Logging messages#

The logging plugin to the SNMP Proxy Forwarder lets you record pieces of passing SNMP messages to a file or to syslog. Log record format and content is fully configurable.

For more information please refer to the logger plugin documentation.

Server configuration#

Server is configured to:

  • listen on UDP socket at localhost

  • respond to queries performed over SNMPv2c

  • forward all queries to snmpfwd client through an unencrypted trunk connection running in client mode

#
# SNMP forwarder: Agent part configuration
#

config-version: 2
program-name: snmpfwd-server

snmp-credentials-group {
  snmp-transport-domain: 1.3.6.1.6.1.1.100
  snmp-bind-address: 127.0.0.1:1161

  snmp-engine-id: 0x0102030405070809

  snmp-community-name: public
  snmp-security-name: public
  snmp-security-model: 2
  snmp-security-level: 1

  snmp-credentials-id: snmp-credentials
}

context-group {
  snmp-context-engine-id-pattern: .*?
  snmp-context-name-pattern: .*?

  snmp-context-id: any-context
}

content-group {
  snmp-pdu-type-pattern: .*?
  snmp-pdu-oid-prefix-pattern-list: .*?

  snmp-content-id: any-content
}

peers-group {
  snmp-transport-domain: 1.3.6.1.6.1.1.100
  snmp-bind-address-pattern-list: .*?
  snmp-peer-address-pattern-list: .*?

  snmp-peer-id: 100
}

trunking-group {
  trunk-bind-address: 127.0.0.1
  trunk-peer-address: 127.0.0.1:30301
  trunk-ping-period: 60
  trunk-connection-mode: client

  trunk-id: trunk-1
}

routing-map {
  matching-snmp-context-id-list: any-context
  matching-snmp-content-id-list: any-content

  matching-snmp-credentials-id-list: snmp-credentials
  matching-snmp-peer-id-list: 100

  using-trunk-id-list: trunk-1
}

Download server configuration file.

Plugin configuration#

The logger plugin is configured at the client side to:

  • write key facts about passing SNMP GET request and RESPONSE PDUs into a local file

  • double-quote var-bindings values

  • autorotate log file daily

  • keep no more than 30 log files

#
# SNMP Proxy Forwarder: logger plugin configuration
#

[general]
# log into a file
#method: file

# log through syslog
#method: syslog

# log into main process log
#method: snmpfwd

# inhibit any logging
#method: null

# logging level: debug, info, error
#level: info

[file]
# log into this file
destination: /tmp/snmpfwd-brief.log

# use time-based file rotation
#rotation: timed

# keep up to this number of logs upon rotation
#backupcount: 30

# rotate each day
#timescale: D
#interval: 1

[syslog]
# syslog transport: udp, tcp, socket or path to syslog socket
#transport: socket

# syslog facility (see `man syslog`)
#facility: daemon

# use non-local syslog
#host: localhost

# non-default syslog port
#port: 514

[content]
# log these PDU types
#pdus: GetRequest GetNextRequest SetRequest GetBulkRequest InformRequest SNMPv2Trap Response

# log message template
#template: ${isotime} ${callflow-id} ${snmp-peer-address} ${snmp-pdu-type} ${snmp-var-binds}

# values in var-binds can be surrounded by these tokens
#parentheses: " "

Download plugin configuration file.

Client configuration#

Client is configured to:

  • listen on server-mode unencrypted trunk connection

  • process all incoming SNMP messages in the same way

  • run command request (and response) PDUs through the logger plugin

  • place inbound PDUs into SNMP v2c messages and forward them to public SNMP agent running at demo.pysnmp.com

#
# SNMP forwarder: Manager part configuration
#

config-version: 2
program-name: snmpfwd-client

peers-group {
  snmp-engine-id: 0x0102030405070809

  snmp-transport-domain: 1.3.6.1.6.1.1.1
  snmp-bind-address: 0.0.0.0:0

  # time out SNMP request in 1 second
  snmp-peer-timeout: 100
  snmp-peer-retries: 0

  snmp-community-name: public
  snmp-security-name: public
  snmp-security-model: 2
  snmp-security-level: 1

  snmp-peer-address: 104.236.166.95:161
  snmp-peer-id: snmplabs
}

trunking-group {
  trunk-bind-address: 127.0.0.1:30301
  trunk-ping-period: 60
  trunk-connection-mode: server

  trunk-id: <discover>
}

original-snmp-peer-info-group {
  orig-snmp-bind-address-pattern: .*?
  orig-snmp-context-name-pattern: .*?

  orig-snmp-pdu-type-pattern: .*?
  orig-snmp-oid-prefix-pattern: .*?

  orig-snmp-engine-id-pattern: .*?
  orig-snmp-context-engine-id-pattern: .*?

  orig-snmp-transport-domain-pattern: .*?
  orig-snmp-peer-address-pattern: .*?

  orig-snmp-security-level-pattern: .*?

  orig-snmp-security-name-pattern: .*?
  orig-snmp-security-model-pattern: .*?

  orig-snmp-peer-id: manager-1
}

server-classification-group {
  server-snmp-credentials-id-pattern: .*?
  server-snmp-context-id-pattern: .*?
  server-snmp-content-id-pattern: .*?
  server-snmp-peer-id-pattern: .*?

  server-classification-id: any-classification
}

plugin-modules-path-list: ./plugins ${plugin-dir}

plugin-group {
  plugin-module: logger
  plugin-options: config=${config-dir}/plugins/logger.conf

  plugin-id: custom-logger
}

routing-map {
  matching-trunk-id-list: trunk-1
  matching-orig-snmp-peer-id-list: manager-1
  matching-server-classification-id-list: any-classification

  using-plugin-id-list: custom-logger
  using-snmp-peer-id-list: snmplabs
}

Download client configuration file.