Do we have a snmp input? I thought it was just an output. Barely remember some trickery with snmpd which was considered sufficient. But all too long ago...
Sent from phone, thus brief. -------- Ursprüngliche Nachricht -------- Von: David Lang <[email protected]> Datum: 11.04.2013 20:12 (GMT+01:00) An: rsyslog-users <[email protected]> Betreff: Re: [rsyslog] snmp on linux with rsyslog you setup traps on the device to send messages to rsyslog. But I doubt that you can set it up to send ALL log messages out that way. Rsyslog has a module that can listen for SNMP Trap messages that are sent by other devices. David Lang On Thu, 11 Apr 2013, Josh Bitto wrote: > > I don't fully understand your response. I have to setup a trap on the switch > (to send logs to server) OR on the server side(to receive logs from switch)? > I'm still a little confused on how rsyslog works with this. > > > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] On Behalf Of David Lang > Sent: Thursday, April 11, 2013 10:47 AM > To: rsyslog-users > Subject: Re: [rsyslog] snmp on linux with rsyslog > > On Thu, 11 Apr 2013, Josh Bitto wrote: > >> I'm starting to add devices from our network to forward logs and I came >> across a switch that uses snmp....I looked at the documentation on the >> website and had a couple of questions. >> >> 1. Will ryslsog use V3 of snmp? >> 2. When adding the module to the rsyslog config to receive traffic from >> said device is a trap necessary or can I just load a module and have a >> source IP and port number configured to send logs to a specific file? > > SNMP has two modes of operation > > 1. SNMP Query. the device listens for SNMP requests and responds with the > appropriate information > > 2. SNMP Traps. The device sends a message out under a specific condition. > > In neither case are all the logs on the device sent over SNMP. > > If you do not configure traps, nothing will be sent to the rsyslog server. > > I don't know if rsyslog supports SNMPv3 or not. > > Traps are designed to be alerts for critical failures, while it's good to get > them, you probably want more data and really want the device to send it's > logs to you. Once you have the device sending it's logs, you will probably > find that the data that's in the traps is also in the log. > > David Lang > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This > is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our > control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > LIKE THAT. > _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
