Pablo Endres's Blog » CentOS http://www.pabloendres.com Tue, 18 May 2010 21:16:36 +0000 en hourly 1 http://wordpress.org/?v=3.0 snmp errors in syslog http://www.pabloendres.com/2009/04/19/snmp-errors-in-syslog/ http://www.pabloendres.com/2009/04/19/snmp-errors-in-syslog/#comments Sun, 19 Apr 2009 19:12:22 +0000 Pablo Endres http://www.pabloendres.com/?p=79 I finally got fed up of these messages in my log files (/var/log/messages) and decided to do something about them:

Apr 19 04:14:47 hostname snmpd[3458]: Connection from UDP: [127.0.0.1]:42482
Apr 19 04:14:47 hostname snmpd[3458]: Received SNMP packet(s) from UDP: [127.0.0.1]:42482

After reading, googling around and testing for a while I rounded it the following solution, it should work in any Linux system with net-snmp after some tweaks but out of the box on CentOS, REL, Fedora or any of its relatives:

1. Remove the -a from the snmpd start options or write this in the /etc/sysconfig/snmpd.options file:

OPTIONS=”-Lsd -Lf /dev/null -p /var/run/snmpd.pid”

This should take care of the “Received SNMP” packets line (2nd one).

2. Add dontLogTCPWrappersConnects true at the end of your /etc/snmp/snmpd.conf file, that takes care of the other line:

Apr 19 04:13:47 dcf-is1p snmpd[3458]: Connection from UDP: [127.0.0.1]:48911

According to the man page: This setting disables the log messages for accepted connections. Denied connections will still be logged.”

The problem is that the default settings are to log every connection / request, so what we did was leave the log work only for failed and authenticated attempts

Enjoy readable logs!

]]> http://www.pabloendres.com/2009/04/19/snmp-errors-in-syslog/feed/ 0