Is it possible to configure the RHEL 5.5 syslog to accept SNMP traps? That is I want to use a central logging server to pick up other systems syslogs, and SNMP messages from systems that cannot use remote syslog functions.
View 3 Replies
I need to be able to send snmp traps based on certain severity or content of syslog messages. Can this be done from standard linux? Alternatively, are there MIB's out there that support syslog events so I can get the status from snmp?
View 1 Replies View Relatedhow can I configure snmp to receive traps from diffé²¥nt machines??
View 1 Replies View RelatedI'm trying to configure SNMP service to send traps to SNMP server. I've installed net-snmp-utils, now I need to configure the "snmpd.conf" file...
View 2 Replies View RelatedIs there a way to send syslog messages through SNMP? I'm not finding much info online around this. A co-worker said it was easy to do. RHEL5.5
View 1 Replies View RelatedI am looking to build a dedicated syslog-SNMP server with remote web interface and I would appreciate a discussion from our community on recommending the best solutions to deploy. I would like to be able to create an opensource architecture I could easily duplicate for multiple stand-alone customer environments.
View 1 Replies View RelatedI have a favor to ask, I've been having a really hard time trying to understand how snmp traps work, what can they do for you, and why they are useful. I've done some research and I've even set up snmp clients on linux systems, not necessarily the traps. I know they communicate on port 161 and 162 and I also know that you set them up to connect to a community string. Still I cant grasp the concept. If you don't mind can any one break it down for me, in very basic terms.
View 7 Replies View RelatedI'm trying to sniff snmp traps being sent to a NMS. I'm setting -s to 0 but when I start sniffing, some of the packets, instead of being decoded, show me messages like this:
Code:
[len1468<asnlen1663]
What is that supposed to mean?
I have an issue when sending snmp traps. I have an embedded system connected to a SNMP manager. I am sending traps from the box to the manager continuosly. After sometime I don't see any trpas coming out.
I get this error message.
Cannot open file /proc/net/tcp ...
: Too many open files
Cannot open file /proc/net/snmp ...
: Too many open files
What could be the reason for such an error?
I have created this thread as it sis realy hard for me to send traps from my Linux workstation... I m lost with v1/v2/v3 snmp... So here is the initial configuration: (without traps)
rocommunity myrocom
rwcommunity MyL33tP4ss 10.5.32.202
rwcommunity MyL33tP4ss 127.0.0.1
syslocation "FR"
syscontact root
From there i can "poll" my system. But what should i do if i want my Linux system sending traps when disks are full or system overloaded etc...I have found information on Internet but not easily understandable It is for v3:
rwuser admin
createUser admin MD5 mypasword
#
# From there i would have to comment the lines regarding the communities
#
[code]....
10.5.32.202 is my management host ... is this config ok ? But it seems that trap2sink is for v2 ? How does it work ?
I'm curious as to what defines the SNMP trap info sent by switches? I would like to get updates on 802.1x authentication and state of switches (all manufacturers if possible). Is the data sent via traps determined by the manufacturer or is it possible to modify/select it from the switch MIB?
View 3 Replies View Relatedcan i know if there is any way to have how many traps are lost wen agents snmp send some traps to a superviser?? are there any OID to have this information??
View 1 Replies View RelatedWe have a situation where we have to set up a server to send traps with information regarding CPU, memory usage, etc. I know snmpd can be set up to allow another process to request snmp information about the server, but can it be done the other way around (have a host send information about itself to another server through snmp)?
View 4 Replies View RelatedI have my system set up to where the router(dd-wrt) will send it's syslog messages to my Linux PC system. I am using shorewall as my firewall. I have two questions: How can I configure shorewall to allow the messages from my router? If I use my router IP address to allow the messages to come through the firewall, will this be a great security risk as anything from the internet can come through on that router ipaddress?
View 1 Replies View RelatedI'm having trouble getting my pix firewall to log to syslog server. Here are the steps I took:
1) Added the following line to /etc/sysconfig/syslog:
SYSLOG_OPTIONS "-m 0 -r514"
**for some reason, without the 514, syslog doesn't listen
[code]....
I just installed a fresh copy of RHEL 5.4 64-bit on a new machine, taking default configuration during the setup process. Then I realized we need to install SNMP on it. I found the following packages on the RHEL DVD and tried to install them, using both the Red Hat GUI for package installation and also through the command "rpm -i {package_name.rpm}". But I am getting dependency errors. The dependent components are not found on the DVD even though I have it inserted in the drive. Can someone advise how I can add SNMP to an existing RHEL machine?
Packages I tried to add:
net-snmp-5.3.2.2-7.el5.x86_64.rpm
net-snmp-devel-5.3.2.2-7.el5.x86_64.rpm
net-snmp-libs-5.3.2.2-7.el5.x86_64.rpm
net-snmp-perl-5.3.2.2-7.el5.x86_64.rpm
[Code]....
I've got a new install of the following...
[root@big-bad-joe /]# more /etc/redhat-release
Red Hat Enterprise Linux AS release 4 (Nahant Update 7)
------------------------------------------------------------------
[code]....
