SNMP Trap Integration


#1

Hi Team

Do we have any document for Integration of SNMP Traps with Logstash?

We are trying to send SNMP traps to Logstash.

Regards
Sumit


(Ry Biesemeyer) #2

There is a SNMPTrap Input Plugin, which can be set up to listen for events :smile:


#3

Hi we have the same requirement here. we are trying to send SNMP traps from network devices.
port =1062
We wonder know how to integrate MIB to SNMP trap plugin?


#4

Thanks for the update. However the detailed syntax/use/methodology is not documented.

Please update if team has it readily available.

Sumit


#5

That is my point complete documentation not available on the link.


(Ry Biesemeyer) #6

After looking a little closer, it looks like the SNMP Input is in active development by one of our employees, and the code as-available is in beta. Documentation and improvements will land in the coming weeks.


#7

Thanks for the update.
Any issues in the current beta version which have been cited?
What would be the time frame for documentation availability?

We are trying to push our solution with Logstash as central collector. I hope you understand my urgency.

Regards
Sumit


(Ry Biesemeyer) #8

My understanding is that the timeline is a matter of weeks; you're welcome to provide input in the repository I linked though, to make sure we capture your use-case.


(Robert Cowart) #9

I took a look at this new filter...

To be clear there is a difference between receiving SNMP traps, and polling device using SNMP.

The OP was asking about traps. The only way to do this in Logstash is using logstash-filter-snmptrap.

The thing being worked on is an SNMP poller. This is a big gap in the open-source landscape. Yes there are things like collectd and telegraf, but they all suffer from the same inefficient polling methods, which make them mostly useless for anything beyond a small environment and small devices. Looking at the initial commits, this plugin is headed down that same road.

Building an SNMP poller that can truly poll large numbers of enterprise/carrier class devices is a challenge that only a few solutions do well. So I guess the question is, what is the target user for this feature?


#10

Thanks


#11

Hi Yaauie,

I would like hear from you about SNMP trap issue. We have Cisco switch here can send SNMP trap to SNMPTrap input Plugin. But other network device such as HuaWei can not. Where can we setup custom OID information on the Input Plugin?


(system) #12

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.