[syslog-ng] snmptrapd to syslog-ng 3.1
Smart, Dan
SmartD at VMCMAIL.com
Fri Aug 19 00:19:07 CEST 2011
>From: Balint Kovacs [mailto:balint.kovacs at balabit.com]
>Sent: Thursday, August 18, 2011 2:35 AM
>when I do something like this, I usually take a different approach, I use a script called from snmptrapd to write the >log message to a socket. If you use something different than /dev/log (e.g. /dev/log.snmp), it's also easier to filter >on the message. I am not sure if SEC has pre-defined rules for traps, but if not, this is probably easier to handle of >you are not using a LOT of traps. If it's just port-security violations and link up/down messages on a moderately >sized network, it should work fine.
Balint,
Thanks for the configs. I'm guessing that snmptrapd is running in daemon mode. As such, it reads its options from /etc/default/snmpd.
What options do you have set for snmptrapd?
Thanks
-=Dan=-
More information about the syslog-ng
mailing list