[Snort-devel] Trying to get SNMP traps from Snort

Chris Green cmg at ...81...
Mon Oct 1 20:46:02 EDT 2001


"Robert D. Hughes" <rob at ...825...> writes:

> I've been trying to get an snmp trap out of snort for about a month now,
> but don't fully understand the criteria snort looks for before sending
> the trap. I have verified that snmp is correctly installed on the snort
> machine and that it is capable of at least sending a v1 trap the NNM

snmptrap from command line or from snort?

> management console. I also have the mibs distributed with build 81 of
> snort loaded on the console and have built from source using the
> --with-snmp configure option. Tcpdump set to listen for all traffic on
> port 162 does not see any traps going to or coming from 162 on the
> snort
> box. I've tried net-snmp 4.2, 4.2.1 and 4.2-pre2 on FreeBSD 4.4-STABLE.
> What am I doing wrong, or can someone at least point me to some more
> documentation?

Hard to say without a config file and the command line you are running
snort with.  I'll be glad to take a look w/ you if you share.

-- 
Chris Green <cmg at ...81...>
Don't use a big word where a diminutive one will suffice.




More information about the Snort-devel mailing list