The snmptrap module is a dissection module: its purpose is to take an Orchids event, parse one of its binary fields and return a refined Orchids events, with additional fields. Typically, the snmptrap module is meant to dissect binary data coming from the udp module. That data should be text in ASN.1 format, as reported by so-called MIBs, following the SNMP protocol.
Configuration options
<module snmptrap>
AddMibDirstring: set the MIB directory where Orchids will find MIB modules.
Default is"/usr/share/snmp/mibs".AddMibstring: add a MIB module.AddMibFilestring: add a MIB file.
</module>
Fields
The snmptrap module is not dissectable: plugging a dissection module onto snmptrap makes no sense.
| Field | Type | Mono? | Description |
|---|---|---|---|
.snmptrap.seq |
uint |
✓ | sequence number |
.snmptrap.bind |
uint |
binding index (unused) | |
.snmptrap.version |
uint |
SNMP version | |
.snmptrap.community |
str |
community name | |
.snmptrap.pdu_type |
str |
Protocol Data Unit type (unused) | |
.snmptrap.object_id |
snmpoid |
object identifier (unused) | |
.snmptrap.value |
bstr |
object value (unused) | |
.snmptrap.enterprise |
snmpoid |
source of the SNMP trap | |
.snmptrap.agent_addr |
ipv4 |
source address | |
.snmptrap.trap_type |
uint |
trap type | |
.snmptrap.specific_trap_type |
uint |
specific trap type | |
.snmptrap.timestamp |
int |
timestamp | |
.snmptrap.request_id |
uint |
request ID (v2 specific, unused) | |
.snmptrap.error_status |
uint |
error status (v2 specific, unused) | |
.snmptrap.error_index |
uint |
error index (v2 specific, unused) |