Configuring an Agent as an SNMP Trap Receiver

It is quite common for administrators to require access to the logs of a network device by way of SNMP traps. On occassion, it is also necessary to use the SNMP trap mechanism to receive data from SNMP capable application servers or custom applications. The process by which one configures the agent, trap generator, and the Network Device is the same for both use cases.

The steps necessary for properly configuring an HQ agent to receive SNMP traps are:

• Configuring the HQ Agent
• Configuring Your Device or Application
• Creating the Network Device in HQ

Once configured, the traps show up as log events on the resource page for the newly created network device, and can be used as a basis for alerting.

Configuring the HQ Agent to Receive Traps

When you configure an SNMP Network Device, you essentially use an existing agent as a proxy for collecting the SNMP data. By default, the UDP port configured on the agent for receiving traps is 162. Because this port is in the privileged range, it requires the agent be run as root (or an Administrative user on Windows) to function. The receiver port can be changed to allow the agent to continue to run under the context of a non-administrative user.

To enable an agent to receive SNMP traps on an unprivileged port, edit the agent.properties file for the agent, adding the following:

    snmpTrapReceiver.listenAddress=udp:0.0.0.0/1620

This will enable the agent to receive traps through any inteface on the platform at UDP port 1620. You can specify an individual interface IP address or an alternate, unprivileged port (1024 or above) to meet your needs. Once this line is added, you must restart the agent.

Why Don't I See the Open Port With `netstat`? It is only natural to want to check your work following the agent reconfiguration to insure your trap receiver port is actually open. Unfortunately, if you have not yet enabled log tracking on the network device, the port will not be open when you check. Once you complete all steps in this procedure, netstat output will produce expected results.

back to top

Configuring a Trap Destination for Your Device or Application

The process by which you configure your device, application server, or application to send traps can vary greatly. Consult the documentation for the product you are using for the necessary details. Regardless of the process by which this is configured, you need to tell the trap generator to send the traps to your agent at the IP address and port specified in the agent.properties file (usually referred to as the trap destination).

back to top

Creating the Network Device (w/ Log Tracking for traps) Within HQ

To start monitoring an SNMP-enabled network device or application using HQ, do the following from the UI:

1. Click New Platform (link on Browse Resources or Dashboard)
   1. Enter a name for your network device (e.g. Application X SNMP Traps)
   2. Select Network Device Platform Type
   3. Enter the FQDN of the device (or machine hosting the application)
   4. Select the HQ Agent connection (this is the agent that will monitor the device - so there must be connectivity between this agent and the SNMP port on the network device)
   5. Enter the IP address of the device (or machine hosting the application...do not use 127.0.0.1, even if the application is local to the agent being used for the SNMP connection)
   6. Click OK to create the device in your HQ inventory
2. You will be on the Inventory tab of your new resource. Scroll to the bottom and click the Edit button in the Configuration Properties section
3. Verify all the configuration settings are correct for your network device, check the box to Enable Log Tracking (necessary to see received traps), then click OK

If the configuration is accepted, you should begin to see metrics being collected for your network device in the next 1-2 minutes.
If the configuration is not accepted, something is wrong. Verify the IP address, the SNMP community string, SNMP port, SNMP version, any authentication (for SNMP v3), and make sure the HQ Agent has network connectivity and can reach the SNMP port of the network device (check firewalls).

Also, can check the Agent log file to make sure that the Agent has opened the proper UDP port for SNMP Trap listening. If properly configured, you should see messages which look like this:

2008-06-05 16:45:05,447 DEBUG [SNMPTrapReceiver] snmpTrapReceiver.listenAddress=udp:0.0.0.0/1620
2008-06-05 16:45:05,572 DEBUG [SNMPTrapReceiver] Add 1:10003 for 10.2.0.2-switch

back to top