Quick notes on testing, receiving and debugging SNMP traps.
To send a test SNMP trap, do something like:
#!/bin/bash #File: trapTest.sh #Change these values as needed: H=snmp.example.com C=public #Probably don't need to change these: V=2c O=18.104.22.168 sudo snmptrap -v$V -c$C $H '' $O $O s "Test -- $(date)"
TCPDump can monitor receipt of traps at the target host.
sudo tcpdump -Tsnmp "dst port 162"
To receive traps using
snmptrapd, check the following values in
TRAPDRUN=yes TRAPDOPTS='-Lf /var/log/snmptraps.log -p /run/snmptrapd.pid -Dudpbase:recv'
-Dudpbase:recv is a debug feature. Through trial and error I found this token to be the most relevant and least verbose way of logging all received SNMP traffic, which can point towards authentication (community) failures when a trap is received but not processed.
For a full list of tokens, see docs.
You can also briefly enable
-DALL to find the values you're interested in and then limit debugging to the tokens that provide those values.