Re: [syslog-ng] snmptrapd to syslog-ng 3.1

>From: Balint Kovacs [mailto:balint.kovacs@balabit.com]
>Sent: Thursday, August 18, 2011 2:35 AM

>when I do something like this, I usually take a different approach, I use a script called from snmptrapd to write the >log message to a socket. If you use something different than /dev/log (e.g. /dev/log.snmp), it's also easier to filter >on the message. I am not sure if SEC has pre-defined rules for traps, but if not, this is probably easier to handle of >you are not using a LOT of traps. If it's just port-security violations and link up/down messages on a moderately >sized network, it should work fine.

Balint,
Thanks for the configs. I'm guessing that snmptrapd is running in daemon mode. As such, it reads its options from /etc/default/snmpd.

What options do you have set for snmptrapd?

Thanks
-=Dan=-

______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq

• This message: [ Message body ]
• Next message: Marcos Tang: "Re: [syslog-ng] Store syslog occurrence frequency instead of adding all of them to the DB"
• Previous message: Martin Holste: "Re: [syslog-ng] Store syslog occurrence frequency instead of adding all of them to the DB"
• In reply to: Balint Kovacs: "Re: [syslog-ng] snmptrapd to syslog-ng 3.1"
• Next in thread: Balint Kovacs: "Re: [syslog-ng] snmptrapd to syslog-ng 3.1"
• Reply: Balint Kovacs: "Re: [syslog-ng] snmptrapd to syslog-ng 3.1"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]