Hello,
I’ve been doing some researches but couldn’t get a solution to the problem I’m encountering so I hope someone here can help me.
I’m using latest Graylog version 3.3.1 on a Debian 10 (Buster) which is working great and already ingesting logs but I’m struggling to receive SNMP traps from network devices, input settings is quite simple:
Note: It’s not possible to set up plugin to port 162, is it normal ?
I’ve installed SNMPD and SNMP package and forwarding port 162 to port 1620 (the one Graylog is listening on) in case some network devices wouldn’t be send able to send on a custom port.
This is how it looks when doing netstat to check it’s listening:
netstat -an | grep 162
udp6 0 0 172.17.10.131:1620 :::*
udp6 0 0 172.17.10.131:1620 :::*
udp6 0 0 172.17.10.131:1620 :::*
udp6 0 0 172.17.10.131:1620 :::*
udp6 0 0 172.17.10.131:1620 :::*
udp6 0 0 172.17.10.131:1620 :::*
udp6 0 0 172.17.10.131:1620 :::*
udp6 0 0 172.17.10.131:1620 :::*
So I’m guessing this part is OK but nothing will come in.
Do you guys have an idea ? A walkthrough ? This is the first time for this kind of configuration and I’m a bit lost.
(No more chance doing a snmptrap command neither)
Thanks in advance