I am a bit confused what script you mean.
Is snmptrapd actually receiving the trap? I'd start there, you can run it manually (stop the service first) and see what it receives (I think it's -d but there's a man page at the net-snmp site).
If you're looking at router logins, are you sure they are being sent? IOS has a confusing aspect there, there's CLI that looks like it will send traps, but it will not. You have to configure syslog to be sent as traps, and then either take it all, or configure the specific message to be sent. But I'd start with just taking it all to make sure the trap comes through.
The only script I really changed here is the receiving perl script that comes with zabbix, and I changed it to delete lines coming from smnptrapd, not to add anything or change how it works, so that's not going to be helpful (I just delete specific common lines like uptime I don't want in the trap data).
Is snmptrapd actually receiving the trap? I'd start there, you can run it manually (stop the service first) and see what it receives (I think it's -d but there's a man page at the net-snmp site).
If you're looking at router logins, are you sure they are being sent? IOS has a confusing aspect there, there's CLI that looks like it will send traps, but it will not. You have to configure syslog to be sent as traps, and then either take it all, or configure the specific message to be sent. But I'd start with just taking it all to make sure the trap comes through.
The only script I really changed here is the receiving perl script that comes with zabbix, and I changed it to delete lines coming from smnptrapd, not to add anything or change how it works, so that's not going to be helpful (I just delete specific common lines like uptime I don't want in the trap data).
Comment