If this is for Cisco boxes, you can use:<div>snmp-server enable traps syslog</div><div><br></div><div>This will generate a trap using the enterprise oid of 1.3.6.1.4.1.9.9.41.2</div><div><br></div><div>______________________________________________________________ <br>
<br>Clayton Dukes<br>______________________________________________________________<br>
<br><br><div class="gmail_quote">On Thu, Dec 9, 2010 at 3:24 PM, Balazs Scheidler <span dir="ltr"><<a href="mailto:bazsi@balabit.hu">bazsi@balabit.hu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<br>
hi,<br>
<br>
I just happened to be thinking about SNMP support. Cisco seems to have a<br>
MIB for syslog->snmp translation. So if anyone volunteers to anything<br>
related, I think this should be followed:<br>
<br>
<a href="http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?objectInput=clogMessageGenerated&translate=Translate&submitValue=SUBMIT" target="_blank">http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?objectInput=clogMessageGenerated&translate=Translate&submitValue=SUBMIT</a><br>
<div><div></div><div class="h5"><br>
<br>
On Thu, 2010-12-09 at 11:54 -0800, Matthew Hall wrote:<br>
> My advice, Net-SNMP via Perl if Perl is fast enough.<br>
><br>
> Otherwise next easiest would be Westhawk SNMP via Java.<br>
><br>
> If that won't work then Net-SNMP via C or SNMP++ via C++ is the fastest<br>
> there is.<br>
><br>
> I have a lot of experience writing SNMP network management software so I<br>
> can try to get you straightened out if you run into trouble.<br>
><br>
> Matthew.<br>
><br>
> On Thu, Dec 09, 2010 at 01:05:26PM -0600, Martin Holste wrote:<br>
> > I think program() is the best bet for you. I haven't had anything like that<br>
> > happen when using program(). What version of syslog-ng are you using? I<br>
> > don't think syslog-ng is sending newlines, but your script may be<br>
> > interpreting "silence" from syslog-ng as nothing and appending a newline or<br>
> > something. If you post a snippet from your script showing how it's reading<br>
> > from syslog-ng, that would help. It would also help to see the config<br>
> > relevant to the program() destination.<br>
> ><br>
> > On Thu, Dec 9, 2010 at 12:27 PM, Jay <<a href="mailto:difficult_id@yahoo.com">difficult_id@yahoo.com</a>> wrote:<br>
> ><br>
> > > Have a requirement to convert all incoming syslogs to SNMP traps and send<br>
> > > it to another host. One option I could think of is to use program ()<br>
> > > destination.<br>
> > ><br>
> > > When I tried this option, I find that syslog-ng is continuously sending<br>
> > > newline characters to the specified program. i.e. even when no syslog is<br>
> > > received, syslog-ng seems to be pumping newline chars to the specified<br>
> > > program.<br>
> > ><br>
> > > Also I read the warning message in admin guide that, it will open up the<br>
> > > door to DOS attack.<br>
> > ><br>
> > > Could someone let me know the best way to achieve this, please ?<br>
> > ><br>
<br>
</div></div><font color="#888888">--<br>
Bazsi<br>
</font><div><div></div><div class="h5"><br>
<br>
______________________________________________________________________________<br>
Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" target="_blank">https://lists.balabit.hu/mailman/listinfo/syslog-ng</a><br>
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" target="_blank">http://www.balabit.com/support/documentation/?product=syslog-ng</a><br>
FAQ: <a href="http://www.campin.net/syslog-ng/faq.html" target="_blank">http://www.campin.net/syslog-ng/faq.html</a><br>
<br>
</div></div></blockquote></div><br></div>