Jeff, Thanks for your reply.
It was a deliberate mail to net-snmp-coders. Because, I knew about the pattern matching but that would not suffice because we get a trap like below when we give a '.*' in pattern DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (3022) 0:00:30.22 SNMPv2-MIB::snmpTrapOID.0 = OID: DISMAN-EVENT-MIB::mteTriggerFired DISMAN-EVENT-MIB::mteHotTrigger.0 = STRING: Log Match DISMAN-EVENT-MIB::mteHotTargetName.0 = STRING: DISMAN-EVENT-MIB::mteHotContextName.0 = STRING: DISMAN-EVENT-MIB::mteHotOID.0 = OID: UCD-SNMP-MIB::logMatchCurrentCount.1 DISMAN-EVENT-MIB::mteHotValue.0 = INTEGER: 9 UCD-SNMP-MIB::logMatchName.1 = STRING: loginFailure UCD-SNMP-MIB::logMatchFilename.1 = STRING: /var/log/auth.log UCD-SNMP-MIB::logMatchCurrentCount.1 = INTEGER: 9 UCD-SNMP-MIB::logMatchRegEx.1 = STRING: Failed password .* For the following config, logmatch loginFailure /var/log/auth.log 30 Failed password for .* and line in log fine as below Sep 5 19:51:43 sshd[23557]: Failed password for root from xx.xx.xx.xx port 41569 ssh2 It will match the string but it will not print the username in the trap data. So, I was looking for any code changes that an be done to make it expand the pattern and then send that data in trap. REgards, Gowtham On Sat, Sep 7, 2019 at 2:26 AM Jeff Gehlbach <je...@opennms.com> wrote: > On 9/5/19 10:58 PM, Thommandra Gowtham wrote: > > > - How can we get more information in a logmatch trap other than the > > pattern matched? > > Making your pattern match more text should do the trick. For example: > > logmatch loginFailure /var/log/auth.log 30 Failed password for .* > > BTW, this kind of question isn't really what the net-snmp-coders list is > for. The net-snmp-users list is a better fit: > > https://sourceforge.net/projects/net-snmp/lists/net-snmp-users > > -jeff > > > _______________________________________________ > Net-snmp-coders mailing list > Net-snmp-coders@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/net-snmp-coders >
_______________________________________________ Net-snmp-coders mailing list Net-snmp-coders@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/net-snmp-coders