Documentation forKiwi Syslog Server

Add an action to send an SNMP trap

This feature is available only in the licensed edition to Kiwi Syslog Server.

You can add an action to send an SNMP trap to the specified host.

  1. From the Kiwi Syslog Service Manager, choose File > Setup.
  2. Add a rule, or locate an existing rule.
  3. Right-click Actions below the rule, and choose Add Action.
  4. Replace the default name with a descriptive name.
  5. From the Action menu, select Send SNMP Trap.

  6. Specify the following options.

    Forward SNMP Trap without changing Select this option to forward the original SNMP trap to the destination host.
    Destination host

    Enter the IP address of the system receiving the SNMP trap.

    Retain the original source address of the SNMP trap

    Select this option to identify outgoing messages coming from a particular (original) host. The network packet is spoofed to appear as though the forwarded message is coming directly from the originating devices' IP address instead of the address of the Syslog Server.

    This feature is only available in a licensed edition of Kiwi Syslog Server. It requires NpCap installation (with NpCap Loopback Adapter).
    IPv6

    Select IPv6 next to the Destination host field to send SNMP and IPv6 trap messages to an IPv6 destination host address.

    Remote port

    Enter the port to which the SNMP trap is sent. The default port is 162.

    If you change this setting, you must configure the receiving device to "listen" for SNMP traps on the same port number.

    Message text Enter the content of the SNMP trap to be forwarded. Click Insert message content or counters to insert content using variables.
    Agent IP address

    Enter the IP address that appears as the source of the SNMP trap. By default this is set to "The original sender" but can be set to "From this machine", that is, the address of the machine running the Kiwi Syslog Server.

    Generic type

    For version 1 traps, select the type of trap to be sent:

    • 0 - Cold Start
    • 1 - Warm Start
    • 2 - Link Down
    • 3 - Link Up
    • 4 - Authentication Failure
    • 5 - EGP Neighbor Loss
    • 6 - Enterprise Specific
    Enterprise OID

    For version 1 traps, enter a dotted numerical value (1.3.6.1.x.x.x.x) that represents the MIB enterprise of the SNMP trap.

    Version 2 traps have the Enterprise value bound as the second variable in the message.

    If the Generic Type is set to 6, it indicates an Enterprise type trap. In this case the Specific Trap value needs to be considered.

    Variable OID Specify a dotted decimal value (1.3.6.1.x.x.x.x) that represents that MIB variable of version 2 SNMP traps.
    Community This is like a password that is included in the trap message. Normally this is set to values such as "public", "private" or "monitor".
    Specific type This is a value that indicates the condition that caused the trap to be sent. In version 2 traps, this condition is unique to the MIB defined for the particular device sending the trap or syslog message.
    Version

    Select the version used to send SNMP traps to another syslog server. If you select version 3, provide the User Name, Local Engine ID, Authentication Password, Encryption Password, Protocol, and Algorithm.

    Version type for SNMP traps (version 1, 2 or 3) should be selected to send the traps to another syslog server. For example, if you leave the encryption password and algorithm, it acts as 'authentication only' security level.

    To send version 3 traps, SNMP credentials are required on both the receiving and sending sides.

  7. Test the action.
  8. Click Apply.