SNMP allows you to monitor hardware. To do this, there are objects that will be monitored: computers, network switches, storages and so on. These are called agents. They communicate with a "manager" which displays their status. The agents can be queried for their status by a get/set request/response. Or they can alert about a critical status by initiating a communication, this is called a "trap".

Trying to build an SNMP prototype

SUSE Linux:

yast -i nagios apache2
/etc/init.d/nagios start
/etc/init.d/apache2 start

Remember your login nagiosadmin:nagiosadmin and point your browser to http://127.0.0.1/nagios

/etc/init.d/snmptrapd
tail -f /var/log/net-snmpd.log
snmptrap -v 2c -c public localhost "" NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 42

No access configuration - dropping trap.

So it seems I have to

cat /etc/snmp/snmptrapd.conf
disableAuthorization yes
traphandle default /bin/snmppl

/etc/init.d/snmptrapd restart
cat /bin/snmppl
#!/bin/bash
date >>/tmp/dates

2014-05-06

Ok, the following command

snmptrap -v 2c -c public hostname "" NET-SNMP-EXAMPLES-MIB::netSnmpExampleHeartbeatNotification netSnmpExampleHeartbeatRate i 42

works and I can see on hostname

hostname:~ # tcpdump port 162
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
12:09:02.418760 IP source.domain.45398 > hostname.domain.snmptrap:  V2Trap(77)  system.sysUpTime.0=60543145 S:1.1.4.1.0=[|snmp]

But I cannot receive it with netcAt. And it does not work on localhost.

Using this command I can sniff and display the snmp trap:

tcpdump -A port 162 -l | hexdump -C

or this command:

netcat -u -l 162 | hexdump -C

See also

• http://nagios.sourceforge.net/docs/3_0/quickstart-opensuse.html
• http://net-snmp.sourceforge.net/wiki/index.php/TUT:snmptrap
• http://www.linuxforums.org/forum/gentoo-linux/108864-net-snmp.html
• http://paulgporter.net/2013/09/16/nagios-snmp-traps/