ESET Online Help

Search English
Select the category
Select the topic

How to configure an SNMP Trap Service

To successfully receive SNMP messages, the SNMP trap service needs to be configured. Follow the configuration steps below as appropriate for your operating system:

WINDOWS

Prerequisites

The Simple Network Management Protocol service must be installed on the machine where ESET PROTECT Server is installed, as well as on the machine where the SNMP trap software will be installed.

Both computers (above) should be in the same subnet.

The SNMP Service must be configured on the ESET PROTECT Server computer.

SNMP Service configuration (ESET PROTECT Server)

1.Press the Windows key + R to open a run dialog box, type Services.msc into the Open field and press Enter. Search for the SNMP Service.

2.Open the Traps tab, type public into the Community name field and click Add to list.

3.Click Add, type the Hostname, IP or IPX address of the computer where the SNMP trapping software is installed into the appropriate field and click Add.

4.Proceed to the Security tab. Click Add to display the SNMP Service Configuration window. Type public into the Community name field and click Add. Rights will be set to READ ONLY, this is ok.

5.Ensure that Accept SNMP packets from any hosts is selected and click OK to confirm. The SNMP service is not configured.

SNMP Trap Software configuration (Client)

1.Ensure that the SNMP Service is installed on the client machine.

2.Install a trap receiver application.

3.Configure the trap receiver application to receive SNMP traps from the ESET PROTECT Server (this can include ESET PROTECT Server IP address and port settings).

4.Ensure that the firewall on client machines allows network communication for SNMP communication set in the previous step.

5.The trap receiver application now allows you to receive messages from the ESET PROTECT Server.


note

SNMP Trap is not supported in the ESET PROTECT Virtual Appliance.

LINUX

1.Install the snmpd package by running one of the following commands:
apt-get install snmpd snmp (Debian, Ubuntu distributions)
yum install net-snmp (Red Hat, CentOS distributions)

2.Open the /etc/default/snmpd file and make the following attribute edits:

#SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -g snmp -I -smux -p /var/run/snmpd.pid'

Adding # will disable this line completely.

SNMPDOPTS='-Lsd -Lf /dev/null -u snmp -I -smux -p /var/run/snmpd.pid -c /etc/snmp/snmpd.conf'

Add this line to the file.

TRAPDRUN=yes
Change the trapdrun attribute to yes.

3.Create a backup of the original snmpd.conf file. The file will be edited later.

mv /etc/snmp/snmpd.conf /etc/snmp/snmpd.conf.original

4.Create a new snmpd.conf file and add these lines:

rocommunity public
syslocation "Testing ESET PROTECT On-Prem"
syscontact admin@PROTECT.com

5.Open the /etc/snmp/snmptrapd.conf file and add the following line at the end of the file:

authCommunity log,execute,net public

6.Type the following command to start the SNMP manager services and logging of incoming traps:

/etc/init.d/snmpd restart

or

service snmpd restart

7.To check if the trap is working and catching the messages, run the following command:

tail -f /var/log/syslog | grep -i TRAP