question

ronaldvandenberg-5545 avatar image
0 Votes"
ronaldvandenberg-5545 asked ·

No snmp trap events

In a new scom 2019 ur2 environment i try to recieve alerts from snmp traps.
It's something i've already done before and created a managementpack for it but it will not work for an unknown reason.

Therefor i've started all over again with the document that kevin wrote about it.
https://kevinholman.com/2015/02/03/snmp-trap-monitoring-with-scom-2012-r2/

The device is discovered and visible in network devices with access mode = snmp only
I can see traps coming in on the server with wireshark and the right community name from the right ip address.
monitoringhost.exe has a listening process on port 162/udp
windows trap receiver is disabled.

The eventrule snmp catch all is active.
I do see that the device was discovered via snmp v2c and traps are coming in with v1 but removing the <version> tagline from the trap rule should work for that but it isn't, no trap event is visible.

I'm out of options, any ideas what i can do to debug this further?

msc-operations-manager-general
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

ronaldvandenberg-5545 avatar image
0 Votes"
ronaldvandenberg-5545 answered ·

Lessons learned and fixed the issue.

Wireshark monitors before packets go through the local firewall. So if wireshark shows the packets, they can still be blocked by the local firewall.

The out of the box inbound for snmp traps were enabled but turned out this was not enough.
Apparently there is another inbound rule named "Operations Manager SNMP Trap Listener" which i needed to enable and then the traps were handled fine by the agent.

·
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.