z  
    In Mttrapd probe you can do this using RawCapture property.

    Probe and Gateway Guide
    You can use the raw capture mode to save the complete stream of event data acquired by a probe into a file, without any processing by the rules file. This can be useful for auditing, recording, or debugging the operation of a probe.
    To enable the raw capture mode, use the -raw command-line option or the RawCapture property.
    You can also set the RawCapture property in the rules file, so that you can send the raw event data to a file only when certain conditions are met.

    Hope this helps.
    Abhishek
    In earlier versions of the probe the raw capture file did not rotate and when it hit 2gb the probe stopped writing to it. Also, raw capture generates a lot of data (snapshot of the trap).. most of it only useful in debugging rules. Do you need all of that? if not, how about using the log function to write out an entry with common values such as enterprise, generic and specific types and perhaps what ever was in @Summary?
  • kacper-kurowski
    kacper-kurowski
    1 Post

    Re: Log all received SNMP traps

    ‏2012-04-26T05:37:49Z  
    • ivb
    • ‏2012-03-12T17:52:11Z
    In earlier versions of the probe the raw capture file did not rotate and when it hit 2gb the probe stopped writing to it. Also, raw capture generates a lot of data (snapshot of the trap).. most of it only useful in debugging rules. Do you need all of that? if not, how about using the log function to write out an entry with common values such as enterprise, generic and specific types and perhaps what ever was in @Summary?
    Hi,

    when you set MessageLevel to debug you get all the information about received traps in mttrapd.log. This log rotates and can have specified maximum size by MaxLogFileSize. Maybe this will help you.