Logging messages

The logging plugin to the SNMP Proxy Forwarder lets you record pieces of passing SNMP messages to a file or to syslog. Log record format and content is fully configurable.

For more information please refer to the logger plugin documentation.

Server configuration

Server is configured to:

  • listen on UDP socket at localhost
  • respond to queries performed over SNMPv2c
  • forward all queries to snmpfwd client through an unencrypted trunk connection running in client mode
#
# SNMP forwarder: Agent part configuration
#

config-version: 2
program-name: snmpfwd-server

snmp-credentials-group {
  snmp-transport-domain: 1.3.6.1.6.1.1.100
  snmp-bind-address: 127.0.0.1:1161

  snmp-engine-id: 0x0102030405070809

  snmp-community-name: public
  snmp-security-name: public
  snmp-security-model: 2
  snmp-security-level: 1

  snmp-credentials-id: snmp-credentials
}

context-group {
  snmp-context-engine-id-pattern: .*?
  snmp-context-name-pattern: .*?

  snmp-context-id: any-context
}

content-group {
  snmp-pdu-type-pattern: .*?
  snmp-pdu-oid-prefix-pattern-list: .*?

  snmp-content-id: any-content
}

peers-group {
  snmp-transport-domain: 1.3.6.1.6.1.1.100
  snmp-bind-address-pattern-list: .*?
  snmp-peer-address-pattern-list: .*?

  snmp-peer-id: 100
}

trunking-group {
  trunk-bind-address: 127.0.0.1
  trunk-peer-address: 127.0.0.1:30301
  trunk-ping-period: 60
  trunk-connection-mode: client

  trunk-id: trunk-1
}

routing-map {
  matching-snmp-context-id-list: any-context
  matching-snmp-content-id-list: any-content

  matching-snmp-credentials-id-list: snmp-credentials
  matching-snmp-peer-id-list: 100

  using-trunk-id-list: trunk-1
}

Download server configuration file.

Plugin configuration

The logger plugin is configured at the client side to:

  • write key facts about passing SNMP GET request and RESPONSE PDUs into a local file
  • double-quote var-bindings values
  • autorotate log file daily
  • keep no more than 30 log files
#
# SNMP Proxy Forwarder: logger plugin configuration
#

[general]
method: file
# method: syslog

[file]
destination: /tmp/snmpfwd-brief.log
# time-based file rotation
rotation: timed
backupcount: 30
timescale: D
interval: 1

[syslog]
facility: LOCAL1
priority: INFO
transport: udp

[content]
#pdus: GetRequest GetNextRequest SetRequest GetBulkRequest InformRequest SNMPv2Trap Response
pdus: GetRequest Response

# log message template
template: ${isotime} ${callflow-id} ${snmp-peer-address} ${snmp-pdu-type} ${snmp-var-binds}

# values in var-binds can be surrounded by these tokens
parentheses: " "

Download plugin configuration file.

Client configuration

Client is configured to:

  • listen on server-mode unencrypted trunk connection
  • process all incoming SNMP messages in the same way
  • run command request (and response) PDUs through the logger plugin
  • place inbound PDUs into SNMP v2c messages and forward them to public SNMP agent running at demo.snmplabs.com
#
# SNMP forwarder: Manager part configuration
#

config-version: 2
program-name: snmpfwd-client

peers-group {
  snmp-engine-id: 0x0102030405070809

  snmp-transport-domain: 1.3.6.1.6.1.1.1
  snmp-bind-address: 0.0.0.0:0

  # time out SNMP request in 1 second
  snmp-peer-timeout: 100
  snmp-peer-retries: 0

  snmp-community-name: public
  snmp-security-name: public
  snmp-security-model: 2
  snmp-security-level: 1

  snmp-peer-address: 104.236.166.95:161
  snmp-peer-id: snmplabs
}

trunking-group {
  trunk-bind-address: 127.0.0.1:30301
  trunk-ping-period: 60
  trunk-connection-mode: server

  trunk-id: <discover>
}

original-snmp-peer-info-group {
  orig-snmp-bind-address-pattern: .*?
  orig-snmp-context-name-pattern: .*?

  orig-snmp-pdu-type-pattern: .*?
  orig-snmp-oid-prefix-pattern: .*?

  orig-snmp-engine-id-pattern: .*?
  orig-snmp-context-engine-id-pattern: .*?

  orig-snmp-transport-domain-pattern: .*?
  orig-snmp-peer-address-pattern: .*?

  orig-snmp-security-level-pattern: .*?

  orig-snmp-security-name-pattern: .*?
  orig-snmp-security-model-pattern: .*?

  orig-snmp-peer-id: manager-1
}

server-classification-group {
  server-snmp-credentials-id-pattern: .*?
  server-snmp-context-id-pattern: .*?
  server-snmp-content-id-pattern: .*?
  server-snmp-peer-id-pattern: .*?

  server-classification-id: any-classification
}

plugin-modules-path-list: ./plugins ${plugin-dir}

plugin-group {
  plugin-module: logger
  plugin-options: config=${config-dir}/plugins/logger.conf

  plugin-id: custom-logger
}

routing-map {
  matching-trunk-id-list: trunk-1
  matching-orig-snmp-peer-id-list: manager-1
  matching-server-classification-id-list: any-classification

  using-plugin-id-list: custom-logger
  using-snmp-peer-id-list: snmplabs
}

Download client configuration file.