Receive SNMP traps/informs
Horizon lets you receive and process SNMP traps and informs out of the box.
The Horizon services run as an unprivileged user and cannot bind on port numbers below 1024 without escalated privileges.
For this reason, the default port for the SNMP trap/inform listener is set to 10162/udp instead of the IANA registered port number 162/udp.
The following example shows how to configure the local firewall daemon to forward port 162/udp to 10162/udp.
If you need the SNMP trap listener on port 162/udp directly, see Binding to privileged ports.
|
sudo firewall-cmd --permanent --add-masquerade162 to 10162sudo firewall-cmd --permanent --add-port=162/udp
sudo firewall-cmd --permanent --add-port=10162/udp
sudo firewall-cmd --permanent --add-forward-port=port=162:proto=udp:toport=10162
sudo systemctl reload firewalldsudo vi /etc/ufw/before.rulesTo enable SNMP trap forwarding, add the following code to the top of the file before the *filter section:
*nat
:PREROUTING ACCEPT [0:0]
-A PREROUTING -p udp --dport 162 -j REDIRECT --to-port 10162
COMMITsudo ufw allow in 162/udp
sudo ufw allow in 10162/udp
sudo ufw reloadYou can verify your firewall and port forwarding configuration by sending an SNMP trap from a remote system to your Horizon instance:
snmptrap -v 2c -c public opennms-core-host '' 1.3.6.1.4.1.2021.991.17 .1.3.6.1.2.1.1.6.0 s "Milky Way" (1)(2)| 1 | By default, Horizon uses the public community string.
If you changed the community string in Horizon, use the updated name here. |
| 2 | Replace opennms-core-host with your Horizon instance’s IP or FQDN. |
On RHEL and CentOS, the snmptrap command line tool is part of the net-snmp-utils.
If you run on Debian or Ubuntu, the tool is part of the snmp-utils package.
|
To verify your configuration, look for an SNMP trap event in the Horizon web UI:
-
Sign in to the web UI.
-
Click .
-
Under Event Queries, select All Events.
-
Search the list for a
uei.opennms.org/generic/traps/EnterpriseDefaultevent from your test host.