[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Probably silly Q



On Wednesday 08 March 2006 14:43, Roger Heflin wrote:
>> -----Original Message-----
>> From: fedora-list-bounces redhat com
>> [mailto:fedora-list-bounces redhat com] On Behalf Of Robin Laing
>> Sent: Wednesday, March 08, 2006 11:42 AM
>> To: For users of Fedora Core releases
>> Subject: Re: Probably silly Q
>>
>> Roger Heflin wrote:
>> >>>Ok, I've inserted that line in services thats needed for
>> >>
>> >>that to work,
>> >>
>> >>>syslog          514/udp
>> >>>
>> >>>And added the -r option to OPTIONS in the syslog file in
>> >>>/etc/sysconfig, SIGHUPed syslogd, and turned the routers
>> >>
>> >>forwarding of
>> >>
>> >>>the access log to the main 192.168.x.x address of that
>> >>
>> >>machine.  But
>> >>
>> >>>nothing is appearing in either all.log or any other log
>> >>
>> >>with a recent timestamp.
>> >>
>> >>>Did I miss something?  Or is the linksys BEFSR41 routers
>>
>> logging to
>>
>> >>>some other unk (udp/tcp) port besides 514?
>> >>
>> >>----
>> >>Let's keep this on list OK?
>> >>
>> >>Firewall on Linux system blocking port 514 protocol UDP?
>> >>
>> >>Logging will go into /var/log/messages unless you redirect it via
>> >>syslog.conf # man syslog.conf
>> >
>> > Linksys sends snmptraps to the snmptrap port (161) (man snmptrapd)
>> > this is a standard service that will listen to this port and do
>> > whatever is configured with the data (save it to syslog, or to
>> > elsewhere, and/or even execute scripts to process the
>>
>> incomming data),
>>
>> > it can be  checkconfig'ed on and will put the messages into
>>
>> whatever
>>
>> > is configured by snmptrapd.
>> >
>> > I have been using it for years on both Windows and Linux.
>>
>> snmptraps
>>
>> > are os independent, where as syslog in typically unix only.
>> >
>> > You can also set the ip address to send it to, to be .255
>>
>> and it will
>>
>> > nicely broadcast on your local subnet.
>> >
>> >                              Roger
>>
>> I didn't know that it was snmp that was used.  When I looked
>> into it I was continuously told that I needed special
>> software.  I didn't know about ethereal or tcdump at that time.
>>
>> Then any management software that reads snmptraps should get
>> the data.
>>   Then the answer to the OP would be any snmp monitoring
>> program, correct?  What software do you use?
>>
>> I don't know much about snmp past the basics.
>
>snmptrapd see "man snmptrapd", if it is not installed add it,
>it comes default on a full fc4 install.
>
>                  Roger

>From Ripley's Believe it or Not, it was sitting in /etc/init.d, I did a 
chkconfig snmptrapd on, then edited it to make a seperate logfile, 
started it and its working.  Now to figure out a way to actually make 
it usefull :-)

The log its generating looks like this:

2006-03-08 18:40:10 router.coyote.den [192.168.1.1] TRAP, SNMP v1, 
community public
        enterprises.3093.2.2.1 Enterprise Specific Trap (1) Uptime: 3 
days, 9:13:22.01
        enterprises.3093.1.1.0 = "@in 213.46.20.125 32459 141.153.73.76 
6881."

But I have NDI where its getting that uptime, because
[root gene etc]# uptime
  6:41pm  up 208 days,  5:55,  3 users,  load average: 0.00, 0.00, 0.00

And [root gene etc]# uname -r
2.4.29

Darned kernel is getting a bit long in the tooth there. :)

-- 
Cheers, Gene
People having trouble with vz bouncing email to me should add the word
'online' between the 'verizon', and the dot which bypasses vz's
stupid bounce rules.  I do use spamassassin too. :-)
Yahoo.com and AOL/TW attorneys please note, additions to the above
message by Gene Heskett are:
Copyright 2006 by Maurice Eugene Heskett, all rights reserved.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]