[Snort-users] How to test Snort trap_snmp plugin?
honia2002 at ...125...
Fri Aug 7 13:03:03 EDT 2009
I am new to Snort and got version 188.8.131.52 installed. Later on, got the SNMP patch: SnortSnmpMod-2.2.0-01 and installed it.
I also installed Snort standard rules: snortrules-snapshot-2.8.tar.gz
Successfully configured and installed Snort and now I would like to use its SNMP interface to send the snmp traps to another host.
These are the modifications I made to snort.conf file
1) var HOME_NET 10.10.2.0/24
2) var EXTERNAL_NET any
3) var RULE_PATH ../rules
4) var PREPROC_RULE_PATH ../preproc_rules
5) output trap_snmp: alert, 7, trap -v 2c -p 162 public 10.10.2.2
I am not sure how I can have snort send the snmp traps to the host above. The only command I ran was : snort -de -l logs/ -c etc/snort.conf
Which returns an error at the end of the output: ERROR: unknown output plugin: 'trap_snmp'Fatal Error, Quitting..
How can I check to make sure the trap_snmp is in fact installed properly? Or how can I send a test snmp trap to the host?
Any help will be much appreciated,
Get back to school stuff for them and cashback for you.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users