Getting Data In

Configure NET-SNMP (Windows) for Splunk to send traps to NMS

mship
Path Finder

I am having a heck of a time understanding NET-SNMP configuration and am hoping that has successful done this for windows can assist me. Please do not post links to NET-SNMP tutorials etc as I have been through ALL of them and I am still having issues.

Really all I need to figure out is how change the port on the NET-SNMP and NET-SNMPtrap service to use ports 1161 and 1162. I have tried snmpconf -i and did not have much luck.

Tags (1)

wsnyder2
Path Finder

Ok, I found a useful debugging link -> http://wiki.splunk.com/Community:TroubleshootingAlertScripts

Which helped me create a batch (Windows) script that really worked.

Here it is. Maybe it will help the next person.
Change content to meet your specific needs.
Uncomment the echo lines for debug.

@echo off

:echo ---------------------------------------- >> "n:\temp\test_output.txt"
:echo %0, %1, %2, %3, %4, %5, %6, %7, %8 >> "n:\temp\test_output.txt" 
:date /T >> "n:\temp\test_output.txt"
:time /t >> "n:\temp\test_output.txt"

set SNMPAGENTHOST=10.2.192.32
set SNMPAGENTPORT=162
set TRAPOID=1.3.6.1.4.1.27389.1.2
set OID=1.3.6.1.4.1.27389.1.1
set SNMPCOMMUNITY=public
set SNMPTRAPCMD=C:\Net-SNMP\bin\snmptrap.exe
for /f "usebackq" %%h in (`hostname`) do @set myhost=%%h
set num=%~1
set num=%num:'=%
set terms=%2
set query=%3
set sname=%4
set reason=%5
set permalink=%6
set tags=%7
set resultspath=%8

:echo %SNMPTRAPCMD% -v 2c -c %SNMPCOMMUNITY% %SNMPAGENTHOST%:%SNMPAGENTPORT% '' %TRAPOID% %OID%.1 i %num%  %OID%.2 s %terms%  %OID%.3 s %query%  %OID%.4 s %sname%  %OID%.5 s %reason% %OID%.6 s %permalink% %OID%.7 s %tags% %OID%.8 s %resultspath% >> "n:\temp\test_output.txt"

%SNMPTRAPCMD% -v 2c -c %SNMPCOMMUNITY% %SNMPAGENTHOST%:%SNMPAGENTPORT% '' %TRAPOID% %OID%.1 i %num%  %OID%.2 s %terms%  %OID%.3 s %query%  %OID%.4 s %sname%  %OID%.5 s %reason% %OID%.6 s %permalink% %OID%.7 s %tags% %OID%.8 s %resultspath%

:echo error level returned from command is %errorlevel% >> "n:\temp\test_output.txt"
0 Karma

mship
Path Finder

Jan could you forward the original on to me once you receive it...Thanks!

0 Karma

jan_wohlers
Path Finder

Dear wsnyder.

I see that the backslashes are missing. In some cases I could figure out which ones but could you send me a pm with the original script? Would be nice,

thanks

0 Karma

wsnyder2
Path Finder

I do not have the answer but a similar problem.

We are trying to get alerts from Splunk to generate snmp traps which we want to set to another vendor's snmp server. We have tried both batch and perl scripts at
link text

But no luck. We have been able to get splunk alerts to run echo.bat but not script that send snmp traps. Very frustrating.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...