TrapWatch
TrapWatch is a special version of Logwatch and listens on SNMP hardware traps.
The Simple Network Management Protocol (SNMP) is the most common protocol
for managing all kinds of network devices and is implemented in almost all
currently available network devices. An SNMP trap is a message sent out by
a network device to report an incident such as loss of link, failed
authentication attempts etc. TrapWatch catches these messages and puts them
into the report. This can be useful to detect changes in the network, like
machines being unplugged or added to the network.
Support for Netscreen firewall traps, HP-Procure switches and Cisco hardware
is installed out of the box. If non-standard MIBs are used, it might necessary
to configure TrapWatch accordingly. Please note that to enable TrapWatch, you
need to install an SNMP trap handler that puts the TRAP results into your syslog
file.
