No snmp trap events

asked 2021-03-05T10:56:19.497+00:00
ronald van den berg 241 Reputation points

In a new scom 2019 ur2 environment i try to recieve alerts from snmp traps.
It's something i've already done before and created a managementpack for it but it will not work for an unknown reason.

Therefor i've started all over again with the document that kevin wrote about it.
https://kevinholman.com/2015/02/03/snmp-trap-monitoring-with-scom-2012-r2/

The device is discovered and visible in network devices with access mode = snmp only
I can see traps coming in on the server with wireshark and the right community name from the right ip address.
monitoringhost.exe has a listening process on port 162/udp
windows trap receiver is disabled.

The eventrule snmp catch all is active.
I do see that the device was discovered via snmp v2c and traps are coming in with v1 but removing the <version> tagline from the trap rule should work for that but it isn't, no trap event is visible.

I'm out of options, any ideas what i can do to debug this further?

Operations Manager
Operations Manager
A family of System Center products that provide infrastructure monitoring, help ensure the predictable performance and availability of vital applications, and offer comprehensive monitoring for datacenters and cloud, both private and public.
1,200 questions
No comments
{count} votes

Accepted answer
  1. answered 2021-03-22T08:51:43.1+00:00
    ronald van den berg 241 Reputation points

    Lessons learned and fixed the issue.

    Wireshark monitors before packets go through the local firewall. So if wireshark shows the packets, they can still be blocked by the local firewall.

    The out of the box inbound for snmp traps were enabled but turned out this was not enough.
    Apparently there is another inbound rule named "Operations Manager SNMP Trap Listener" which i needed to enable and then the traps were handled fine by the agent.

    No comments

1 additional answer

Sort by: Most helpful
  1. answered 2022-06-23T04:23:27.083+00:00
    ANU 331 Reputation points

    @ronald van den berg Thanks for the reply. Already checked inbound rule for snmp trap and Snmp trap listner. Both rules are enabled.
    Thanks
    Anu

    No comments