snmptrapd
SNMPTRAPD(8) SNMPTRAPD(8) NAME snmptrapd - Receive and log snmp trap messages. SYNOPSIS snmptrapd [-h] [-P] [-s] [-p port] [-d] [-e] [-D tokens] [-l [d0-7]] [-f] [-H] [-a] [-O oidopts] [-C] [-c confFile] [-F FORMAT] DESCRIPTION Snmptrapd is an SNMP application that receives and logs snmp trap messages sent to the SNMP-TRAP port (162) on the local machine. The log messages are of the form: Sep 17 22:39:52 suffern snmptrapd: 128.2.13.41: Cold Start Trap (0) Uptime: 8 days, 0:35:46 Snmptrapd must be run as root so that UDP port 162 can be opened. COMMAND LINE ARGUMENTS -h Print a usage summary and exit. -P Print the logged messages to stdout. -p port Specifies the port to run on, if the default 162 is not desired. -s Log the messages to syslog(8). These syslog mes sages are sent with the level of LOG_WARNING, and to the LOG_LOCAL0 facility (by default). The demon will also fork away from its caller when the syslog facilities are used. This is the default unless the '-P' flag is used. -l [d0-7] Specifies the syslog facility to use, demon or local[0-7]. -a makes snmptrapd ignore AuthenticationFailure traps -d Causes the application to dump input and output packets. -D Turn debugging output on. -f Don't fork away from the caller when using sys log(). -O oidopts Set OID printing options (see snmpcmd(1)) -C Don't read the default set of configuration files. -c confFile Force the reading of confFile as a configuration file. -F FORMAT When logging to standard output, use the format in the string FORMAT. FORMAT is a printf-like string. Snmptrapd interprets the following formatting sequences: %% a literal % %t decimal number of seconds since the operating sys tem's epoch %y current year %m current (numeric) month %l current day of month %h current hour %j current minute %k current second %T up-time in seconds (in decimal) %Y the year field from the up-time %M the numeric month field from the up-time %L the day of month field from the up-time %H the hour field from the up-time %J the minute field from the up-time %K the seconds field from the up-time %A agent's hostname if available, otherwise IP address %a agent's IP address %B PDU's hostname if available, otherwise IP address %b PDU's IP address %N Enterprise string %w Trap type (numeric, in decimal) %W Trap description %q Trap sub-type (numeric, in decimal) %P Security information from the PDU (community name for v1/v2c, user and context for v3) %v list of trap's variables In addition to these values, you may also specify an optional field width and precision, just as in printf, and a flag value. The following flags are legal: - left justify 0 use leading zeros # use alternate form The "use alternate form" flag changes the behavior of some format flags. Normally, the fields that display time information base it on the local time, but this flag tells them to use GMT instead. Also, the variable list is nor mally a tab-separated list, but this flag changes it to a comma-separated one. The alternate form for the uptime is similar to "3 days, 0:14:34.65" Examples: To get a message like "14:03 TRAP3.1 from humpty.ucd.edu" you could use something like this: snmptrapd -P -F "%02.2h:%02.2j TRAP%w.%q from %A\n" If you want the same thing but in GMT rather than local time, use snmptrapd -P -F "%#02.2h:%#02.2j TRAP%w.%q from %A\n" EXTENSIBILITY AND CONFIGURATION See the snmptrapd.conf(5) manual page. SEE ALSO snmpcmd(1), syslog(8), variables(5) 15 May 2000 SNMPTRAPD(8)