Skip to content

SNMP trap filtering

The zentrap service supports SNMP trap filtering.

To edit your filters, navigate to the ADVANCED > Settings > Events page. The rules can be configured in the SNMP Trap Filtering Rules text entry field.

Version Differences

Prior to Resource Manager version 6.8, trap filtering was configured via the /opt/zenoss/etc/zentrap.filter.conf file in the zentrap service definition.

For more detail, refer to How To Setup A Filter For SNMP Traps At The Collector Level (Zentrap) In Resource Manager 5.1.1 - 6.7.

Filter syntax

The filter entry field contains an abbreviated version of the original zentrap.filter.conf file. You can view the full configuration file below.

zentrap.filter.conf
#
# SNMP Trap Filter Definitions
#
# This file defines optional filters which zentrap applies to incoming traps.
# The filters defined in this file are only applied if the 'trapFilterFile'
# parameter in zentrap.conf specifies this file, for example,
#       trapFilterFile zentrap.filter.conf
#
# Each line defines a single filter definition to either include or exclude
# a particular trap. Lines beginning with "#" and blank lines are ignored.
# The order of the definitions doesn't matter, but duplicates aren't allowed.
# The filtering logic matches each incoming trap to the most specific filter
# definition. It then either includes or excludes that trap based on the filter
# definition.
#
# If no valid filters are found, for instance, everything is commented
# out, then no traps are filtered.
#
# zentrap exits on the first syntax error, so check the zentrap log for
# details about the specific error.
#
# At a high level, the generic syntax for each filter definition is:
#      ACTION SNMP_VERSION MATCHING_RULE
# where:
#      ACTION        is the filter action; must be one of "include" or "exclude"
#      SNMP_VERSION  identifies the SNMP version; must be one of "v1" and "v2"
#      MATCHING_RULE is the matching rule for trap (varies by SNMP version)
#
# Valid definitions for SNMP V1 traps have one of the following formats:
#      include|exclude v1 TRAP_TYPE
#      include|exclude v1 GLOBBED_OID
#      include|exclude v1 OID *|SPECIFIC_TRAP
# where:
#     TRAP_TYPE       is a generic trap type in the range [0-5]
#     GLOBBED_OID     is an OID ending with ".*"
#     OID             is a valid OID
#     SPECIFIC_TRAP   is any specific trap type (any non-negative integer)
# Note that the last two cases are used for enterprise-specific traps, such as 
# where the generic trap type is 6.
#
# Valid filter definitions for SNMP V2 traps have one of the following formats:
#    include|exclude v2 OID
#    include|exclude v2 GLOBBED_OID
# where
#    OID             is an valid OID
#    GLOBBED_OID     is an OID ending with ".*"
#

# Include all generic SNMP V1 Traps 0-5
include v1 0
include v1 1
include v1 2
include v1 3
include v1 4
include v1 5

# Include all enterprise-specific SNMP V1 traps
include v1 *

# Include all SNMP V2 traps
include v2 *