V1 and v2c calls with invalid community string will generate some form of an auth failure trap if the agent is setup to do so. "auth" is a poor term, but V1/V2c called it "auth". I cannot recall the exact message. We get these constantly through our legacy trap receivers.
I keyed in on the message content "snmp_authenticationFailure" as I believe this is what we see on our traps from people pocking around with snmpwalk and using "public/private". > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of guyverix > Sent: Thursday, August 09, 2007 1:59 PM > To: [email protected] > Subject: [zenoss-users] Re: Troubleshooting snmp > trapsnmp_authenticationFailure > > I dont believe that an SNMP query will generate an > authentication failure trap, since v1 and v2 do not > authenticate. (donno about v3 generating traps though) > > Also from the way it was described earlier, it sounds more > like a telnet, or ssh login failure. > > > > kupjones wrote: > > Zenoss allows using multiple community strings during a discovery. > > After it models a device I thought it picked a single > string to use -- > > could zenoss be using one of the other strings, like > public? Does the > > trap time coincide with a zenoss modeling run? > > > > > > > -----Original Message----- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of drauta > > > Sent: Thursday, August 09, 2007 1:43 PM > > > To: [email protected] > > > Subject: [zenoss-users] Re: Troubleshooting snmp > > > trapsnmp_authenticationFailure > > > > > > This almost makes me think it's Zenoss because the > > > information that comes with the trap always includes the SNMP > > > community that Zenoss uses to connect to the device, not a > > > random community string. Zenoss is properly > > > modeling/monitoring these devices, though. I've also thought > > > it could just be the device, but 2 completely different > > > devices (UPS is one, fiber switch is the other) send the same > > > unauthed traps in the same time frame that zenoss that polls > > > them. Also, checking the daemon logs on the zenoss server > > > doesn't show other devices trying to perform snmp lookups and > > > I find it hard to believe these 2 devices where auto > > > discovered by some other random machine on our network. > > > > > > > > > > > > > > > > > > > > > > > > _______________________________________________ > > > zenoss-users mailing list > > > [email protected] > > > http://lists.zenoss.org/mailman/listinfo/zenoss-users > > > > > > > > _______________________________________________ > > zenoss-users mailing list > > [email protected] > > http://lists.zenoss.org/mailman/listinfo/zenoss-users > > > ------------------------ > Christopher Hubbard > > > > > -------------------- m2f -------------------- > > Read this topic online here: > http://community.zenoss.com/forums/viewtopic.php?p=9761#9761 > > -------------------- m2f -------------------- > > > > _______________________________________________ > zenoss-users mailing list > [email protected] > http://lists.zenoss.org/mailman/listinfo/zenoss-users > _______________________________________________ zenoss-users mailing list [email protected] http://lists.zenoss.org/mailman/listinfo/zenoss-users