I am trying to configure SNMP server using xinetd on red hat. I am using non-standard port for it. My connection to server fails. I see the following log messages in /var/log:
Jan 26 17:23:31 [userid] xinetd[15023]: START: my-snmp pid=15047 from=192.128.11.21
Jan 26 17:23:31 [userid] xinetd[15023]: EXIT: my-snmp status=1 pid=15047 duration=0(sec)
Jan 26 17:23:32 [userid] xinetd[15023]: START: my-snmp pid=15050 from=192.128.11.21
Jan 26 17:23:32 [userid] xinetd[15023]: EXIT: my-snmp status=1 pid=15050 duration=0(sec)
can anybody help to point out what is wrong in my config?
[Code]...
how can I configure snmp and snmptrap to receive a trap when the used disk (/home/linux) is 20%
View 1 Replies View Relatedhow to configure syslog server in centos?
View 3 Replies View RelatedWe are using lpr as a print server. What I want to do is, configure the lpd print server so that before it accepts any print job for some printer, it checks if the printer is available or not. If the printer is available, then only it is supposed to accept print jobs...if not, it should not accept the print jobs at all. How do I accomplish this feature?
View 3 Replies View Relatedfinnaly i can run my ubuntu server 9.04 well, thnx to this great member of ubuntuforums.org now, i wanna i wannna install SNMP on my system, but after i do that, when i wanna connect with another client, it give me error like this :
Code:
no response received
SNMPv1_Session (remote host: "10.100.7.179" [10.100.7.179].161)
community: "public"
request ID: 862383236
PDU bufsize: 8000 bytes
[Code]...
10.100.7.179 is my client, i allready install snmp agent on it. but why still eror then? plz give some help. thnx before
How to configure a syslog client on ubuntu I don't have a syslog.conf file in ubunut client.also how to transfer log from windows xp to syslog server
View 1 Replies View RelatedI have a caching dns and SNMP ( MRTG ) both on the same server how can I permit dns and snmp traffic in INPUT chain?? I have tried the following:
iptables -A INPUT -p udp --sport 1024:65535 --dport 53 -j ACCEPT
iptables -A INPUT -p udp --sport 53 --dport 1024:65535 -j ACCEPT
iptables -A INPUT -p udp --sport 1024:65535 --dport 161:162 -j ACCEPT
iptables -A INPUT -p udp --sport 161:162 --dport 1024:65535 -j ACCEPT
I have a syslog server which is logging locally and also receiving syslogs from another device. The other device doesnt allow you to change the facility. The facility it is using is "4 - security/authorization messages". Is there anyway to configure syslog so that it writes the sec/auth logs in different places for both the local machine and the remote machine?
View 1 Replies View Relatedhow does one configure a Ubuntu 10.4 machine to write its logs to a syslog server?
View 1 Replies View Relateddammit... all that typing and I hit the wrong "submit" button. *sigh*
Ok, I have a couple of SMTP servers for our infrastructure. They are running Postfix. I have them configured so that specific email addresses such as support@mydomain.com and billing@mydomain.com all go to a new support server that I am building with osTicket. Lets call that server SUPP1.
SUPP1 runs sendmail from the default install of CentOS 5 i386. At this point everything runs great. New emails get added into the osTicket system via a pipe in sendmail. Here's where the problem comes in. In order to accept mail, sendmail has to have the domain listed in local-host-names and the addresses in virtusertable. That works just dandy. But in doing so, sendmail believes it is the destination SMTP server for "mydomain.com". That means that I can't send mail from that server back into my normal SMTP servers. So things like the LogWatch, cron jobs, etc can't send notifications. Is there a way to work around that? For sendmail to ignore local-host-names for outbound email or something?
i set my pass on ubuntu 10.4 and it work so good on installing app but suddenly it stopped working i thought i would restart my pc i tried to inter my pass again ubuntu don't accept it although it's surely true
View 7 Replies View RelatedI just reinstalled ubuntu lucid after accidentally damaging it, And I used all the same passwords and user names as before, I can login fine, and I can do sudo commands, but the gnome keyring wont accept my password, I tried changing my password using Applications>accessories>Passwords and encryption but that didn't work. How can I fix this so that keyring will accept my password, I need it to save my wireless router password.
View 1 Replies View RelatedCentOS 5.6 Server patched to latest, multiple name-based apache virtual hosts. SELinux OFF Everything was working fine until the other day. I've been making quite a lot of changes so it may well be something I've done, but I can't find out what! Last night I got the following in my logwatch : -
Requests with error response codes
404 Not Found
/admin/phpmyadmin/scripts/setup.php: 1 Time(s)
/admin/pma/scripts/setup.php: 1 Time(s)
/admin/scripts/setup.php: 1 Time(s)
/db/scripts/setup.php: 1 Time(s)
/dbadmin/scripts/setup.php: 1 Time(s)
[Code]...
The problem is that NONE of my logs, secure, httpd, messages, NONE of them, show any trace of these hacking attempts. They used to show up in secure and apache error logs, but no longer.
