FortiMonitor
FortiMonitor is a holistic, SaaS-based digital experience and network performance monitoring solution which combines monitoring, network incident management, automation, and network configuration management into a single source of truth
angellk
Staff
Staff
Article Id 215432
Description This article describes where to find the log files when looking for SNMP traps.
Scope FortiMonitor.
Solution

It is possible to verify that SNMP traps are running successfully by accessing the log files on the OnSight vCollector located in:

 

/var/log/appliance-snmp-traps/

 

SSH to the OnSight vCollector.

 

Type the command below to access the shell:

 

#sudo onsight shell

 

Navigate to the directory.

 

#cd /var/log/appliance-snmp-traps

snmp-trap-receiver.log

 

These logs when the traps are created and received.

Included in this log are the SNMP version, serial number of device, IP address, port and URL.

 

2021-09-30 06:47:07,925 INFO SNMP Trap Receiver started, listening on port 162

2021-09-30 06:50:22,553 INFO v2c trap received from 192.168.254.2: 1.3.6.1.6.3.1.1.5.4

2021-09-30 06:50:22,553 INFO Trap payload: {'1.3.6.1.4.1.12356.106.1.1.1.0': 'device serial number', '1.3.6.1.2.1.1.3.0': '1169784705', '1.3.6.1.2.1.2.2.1.8.12': '1', '1.3.6.1.2.1.2.2.1.7.12': '1', '1.3.6.1.2.1.2.2.1.1.12': '12', '1.3.6.1.2.1.2.2.1.2.12': 'port12', '1.3.6.1.2.1.1.5.0': 'customer url'}

2021-09-30 06:50:22,560 INFO Created trap queue entry 3986

2021-09-30 06:50:31,993 INFO v2c trap received from 192.168.254.2: 1.3.6.1.6.3.1.1.5.3

2021-09-30 06:50:31,993 INFO Trap payload: {'1.3.6.1.4.1.12356.106.1.1.1.0': ''device serial number', '1.3.6.1.2.1.1.3.0': '1169785649', '1.3.6.1.2.1.2.2.1.8.12': '2', '1.3.6.1.2.1.2.2.1.7.12': '1', '1.3.6.1.2.1.2.2.1.1.12': '12', '1.3.6.1.2.1.2.2.1.2.12': 'port12', '1.3.6.1.2.1.1.5.0': 'customer url'}

2021-09-30 06:50:31,995 INFO Created trap queue entry 3987

2021-09-30 06:51:21,009 INFO v2c trap received from 10.10.0.2: 1.3.6.1.4.1.12356.101.2.0.505

2021-09-30 06:51:21,009 INFO Trap payload: {'1.3.6.1.2.1.1.5.0': 'customer url', '1.3.6.1.2.1.1.3.0': '349642940', '1.3.6.1.4.1.12356.100.1.1.1.0': 'device serial number'}

2021-09-30 06:51:21,011 INFO Created trap queue entry 3988

2021-09-30 06:52:01,766 INFO v2c trap received from 10.10.0.2: 1.3.6.1.6.3.1.1.5.4

2021-09-30 06:52:01,766 INFO Trap payload: {'1.3.6.1.2.1.1.3.0': '349647016', '1.3.6.1.4.1.12356.100.1.1.1.0': 'device serial number', '1.3.6.1.2.1.2.2.1.8.12': '1', '1.3.6.1.2.1.2.2.1.7.12': '1', '1.3.6.1.2.1.2.2.1.1.12': '12', '1.3.6.1.2.1.31.1.1.1.1.12': 'lan1', '1.3.6.1.2.1.2.2.1.2.12': '', '1.3.6.1.2.1.1.5.0': 'customer url'}

snmp-trap-filter.log

 

This generates an entry every 5 seconds to indicate if it has done any filtering. 

 

2021-09-30 06:51:24,678 INFO Filtering trap 3988 and adding to cache

2021-09-30 06:51:29,694 INFO Found 0 traps to filter

2021-09-30 06:51:34,701 INFO Found 0 traps to filter

2021-09-30 06:52:04,740 INFO Filtering trap 3989 and adding to cache

2021-09-30 06:52:04,750 INFO Filtering trap 3990 and adding to cache/var/log/appliance-snmp-traps/