Skip to main content
Question

Question about trap monitoring.

  • February 19, 2026
  • 2 replies
  • 18 views
O
Forum|alt.badge.img+4

Hi All.

We are using HP Systems insight manager as snmp trap receiver. The way it handles them is quite simple : when a trap is received and if it’s severity is above informational (configurable), an alert is sent and logged with the sending host. Of course the host must be declared first. If the OID is unknown, it logs it with the host too, so we can see that a MIB is missing. Simple and efficient. But it’s no longer supported and it’s missing some functionalities like the most secure SNMP v3 encyption levels.

So I’m looking at moving the trap management to Centreon.

I’ve read many documents and post and my (simplified) understanding is that with Centreon we must attach a SNMP service to a host and define the traps it will manage.

But for me there is a problem : if the host sends a trap that is not monitored by the service, then I won’t be warned.

Is my understanding correct ?

If yes, is there the possibility to do the following : declare a SNMP service for a host and say : whatever the snmp trap you receive for that host and if the level is not informational then do that. And if the OID is unknown then log it somewhere so we can find which MIB file is missing.

Have a nice day.

2 replies

lpinsivy
Centreonian
Forum|alt.badge.img+21
  • lpinsivy
  • Centreonian
  • February 24, 2026

HI ​@OlivierV By default, SNMP trap management in Centrein Infra Monitoring only works with known SNMP traps (defined in Centreon) and associated with passive services.

But you can add in the centreontrapd options to record unknown sNMP traps in a log file + add a control on this file to highlight them.

To do this, you need to modify the file /etc/centreon/centreontrapd.pm:

#############################################
# File Added by Centreon
#
our %centreontrapd_config = (
        # databases credentials
        centreon_db => "dbname=/etc/snmp/centreon_traps/centreontrapd.sdb",
        centstorage_db => "dbname=/etc/snmp/centreon_traps/centreontrapd.sdb",
        db_type => 'SQLite',
        # server type (0: central, 1: poller)
        mode => 0,
        unknown_trap_enable => 1,
        unknown_trap_mode => 1,
        unknown_trap_file => '/var/log/centreon/centreontrapd_unknown.log'
);

1;

Then add an active check to monitor /var/log/centreon/centreontrapd_unknown.log log file.

When an unknown SNMP trap is received, the file will contain something like:

# tail -f /var/log/centreon/centreontrapd_unknown.log
2026-02-24 11:49:14 - INFO - Trap received from localhost: .1.3.6.1.4.1.9.9.43.2.0.2.1.1
2026-02-24 11:49:14 - INFO - hostname                  : localhost
2026-02-24 11:49:14 - INFO - ip address                : 127.0.0.1
2026-02-24 11:49:14 - INFO - uptime                    : 285:3:22:33.89
2026-02-24 11:49:14 - INFO - trapname / OID            : .1.3.6.1.4.1.9.9.43.2.0.2.1.1
2026-02-24 11:49:14 - INFO - ip address from trap agent: 127.0.0.1
2026-02-24 11:49:14 - INFO - trap community string     :
2026-02-24 11:49:14 - INFO - enterprise                :
2026-02-24 11:49:14 - INFO - securityEngineID (not use):
2026-02-24 11:49:14 - INFO - securityName     (not use):
2026-02-24 11:49:14 - INFO - contextEngineID  (not use):
2026-02-24 11:49:14 - INFO - contextName      (not)    :
2026-02-24 11:49:14 - INFO - Ent Value 0 ($1): .1.3.6.1.2.1.1.5.0=MyDevice
2026-02-24 11:49:14 - INFO -

Regards,

O
Forum|alt.badge.img+4
  • OlivierV
  • Author
  • Steward *
  • February 25, 2026

Hello ​@lpinsivy 

The way Centreon handles snmp traps is not as easy as HP SIM is. I’m going to keep it for the moment and try to find an other software that can replace it with the most recent secure features.

Thank you for your answer.

Terms & ConditionsCookie settingsAccessibility statement