I have found the answer to my own question. I could not find this information
documented anywhere. I add it here in case it is helpful to someone else
When the register snmptrapd as service batch file is run it adds two parameters
to the start service Registry entry. This causes the logging to go to a file
and not to Syslog (which in fact goes to the application log). Replacing the
–Lf parameter with –Ls u and deleting the second parameter (= log file
parameter) solved my problem. Alternatively the batch file could be edited first
Would it be a good idea to modify the registration batch file in the binary
distribution to prompt for log destination?
John Steele
On Thu, Apr 19, 2012 at 9:48 AM, Steele, John
<jste...@hp.com<mailto:jste...@hp.com>> wrote:
I want to use snmptrapd to receive snmp v3 traps from network devices and to
log them to the Windows Event log
When i run it interactively from a command prompt it works. When I run it as a
service however I get no events in the application log although I do get
events which say the service has started or stopped.
I have a set of configuration (snmp.conf and snmptrapd.conf) files that work
when I run snmptrapd (without any parameters) from a command window. Events are
recorded in the Windows Application log as expected. I am creating a locally
defined EngineID on the network device.
My target environment is windows 2K8 64 bit. I am using 32 bit binaries
5.6.1.1-1 for net-snmp and openSSH as I have been unable to find a precompiled
64 bit binary version.
I suspect it is something to do with the logging parameters but have been
unable to find a way of defining these in the configuration files. logOptions
does not work.
In the service I have tried both my domain admin account and the (preferred)
service account.
Snmptrapd.conf
# Define a local engine ID within the snmptrapd process
engineID 0x000000000000000999999999
# ================================================================
# Configure trap/inform listening addresses and ports
snmpTrapdAddr udp:200.1.1.100:162<http://200.1.1.100:162>
# ================================================================
# Trap format - Controls layout of Event Report
format2 %V\n% PDU Address: %b \n PDU Hostname: %A \n Date:
%0.4y-%0.2m-%0.2l %0.2h:%0.2j:%0.2k \n Enterprise OID: %N \n Trap Type: %w \n
Trap Sub-Type: %q \n Community/Infosec Context: %P \n Uptime: %T \n
Description: %W \n PDU Attribute/Value Pair Array:\n%v \n------------\n
# ================================================================
createuser -e 000000000000000000000999 trapID SHA pass AES key
authuser log trapID
snmp.conf
Mibdirs C:/usr/share/snmp/mibs;C:\usr\ExtraMIBS\CiscoMibs
persistentDir C:/usr/snmp/persist
tempFilePattern C:/usr/temp/snmpdXXXXXX
MIBS +ALL
Interactive call – entered ad a command prompt
Snmptrapd
The Service uses
Snmptrapd.exe –service but I can find no information about any other command
line options that are permitted here.
John Steele
HP Enterprise Services UK Ltd
1-3 Bartley Wood Business Park, Units A & B, Hook, United Kingdom,RG27 9XA
Mobile: +44 7875 876573<tel:%2B44%207875%20876573>
Email: jste...@hp.com<mailto:jste...@hp.com>
HP Enterprise Services UK Ltd registered office: Cain Road, Bracknell, Berks
RG12 1HN. Registered No: 90597 England.
The contents of this message and any attachments to it are confidential and may
be legally privileged. If you have received this message in error, you should
delete it from your system immediately and advise the sender. To any recipient
of this message within HP, unless otherwise stated you should consider this
message and attachments as "HP CONFIDENTIAL".
Please consider the environment before printing this email.
------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net<mailto:Net-snmp-users@lists.sourceforge.net>
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
--
James Gosnell, ACP
------------------------------------------------------------------------------
For Developers, A Lot Can Happen In A Second.
Boundary is the first to Know...and Tell You.
Monitor Your Applications in Ultra-Fine Resolution. Try it FREE!
http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
