Can't get snmp traps to log
My apologies if I've screwed up the formatting. This is my first post in the communities.
RHEL 9.2
SNMP installed packages
net-snmp.x86_64 1:5.9.1-11.el9_3.1 @rhel-9-for-x86_64-appstream-rpms
net-snmp-agent-libs.x86_64 1:5.9.1-11.el9_3.1 @rhel-9-for-x86_64-appstream-rpms
net-snmp-devel.x86_64 1:5.9.1-11.el9_3.1 @rhel-9-for-x86_64-appstream-rpms
net-snmp-libs.x86_64 1:5.9.1-11.el9_3.1 @rhel-9-for-x86_64-appstream-rpms
net-snmp-utils.x86_64 1:5.9.1-11.el9_3.1 @rhel-9-for-x86_64-appstream-rpms
pcp-pmda-snmp.x86_64 6.0.1-5.el9_2 @rhel-9-for-x86_64-appstream-rpms
Trying to send SNMPv1 traps from an APC network management card.
NMC configuration
SNMP Trap Configuration
Index: 1
Receiver IP: xxx.xxx.xxx.xxx (this is definitely the trap receiver address)
Community: my_community
Trap Type: SNMPV1
Generation: enabled
Auth Traps: enabled
User Name: tom
Language: enUs - English
On my trap receiver
snmp file
mibs +PowerNet-MIB
snmpd.conf
####
# First, map the community name "public" into a "security name"
# sec.name source community
com2sec notConfigUser default public
####
# Second, map the security name into a group name:
# groupName securityModel securityName
group notConfigGroup v1 notConfigUser
group notConfigGroup v2c notConfigUser
####
# Third, create a view for us to let the group have rights to:
# Make at least snmpwalk -v 1 localhost -c public system fast again.
# name incl/excl subtree mask(optional)
view systemview included .1.3.6.1.2.1.1
view systemview included .1.3.6.1.2.1.25.1.1
####
# Finally, grant the group read-only access to the systemview view.
# group context sec.model sec.level prefix read write notif
access notConfigGroup "" any noauth exact systemview none none
# -----------------------------------------------------------------------------
###############################################################################
# System contact information
#
# It is also possible to set the sysContact and sysLocation system
# variables through the snmpd.conf file:
syslocation Unknown (edit /etc/snmp/snmpd.conf)
syscontact Root <root@localhost> (configure /etc/snmp/snmp.local.conf)
###############################################################################
# Logging
#
# We do not want annoying "Connection from UDP: " messages in syslog.
# If the following option is commented out, snmpd will print each incoming
# connection, which can be useful for debugging.
dontLogTCPWrappersConnects yes
# -----------------------------------------------------------------------------
snmptrapd.conf
# Example configuration file for snmptrapd
#
# No traps are handled by default, you must edit this file!
#
# authCommunity log,execute,net public
# traphandle SNMPv2-MIB::coldStart /usr/bin/bin/my_great_script cold
#
authCommunity log my_community
#
/etc/sysconfig/snmptrapd
# snmptrapd command line options
# '-f' is implicitly added by snmptrapd systemd unit file
# OPTIONS="-Lsd"
OPTIONS="-Lf /splunk/inbound_data/snmp_data/snmptrapd.log"
mibs
./usr/share/snmp/mibs/powernet451.mib
iptables (source is the UPS IP address)
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- xxx.xxx.xxx.xxx anywhere udp dpt:snmp
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT udp -- anywhere anywhere udp spt:snmp
I've spent all day searching the internet but can't find the fix.
If anyone can see what's wrong, I'd really appreciate it.
Regards,
Tom
