NiktoSLAD pluginsLogWatchTrapWatch

TrapWatch

TrapWatch is a special version of Logwatch and listens on SNMP hardware traps. The Simple Network Management Protocol (SNMP) is the most common protocol for managing all kinds of network devices and is implemented in almost all currently available network devices. An SNMP trap is a message sent out by a network device to report an incident such as loss of link, failed authentication attempts etc. TrapWatch catches these messages and puts them into the report. This can be useful to detect changes in the network, like machines being unplugged or added to the network. Support for Netscreen firewall traps, HP-Procure switches and Cisco hardware is installed out of the box. If non-standard MIBs are used, it might necessary to configure TrapWatch accordingly. Please note that to enable TrapWatch, you need to install an SNMP trap handler that puts the TRAP results into your syslog file.


NiktoSLAD pluginsLogWatchTrapWatch