Проект OpenNet: MAN snmptrapd (8) Команды системного администрирования (FreeBSD и Linux)

Интерактивная система просмотра системных руководств (man-ов)

snmptrapd (8)

snmptrapd (1) ( Solaris man: Команды и прикладные программы пользовательского уровня )

>> snmptrapd (8) ( Разные man: Команды системного администрирования )

NAME

snmptrapd - Receive and log SNMP trap messages.

SYNOPSIS

snmptrapd [OPTIONS] [LISTENING ADDRESSES]

DESCRIPTION

snmptrapd is an SNMP application that receives and logs SNMP TRAP and INFORM messages.

Note: the default is to listen on UDP port 162 on all IPv4 interfaces. Since 162 is a privileged port, snmptrapd must be typically be run as root.

OPTIONS

-a: Ignore authenticationFailure traps.
-c FILE: Read FILE as a configuration file.
-C: Do not read any configuration files except the one optionally specified by the -c option.
-d: Dump (in hexadecimal) the sent and received SNMP packets.
-D TOKEN[,...]: Turn on debugging output for the given TOKEN(s). Try ALL for extremely verbose output.
-e: Print event numbers (rising/falling alarm etc.).
-f: Do not fork() from the calling shell.
-F FORMAT: When logging to standard output, use the format in the string FORMAT. See the section FORMAT SPECIFICATIONS below for more details.
-h, --help: Display a brief usage message and then exit.
-H: Display a list of configuration file directives understood by the trap daemon and then exit.
-l d|0-7: Specifies the syslog facility to use when logging to syslog. 'd' means LOG_DAEMON and 0 through 7 mean LOG_LOCAL0 through LOG_LOCAL7. LOG_LOCAL0 is the default.
This option is being deprecated, and '-Ls FACILITY' should be used instead.
-L[efos]: Specify where logging output should be directed (standard error or output, to a file or via syslog). See LOGGING OPTIONS in snmpcmd(1) for details.
This option deprecates the -l -o -P and -s options.
-m MIBLIST: Specifies a colon separated list of MIB modules to load for this application. This overrides the environment variable MIBS.
-M DIRLIST: Specifies a colon separated list of directories to search for MIBs. This overrides the environment variable MIBDIRS.
-n: Do not attempt to translate source addresses of incoming packets into hostnames.
-o FILE: Log formatted incoming traps to FILE. Upon receipt of a SIGHUP, the daemon will close and re-open the log file. This feature is useful when rotating the log file with other utilities such as logrotate.
This option is being deprecated, and '-Lf FILE' should be used instead.
-p FILE: Save the process ID of the trap daemon in FILE.
This option deprecates the -u option.
-P: Print formatted incoming traps to stderr.
This option is being deprecated, and '-Le' should be used instead.
-s: Log formatted incoming traps to syslog. These syslog messages are sent with a level of LOG_WARNING and facility as determined by the -l flag (LOG_LOCAL0 by default). This is the default unless the -o, -P or -L flag is used.
This option is being deprecated, and '-Ls FACILITY' should be used instead.
-S d|0-7: Specifies the syslog facility to use when logging to syslog. See -l for details.
This option is being deprecated, and '-Ls FACILITY' should be used instead.
-t: Do not log traps to syslog. This disables logging to syslog. This is useful if you want the snmptrapd application to only run traphandle hooks and not to log any traps to any location.
-u FILE: Save the process ID of the trap daemon in FILE.
This option is being deprecated, and '-p FILE' should be used instead.
-v, --version: Print version information for the trap daemon and then exit.

In addition, snmptrapd takes the same output formatting (-O) options as the other Net-SNMP commands. See the section OUTPUT OPTIONS in the snmpcmd(1) manual page.

FORMAT SPECIFICATIONS

snmptrapd interprets format strings similarly to printf(3). It understands the following formatting sequences:

%%: a literal %
%t: decimal number of seconds since the operating system's epoch (as returned by time(2))
%y: current year on the local system
%m: current (numeric) month on the local system
%l: current day of month on the local system
%h: current hour on the local system
%j: current minute on the local system
%k: current second on the local system
%T: the value of the sysUpTime.0 varbind in seconds
%Y: the year field from the sysUpTime.0 varbind
%M: the numeric month field from the sysUpTime.0 varbind
%L: the day of month field from the sysUpTime.0 varbind
%H: the hour field from the sysUpTime.0 varbind
%J: the minute field from the sysUpTime.0 varbind
%K: the seconds field from the sysUpTime.0 varbind
%a: the contents of the agent-addr field of the PDU (v1 TRAPs only)
%A: the hostname corresponding to the contents of the agent-addr field of the PDU, if available, otherwise the contents of the agent-addr field of the PDU (v1 TRAPs only).
%b: PDU source address (Note: this is not necessarily an IPv4 address)
%B: PDU source hostname if available, otherwise PDU source address (see note above)
%N: enterprise string
%w: trap type (numeric, in decimal)
%W: trap description
%q: trap sub-type (numeric, in decimal)
%P: security information from the PDU (community name for v1/v2c, user and context for v3)
%v: list of trap's variable-bindings. These will be separated by a tab, or by a comma and a blank if the alternate form is requested See also %V
%V: specifies the variable-bindings separator. This takes a sequence of characters, up to the next % (to embed a % in the string, use \%)

In addition to these values, you may also specify an optional field width and precision, just as in printf(3), and a flag value. The following flags are legal:

-: left justify
0: use leading zeros
#: use alternate form

The "use alternate form" flag changes the behavior of some format flags. Normally, the fields that display time information base it on the local timezone, but this flag tells them to use GMT instead. Also, the variable-binding list is normally a tab-separated list, but this flag changes it to a comma-separated one. The alternate form for the uptime is similar to "3 days, 0:14:34.65"

Examples:

To get a message like "14:03 TRAP3.1 from humpty.ucd.edu" you could use something like this:

snmptrapd -P -F "%02.2h:%02.2j TRAP%w.%q from %A\n"

If you want the same thing but in GMT rather than local time, use

snmptrapd -P -F "%#02.2h:%#02.2j TRAP%w.%q from %A\n"

LISTENING ADDRESSES

By default, snmptrapd listens for incoming SNMP TRAP and INFORM packets on UDP port 162 on all IPv4 interfaces. However, it is possible to modify this behaviour by specifying one or more listening addresses as arguments to snmptrapd. See the snmpd(8) manual page for more information about the format of listening addresses.

NOTIFICATION-LOG-MIB SUPPORT

As of net-snmp 5.0, the snmptrapd application supports the NOTIFICATION-LOG-MIB. It does this by opening an AgentX subagent connection to the master snmpd agent and registering the notification log tables. As long as the snmpd application is started first, it will attach itself to it and thus you should be able to view the last recorded notifications via the nlmLogTable and nlmLogVariableTable. See the snmptrapd.conf file and the "dontRetainLogs" token for turning off this support. See the NOTIFICATION-LOG-MIB for more details about the MIB itself.