SNMP failed to match community

rendyadnant · ‎02-21-2022

I already connect SNMP with PRTG and shown the data on their dashboard such as bandwith and port status (UP / Down).

But in System Event still have message "SNMP failed to match community"

The question is, how can delete that message cause every hour always shown that.

Thank you for your attention

akristof · ‎02-22-2022

Hello,

Thank you for your question. If you deleted all communities on FortiGate, firewall will still be able to receive SNMP request. If you want to stop it, disable SNMP on interface that it is being received and disable SNMP agent. In that case any SNMP traffic will be dropped by default.

Adrian

View solution in original post

ede_pfau · ‎02-22-2022

Get the details of the log message, it will tell you (at least) the community used.

Ede

"Kernel panic: Aiee, killing interrupt handler!"

akristof · ‎02-22-2022

Hello,

Thank you for your question. If you deleted all communities on FortiGate, firewall will still be able to receive SNMP request. If you want to stop it, disable SNMP on interface that it is being received and disable SNMP agent. In that case any SNMP traffic will be dropped by default.

Adrian

rendyadnant · ‎03-15-2022

Thank you Mr. Akristof,

If i want to disable those message from System Event, is it possible without setting on Log setting -> event logging --> uncheck "system activity event" ?

i mean, is there any configuration in CLI maybe for just disable those message (Failed to match Community)?

akristof · ‎03-16-2022

Hi,

Never tried it, but filter should be able to do it:

https://docs.fortinet.com/document/fortigate/6.2.1/cli-reference/386620/log-fortianalyzer-filter

Based on your logging device (disk, faz, memory) you should be able to filter it with custom filter:

config log disk filter

set filter logid(id_of_log) - log id of this failed community log

Adrian