Page 1 of 1
SNMP traps - McAfee ePO
Posted: Tue Mar 20, 2018 9:34 am
by billy_strath
I saw the previous post about SNMP for ilo, which directed us to
https://www.elastic.co/guide/en/logstas ... ptrap.html
I'm looking to get some traps our from McAfee ePO. Things seems a bit more complicated, with protocols and passphrases. Anyone know how to configure to send to LogServer?
Re: SNMP traps - McAfee ePO
Posted: Tue Mar 20, 2018 4:50 pm
by cdienger
Do you have an option to use snmpv1 or 2? Currently v3 isn't an option for logstash:
https://github.com/logstash-plugins/log ... /issues/10
Re: SNMP traps - McAfee ePO
Posted: Tue Mar 27, 2018 3:52 am
by billy_strath
yes there is a v2 option - so that only requires the public string then does it?
Re: SNMP traps - McAfee ePO
Posted: Tue Mar 27, 2018 8:17 am
by scottwilkerson
billy_strath wrote:yes there is a v2 option - so that only requires the public string then does it?
Yes, v2 would only require the community string
Re: SNMP traps - McAfee ePO
Posted: Thu Mar 29, 2018 10:56 am
by tacolover101
if you wanted to use SNMPv3.....
you could still absorb the SNMP traps though by using snmptrapd, configure it to listen and setup a SNMPv3 user / engine, and then have logstash ingest the local file.
a little bit more configuration, but it'll work.
Re: SNMP traps - McAfee ePO
Posted: Thu Mar 29, 2018 11:47 am
by scottwilkerson