i am new to ELK , I’m trying logstash with snmptrap, as I have about 100 switches and routers, but the output for the logs seems to be creepy, how to add a trap oid field for snmptrap?
Logstash log output.
The following log was generated while creating a loop,.
Hi
i am new to ELK , I’m trying logstash with snmptrap, as I have about 100 switches and routers, but the output for the logs seems to be creepy, how to add a trap oid field for snmptrap?
Logstash log output.
The following log was generated while creating a loop,.
{ "message" => "#@enterprise=[1.3.6.1.4.1.9.9.187], @timestamp=#@value=2612151602>, @varbind_list=[#@name=[1.3.6.1.4.1.9.9.187.1.2.5.1.17.32.1.14.16.255.255.17.0.0.0.0.0.0.0.0.2], @value=\"\x00\x00\">, #@name=[1.3.6.1.4.1.9.9.187.1.2.5.1.3.32.1.14.16.255.255.17.0.0.0.0.0.0.0.0.2], @value=#@value=1>>, #@name=[1.3.6.1.4.1.9.9.187.1.2.5.1.28.32.1.14.16.255.255.17.0.0.0.0.0.0.0.0.2], @value=\"\">, #@name=[1.3.6.1.4.1.9.9.187.1.2.5.1.29.32.1.14.16.255.255.17.0.0.0.0.0.0.0.0.2], @value=#@value=3>>], @specific_trap=7, @source_ip=\"1.2.3.4\", @agent_addr=#@value=\"\xC0\xA8\v\e\">, @generic_trap=6>", "host" => "1.2.3.4", "@version" => "1", "@timestamp" => "2016-04-01T23:00:04.347Z", "type" => "snmp_trap", "SNMPv2-SMI::enterprises_9_9_187_1_2_5_1_17_32_1_14_16_255_255_17_0_0_0_0_0_0_0_0_2" => "\x00\x00", "SNMPv2-SMI::enterprises_9_9_187_1_2_5_1_3_32_1_14_16_255_255_17_0_0_0_0_0_0_0_0_2" => "1", "SNMPv2-SMI::enterprises_9_9_187_1_2_5_1_28_32_1_14_16_255_255_17_0_0_0_0_0_0_0_0_2" => "", "SNMPv2-SMI::enterprises_9_9_187_1_2_5_1_29_32_1_14_16_255_255_17_0_0_0_0_0_0_0_0_2" => "3" } { "message" => "#@enterprise=[1.3.6.1.4.1.9.9.187], @timestamp=#@value=2612152907>, @varbind_list=[#@name=[1.3.6.1.4.1.9.9.187.1.2.5.1.17.32.1.14.16.255.255.17.0.0.0.0.0.0.0.0.2], @value=\"\x00\x00\">, #@name=[1.3.6.1.4.1.9.9.187.1.2.5.1.3.32.1.14.16.255.255.17.0.0.0.0.0.0.0.0.2], @value=#@value=3>>, #@name=[1.3.6.1.4.1.9.9.187.1.2.5.1.28.32.1.14.16.255.255.17.0.0.0.0.0.0.0.0.2], @value=\"\">, #@name=[1.3.6.1.4.1.9.9.187.1.2.5.1.29.32.1.14.16.255.255.17.0.0.0.0.0.0.0.0.2], @value=#@value=1>>], @specific_trap=7, @source_ip=\"1.2.3.4\", @agent_addr=#@value=\"\xC0\xA8\v\e\">, @generic_trap=6>", "host" => "1.2.3.4", "@version" => "1", "@timestamp" => "2016-04-01T23:00:16.900Z", "type" => "snmp_trap", "SNMPv2-SMI::enterprises_9_9_187_1_2_5_1_17_32_1_14_16_255_255_17_0_0_0_0_0_0_0_0_2" => "\x00\x00", "SNMPv2-SMI::enterprises_9_9_187_1_2_5_1_3_32_1_14_16_255_255_17_0_0_0_0_0_0_0_0_2" => "3", "SNMPv2-SMI::enterprises_9_9_187_1_2_5_1_28_32_1_14_16_255_255_17_0_0_0_0_0_0_0_0_2" => "", "SNMPv2-SMI::enterprises_9_9_187_1_2_5_1_29_32_1_14_16_255_255_17_0_0_0_0_0_0_0_0_2" => "1" }