David, I don't fully understand your response. I have to setup a trap on the switch (to send logs to server) OR on the server side(to receive logs from switch)? I'm still a little confused on how rsyslog works with this.
-----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of David Lang Sent: Thursday, April 11, 2013 10:47 AM To: rsyslog-users Subject: Re: [rsyslog] snmp on linux with rsyslog On Thu, 11 Apr 2013, Josh Bitto wrote: > I'm starting to add devices from our network to forward logs and I came > across a switch that uses snmp....I looked at the documentation on the > website and had a couple of questions. > > 1. Will ryslsog use V3 of snmp? > 2. When adding the module to the rsyslog config to receive traffic from > said device is a trap necessary or can I just load a module and have a source > IP and port number configured to send logs to a specific file? SNMP has two modes of operation 1. SNMP Query. the device listens for SNMP requests and responds with the appropriate information 2. SNMP Traps. The device sends a message out under a specific condition. In neither case are all the logs on the device sent over SNMP. If you do not configure traps, nothing will be sent to the rsyslog server. I don't know if rsyslog supports SNMPv3 or not. Traps are designed to be alerts for critical failures, while it's good to get them, you probably want more data and really want the device to send it's logs to you. Once you have the device sending it's logs, you will probably find that the data that's in the traps is also in the log. David Lang _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
