Hi guys,
mabe you can help me.
I have a Tape Library which I like to monitor with graylog.
The Tape Library can only send SNMP Traps.
I have installed the SNMP Trap Plugin and it seems to be working.
I can see that the SNMP trap comes in:
tcpdump src 1.1.1.1
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on env3, link-type EN10MB (Ethernet), capture size 262144 bytes
10:58:20.878999 IP TapeLib-1 > LINUX.snmptrap: V2Trap(229) system.sysUpTime.0=799619828 S:1.1.4.1.0=E:ibm.6.182.1.0.408 E:ibm.6.182.1.2.11.1=“3584 L23 78K1245” E:ibm.6.182.1.2.111.1=" 0" E:ibm.6.182.1.2.101.1=00_00_00_00_00_00_00_00 E:ibm.6.182.1.2.41.1=“00” E:ibm.6.182.1.2.71.1=“This is a test SNMP trap.” E:ibm.6.182.1.2.151.1=1
And I can see it in graylog:
message
SNMP trap 0
snmp_enterprises
1
snmp_internet
1.3.6.1.4.1.2.6.182.1.0.408
snmp_request_id
0
snmp_sysUpTime
7996198280
snmp_trap_type
TRAP
source
TapeLib-1
timestamp
2020-10-15T08:58:20.880Z
But some text is missing.
I configured the MIBs and told the plugin to read the MIBs from the destination.
Looks like this:
cd /opt/graylog/graylog/mib/
ls -l
drwxr-xr-x. 2 graylog graylog 57 Oct 15 10:02 0ts3500
drwxr-xr-x. 2 graylog graylog 62 Oct 15 10:02 1ts3500
drwxr-xr-x. 2 graylog graylog 23 Sep 30 10:11 cisco
drwxr-xr-x. 2 graylog graylog 25 Sep 30 10:11 ds8000
drwxr-xr-x. 2 graylog graylog 31 Sep 30 10:11 v7000
Can you help me to get the “This is a test SNMP trap” somehow out of the message?
TNX
Markus