snmpTrapdAddr udp:162 # (1)
doNotFork yes # (2)
doNotRetainNotificationLogs yes # (3)
createUser -e "0x1123581321" usm-sha-aes SHA sha.auth.pass.10 AES aes.enc.pass.11 # (4)
authUser log usm-sha-aes # (5)
authCommunity log public # (6)
format1 \n%V\n %02.2h:%02.2j:%02.2k %y/%02.2m/%02.2l TRAP %A\nPDU INFO:\n receivedfrom: %a\n agent hostname: %A\n community: %P\n enterprise OID: %N\n trap type: %W\n trap sub-type: %q\nVARBINDS:\n %v\n # (7)
format2 \n%V\n %02.2h:%02.2j:%02.2k %y/%02.2m/%02.2l TRAP %B\nPDU INFO:\n receivedfrom: %b\n community: %P\nVARBINDS:\n %v\n # (8)
The SNMP protocol uses UDP and traps destination port is 162 by default. Detailed description of
these three options are available in man snmptrapd.
Line 4 shows how to define the user and assign credentials.
In line 4, the required Engine ID -e "0x1123581321"
, user name
usm-sha-aes
, authentication protocol and password SHA
sha.auth.pass.10
are provided as well as an encryption protocol and a password AES
aes.enc.pass.11
. By specifying the protocols, you set up the Security Level. When you omit
Encryption and Authentication, you reduce the level of security from the highest
authPriv
to the lowest authNoPriv
and
noAuthNoPriv
respectively.
Line 5 sets the type of processing. Because the aim is just logging to file, log
is provided. For more advanced processing, check other available options in man
snmptrapd.conf 5.
Line 6 allows to receive and log SNMPv1 and SNMPv2c formatted traps with a community string
public
. Since it is a default and commonly used pattern, change it to a less
obvious one.
Lines 7 and 8 provide formatting for logging, this provides plenty of possibilities to adjust the
output format. A full description is available in man snmptrapd.