Quick notes on testing, receiving and debugging SNMP traps.
To send a test SNMP trap, do something like:
#!/bin/bash
#File: trapTest.sh
#Change these values as needed:
H=snmp.example.com
C=public
#Probably don't need to change these:
V=2c
O=1.3.6.1
sudo snmptrap -v$V -c$C $H '' $O $O s "Test -- $(date)"
TCPDump can monitor receipt of traps at the target host.
sudo tcpdump -Tsnmp "dst port 162"
To receive traps using snmptrapd, check the following values in /etc/default/snmptrapd/ (debian).
TRAPDRUN=yes
TRAPDOPTS='-Lf /var/log/snmptraps.log -p /run/snmptrapd.pid -Dudpbase:recv'
The -Dudpbase:recv is a debug feature. Through trial and error I found this token to be the most relevant and least verbose way of logging all received SNMP traffic, which can point towards authentication (community) failures when a trap is received but not processed.
For a full list of tokens, see docs.
You can also briefly enable -DALL to find the values you're interested in and then limit debugging to the tokens that provide those values.