Snmptrapd

The snmptrapd application typically listens to port 162 (and maybe 10162) and logs or acts upon any notifications (TRAPs or INFORMs) that it receives.

Configuring snmptrapd

snmptrapd is configured through its snmptrapd.conf file.

Access Control

snmptrapd, at a minimum, needs access control settings to allow notifications using various SNMP protocols access to its logging and execution framework.

Example snmptrapd.conf line:

 authCommunity log myInsecureCommunity

will let any incoming notification with a community name of myInsecureCommunity be logged to it's output file/syslog/etc.

MySQL Logging

The ability to log received traps to a MySQL database was added in Release 5.5. The --with-mysql option must be specified when configuring the package. e.g.

./configure --with-defaults --with-mysql

The database schema must be loaded into MySQL:

cd ~/net-snmp-5.7.1
mysql -u USER -p PASSWORD < dist/schema-snmptrapd.sql

The user that runs snmptrapd (usually root) needs a MySQL configuration file with user credentials configured. e.g. ~/.my.cnf

[snmptrapd]
host=localhost
password=sql
# user may also be configured, if using a MySQL user besides root

Then snmptrapd.conf must be modified to indicate how often received traps should be written to the database:

# maximum number of traps to queue before forced flush
# set to 1 to immediately write to the database
sqlMaxQueue 140

# seconds between periodic queue flushes
sqlSaveInterval 9

No traphandler is needed. If MySQL support is configured in a handler will be registered automatically. Loggin to the database is disabled by setting sqlSaveInterval to 0.