[Snort-devel] Trying to get SNMP traps from Snort

Robert D. Hughes rob at ...825...
Mon Oct 1 19:21:04 EDT 2001


I've been trying to get an snmp trap out of snort for about a month now,
but don't fully understand the criteria snort looks for before sending
the trap. I have verified that snmp is correctly installed on the snort
machine and that it is capable of at least sending a v1 trap the NNM
management console. I also have the mibs distributed with build 81 of
snort loaded on the console and have built from source using the
--with-snmp configure option. Tcpdump set to listen for all traffic on
port 162 does not see any traps going to or coming from 162 on the snort
box. I've tried net-snmp 4.2, 4.2.1 and 4.2-pre2 on FreeBSD 4.4-STABLE.
What am I doing wrong, or can someone at least point me to some more
documentation?

Thanks,

Rob Hughes 
Enterprise Management Specialist 
Voice (H) (972) 918-0980 
Voice (W) (972) 378-3277 ext. 204
Voice (C) (214) 282-7996 
Email rob at ...825..., rob.hughes at ...826... 
___________________________________________

"Great spirits have always encountered violent opposition from mediocre
minds." -- Albert Einstein 





More information about the Snort-devel mailing list